Zpomalené naběhnutí PC (plocha)

[Antusek]

Dobrý večer,
mám takový problém.
Po instalaci nové verze firewallu Zone Alarm 9.1.007.002, protože té předchozí zkončila platnost (byla odinstalována) se mi na mém PC prodloužilo naběhnutí plochy. Když spustím počítač tak po fázi kliknutí na ikonku uživatele je to nabíhá normalně. Pak to cca 20 sec. pracuje než se objeví obrázek plochy. Pak cca dalších 20 sec. to pracuje než se objeví ikony. Při předchozí verzi firewallu to nedělalo. Nastavení firewallu jsem dal dle vašich obrázků a rad, které zde jsou (v program control ve čtvrtém sloupci servers internet jsem dal samé křížky). Mám podezření jest-li v něm nemám nějakou potvoru. Používám Avast, CC Cleaner, Advanced System Care 3, Ad-Aware, Zone Alarm. Posílám log s RSIT. Díky za rady.

Logfile of random's system information tool 1.06 (written by random/random)
Run by User at 2010-04-02 20:06:37
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 121 GB (79%) free of 153 GB
Total RAM: 2038 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:06:53, on 2.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Antiviry\aswUpdSv.exe
C:\Aviry\Ad-Aware 2007\Ad-Aware\AAWService.exe
C:\Antiviry\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Antiviry\ashMaiSv.exe
C:\Antiviry\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Antiviry\ashDisp.exe
C:\Disková media\MP3 přehrávač Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\Aviry\Zone Alarm\zlclient.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\přehrávače\QuickTime 6\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Tiskárna\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Čističe\Advanced SystemCare 3\AWC.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\DAP\DAP.EXE
C:\Programy\Adobe\Distillr\AcroTray.exe
C:\Tiskárna\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Tiskárna\Digital Imaging\bin\hpqSTE08.exe
C:\Tiskárna\Digital Imaging\bin\hpqbam08.exe
C:\Tiskárna\Digital Imaging\bin\hpqgpc01.exe
C:\Aviry\Ad-Aware 2007\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Aviry\RSIT\RSIT.exe
C:\Program Files\trend micro\User.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pravednes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIOb1.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Tiskárna\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DownloadGuardBHO - {20C1A7F0-528E-444F-BAC5-5804A61CCA7F} - C:\Aviry\Ad-Aware 2007\Download Guard for Internet Explorer\DownloadGuardBHO.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SBCONVERT - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIOb1.dll
O2 - BHO: SearchPredictObj Class - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~1\Toolbar\grabber.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Tiskárna\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIOb1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [avast!] C:\Antiviry\ashDisp.exe
O4 - HKLM\..\Run: [SMSTray] C:\Disková media\MP3 přehrávač Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Aviry\Zone Alarm\zlclient.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\přehrávače\QuickTime 6\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Tiskárna\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Tiskárna\Digital Imaging\bin\hpqSRMon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\User\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Čističe\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programy\Adobe\Distillr\AcroTray.exe
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: HP Digital Imaging Monitor.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Tiskárna\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Komunikace\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Komunikace\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 1224740859
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1224714906
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Antiviry\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Antiviry\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Antiviry\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Antiviry\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1c99cd572e121b6) (gupdate1c99cd572e121b6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Aviry\Ad-Aware 2007\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 15383 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-884357618-839522115-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-884357618-839522115-1004UA.job
C:\WINDOWS\tasks\SpeedOptimizer Startup.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{BA063BA9-0B9A-48A6-A292-BE51289F1058}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Tiskárna\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-03-28 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
Ask Search Assistant BHO - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL [2009-08-10 66912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{20C1A7F0-528E-444F-BAC5-5804A61CCA7F}]
Download Guard for Internet Explorer - C:\Aviry\Ad-Aware 2007\Download Guard for Internet Explorer\DownloadGuardBHO.dll [2010-01-30 151392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-01 1377576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
SBCONVERT Class - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll [2010-03-19 2447360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
IObitCom Toolbar - C:\Program Files\IObitCom\tbIOb1.dll [2010-03-19 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
SearchPredictObj Class - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL [2010-03-18 435688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-05 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-05 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-30 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-30 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
