déle trvající problémy s PC
Napsal: 13 srp 2011 22:09
Dobrý den,
Problémy jsem dosud řešil nahráváním záloh ghost a windowsáckými obnovami systému ale v poslední době se začaly jisté problémy opakovat. Jedná se převážně o zpomalení pc víceméně po všech stranách ale převážně o velké zpomalení internetu (hry nefungují, internetové stránky nabíhají strašlivě pomalu, qip se vůbec nepřihásí) a chybová hláška windows explorer přestal pracovat. Tento problém se i přes nahrání zálohy ghost opakoval zhruba jednou do měsíce ale před pár dny se stalo že tato chyba vyskočila hned druhý den po ghostu.
Tento problém sem řešil vypnutím obnov systému a pročištění pc MWA scanem. Toto řešení pomohlo ale ne nadlouho. Dnes se znovu objevil problém s internetem a indície že by mohl být na vině aadrive32.
Toto jsem se rozhodl řešit smazaním všech zmínek o aadrive32 na disku i v registrech v nouzovém systému.
Toto také nikam nevedlo ale po spuštění combofixu se zdá problém vyřešen ,ale zkušenosti říkají že další problém na sebe nedá dlouho čekat. Na pc žádný expert zrovna nejsem a proto přikládám výpis z combofixu a prosím Vás o jakoukoliv pomoc.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Dan\Data aplikací\1240.tmp
c:\documents and settings\Dan\Data aplikací\1C5.tmp
c:\documents and settings\Dan\Data aplikací\1C6.tmp
c:\documents and settings\Dan\Data aplikací\1C7.tmp
c:\documents and settings\Dan\Data aplikací\295.tmp
c:\documents and settings\Dan\Data aplikací\2A.tmp
c:\documents and settings\Dan\Data aplikací\Byzkzl.exe
c:\documents and settings\Dan\dwdvcwj.exe.mwt
c:\windows\aadrive32.exe
c:\windows\regedit.com
c:\windows\system32\00.exe
c:\windows\system32\30.exe
c:\windows\system32\45.scr
c:\windows\system32\57.exe
c:\windows\system32\taskmgr.com
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-13 do 2011-08-13 )))))))))))))))))))))))))))))))
.
.
2011-08-13 20:04 . 2011-08-13 20:04 -------- d---a-w- c:\windows\rundll16.exe
2011-08-13 20:04 . 2011-08-13 20:04 -------- d---a-w- c:\windows\logo1_.exe
2011-08-13 19:56 . 2011-08-13 19:56 2332 ----a-w- c:\documents and settings\Dan\Data aplikací\C9.tmp
2011-08-13 19:56 . 2011-08-13 19:56 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\C8.tmp
2011-08-13 19:56 . 2011-08-13 19:56 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\C7.tmp
2011-08-13 19:33 . 2011-08-13 19:33 2332 ----a-w- c:\documents and settings\Dan\Data aplikací\297.tmp
2011-08-13 19:33 . 2011-08-13 19:33 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\296.tmp
2011-08-13 18:10 . 2011-08-13 18:10 -------- d-----w- C:\spoolerlogs
2011-08-13 17:07 . 2011-06-16 04:30 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-08-13 17:07 . 2011-06-16 04:30 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-08-13 17:07 . 2011-06-16 04:30 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-08-13 17:07 . 2011-06-16 04:30 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2011-08-13 17:07 . 2011-06-16 04:30 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-08-13 17:07 . 2011-06-16 04:30 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-08-13 17:07 . 2011-06-16 04:30 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2011-08-13 17:07 . 2011-06-16 04:30 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-08-13 17:07 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-08-13 17:07 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\program files\Common Files\Adobe
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\documents and settings\Dan\Dokumenty
2011-08-13 17:00 . 2011-08-13 17:00 2332 ----a-w- c:\documents and settings\Dan\Data aplikací\2C.tmp
2011-08-13 17:00 . 2011-08-13 17:00 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\2B.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAFB.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF9.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF8.tmp
2011-08-13 00:37 . 2011-08-13 00:37 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF7.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF6.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF4.tmp
2011-08-13 00:37 . 2011-08-13 00:37 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF2.tmp
2011-08-13 00:37 . 2011-08-13 00:37 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF1.tmp
2011-08-13 00:37 . 2011-08-13 00:37 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF0.tmp
2011-08-12 23:50 . 2011-08-12 23:50 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC9.tmp
2011-08-12 23:47 . 2011-08-12 23:47 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC6.tmp
