Zdravím všechny účastníky tohoto fóra.
Prosím o kontrolu logu. ESET ani Spybot&Destroy nic nehlásí , ale myslím si, že je mám v compu nějakého šmejda. Díky za ochotu.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:26:15, on 17.8.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Potato Screen Capture] "C:\Program Files\Zamaan's Software\Potato Screen Capture 1.0\psc.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
--
End of file - 5885 bytes
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jirka at 2009-08-17 21:54:03
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 41 GB (35%) free of 119 GB
Total RAM: 2047 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:54:14, on 17.8.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jirka\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Jirka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program
Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Potato Screen Capture] "C:\Program Files\Zamaan's Software\Potato Screen Capture 1.0\psc.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file
missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1
\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search &
Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120
\StarWind\StarWindServiceAE.exe (file missing)
--
End of file - 6011 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-
FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-
4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
[2009-07-01 312928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-
4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-
206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-
9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-07 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-28 13687328]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-28 92704]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-08-18 1447168]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-07-01 198160]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"Potato Screen Capture"=C:\Program Files\Zamaan's Software\Potato Screen Capture 1.0\psc.exe [2008-10-24 192512]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-07 149280]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-03-12 6965792]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-03-12 1833504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"UIWatcher"=C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe [2009-02-23 3508568]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplic
ations\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplicat
ions\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-08-17 21:54:03 ----D---- C:\rsit
2009-08-13 09:32:16 ----A---- C:\Windows\system32\kerberos.dll
2009-08-13 09:32:15 ----A---- C:\Windows\system32\wdigest.dll
2009-08-13 09:32:15 ----A---- C:\Windows\system32\msv1_0.dll
2009-08-13 09:32:14 ----A---- C:\Windows\system32\schannel.dll
2009-08-13 09:32:12 ----A---- C:\Windows\system32\secur32.dll
2009-08-13 09:32:12 ----A---- C:\Windows\system32\lsasrv.dll
2009-08-13 09:32:11 ----A---- C:\Windows\system32\lsass.exe
2009-08-12 17:20:19 ----D---- C:\Windows\system32\RTCOM
2009-08-12 17:19:32 ----A---- C:\Windows\DIFxAPI.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\WavesLib.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\SRSWOW.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\SRSTSXT.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\SRSTSHD.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\SRSHP360.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\RTPCEE32.dll
2009-08-12 17:19:30 ----A---- C:\Windows\system32\RtkPgExt.dll
2009-08-12 17:19:30 ----A---- C:\Windows\system32\RtkCoInst.dll
2009-08-12 17:19:30 ----A---- C:\Windows\system32\RtkApoApi.dll
2009-08-12 17:19:30 ----A---- C:\Windows\system32\RtkAPO.dll
2009-08-12 17:19:29 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2009-08-12 17:19:29 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2009-08-12 17:19:29 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2009-08-12 17:19:27 ----A---- C:\Windows\system32\FMAPO.dll
2009-08-12 17:19:26 ----D---- C:\Program Files\Realtek
2009-08-12 17:19:26 ----A---- C:\Windows\system32\AERTARen.dll
2009-08-12 17:19:26 ----A---- C:\Windows\system32\AERTACap.dll
2009-08-12 17:19:20 ----HD---- C:\Program Files\Temp
2009-08-12 17:19:20 ----A---- C:\Windows\RtlExUpd.dll
2009-08-12 07:32:19 ----A---- C:\Windows\system32\atl.dll
2009-08-12 07:32:18 ----A---- C:\Windows\system32\wkssvc.dll