ZoneAlarm Spy Blocker BHO - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2009-03-15 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
DAPIELoader Class - C:\PROGRA~1\DAP\DAPIEL~1.DLL [2009-04-03 140880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000}]
GrabberObj Class - C:\PROGRA~1\SPEEDB~1\Toolbar\grabber.dll [2010-03-19 185944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Tiskárna\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-28 501056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - ZoneAlarm Spy Blocker - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2009-03-15 262144]
{31c7d459-9cc3-44f2-9dca-fc11795309b4} - IObitCom Toolbar - C:\Program Files\IObitCom\tbIOb1.dll [2010-03-19 2349080]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-05 279664]
{0329E7D6-6F54-462D-93F6-F5C3118BADF2} - SpeedBit Video Downloader - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll [2010-03-19 2447360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-12 16132608]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-09-05 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-09-05 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-09-05 137752]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-06-25 1629480]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-06-25 1057064]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2007-11-16 90112]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2007-11-15 2850816]
"avast!"=C:\Antiviry\ashDisp.exe [2009-11-25 81000]
"SMSTray"=C:\Disková media\MP3 přehrávač Samsung\Samsung Media Studio 5\SMSTray.exe [2007-02-23 126976]
"MAAgent"=C:\Program Files\MarkAny\ContentSafer\MAAgent.exe [2007-01-30 57344]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"ZoneAlarm Client"=C:\Aviry\Zone Alarm\zlclient.exe [2009-11-22 1037192]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"QuickTime Task"=C:\přehrávače\QuickTime 6\QTTask.exe [2009-11-11 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]
"HP Software Update"=C:\Tiskárna\HP Software Update\HPWuSchd2.exe [2008-03-25 49152]
"hpqSRMon"=C:\Tiskárna\Digital Imaging\bin\hpqSRMon.exe [2008-03-13 81920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"Google Update"=C:\Documents and Settings\User\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-03-04 133104]
"Advanced SystemCare 3"=C:\Čističe\Advanced SystemCare 3\AWC.exe [2010-02-08 2343632]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-12-19 39408]
"DownloadAccelerator"=C:\Program Files\DAP\DAP.EXE [2010-03-19 2815488]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Acrobat Assistant.lnk - C:\Programy\Adobe\Distillr\AcroTray.exe
AutorunsDisabled
HP Digital Imaging Monitor.lnk - C:\Tiskárna\Digital Imaging\bin\hpqtra08.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\User\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-24 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"=C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 192512]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoActiveDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Komunikace\Avant Browser\avant.exe"="C:\Komunikace\Avant Browser\avant.exe:*:Enabled:Avant Browser"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\WinFast\WFDTV\DVBTAP.exe"="C:\Program Files\WinFast\WFDTV\DVBTAP.exe:*:Enabled:WinFast DTV Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Aviry\EMCO Malware Destroyer\MalwareDestroyer.exe"="C:\Aviry\EMCO Malware Destroyer\MalwareDestroyer.exe:*:Enabled:Malware Scanner for Home User's"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Komunikace\ICQ6.5\ICQ.exe"="C:\Komunikace\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Tiskárna\Digital Imaging\bin\hpqtra08.exe"="C:\Tiskárna\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqste08.exe"="C:\Tiskárna\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Tiskárna\Digital Imaging\bin\hposid01.exe"="C:\Tiskárna\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqkygrp.exe"="C:\Tiskárna\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Tiskárna\Digital Imaging\bin\hpiscnapp.exe"="C:\Tiskárna\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqpsapp.exe"="C:\Tiskárna\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqpse.exe"="C:\Tiskárna\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqsudi.exe"="C:\Tiskárna\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Tiskárna\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqgpc01.exe"="C:\Tiskárna\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Komunikace\opera.exe"="C:\Komunikace\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Tiskárna\Digital Imaging\bin\hpqtra08.exe"="C:\Tiskárna\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqste08.exe"="C:\Tiskárna\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Tiskárna\Digital Imaging\bin\hposid01.exe"="C:\Tiskárna\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqkygrp.exe"="C:\Tiskárna\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Tiskárna\Digital Imaging\bin\hpiscnapp.exe"="C:\Tiskárna\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqpsapp.exe"="C:\Tiskárna\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqpse.exe"="C:\Tiskárna\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqsudi.exe"="C:\Tiskárna\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Tiskárna\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Tiskárna\Digital Imaging\bin\hpqgpc01.exe"="C:\Tiskárna\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======List of files/folders created in the last 1 months======