2011-08-12 23:47 . 2011-08-12 23:47 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC5.tmp
2011-08-12 23:47 . 2011-08-12 23:47 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC4.tmp
2011-08-12 23:47 . 2011-08-12 23:47 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC2.tmp
2011-08-12 23:42 . 2011-08-12 23:42 2332 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC1.tmp
2011-08-12 23:40 . 2011-08-12 23:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC0.tmp
2011-08-12 23:39 . 2011-08-12 23:39 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\CABE.tmp
2011-08-12 23:39 . 2011-08-12 23:39 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\CABD.tmp
2011-08-12 23:39 . 2011-08-12 23:39 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\CABC.tmp
2011-08-12 22:08 . 2011-08-12 22:08 -------- d-----w- c:\program files\LS
2011-08-12 12:46 . 2011-08-12 12:46 2332 ----a-w- c:\documents and settings\Dan\Data aplikací\FB0.tmp
2011-08-10 22:27 . 2011-08-10 22:27 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\2E43.tmp
2011-08-10 22:26 . 2011-08-10 22:26 2333 ----a-w- c:\documents and settings\Dan\Data aplikací\2E42.tmp
2011-08-10 22:22 . 2011-08-10 22:22 2333 ----a-w- c:\documents and settings\Dan\Data aplikací\2E0D.tmp
2011-08-10 22:22 . 2011-08-10 22:22 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\2E0C.tmp
2011-08-10 10:01 . 2011-08-10 10:01 2333 ----a-w- c:\documents and settings\Dan\Data aplikací\17.tmp
2011-08-10 10:01 . 2011-08-10 10:01 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\15.tmp
2011-08-10 10:00 . 2011-08-10 10:00 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\13.tmp
2011-08-10 09:48 . 2011-08-10 09:48 2333 ----a-w- c:\documents and settings\Dan\Data aplikací\18.tmp
2011-08-10 09:48 . 2011-08-10 09:48 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\14.tmp
2011-08-10 09:48 . 2011-08-10 09:48 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\12.tmp
2011-08-09 14:50 . 2011-08-09 14:50 2333 ----a-w- c:\documents and settings\Dan\Data aplikací\11.tmp
2011-08-09 14:50 . 2011-08-09 14:50 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\10.tmp
2011-08-09 14:50 . 2011-08-09 14:50 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\F.tmp
2011-08-09 14:22 . 2011-08-09 14:22 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\E.tmp
2011-08-09 14:22 . 2011-08-09 14:22 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\D.tmp
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\VDLL.DLL
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\system32\runouce.exe
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\logo_1.exe
2011-08-09 14:07 . 2011-08-09 14:07 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-08-09 14:07 . 2011-08-09 14:07 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-08-09 14:07 . 2011-08-09 14:07 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-08-09 14:07 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-08-09 14:07 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-08-09 14:07 . 2011-08-09 14:07 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-08-09 14:07 . 2011-08-09 14:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\C.tmp
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\B.tmp
2011-08-09 13:52 . 2008-04-14 06:52 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-08-09 13:49 . 2011-08-09 13:49 2333 ----a-w- c:\documents and settings\Dan\Data aplikací\A.tmp
2011-08-09 13:49 . 2011-08-09 13:49 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\9.tmp
2011-08-09 13:49 . 2011-08-09 13:49 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\6.tmp
2011-08-09 13:47 . 2011-08-09 13:47 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\BA.tmp
2011-08-09 13:47 . 2011-08-09 13:47 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\B9.tmp
2011-08-09 13:42 . 2011-08-09 13:42 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\8.tmp
2011-08-09 13:42 . 2011-08-09 13:42 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\7.tmp
2011-08-09 11:11 . 2011-08-09 11:11 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\5.tmp
2011-08-09 11:11 . 2011-08-09 11:11 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\4.tmp
2011-08-09 09:36 . 2011-08-09 09:36 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\6472.tmp
2011-08-09 09:36 . 2011-08-09 09:36 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\6471.tmp
2011-08-09 09:34 . 2011-08-09 09:34 49152 ----a-w- c:\windows\system32\23.exe.mwt
2011-08-08 19:16 . 2011-08-08 19:16 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Auslogics
2011-08-08 19:00 . 2011-08-11 17:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\.minecraft