2009-08-12 07:32:12 ----A---- C:\Windows\system32\mstscax.dll
2009-08-12 07:32:09 ----A---- C:\Windows\system32\avifil32.dll
2009-08-12 07:31:50 ----A---- C:\Windows\system32\wmp.dll
2009-08-12 07:31:48 ----A---- C:\Windows\system32\wmpdxm.dll
2009-08-12 07:31:47 ----A---- C:\Windows\system32\spwmp.dll
2009-08-12 07:31:47 ----A---- C:\Windows\system32\dxmasf.dll
2009-08-12 07:31:46 ----A---- C:\Windows\system32\wmploc.DLL
2009-08-07 16:37:26 ----A---- C:\Windows\system32\javaws.exe
2009-08-07 16:37:26 ----A---- C:\Windows\system32\javaw.exe
2009-08-07 16:37:26 ----A---- C:\Windows\system32\java.exe
2009-08-07 16:37:26 ----A---- C:\Windows\system32\deploytk.dll
2009-07-29 03:30:17 ----A---- C:\Windows\system32\mshtml.dll
2009-07-29 03:30:14 ----A---- C:\Windows\system32\ieframe.dll
2009-07-29 03:30:13 ----A---- C:\Windows\system32\iertutil.dll
2009-07-29 03:30:12 ----A---- C:\Windows\system32\wininet.dll
2009-07-29 03:30:12 ----A---- C:\Windows\system32\urlmon.dll
2009-07-29 03:30:12 ----A---- C:\Windows\system32\occache.dll
2009-07-29 03:30:12 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-29 03:30:11 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-29 03:30:10 ----A---- C:\Windows\system32\ieui.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\iesysprep.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\iepeers.dll
2009-07-29 03:30:09 ----A---- C:\Windows\system32\msfeedssync.exe
2009-07-29 03:30:09 ----A---- C:\Windows\system32\iesetup.dll
2009-07-29 03:30:09 ----A---- C:\Windows\system32\iernonce.dll
2009-07-29 03:30:09 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-28 20:53:14 ----D---- C:\Users\Jirka\AppData\Roaming\skypePM
2009-07-28 20:47:31 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2009-07-28 20:47:04 ----D---- C:\Program Files\Common Files\Skype
2009-07-28 20:47:01 ----RD---- C:\Program Files\Skype
2009-07-28 20:46:57 ----D---- C:\ProgramData\Skype
2009-07-25 15:56:58 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2009-07-25 15:20:18 ----D---- C:\Users\Jirka\AppData\Roaming\x2xsoft
2009-07-25 15:20:18 ----D---- C:\Program Files\X2Xsoft
2009-07-25 12:41:10 ----D---- C:\Program Files\ICQ6Toolbar
2009-07-25 12:41:06 ----D---- C:\ProgramData\ICQ
2009-07-25 12:39:45 ----D---- C:\Program Files\ICQ6.5
2009-07-25 12:27:37 ----D---- C:\Users\Jirka\AppData\Roaming\IObit
2009-07-25 12:27:36 ----D---- C:\Program Files\IObit
2009-07-19 11:19:01 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-07-18 15:47:56 ----D---- C:\ProgramData\BVRP Software
2009-07-18 15:38:14 ----A---- C:\ProgramData\hpeFD7E.dll
2009-07-18 15:37:59 ----D---- C:\ProgramData\Sony Ericsson
2009-07-18 15:37:59 ----D---- C:\Program Files\Sony Ericsson
2009-07-18 15:35:57 ----D---- C:\Program Files\Defraggler
======List of files/folders modified in the last 1 months======
2009-08-17 21:54:14 ----D---- C:\Windows\Prefetch
2009-08-17 21:54:07 ----D---- C:\Windows\temp
2009-08-17 18:54:08 ----SHD---- C:\System Volume Information
2009-08-17 18:15:21 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-08-17 08:26:46 ----AD---- C:\Windows\System32
2009-08-17 08:26:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-08-17 08:26:45 ----D---- C:\Windows\inf
2009-08-16 11:18:13 ----D---- C:\Program Files\Mozilla Firefox
2009-08-16 11:17:11 ----D---- C:\Windows
2009-08-16 10:13:30 ----RD---- C:\Program Files
2009-08-15 16:01:20 ----SHD---- C:\Windows\Installer
2009-08-15 16:01:19 ----HD---- C:\Config.Msi
2009-08-13 17:36:29 ----D---- C:\Windows\Debug
2009-08-13 09:46:46 ----D---- C:\Windows\winsxs
2009-08-13 09:33:43 ----D---- C:\Windows\system32\drivers
2009-08-13 09:31:18 ----D---- C:\Windows\system32\catroot2
2009-08-13 09:31:18 ----D---- C:\Windows\system32\catroot
2009-08-13 09:23:42 ----D---- C:\Program Files\Windows Media Player
2009-08-13 09:16:59 ----D---- C:\Program Files\Windows Mail
2009-08-08 08:43:45 ----D---- C:\Windows\dog4 dir
2009-08-08 08:43:45 ----A---- C:\Windows\impborl.dll
2009-08-04 16:38:14 ----D---- C:\Windows\Tasks
2009-08-02 13:45:13 ----D---- C:\Program Files\Microsoft Silverlight
2009-08-02 13:45:13 ----D---- C:\Program Files\ESET
2009-07-30 02:49:14 ----A---- C:\Windows\system32\mrt.exe
2009-07-29 14:05:42 ----D---- C:\Windows\system32\migration
2009-07-29 14:05:40 ----D---- C:\Program Files\Internet Explorer
2009-07-28 20:53:16 ----HD---- C:\ProgramData
2009-07-28 20:47:30 ----D---- C:\Windows\system32\Tasks
2009-07-28 20:47:04 ----D---- C:\Program Files\Common Files
2009-07-25 12:41:17 ----D---- C:\Users\Jirka\AppData\Roaming\ICQ