2010-04-02 20:04:09 ----D---- C:\rsit
2010-04-02 20:04:09 ----D---- C:\Program Files\trend micro
2010-04-02 16:54:57 ----D---- C:\WINDOWS\pss
2010-03-30 23:24:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-03-30 23:24:16 ----D---- C:\Program Files\Common Files\Java
2010-03-30 23:23:30 ----A---- C:\WINDOWS\system32\javaws.exe
2010-03-30 23:23:30 ----A---- C:\WINDOWS\system32\javaw.exe
2010-03-30 23:23:30 ----A---- C:\WINDOWS\system32\java.exe
2010-03-30 23:02:51 ----A---- C:\WINDOWS\system32\vsregexp.dll
2010-03-30 23:02:50 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-03-30 23:02:50 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-03-30 23:02:44 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-03-30 23:02:43 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-03-30 23:02:43 ----A---- C:\WINDOWS\system32\vsxml.dll
2010-03-30 23:02:42 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-03-30 23:02:42 ----A---- C:\WINDOWS\system32\vspubapi.dll
2010-03-30 23:02:42 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-03-30 23:00:54 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-03-30 23:00:54 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-03-30 23:00:54 ----A---- C:\WINDOWS\system32\vsdata.dll
2010-03-30 22:58:18 ----D---- C:\WINDOWS\Internet Logs
2010-03-30 14:23:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\TreeCardGames
2010-03-26 00:57:54 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-23 21:20:18 ----D---- C:\Documents and Settings\User\Data aplikací\TreeCardGames
2010-03-19 20:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-19 20:29:24 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-03-19 18:53:23 ----D---- C:\Documents and Settings\User\Data aplikací\Toolbar4
2010-03-19 18:53:21 ----D---- C:\Program Files\SearchPredict
2010-03-19 18:53:20 ----D---- C:\Program Files\SpeedBit Video Downloader
2010-03-19 18:50:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\HP Product Assistant