2011-08-08 18:54 . 2011-08-08 18:54 -------- d-----w- c:\windows\Sun
2011-08-08 18:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Temp
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Common Files\Java
2011-08-08 17:46 . 2011-08-08 17:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-08 17:46 . 2011-08-08 17:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Java
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2011-08-08 17:42 . 2011-08-08 17:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-08-08 17:40 . 2011-08-08 17:40 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ATI
2011-08-08 17:37 . 2011-08-09 09:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\TS3Client
2011-08-08 17:27 . 2011-08-08 17:27 -------- d-----w- c:\program files\AMD APP
2011-08-08 17:26 . 2011-04-20 01:55 1115008 ----a-w- c:\windows\system32\ativvamv.dll
2011-08-08 17:26 . 2011-04-20 01:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-08-08 17:25 . 2011-08-08 17:25 -------- d-----w- c:\program files\ATI
2011-08-08 17:25 . 2011-08-08 17:25 -------- d-----w- c:\program files\CCleaner
2011-08-08 17:24 . 2011-08-08 17:53 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\AskToolbar
2011-08-08 17:24 . 2011-08-10 09:58 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-08-08 17:24 . 2011-08-10 09:59 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-08-08 17:23 . 2011-08-08 17:42 -------- d-----w- c:\documents and settings\Dan\Data aplikací\DAEMON Tools Lite
2011-08-08 17:23 . 2011-08-08 17:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-08-08 17:12 . 2011-08-13 16:56 -------- d-----w- c:\documents and settings\Dan\Data aplikací\skypePM
2011-08-08 17:10 . 2011-08-08 17:10 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-08 17:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-08-08 17:08 . 2010-05-25 03:13 51232 ----a-w- c:\windows\system32\RHCoInstXP.dll
2011-08-08 17:08 . 2010-05-25 03:13 1489440 ----a-w- c:\windows\RtaUpd.exe
2011-08-08 17:07 . 2011-08-12 09:01 -------- d-----w- c:\program files\Ask.com
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-10 18:51 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-08 17:06 -------- d-----w- c:\program files\Google
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----r- c:\program files\Skype
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\program files\Common Files\Skype
2011-08-08 17:05 . 2011-08-13 20:46 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Skype
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype
2011-08-08 16:57 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2011-08-08 16:57 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-08-08 16:57 . 2008-04-14 06:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-09 14:09 . 2011-08-09 14:08 5433626 ----a-w- c:\windows\REGBK00.ZIP
2011-06-16 04:30 . 2011-08-13 17:07 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 11:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
"Infium"="e:\instal2\QIP Infium JadrisPack\qip.exe" [2011-03-02 6010240]
"DAEMON Tools Lite"="e:\instal2\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-02 19580520]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 98304]
"egui"="e:\instal2\eset\egui.exe" [2010-11-08 2219184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
.
R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [9.10.2009 22:26 184848]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.7.2010 12:31 115008]
R2 ekrn;ESET Service;e:\instal2\eset\ekrn.exe [8.11.2010 9:50 810144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [10.10.2009 8:09 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
2011-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
2011-08-13 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-05-17 11:29]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Dan\Data aplikací\Mozilla\Firefox\Profiles\g39hk0mw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Byzkzl - c:\documents and settings\Dan\Data aplikací\Byzkzl.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-13 22:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1048)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\imapi.exe
c:\program files\totalcmd\TOTALCMD.EXE
.
**************************************************************************
.
Celkový čas: 2011-08-13 22:50:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-13 20:50
.
Před spuštěním: 9 939 210 240
Po spuštění: Volných bajtů: 11 912 421 376
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /usepmtimer /NoExecute=OptOut
.
