prosím o kontrolu logu z Combofix
Napsal: 19 pro 2010 20:32
Dobrý večer,
mám takový problém. Při spuštění Zoner Photo Studia 8 mi program naběhne, ale pak se zasekne a jsou tam hodiny. Reinstalace nepomohla. U programu Ad-Aware se zase pořád načítá update manager. Sice se něco nahraje, ale načítá se opakovaně a dál se nedostanu. Reinstalace také nepomohla.Explorer hlásí také nějakou chybu. Opera a Chrome fungují normálně. A další programy také (např. Photo Filtre). Asi tam něco bude. Mám Ad-Aware, Zoner Alarm (musím spouštět až po zpuštění PC, neb v této verzi to nabíhá strašně pomalu), Avast, Advance System Care 3. Projel jsem to Combofixem. Posílám log a prosím o radu co dál. Moc děkuji.
ComboFix 10-12-18.02 - User 19.12.2010 20:12:19.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2038.1397 [GMT 1:00]
Spuštěný z: c:\aviry\ComboFix\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll
c:\windows\system32\drivers\etc\lmhosts
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-19 do 2010-12-19 )))))))))))))))))))))))))))))))
.
2010-12-19 18:41 . 2010-12-19 18:41 -------- d-----w- c:\windows\LastGood
2010-12-19 18:37 . 2010-12-19 18:37 -------- dc----w- c:\documents and settings\All Users\Data aplikací\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-12-15 09:27 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-15 09:26 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-14 08:26 . 2010-12-14 08:28 -------- d-----w- c:\program files\SpeedBit Video Accelerator
2010-12-08 22:04 . 2010-12-08 22:04 -------- d-----w- c:\program files\iPod
2010-12-08 22:04 . 2010-12-08 22:04 -------- d-----w- c:\program files\iTunes
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2010-12-04 10:49 . 2010-12-04 10:49 1342752 ----a-w- C:\VideosSetup_1.exe.dap
2010-12-04 10:22 . 2010-12-04 10:23 1342752 ----a-w- C:\VideosSetup.exe
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-21 16:12 . 2010-11-21 16:12 -------- d-----w- c:\program files\Real
2010-11-21 16:12 . 2010-11-21 16:12 -------- d-----w- c:\program files\Common Files\xing shared
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:15 . 2008-04-08 18:20 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-10 10:18 . 2010-11-10 10:18 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-11-06 00:23 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2004-08-18 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2004-08-18 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2004-08-18 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2004-08-18 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-09-23 07:46 . 2010-11-10 10:32 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-09-23 07:46 . 2009-12-19 11:56 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-08-31 08:20 . 2010-08-31 08:20 11884744 ----a-w- c:\program files\dap95upg.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"= "c:\program files\IObitCom\tbIOb1.dll" [2010-03-19 2349080]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZon1.dll" [2010-08-22 2734688]
[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
2010-11-18 08:32 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
2010-03-19 16:43 2349080 ----a-w- c:\program files\IObitCom\tbIOb1.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
2010-08-22 20:34 2734688 ----a-w- c:\program files\ZoneAlarm\tbZon1.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZon1.dll" [2010-08-22 2734688]
[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{31C7D459-9CC3-44F2-9DCA-FC11795309B4}"= "c:\program files\IObitCom\tbIOb1.dll" [2010-03-19 2349080]
"{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}"= "c:\program files\ZoneAlarm\tbZon1.dll" [2010-08-22 2734688]
[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Google Update"="c:\documents and settings\User\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2009-03-04 133104]
"Advanced SystemCare 3"="c:\čističe\Advanced SystemCare 3\AWC.exe" [2010-09-28 2407632]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-19 39408]
"AROReminder"="c:\program files\Advanced Registry Optimizer\ARO.exe" [2010-10-18 2215944]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2010-11-18 2836656]
"SpeedBitVideoAccelerator"="c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe" [2010-12-14 1698064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2007-11-16 90112]
"SMSTray"="c:\disková media\MP3 přehrávač Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 126976]
"MAAgent"="c:\program files\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 57344]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"hpqSRMon"="c:\tiskárna\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-05-26 730600]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"TkBellExe"="c:\media\players\real player\update\realsched.exe" [2010-11-21 274608]
"QuickTime Task"="c:\přehrávače\QuickTime 6\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-10-08 47904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-17 421160]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\User\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI.lnk - c:\aviry\Secunia\PSI\psi.exe [2010-7-21 965176]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Acrobat Assistant.lnk - c:\programy\Adobe\Distillr\AcroTray.exe [2008-4-11 49254]