======List of files/folders modified in the last 1 months======

2010-04-02 20:05:09 ----D---- C:\Aviry
2010-04-02 20:04:09 ----RD---- C:\Program Files
2010-04-02 19:58:01 ----D---- C:\WINDOWS\Temp
2010-04-02 19:56:44 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-02 19:53:47 ----D---- C:\WINDOWS
2010-04-02 19:53:25 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-02 19:52:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-02 19:14:56 ----SD---- C:\WINDOWS\Tasks
2010-04-02 17:53:19 ----D---- C:\Obrázky - hmyz
2010-04-02 17:08:58 ----SH---- C:\boot.ini
2010-04-02 17:08:58 ----A---- C:\WINDOWS\win.ini
2010-04-02 17:08:58 ----A---- C:\WINDOWS\system.ini
2010-04-02 16:36:13 ----D---- C:\Pro Seniortip
2010-04-02 15:23:51 ----D---- C:\Hry
2010-04-02 15:23:50 ----D---- C:\Dopisy
2010-04-01 23:23:11 ----D---- C:\WINDOWS\system32
2010-04-01 23:07:40 ----D---- C:\Vzlet-časopis
2010-04-01 23:07:04 ----A---- C:\WINDOWS\QTW.INI
2010-04-01 11:05:47 ----D---- C:\WINDOWS\system32\config
2010-04-01 11:05:25 ----D---- C:\WINDOWS\system32\wbem
2010-04-01 11:05:25 ----D---- C:\WINDOWS\Registration
2010-04-01 10:12:08 ----D---- C:\Stati
2010-03-31 19:23:38 ----SHD---- C:\WINDOWS\Installer
2010-03-31 19:23:37 ----D---- C:\Config.Msi
2010-03-31 19:23:33 ----D---- C:\Komunikace
2010-03-31 18:54:22 ----HD---- C:\WINDOWS\inf
2010-03-31 18:54:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-31 18:54:16 ----D---- C:\Program Files\Internet Explorer
2010-03-31 18:54:09 ----D---- C:\WINDOWS\ie8updates
2010-03-31 18:53:32 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-30 23:24:16 ----D---- C:\Program Files\Common Files
2010-03-30 23:23:19 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-03-30 23:22:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-30 23:21:07 ----D---- C:\Antiviry
2010-03-30 23:07:53 ----D---- C:\WINDOWS\Prefetch
2010-03-30 21:27:57 ----D---- C:\WINDOWS\system32\drivers
2010-03-30 21:12:24 ----D---- C:\Programy-instalace
2010-03-28 22:32:58 ----D---- C:\Documents and Settings\User\Data aplikací\ICQ
2010-03-25 12:44:38 ----D---- C:\Články
2010-03-24 19:08:37 ----D---- C:\Prezentace 2010
2010-03-24 19:08:14 ----RSD---- C:\WINDOWS\Fonts
2010-03-22 21:34:13 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-22 21:33:47 ----D---- C:\AAA
2010-03-20 00:22:39 ----D---- C:\WINDOWS\Debug
2010-03-19 23:48:20 ----D---- C:\Prezentace 2009
2010-03-19 20:39:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\HP
2010-03-19 20:35:34 ----D---- C:\Program Files\DAP
2010-03-19 20:32:02 ----D---- C:\Program Files\Movie Maker
2010-03-19 18:53:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\SpeedBit
2010-03-19 18:46:53 ----D---- C:\WINDOWS\WinSxS
2010-03-19 18:43:44 ----D---- C:\Program Files\IObitCom

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-06-25 36776]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-06-25 38440]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-11-22 486280]
R1 wfcxacap;WinFast TV PCI Audio Capture Driver; C:\WINDOWS\system32\DRIVERS\wfcxacap.sys [2007-09-19 9856]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 wfcxatun;WinFast TV Analog Tuner Driver; C:\WINDOWS\system32\drivers\wfcxatun.sys [2007-09-19 31744]
R2 WFCXVCAP;WinFast TV Video Capture Driver; C:\WINDOWS\system32\drivers\wfcxvcap.sys [2007-09-19 167040]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l151x86.sys [2007-07-03 39424]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-24 5776928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-23 4402176]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver; C:\WINDOWS\system32\drivers\wfcxdtun.sys [2007-09-19 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver; C:\WINDOWS\system32\drivers\wfcxtcap.sys [2007-09-19 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver; C:\WINDOWS\system32\drivers\wfcxxbar.sys [2007-09-19 10496]
R3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS []
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-06-25 119080]
S1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys []
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-01-24 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-01-24 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-01-24 21568]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Antiviry\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Antiviry\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-06-25 1552680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-30 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Aviry\Ad-Aware 2007\Ad-Aware\AAWService.exe [2010-02-04 1181328]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-11-22 2384240]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Antiviry\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Antiviry\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 gupdate1c99cd572e121b6;Google Update Service (gupdate1c99cd572e121b6); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-04 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-19 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 ATMsrvc;ATM Service; C:\WINDOWS\System32\ATMsrvc.exe [2000-05-24 15360]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly

stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet

zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci

skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install

Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho

malware k nezadoucim kolizim s rezidentem antispyware

[Antusek]

Jdu na to. Díky za další postup.

[Antusek]

Přidávám log z Combofix. Díky za další postup.

ComboFix 10-04-01.02 - User 02.04.2010 20:42:33.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2038.1086 [GMT 2:00]
Spuštěný z: c:\aviry\ComboFix\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100402-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: ZoneAlarm Security Suite Antivirus *On-access scanning enabled* (Updated) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll
c:\windows\AppPatch\AcAdProc.dll
c:\windows\system\oeminfo.ini
c:\windows\system32\Dvbpws.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\drivers\etc\lmhosts . . . . nemohl být smazán

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-02 do 2010-04-02 )))))))))))))))))))))))))))))))
.