- - End Of File - - DBB610DBF55E9AA3354913DD6D9FA3E3
Problémy jsem dosud řešil nahráváním záloh ghost a windowsáckými obnovami systému ale v poslední době se začaly jisté problémy opakovat. Jedná se převážně o zpomalení pc víceméně po všech stranách ale převážně o velké zpomalení internetu (hry nefungují, internetové stránky nabíhají strašlivě pomalu, qip se vůbec nepřihásí) a chybová hláška windows explorer přestal pracovat. Tento problém se i přes nahrání zálohy ghost opakoval zhruba jednou do měsíce ale před pár dny se stalo že tato chyba vyskočila hned druhý den po ghostu.
Tento problém sem řešil vypnutím obnov systému a pročištění pc MWA scanem. Toto řešení pomohlo ale ne nadlouho. Dnes se znovu objevil problém s internetem a indície že by mohl být na vině aadrive32.
Toto jsem se rozhodl řešit smazaním všech zmínek o aadrive32 na disku i v registrech v nouzovém systému.
Toto také nikam nevedlo ale po spuštění combofixu se zdá problém vyřešen ,ale zkušenosti říkají že další problém na sebe nedá dlouho čekat. Na pc žádný expert zrovna nejsem a proto přikládám výpis z combofixu a prosím Vás o jakoukoliv pomoc.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Dan\Data aplikací\1240.tmp
c:\documents and settings\Dan\Data aplikací\1C5.tmp
c:\documents and settings\Dan\Data aplikací\1C6.tmp
c:\documents and settings\Dan\Data aplikací\1C7.tmp
c:\documents and settings\Dan\Data aplikací\295.tmp
c:\documents and settings\Dan\Data aplikací\2A.tmp
c:\documents and settings\Dan\Data aplikací\Byzkzl.exe
c:\documents and settings\Dan\dwdvcwj.exe.mwt
c:\windows\aadrive32.exe
c:\windows\regedit.com
c:\windows\system32\00.exe
c:\windows\system32\30.exe
c:\windows\system32\45.scr
c:\windows\system32\57.exe
c:\windows\system32\taskmgr.com
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-13 do 2011-08-13 )))))))))))))))))))))))))))))))
.
.
2011-08-13 20:04 . 2011-08-13 20:04 -------- d---a-w- c:\windows\rundll16.exe
2011-08-13 20:04 . 2011-08-13 20:04 -------- d---a-w- c:\windows\logo1_.exe
2011-08-13 19:56 . 2011-08-13 19:56 2332 ----a-w- c:\documents and settings\Dan\Data aplikací\C9.tmp
2011-08-13 19:56 . 2011-08-13 19:56 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\C8.tmp
2011-08-13 19:56 . 2011-08-13 19:56 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\C7.tmp
2011-08-13 19:33 . 2011-08-13 19:33 2332 ----a-w- c:\documents and settings\Dan\Data aplikací\297.tmp
2011-08-13 19:33 . 2011-08-13 19:33 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\296.tmp
2011-08-13 18:10 . 2011-08-13 18:10 -------- d-----w- C:\spoolerlogs
2011-08-13 17:07 . 2011-06-16 04:30 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-08-13 17:07 . 2011-06-16 04:30 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-08-13 17:07 . 2011-06-16 04:30 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-08-13 17:07 . 2011-06-16 04:30 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2011-08-13 17:07 . 2011-06-16 04:30 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-08-13 17:07 . 2011-06-16 04:30 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-08-13 17:07 . 2011-06-16 04:30 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2011-08-13 17:07 . 2011-06-16 04:30 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-08-13 17:07 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-08-13 17:07 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\program files\Common Files\Adobe
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\documents and settings\Dan\Dokumenty
2011-08-13 17:00 . 2011-08-13 17:00 2332 ----a-w- c:\documents and settings\Dan\Data aplikací\2C.tmp
2011-08-13 17:00 . 2011-08-13 17:00 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\2B.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAFB.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF9.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF8.tmp
2011-08-13 00:37 . 2011-08-13 00:37 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF7.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF6.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF4.tmp
2011-08-13 00:37 . 2011-08-13 00:37 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF2.tmp
2011-08-13 00:37 . 2011-08-13 00:37 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF1.tmp
2011-08-13 00:37 . 2011-08-13 00:37 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF0.tmp
2011-08-12 23:50 . 2011-08-12 23:50 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC9.tmp
2011-08-12 23:47 . 2011-08-12 23:47 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC6.tmp
2011-08-12 23:47 . 2011-08-12 23:47 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC5.tmp