2009-07-25 12:41:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-24 23:51:55 ----D---- C:\Program Files\Ashampoo
2009-07-24 23:00:10 ----D---- C:\Users\Jirka\AppData\Roaming\Vso
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2008-08-18 53256]
R1 EIO;EIO; \??\C:\Windows\system32\drivers\EIO.sys [2006-06-14 12288]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2008-08-18 54280]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2008-08-18 39944]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2008-08-18 71688]
R3 3xHybrid;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
R3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\Windows\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2008-08-18 30728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-03-12 2342688]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-28 7738816]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-06-15 47360]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 a4tb70jf;a4tb70jf; C:\Windows\system32\drivers\a4tb70jf.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2009-07-25 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2009-07-25 25512]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32
\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 se3ebus;Sony Ericsson Device 062 (WDM); C:\Windows\system32\DRIVERS\se3ebus.sys [2007-04-10 83080]
S3 se3emdfl;Sony Ericsson Device 062 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\se3emdfl.sys [2007-04-10 15112]
S3 se3emdm;Sony Ericsson Device 062 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\se3emdm.sys [2007-04-10 108552]
S3 se3emgmt;Sony Ericsson Device 062 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\se3emgmt.sys [2007
-04-10 100360]
S3 se3eobex;Sony Ericsson Device 062 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\se3eobex.sys [2007-04-10 98568]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2008-08-18 468224]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-28 207392]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe []
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-08-18 19200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-
04-04 69632]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé hledání stránek a velmi často "server nenalezen"
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pomalé hledání stránek a velmi často "server nenalezen"
Naposledy upravil(a) Hooker dne 17 srp 2009 21:01, celkem upraveno 1 x.
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Fixněte v HijackThis:
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O13 - Gopher Prefix:
Jen zbytečnosti. Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 , je podrobnější, než HJT.
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O13 - Gopher Prefix:
Jen zbytečnosti. Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 , je podrobnější, než HJT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jirka at 2009-08-17 22:13:11
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 41 GB (35%) free of 119 GB
Total RAM: 2047 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:13:21, on 17.8.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Jirka\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Jirka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program
Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Potato Screen Capture] "C:\Program Files\Zamaan's Software\Potato Screen Capture 1.0\psc.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1
\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search &
Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120
\StarWind\StarWindServiceAE.exe (file missing)
--
End of file - 5484 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-
FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-
4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
[2009-07-01 312928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-
206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-
9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-07 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-28 13687328]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-28 92704]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-08-18 1447168]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-07-01 198160]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"Potato Screen Capture"=C:\Program Files\Zamaan's Software\Potato Screen Capture 1.0\psc.exe [2008-10-24 192512]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-07 149280]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-03-12 6965792]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-03-12 1833504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"UIWatcher"=C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe [2009-02-23 3508568]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplic
ations\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplicat
ions\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-08-17 21:54:03 ----D---- C:\rsit
2009-08-13 09:32:16 ----A---- C:\Windows\system32\kerberos.dll
2009-08-13 09:32:15 ----A---- C:\Windows\system32\wdigest.dll
2009-08-13 09:32:15 ----A---- C:\Windows\system32\msv1_0.dll
2009-08-13 09:32:14 ----A---- C:\Windows\system32\schannel.dll
2009-08-13 09:32:12 ----A---- C:\Windows\system32\secur32.dll
2009-08-13 09:32:12 ----A---- C:\Windows\system32\lsasrv.dll
2009-08-13 09:32:11 ----A---- C:\Windows\system32\lsass.exe
2009-08-12 17:20:19 ----D---- C:\Windows\system32\RTCOM
2009-08-12 17:19:32 ----A---- C:\Windows\DIFxAPI.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\WavesLib.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\SRSWOW.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\SRSTSXT.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\SRSTSHD.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\SRSHP360.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\RTPCEE32.dll
2009-08-12 17:19:30 ----A---- C:\Windows\system32\RtkPgExt.dll
2009-08-12 17:19:30 ----A---- C:\Windows\system32\RtkCoInst.dll
2009-08-12 17:19:30 ----A---- C:\Windows\system32\RtkApoApi.dll
2009-08-12 17:19:30 ----A---- C:\Windows\system32\RtkAPO.dll
2009-08-12 17:19:29 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2009-08-12 17:19:29 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2009-08-12 17:19:29 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2009-08-12 17:19:27 ----A---- C:\Windows\system32\FMAPO.dll
2009-08-12 17:19:26 ----D---- C:\Program Files\Realtek
2009-08-12 17:19:26 ----A---- C:\Windows\system32\AERTARen.dll
2009-08-12 17:19:26 ----A---- C:\Windows\system32\AERTACap.dll
2009-08-12 17:19:20 ----HD---- C:\Program Files\Temp
2009-08-12 17:19:20 ----A---- C:\Windows\RtlExUpd.dll
2009-08-12 07:32:19 ----A---- C:\Windows\system32\atl.dll
2009-08-12 07:32:18 ----A---- C:\Windows\system32\wkssvc.dll
2009-08-12 07:32:12 ----A---- C:\Windows\system32\mstscax.dll
2009-08-12 07:32:09 ----A---- C:\Windows\system32\avifil32.dll
2009-08-12 07:31:50 ----A---- C:\Windows\system32\wmp.dll
2009-08-12 07:31:48 ----A---- C:\Windows\system32\wmpdxm.dll
2009-08-12 07:31:47 ----A---- C:\Windows\system32\spwmp.dll
2009-08-12 07:31:47 ----A---- C:\Windows\system32\dxmasf.dll
2009-08-12 07:31:46 ----A---- C:\Windows\system32\wmploc.DLL
2009-08-07 16:37:26 ----A---- C:\Windows\system32\javaws.exe
2009-08-07 16:37:26 ----A---- C:\Windows\system32\javaw.exe
2009-08-07 16:37:26 ----A---- C:\Windows\system32\java.exe
2009-08-07 16:37:26 ----A---- C:\Windows\system32\deploytk.dll
2009-07-29 03:30:17 ----A---- C:\Windows\system32\mshtml.dll
2009-07-29 03:30:14 ----A---- C:\Windows\system32\ieframe.dll
2009-07-29 03:30:13 ----A---- C:\Windows\system32\iertutil.dll
2009-07-29 03:30:12 ----A---- C:\Windows\system32\wininet.dll
2009-07-29 03:30:12 ----A---- C:\Windows\system32\urlmon.dll
2009-07-29 03:30:12 ----A---- C:\Windows\system32\occache.dll
2009-07-29 03:30:12 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-29 03:30:11 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-29 03:30:10 ----A---- C:\Windows\system32\ieui.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\iesysprep.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\iepeers.dll
2009-07-29 03:30:09 ----A---- C:\Windows\system32\msfeedssync.exe
2009-07-29 03:30:09 ----A---- C:\Windows\system32\iesetup.dll
2009-07-29 03:30:09 ----A---- C:\Windows\system32\iernonce.dll
2009-07-29 03:30:09 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-28 20:53:14 ----D---- C:\Users\Jirka\AppData\Roaming\skypePM
2009-07-28 20:47:31 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2009-07-28 20:47:04 ----D---- C:\Program Files\Common Files\Skype
2009-07-28 20:47:01 ----RD---- C:\Program Files\Skype
2009-07-28 20:46:57 ----D---- C:\ProgramData\Skype
2009-07-25 15:56:58 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2009-07-25 15:20:18 ----D---- C:\Users\Jirka\AppData\Roaming\x2xsoft
2009-07-25 15:20:18 ----D---- C:\Program Files\X2Xsoft
2009-07-25 12:41:10 ----D---- C:\Program Files\ICQ6Toolbar
2009-07-25 12:41:06 ----D---- C:\ProgramData\ICQ
2009-07-25 12:39:45 ----D---- C:\Program Files\ICQ6.5