2010-04-02 18:41 . 2010-04-02 18:41 -------- d-sha-r- \cmdcons
2010-03-19 16:53 . 2010-03-19 16:53 -------- d-----w- c:\program files\SearchPredict
2010-03-19 16:53 . 2010-03-19 16:53 -------- d-----w- c:\program files\SpeedBit Video Downloader
2010-03-19 16:47 . 2010-03-19 16:51 78172 ----a-w- c:\windows\hpqins05.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-02 18:06 . 2010-04-02 18:04 -------- d-----w- c:\program files\trend micro
2010-04-01 13:21 . 2009-04-20 12:51 20500 ----a-w- c:\documents and settings\User\FMCodec.dat
2010-03-30 21:24 . 2010-03-30 21:24 -------- d-----w- c:\program files\Common Files\Java
2010-03-19 18:35 . 2009-04-03 14:51 -------- d-----w- c:\program files\DAP
2010-03-19 16:43 . 2009-12-19 11:49 -------- d-----w- c:\program files\IObitCom
2010-02-08 13:51 . 2008-04-11 16:10 -------- d-----w- c:\program files\Google
2010-02-02 17:08 . 2008-05-16 12:13 1901 ----a-w- c:\windows\panose.bin
2010-01-29 21:00 . 2010-01-29 20:45 186277 ----a-w- c:\windows\hpoins28.dat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2009-08-10 66912]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"= "c:\program files\IObitCom\tbIOb1.dll" [2010-03-19 2349080]

[HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]

[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2009-08-10 15:07 66912 ----a-w- c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
2010-03-19 16:53 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
2010-03-19 16:43 2349080 ----a-w- c:\program files\IObitCom\tbIOb1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"= "c:\program files\IObitCom\tbIOb1.dll" [2010-03-19 2349080]

[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{31C7D459-9CC3-44F2-9DCA-FC11795309B4}"= "c:\program files\IObitCom\tbIOb1.dll" [2010-03-19 2349080]

[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Google Update"="c:\documents and settings\User\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2009-03-04 133104]
"Advanced SystemCare 3"="c:\čističe\Advanced SystemCare 3\AWC.exe" [2010-02-08 2343632]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-19 39408]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2010-03-19 2815488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 1629480]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-06-25 1057064]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2007-11-16 90112]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2007-11-15 2850816]
"avast!"="c:\antiviry\ashDisp.exe" [2009-11-24 81000]
"SMSTray"="c:\disková media\MP3 přehrávač Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 126976]
"MAAgent"="c:\program files\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 57344]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ZoneAlarm Client"="c:\aviry\Zone Alarm\zlclient.exe" [2009-11-22 1037192]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"QuickTime Task"="c:\přehrávače\QuickTime 6\QTTask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]
"HP Software Update"="c:\tiskárna\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"hpqSRMon"="c:\tiskárna\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\User\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Acrobat Assistant.lnk - c:\programy\Adobe\Distillr\AcroTray.exe [2008-4-11 49254]
HP Digital Imaging Monitor.lnk - c:\tisk rna\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\AutorunsDisabled
Corel MEDIA FOLDERS INDEXER 8.LNK - c:\grafika\Programs\MFIndexer.exe [2008-5-1 83456]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Komunikace\\Avant Browser\\avant.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\DVBTAP.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Aviry\\EMCO Malware Destroyer\\MalwareDestroyer.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Komunikace\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Komunikace\\opera.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowOutboundPacketTooBig"= 1 (0x1)