2011-08-12 23:47 . 2011-08-12 23:47 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC4.tmp
2011-08-12 23:47 . 2011-08-12 23:47 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC2.tmp
2011-08-12 23:42 . 2011-08-12 23:42 2332 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC1.tmp
2011-08-12 23:40 . 2011-08-12 23:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC0.tmp
2011-08-12 23:39 . 2011-08-12 23:39 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\CABE.tmp
2011-08-12 23:39 . 2011-08-12 23:39 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\CABD.tmp
2011-08-12 23:39 . 2011-08-12 23:39 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\CABC.tmp
2011-08-12 22:08 . 2011-08-12 22:08 -------- d-----w- c:\program files\LS
2011-08-12 12:46 . 2011-08-12 12:46 2332 ----a-w- c:\documents and settings\Dan\Data aplikací\FB0.tmp
2011-08-10 22:27 . 2011-08-10 22:27 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\2E43.tmp
2011-08-10 22:26 . 2011-08-10 22:26 2333 ----a-w- c:\documents and settings\Dan\Data aplikací\2E42.tmp
2011-08-10 22:22 . 2011-08-10 22:22 2333 ----a-w- c:\documents and settings\Dan\Data aplikací\2E0D.tmp
2011-08-10 22:22 . 2011-08-10 22:22 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\2E0C.tmp
2011-08-10 10:01 . 2011-08-10 10:01 2333 ----a-w- c:\documents and settings\Dan\Data aplikací\17.tmp
2011-08-10 10:01 . 2011-08-10 10:01 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\15.tmp
2011-08-10 10:00 . 2011-08-10 10:00 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\13.tmp
2011-08-10 09:48 . 2011-08-10 09:48 2333 ----a-w- c:\documents and settings\Dan\Data aplikací\18.tmp
2011-08-10 09:48 . 2011-08-10 09:48 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\14.tmp
2011-08-10 09:48 . 2011-08-10 09:48 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\12.tmp
2011-08-09 14:50 . 2011-08-09 14:50 2333 ----a-w- c:\documents and settings\Dan\Data aplikací\11.tmp
2011-08-09 14:50 . 2011-08-09 14:50 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\10.tmp
2011-08-09 14:50 . 2011-08-09 14:50 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\F.tmp
2011-08-09 14:22 . 2011-08-09 14:22 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\E.tmp
2011-08-09 14:22 . 2011-08-09 14:22 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\D.tmp
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\VDLL.DLL
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\system32\runouce.exe
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\logo_1.exe
2011-08-09 14:07 . 2011-08-09 14:07 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-08-09 14:07 . 2011-08-09 14:07 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-08-09 14:07 . 2011-08-09 14:07 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-08-09 14:07 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-08-09 14:07 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-08-09 14:07 . 2011-08-09 14:07 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-08-09 14:07 . 2011-08-09 14:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\C.tmp
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\B.tmp
2011-08-09 13:52 . 2008-04-14 06:52 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-08-09 13:49 . 2011-08-09 13:49 2333 ----a-w- c:\documents and settings\Dan\Data aplikací\A.tmp
2011-08-09 13:49 . 2011-08-09 13:49 2330 ----a-w- c:\documents and settings\Dan\Data aplikací\9.tmp
2011-08-09 13:49 . 2011-08-09 13:49 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\6.tmp
2011-08-09 13:47 . 2011-08-09 13:47 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\BA.tmp
2011-08-09 13:47 . 2011-08-09 13:47 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\B9.tmp
2011-08-09 13:42 . 2011-08-09 13:42 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\8.tmp
2011-08-09 13:42 . 2011-08-09 13:42 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\7.tmp
2011-08-09 11:11 . 2011-08-09 11:11 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\5.tmp
2011-08-09 11:11 . 2011-08-09 11:11 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\4.tmp
2011-08-09 09:36 . 2011-08-09 09:36 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\6472.tmp
2011-08-09 09:36 . 2011-08-09 09:36 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\6471.tmp
2011-08-09 09:34 . 2011-08-09 09:34 49152 ----a-w- c:\windows\system32\23.exe.mwt
2011-08-08 19:16 . 2011-08-08 19:16 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Auslogics
2011-08-08 19:00 . 2011-08-11 17:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\.minecraft