2009-07-25 12:27:37 ----D---- C:\Users\Jirka\AppData\Roaming\IObit
2009-07-25 12:27:36 ----D---- C:\Program Files\IObit
2009-07-19 11:19:01 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-07-18 15:47:56 ----D---- C:\ProgramData\BVRP Software
2009-07-18 15:38:14 ----A---- C:\ProgramData\hpeFD7E.dll
2009-07-18 15:37:59 ----D---- C:\ProgramData\Sony Ericsson
2009-07-18 15:37:59 ----D---- C:\Program Files\Sony Ericsson
2009-07-18 15:35:57 ----D---- C:\Program Files\Defraggler
======List of files/folders modified in the last 1 months======
2009-08-17 22:13:15 ----D---- C:\Windows\temp
2009-08-17 22:11:35 ----D---- C:\Windows\Prefetch
2009-08-17 18:56:45 ----SHD---- C:\System Volume Information
2009-08-17 18:15:21 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-08-17 08:26:46 ----AD---- C:\Windows\System32
2009-08-17 08:26:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-08-17 08:26:45 ----D---- C:\Windows\inf
2009-08-16 11:18:13 ----D---- C:\Program Files\Mozilla Firefox
2009-08-16 11:17:11 ----D---- C:\Windows
2009-08-16 10:13:30 ----RD---- C:\Program Files
2009-08-15 16:01:20 ----SHD---- C:\Windows\Installer
2009-08-15 16:01:19 ----HD---- C:\Config.Msi
2009-08-13 17:36:29 ----D---- C:\Windows\Debug
2009-08-13 09:46:46 ----D---- C:\Windows\winsxs
2009-08-13 09:33:43 ----D---- C:\Windows\system32\drivers
2009-08-13 09:31:18 ----D---- C:\Windows\system32\catroot2
2009-08-13 09:31:18 ----D---- C:\Windows\system32\catroot
2009-08-13 09:23:42 ----D---- C:\Program Files\Windows Media Player
2009-08-13 09:16:59 ----D---- C:\Program Files\Windows Mail
2009-08-08 08:43:45 ----D---- C:\Windows\dog4 dir
2009-08-08 08:43:45 ----A---- C:\Windows\impborl.dll
2009-08-04 16:38:14 ----D---- C:\Windows\Tasks
2009-08-02 13:45:13 ----D---- C:\Program Files\Microsoft Silverlight
2009-08-02 13:45:13 ----D---- C:\Program Files\ESET
2009-07-30 02:49:14 ----A---- C:\Windows\system32\mrt.exe
2009-07-29 14:05:42 ----D---- C:\Windows\system32\migration
2009-07-29 14:05:40 ----D---- C:\Program Files\Internet Explorer
2009-07-28 20:53:16 ----HD---- C:\ProgramData
2009-07-28 20:47:30 ----D---- C:\Windows\system32\Tasks
2009-07-28 20:47:04 ----D---- C:\Program Files\Common Files
2009-07-25 12:41:17 ----D---- C:\Users\Jirka\AppData\Roaming\ICQ
2009-07-25 12:41:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-24 23:51:55 ----D---- C:\Program Files\Ashampoo
2009-07-24 23:00:10 ----D---- C:\Users\Jirka\AppData\Roaming\Vso
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2008-08-18 53256]
R1 EIO;EIO; \??\C:\Windows\system32\drivers\EIO.sys [2006-06-14 12288]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2008-08-18 54280]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2008-08-18 39944]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2008-08-18 71688]
R3 3xHybrid;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
R3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\Windows\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2008-08-18 30728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-03-12 2342688]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-28 7738816]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-06-15 47360]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 a4tb70jf;a4tb70jf; C:\Windows\system32\drivers\a4tb70jf.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2009-07-25 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2009-07-25 25512]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32
\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 se3ebus;Sony Ericsson Device 062 (WDM); C:\Windows\system32\DRIVERS\se3ebus.sys [2007-04-10 83080]
S3 se3emdfl;Sony Ericsson Device 062 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\se3emdfl.sys [2007-04-10 15112]
S3 se3emdm;Sony Ericsson Device 062 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\se3emdm.sys [2007-04-10 108552]
S3 se3emgmt;Sony Ericsson Device 062 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\se3emgmt.sys [2007
-04-10 100360]
S3 se3eobex;Sony Ericsson Device 062 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\se3eobex.sys [2007-04-10 98568]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2008-08-18 468224]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-28 207392]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe []
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-08-18 19200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-
04-04 69632]
-----------------EOF-----------------
Run by Jirka at 2009-08-17 22:13:11
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 41 GB (35%) free of 119 GB