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [19.12.2009 13:56 64288]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [10.5.2008 10:59 114768]
R1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\drivers\wfcxacap.sys [8.4.2008 15:26 9856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10.5.2008 10:59 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [16.7.2009 15:44 222968]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\aviry\Ad-Aware 2007\Ad-Aware\AAWService.exe [2.12.2009 15:19 1181328]
R2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [8.4.2008 15:26 31744]
R2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [8.4.2008 15:26 167040]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [8.4.2008 20:42 39424]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [8.4.2008 15:26 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [8.4.2008 15:26 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [8.4.2008 15:26 10496]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFDTV\WFIOCTL.sys [8.4.2008 15:30 9446]
S2 gupdate1c99cd572e121b6;Google Update Service (gupdate1c99cd572e121b6);c:\program files\Google\Update\GoogleUpdate.exe [4.3.2009 16:28 133104]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [28.4.2008 17:12 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [28.4.2008 17:26 64896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.pravednes.cz/
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-02 20:50
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\smss.exe
c:\windows\system32\csrss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\System32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\antiviry\aswUpdSv.exe
c:\antiviry\ashServ.exe
c:\windows\system32\spoolsv.exe
c:\windows\system32\svchost.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\svchost.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\System32\svchost.exe
c:\windows\System32\svchost.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\svchost.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\SearchIndexer.exe
c:\tiskárna\Digital Imaging\bin\hpqtra08.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wuauclt.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\antiviry\ashMaiSv.exe
c:\antiviry\ashWebSv.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\wmiprvse.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\System32\alg.exe
c:\tiskárna\Digital Imaging\bin\hpqSTE08.exe
c:\tiskárna\Digital Imaging\bin\hpqbam08.exe
c:\tiskárna\Digital Imaging\bin\hpqgpc01.exe
c:\aviry\Ad-Aware 2007\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Celkový čas: 2010-04-02 20:56:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-02 18:56

Před spuštěním: Volných bajtů: 126 943 911 936
Po spuštění: Volných bajtů: 127 056 957 440

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - E7A94ED1DC38E7016E52CA67A73392F3

[Rudy]

ještě dočistíme. Přesuňte Combofix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Folder::
c:\program files\AskSBar

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"=-
[-HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Antusek]

Posílám další log z ComboFix dle vašich instrukcí. Díky za další postup.

ComboFix 10-04-01.02 - User 02.04.2010 22:02:47.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2038.1125 [GMT 2:00]
Spuštěný z: c:\aviry\ComboFix\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\User\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100402-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: ZoneAlarm Security Suite Antivirus *On-access scanning enabled* (Updated) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskSBar
c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
c:\windows\system32\drivers\etc\lmhosts

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-02 do 2010-04-02 )))))))))))))))))))))))))))))))
.

2010-04-02 18:04 . 2010-04-02 18:06 -------- d-----w- C:\rsit
2010-04-02 18:04 . 2010-04-02 18:06 -------- d-----w- c:\program files\trend micro
2010-04-01 09:05 . 2010-04-01 09:05 -------- d-----w- c:\windows\system32\wbem\Repository
2010-03-30 21:24 . 2010-03-30 21:24 -------- d-----w- c:\program files\Common Files\Java
2010-03-30 21:02 . 2009-11-22 13:42 69000 ----a-w- c:\windows\system32\zlcomm.dll
2010-03-30 21:02 . 2009-11-22 13:42 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2010-03-30 21:02 . 2009-11-22 13:42 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2010-03-30 21:02 . 2010-03-30 21:02 -------- d-----w- c:\windows\system32\ZoneLabs
2010-03-30 20:58 . 2010-04-02 20:08 -------- d-----w- c:\windows\Internet Logs
2010-03-25 22:57 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-19 16:53 . 2010-03-19 16:53 -------- d-----w- c:\program files\SearchPredict
2010-03-19 16:53 . 2010-03-19 16:53 -------- d-----w- c:\program files\SpeedBit Video Downloader
2010-03-19 16:47 . 2010-03-19 16:51 78172 ----a-w- c:\windows\hpqins05.dat
2010-03-19 16:43 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-02 20:09 . 2010-03-31 07:25 716796 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-04-02 19:03 . 2009-03-15 21:09 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-04-02 17:14 . 2010-04-02 17:15 1676800 ----a-w- c:\windows\Internet Logs\xDB6.tmp
2010-04-02 17:14 . 2010-04-02 17:15 62464 ----a-w- c:\windows\Internet Logs\xDB5.tmp
2010-04-02 15:04 . 2010-04-02 15:10 1671680 ----a-w- c:\windows\Internet Logs\xDB4.tmp
2010-04-02 15:04 . 2010-04-02 15:10 316416 ----a-w- c:\windows\Internet Logs\xDB3.tmp
2010-04-01 13:21 . 2009-04-20 12:51 20500 ----a-w- c:\documents and settings\User\FMCodec.dat
2010-03-30 22:00 . 2010-03-31 07:26 130048 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2010-03-30 22:00 . 2010-03-31 07:26 1634816 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2010-03-30 21:23 . 2009-03-20 13:05 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-30 21:22 . 2004-08-18 12:00 90816 ----a-w- c:\windows\system32\perfc005.dat
2010-03-30 21:22 . 2004-08-18 12:00 458148 ----a-w- c:\windows\system32\perfh005.dat
2010-03-19 18:35 . 2009-04-03 14:51 -------- d-----w- c:\program files\DAP
2010-03-19 16:43 . 2009-12-19 11:49 -------- d-----w- c:\program files\IObitCom
2010-02-25 06:18 . 2004-08-18 12:00 916480 ------w- c:\windows\system32\wininet.dll
2010-02-08 13:51 . 2008-04-11 16:10 -------- d-----w- c:\program files\Google
2010-02-02 17:08 . 2008-05-16 12:13 1901 ----a-w- c:\windows\panose.bin
2010-01-29 21:00 . 2010-01-29 20:45 186277 ----a-w- c:\windows\hpoins28.dat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"= "c:\program files\IObitCom\tbIOb1.dll" [2010-03-19 2349080]