2011-08-08 18:54 . 2011-08-08 18:54 -------- d-----w- c:\windows\Sun
2011-08-08 18:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Temp
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Common Files\Java
2011-08-08 17:46 . 2011-08-08 17:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-08 17:46 . 2011-08-08 17:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Java
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2011-08-08 17:42 . 2011-08-08 17:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-08-08 17:40 . 2011-08-08 17:40 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ATI
2011-08-08 17:37 . 2011-08-09 09:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\TS3Client
2011-08-08 17:27 . 2011-08-08 17:27 -------- d-----w- c:\program files\AMD APP
2011-08-08 17:26 . 2011-04-20 01:55 1115008 ----a-w- c:\windows\system32\ativvamv.dll
2011-08-08 17:26 . 2011-04-20 01:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-08-08 17:25 . 2011-08-08 17:25 -------- d-----w- c:\program files\ATI
2011-08-08 17:25 . 2011-08-08 17:25 -------- d-----w- c:\program files\CCleaner
2011-08-08 17:24 . 2011-08-08 17:53 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\AskToolbar
2011-08-08 17:24 . 2011-08-10 09:58 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-08-08 17:24 . 2011-08-10 09:59 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-08-08 17:23 . 2011-08-08 17:42 -------- d-----w- c:\documents and settings\Dan\Data aplikací\DAEMON Tools Lite
2011-08-08 17:23 . 2011-08-08 17:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-08-08 17:12 . 2011-08-13 16:56 -------- d-----w- c:\documents and settings\Dan\Data aplikací\skypePM
2011-08-08 17:10 . 2011-08-08 17:10 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-08 17:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-08-08 17:08 . 2010-05-25 03:13 51232 ----a-w- c:\windows\system32\RHCoInstXP.dll
2011-08-08 17:08 . 2010-05-25 03:13 1489440 ----a-w- c:\windows\RtaUpd.exe
2011-08-08 17:07 . 2011-08-12 09:01 -------- d-----w- c:\program files\Ask.com
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-10 18:51 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-08 17:06 -------- d-----w- c:\program files\Google
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----r- c:\program files\Skype
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\program files\Common Files\Skype
2011-08-08 17:05 . 2011-08-13 20:46 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Skype
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype
2011-08-08 16:57 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2011-08-08 16:57 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-08-08 16:57 . 2008-04-14 06:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-09 14:09 . 2011-08-09 14:08 5433626 ----a-w- c:\windows\REGBK00.ZIP
2011-06-16 04:30 . 2011-08-13 17:07 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 11:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
"Infium"="e:\instal2\QIP Infium JadrisPack\qip.exe" [2011-03-02 6010240]
"DAEMON Tools Lite"="e:\instal2\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-02 19580520]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 98304]
"egui"="e:\instal2\eset\egui.exe" [2010-11-08 2219184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
.
R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [9.10.2009 22:26 184848]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.7.2010 12:31 115008]
R2 ekrn;ESET Service;e:\instal2\eset\ekrn.exe [8.11.2010 9:50 810144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [10.10.2009 8:09 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
2011-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
2011-08-13 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-05-17 11:29]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Dan\Data aplikací\Mozilla\Firefox\Profiles\g39hk0mw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Byzkzl - c:\documents and settings\Dan\Data aplikací\Byzkzl.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-13 22:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1048)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\imapi.exe
c:\program files\totalcmd\TOTALCMD.EXE
.
**************************************************************************
.
Celkový čas: 2011-08-13 22:50:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-13 20:50
.
Před spuštěním: 9 939 210 240
Po spuštění: Volných bajtů: 11 912 421 376
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /usepmtimer /NoExecute=OptOut
.
- - End Of File - - DBB610DBF55E9AA3354913DD6D9FA3E3