HP Digital Imaging Monitor.lnk - c:\tisk rna\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\AutorunsDisabled
Corel MEDIA FOLDERS INDEXER 8.LNK - c:\grafika\Programs\MFIndexer.exe [2008-5-1 83456]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^User^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-10-08 16:04 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2007-06-25 06:47 1057064 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-11-17 19:59 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-08-23 15:36 455968 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\přehrávače\QuickTime 6\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
2007-06-25 06:47 1629480 ----a-w- c:\program files\Nero\Nero 7\InCD\NBHGui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
2007-11-15 13:55 2850816 ----a-w- c:\program files\WinFast\WFDTV\WFWIZ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Komunikace\\Avant Browser\\avant.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\DVBTAP.exe"=
"c:\\Aviry\\EMCO Malware Destroyer\\MalwareDestroyer.exe"=
"c:\\Komunikace\\ICQ6.5\\ICQ.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Komunikace\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowOutboundPacketTooBig"= 1 (0x1)
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10.5.2008 9:59 165584]
R1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\drivers\wfcxacap.sys [8.4.2008 14:26 9856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10.5.2008 9:59 17744]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [16.7.2009 14:44 222968]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [26.5.2010 14:35 26352]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [26.5.2010 14:35 493032]
R2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [8.4.2008 14:26 31744]
R2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [8.4.2008 14:26 167040]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [8.4.2008 19:42 39424]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [8.4.2008 14:26 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [8.4.2008 14:26 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [8.4.2008 14:26 10496]
S0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [19.12.2009 12:56 64288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate1c99cd572e121b6;Google Update Service (gupdate1c99cd572e121b6);c:\program files\Google\Update\GoogleUpdate.exe [4.3.2009 15:28 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [23.9.2010 8:46 1375992]
S2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe -start -scm --> c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe -start -scm [?]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [28.4.2008 16:12 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [28.4.2008 16:26 64896]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [7.7.2010 15:05 14904]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFDTV\WFIOCTL.sys [8.4.2008 14:30 9446]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - LAVASOFT_AD-AWARE_SERVICE
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-12-17 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-09-23 08:07]
2010-12-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-04 14:28]
2010-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-04 14:28]
2010-12-19 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-884357618-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
2010-12-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1993962763-884357618-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
2010-12-19 c:\windows\Tasks\User_Feed_Synchronization-{BA063BA9-0B9A-48A6-A292-BE51289F1058}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.speedbit.com
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
LSP: c:\progra~1\SPEEDB~2\sblsp.dll
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-19 20:18
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(732)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > 'lsass.exe'(788)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\program files\SpeedBit Video Accelerator\ConfigDB.dll
.
Celkový čas: 2010-12-19 20:20:21
ComboFix-quarantined-files.txt 2010-12-19 19:20
ComboFix2.txt 2010-04-02 20:17
ComboFix3.txt 2010-04-02 18:56
Před spuštěním: Volných bajtů: 101 162 921 984
Po spuštění: Volných bajtů: 104 442 826 752
- - End Of File - - D5B036A1D3EDA6CAEBA27121B87CF3A6
mám takový problém. Při spuštění Zoner Photo Studia 8 mi program naběhne, ale pak se zasekne a jsou tam hodiny. Reinstalace nepomohla. U programu Ad-Aware se zase pořád načítá update manager. Sice se něco nahraje, ale načítá se opakovaně a dál se nedostanu. Reinstalace také nepomohla.Explorer hlásí také nějakou chybu. Opera a Chrome fungují normálně. A další programy také (např. Photo Filtre). Asi tam něco bude. Mám Ad-Aware, Zoner Alarm (musím spouštět až po zpuštění PC, neb v této verzi to nabíhá strašně pomalu), Avast, Advance System Care 3. Projel jsem to Combofixem. Posílám log a prosím o radu co dál. Moc děkuji.
ComboFix 10-12-18.02 - User 19.12.2010 20:12:19.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2038.1397 [GMT 1:00]
Spuštěný z: c:\aviry\ComboFix\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll
c:\windows\system32\drivers\etc\lmhosts
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-19 do 2010-12-19 )))))))))))))))))))))))))))))))
.