[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
2010-03-19 16:53 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
2010-03-19 16:43 2349080 ----a-w- c:\program files\IObitCom\tbIOb1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"= "c:\program files\IObitCom\tbIOb1.dll" [2010-03-19 2349080]

[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{31C7D459-9CC3-44F2-9DCA-FC11795309B4}"= "c:\program files\IObitCom\tbIOb1.dll" [2010-03-19 2349080]

[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Google Update"="c:\documents and settings\User\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2009-03-04 133104]
"Advanced SystemCare 3"="c:\čističe\Advanced SystemCare 3\AWC.exe" [2010-02-08 2343632]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-19 39408]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2010-03-19 2815488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 1629480]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-06-25 1057064]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2007-11-16 90112]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2007-11-15 2850816]
"avast!"="c:\antiviry\ashDisp.exe" [2009-11-24 81000]
"SMSTray"="c:\disková media\MP3 přehrávač Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 126976]
"MAAgent"="c:\program files\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 57344]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ZoneAlarm Client"="c:\aviry\Zone Alarm\zlclient.exe" [2009-11-22 1037192]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"QuickTime Task"="c:\přehrávače\QuickTime 6\QTTask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]
"HP Software Update"="c:\tiskárna\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"hpqSRMon"="c:\tiskárna\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\User\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Acrobat Assistant.lnk - c:\programy\Adobe\Distillr\AcroTray.exe [2008-4-11 49254]
HP Digital Imaging Monitor.lnk - c:\tisk rna\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\AutorunsDisabled
Corel MEDIA FOLDERS INDEXER 8.LNK - c:\grafika\Programs\MFIndexer.exe [2008-5-1 83456]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Komunikace\\Avant Browser\\avant.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\DVBTAP.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Aviry\\EMCO Malware Destroyer\\MalwareDestroyer.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Komunikace\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Tiskárna\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Komunikace\\opera.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowOutboundPacketTooBig"= 1 (0x1)

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [19.12.2009 13:56 64288]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [10.5.2008 10:59 114768]
R1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\drivers\wfcxacap.sys [8.4.2008 15:26 9856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10.5.2008 10:59 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [16.7.2009 15:44 222968]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\aviry\Ad-Aware 2007\Ad-Aware\AAWService.exe [2.12.2009 15:19 1181328]
R2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [8.4.2008 15:26 31744]
R2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [8.4.2008 15:26 167040]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [8.4.2008 20:42 39424]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [8.4.2008 15:26 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [8.4.2008 15:26 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [8.4.2008 15:26 10496]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFDTV\WFIOCTL.sys [8.4.2008 15:30 9446]
S2 gupdate1c99cd572e121b6;Google Update Service (gupdate1c99cd572e121b6);c:\program files\Google\Update\GoogleUpdate.exe [4.3.2009 16:28 133104]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [28.4.2008 17:12 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [28.4.2008 17:26 64896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-04-02 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\aviry\Ad-Aware 2007\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 17:56]

2010-04-02 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\aviry\Ad-Aware 2007\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 17:56]

2010-04-02 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\aviry\Ad-Aware 2007\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 17:56]

2010-04-02 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\aviry\Ad-Aware 2007\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 17:56]

2010-04-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\aviry\Ad-Aware 2007\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 17:56]

2010-02-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-04 14:28]

2010-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-04 14:28]

2010-04-02 c:\windows\Tasks\User_Feed_Synchronization-{BA063BA9-0B9A-48A6-A292-BE51289F1058}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.pravednes.cz/
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Adobe PageMaker 7.0 - c:\program files\Adobe\PageMaker 7.0\Uninst.isu



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-02 22:12
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(5144)
c:\program files\MarkAny\ContentSafer\MaCSProHook.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\grafika\programs\CMFFld80.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\antiviry\aswUpdSv.exe
c:\antiviry\ashServ.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\tiskárna\Digital Imaging\bin\hpqtra08.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\SearchIndexer.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\antiviry\ashMaiSv.exe
c:\antiviry\ashWebSv.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\tiskárna\Digital Imaging\bin\hpqSTE08.exe
c:\tiskárna\Digital Imaging\bin\hpqbam08.exe
c:\tiskárna\Digital Imaging\bin\hpqgpc01.exe
c:\aviry\Ad-Aware 2007\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Celkový čas: 2010-04-02 22:17:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-02 20:16
ComboFix2.txt 2010-04-02 18:56

Před spuštěním: Volných bajtů: 126 908 444 672
Po spuštění: Volných bajtů: 127 023 464 448

- - End Of File - - 178CBA5E8D14263EB16C0D00EC6B9D3D

[Rudy]

Log již vypadá čistý. Nastala nějaká změna?

[Antusek]

Musím to vyzkoušet. Restartuji PC a pak zdělím. Díky.

[Rudy]

Zatím není za co.

[Antusek]

Vyzkoušel jsem to a bohužel žádná změna nenastala. Pořád se to po kliknutí na ikonu uživatele načítá s prodlevami. Když to naběhne tak pak už je to dobré. Nemůžou to dělat nějaké programy po spuštění (nevím jak a co pročistit) či Zone Alarm.
Před instalací té nové verze Zone Alarmu to u té předchozí nedělalo, jenže ta už prošla, tak jsme ji odinstalovali a dali tuto. Díky za další postup.

[Rudy]

Můžete na zkoušku ZA vypnout a uvidíte. Také ještě zkuste PC vyčistit CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 .

[Antusek]

Zdřejmě mi to dělá Zone Alarm. Po vypnutí ZA při startu PC to naběhne rychleji. Také to trošinku trvá než se načtou položky po zpuštění, ale není to tak pomalé. Jenže, když je vypnutý, tak mě nechrání. Když ho zapnu tak je to pomalé. Nebo stačí jen ten Windowsovský firewall? Leda že bych ho zpouštěl až po naběhnutí. Neni nějaká chybka v té verzi ZA?
Díky za další postup. Přes víkend tu nejsem pak udělám další postup.

[Rudy]

Win fw je sice lepší, než žádný, ale to je asi tak vše. Budete muset zjistit, s čím se tato verze ZA nesnáší ve vašem PC, nebo použít jiný firewall.

[Antusek]

Tak jsem ten firewall vypnul při startu PC a ikony naběhnou normálně. Pak ho musím vždy hned zapnout. Takto to běhá. Ale když ho zapnu při spouštění PC (start up) tak to pomalu nabíhá.
Díky za rady, které jsem zde dostal. Jest-li to tak může být, tak to tak nechám.

[Rudy]

Může, nicméně se tato verze fw v PC s něčím bije.