2010-12-19 18:41 . 2010-12-19 18:41 -------- d-----w- c:\windows\LastGood
2010-12-19 18:37 . 2010-12-19 18:37 -------- dc----w- c:\documents and settings\All Users\Data aplikací\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-12-15 09:27 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-15 09:26 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-14 08:26 . 2010-12-14 08:28 -------- d-----w- c:\program files\SpeedBit Video Accelerator
2010-12-08 22:04 . 2010-12-08 22:04 -------- d-----w- c:\program files\iPod
2010-12-08 22:04 . 2010-12-08 22:04 -------- d-----w- c:\program files\iTunes
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2010-12-08 21:46 . 2010-12-08 21:46 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2010-12-04 10:49 . 2010-12-04 10:49 1342752 ----a-w- C:\VideosSetup_1.exe.dap
2010-12-04 10:22 . 2010-12-04 10:23 1342752 ----a-w- C:\VideosSetup.exe
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-21 16:12 . 2010-11-21 16:12 -------- d-----w- c:\program files\Real
2010-11-21 16:12 . 2010-11-21 16:12 -------- d-----w- c:\program files\Common Files\xing shared
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:15 . 2008-04-08 18:20 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-10 10:18 . 2010-11-10 10:18 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-11-06 00:23 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2004-08-18 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2004-08-18 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2004-08-18 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2004-08-18 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-09-23 07:46 . 2010-11-10 10:32 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-09-23 07:46 . 2009-12-19 11:56 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-08-31 08:20 . 2010-08-31 08:20 11884744 ----a-w- c:\program files\dap95upg.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"= "c:\program files\IObitCom\tbIOb1.dll" [2010-03-19 2349080]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZon1.dll" [2010-08-22 2734688]
[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
2010-11-18 08:32 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
2010-03-19 16:43 2349080 ----a-w- c:\program files\IObitCom\tbIOb1.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
2010-08-22 20:34 2734688 ----a-w- c:\program files\ZoneAlarm\tbZon1.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZon1.dll" [2010-08-22 2734688]
[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{31C7D459-9CC3-44F2-9DCA-FC11795309B4}"= "c:\program files\IObitCom\tbIOb1.dll" [2010-03-19 2349080]
"{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}"= "c:\program files\ZoneAlarm\tbZon1.dll" [2010-08-22 2734688]
[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Google Update"="c:\documents and settings\User\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2009-03-04 133104]
"Advanced SystemCare 3"="c:\čističe\Advanced SystemCare 3\AWC.exe" [2010-09-28 2407632]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-19 39408]
"AROReminder"="c:\program files\Advanced Registry Optimizer\ARO.exe" [2010-10-18 2215944]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2010-11-18 2836656]
"SpeedBitVideoAccelerator"="c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe" [2010-12-14 1698064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2007-11-16 90112]
"SMSTray"="c:\disková media\MP3 přehrávač Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 126976]
"MAAgent"="c:\program files\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 57344]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"hpqSRMon"="c:\tiskárna\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-05-26 730600]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"TkBellExe"="c:\media\players\real player\update\realsched.exe" [2010-11-21 274608]
"QuickTime Task"="c:\přehrávače\QuickTime 6\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-10-08 47904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-17 421160]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\User\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI.lnk - c:\aviry\Secunia\PSI\psi.exe [2010-7-21 965176]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Acrobat Assistant.lnk - c:\programy\Adobe\Distillr\AcroTray.exe [2008-4-11 49254]
HP Digital Imaging Monitor.lnk - c:\tisk rna\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\AutorunsDisabled
Corel MEDIA FOLDERS INDEXER 8.LNK - c:\grafika\Programs\MFIndexer.exe [2008-5-1 83456]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^User^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-10-08 16:04 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2007-06-25 06:47 1057064 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-11-17 19:59 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-08-23 15:36 455968 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\přehrávače\QuickTime 6\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
2007-06-25 06:47 1629480 ----a-w- c:\program files\Nero\Nero 7\InCD\NBHGui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
2007-11-15 13:55 2850816 ----a-w- c:\program files\WinFast\WFDTV\WFWIZ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Komunikace\\Avant Browser\\avant.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\DVBTAP.exe"=
"c:\\Aviry\\EMCO Malware Destroyer\\MalwareDestroyer.exe"=
"c:\\Komunikace\\ICQ6.5\\ICQ.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Komunikace\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowOutboundPacketTooBig"= 1 (0x1)
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10.5.2008 9:59 165584]
R1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\drivers\wfcxacap.sys [8.4.2008 14:26 9856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10.5.2008 9:59 17744]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [16.7.2009 14:44 222968]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [26.5.2010 14:35 26352]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [26.5.2010 14:35 493032]
R2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [8.4.2008 14:26 31744]
R2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [8.4.2008 14:26 167040]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [8.4.2008 19:42 39424]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [8.4.2008 14:26 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [8.4.2008 14:26 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [8.4.2008 14:26 10496]
S0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [19.12.2009 12:56 64288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate1c99cd572e121b6;Google Update Service (gupdate1c99cd572e121b6);c:\program files\Google\Update\GoogleUpdate.exe [4.3.2009 15:28 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [23.9.2010 8:46 1375992]
S2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe -start -scm --> c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe -start -scm [?]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [28.4.2008 16:12 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [28.4.2008 16:26 64896]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [7.7.2010 15:05 14904]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFDTV\WFIOCTL.sys [8.4.2008 14:30 9446]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - LAVASOFT_AD-AWARE_SERVICE
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-12-17 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-09-23 08:07]
2010-12-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-04 14:28]
2010-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-04 14:28]
2010-12-19 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-884357618-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
2010-12-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1993962763-884357618-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
2010-12-19 c:\windows\Tasks\User_Feed_Synchronization-{BA063BA9-0B9A-48A6-A292-BE51289F1058}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.speedbit.com
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
LSP: c:\progra~1\SPEEDB~2\sblsp.dll
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-19 20:18
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(732)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > 'lsass.exe'(788)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\program files\SpeedBit Video Accelerator\ConfigDB.dll
.
Celkový čas: 2010-12-19 20:20:21
ComboFix-quarantined-files.txt 2010-12-19 19:20
ComboFix2.txt 2010-04-02 20:17
ComboFix3.txt 2010-04-02 18:56
Před spuštěním: Volných bajtů: 101 162 921 984
Po spuštění: Volných bajtů: 104 442 826 752
- - End Of File - - D5B036A1D3EDA6CAEBA27121B87CF3A6