Total RAM: 2047 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:13:21, on 17.8.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Jirka\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Jirka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program
Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Potato Screen Capture] "C:\Program Files\Zamaan's Software\Potato Screen Capture 1.0\psc.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1
\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search &
Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120
\StarWind\StarWindServiceAE.exe (file missing)
--
End of file - 5484 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-
FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-
4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
[2009-07-01 312928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-
206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-
9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-07 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-28 13687328]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-28 92704]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-08-18 1447168]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-07-01 198160]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"Potato Screen Capture"=C:\Program Files\Zamaan's Software\Potato Screen Capture 1.0\psc.exe [2008-10-24 192512]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-07 149280]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-03-12 6965792]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-03-12 1833504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"UIWatcher"=C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe [2009-02-23 3508568]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplic
ations\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplicat
ions\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-08-17 21:54:03 ----D---- C:\rsit
2009-08-13 09:32:16 ----A---- C:\Windows\system32\kerberos.dll
2009-08-13 09:32:15 ----A---- C:\Windows\system32\wdigest.dll
2009-08-13 09:32:15 ----A---- C:\Windows\system32\msv1_0.dll
2009-08-13 09:32:14 ----A---- C:\Windows\system32\schannel.dll
2009-08-13 09:32:12 ----A---- C:\Windows\system32\secur32.dll
2009-08-13 09:32:12 ----A---- C:\Windows\system32\lsasrv.dll
2009-08-13 09:32:11 ----A---- C:\Windows\system32\lsass.exe
2009-08-12 17:20:19 ----D---- C:\Windows\system32\RTCOM
2009-08-12 17:19:32 ----A---- C:\Windows\DIFxAPI.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\WavesLib.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\SRSWOW.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\SRSTSXT.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\SRSTSHD.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\SRSHP360.dll
2009-08-12 17:19:31 ----A---- C:\Windows\system32\RTPCEE32.dll
2009-08-12 17:19:30 ----A---- C:\Windows\system32\RtkPgExt.dll
2009-08-12 17:19:30 ----A---- C:\Windows\system32\RtkCoInst.dll
2009-08-12 17:19:30 ----A---- C:\Windows\system32\RtkApoApi.dll
2009-08-12 17:19:30 ----A---- C:\Windows\system32\RtkAPO.dll
2009-08-12 17:19:29 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2009-08-12 17:19:29 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2009-08-12 17:19:29 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2009-08-12 17:19:27 ----A---- C:\Windows\system32\FMAPO.dll
2009-08-12 17:19:26 ----D---- C:\Program Files\Realtek
2009-08-12 17:19:26 ----A---- C:\Windows\system32\AERTARen.dll
2009-08-12 17:19:26 ----A---- C:\Windows\system32\AERTACap.dll
2009-08-12 17:19:20 ----HD---- C:\Program Files\Temp
2009-08-12 17:19:20 ----A---- C:\Windows\RtlExUpd.dll
2009-08-12 07:32:19 ----A---- C:\Windows\system32\atl.dll
2009-08-12 07:32:18 ----A---- C:\Windows\system32\wkssvc.dll
2009-08-12 07:32:12 ----A---- C:\Windows\system32\mstscax.dll
2009-08-12 07:32:09 ----A---- C:\Windows\system32\avifil32.dll
2009-08-12 07:31:50 ----A---- C:\Windows\system32\wmp.dll
2009-08-12 07:31:48 ----A---- C:\Windows\system32\wmpdxm.dll
2009-08-12 07:31:47 ----A---- C:\Windows\system32\spwmp.dll
2009-08-12 07:31:47 ----A---- C:\Windows\system32\dxmasf.dll
2009-08-12 07:31:46 ----A---- C:\Windows\system32\wmploc.DLL
2009-08-07 16:37:26 ----A---- C:\Windows\system32\javaws.exe
2009-08-07 16:37:26 ----A---- C:\Windows\system32\javaw.exe
2009-08-07 16:37:26 ----A---- C:\Windows\system32\java.exe
2009-08-07 16:37:26 ----A---- C:\Windows\system32\deploytk.dll
2009-07-29 03:30:17 ----A---- C:\Windows\system32\mshtml.dll
2009-07-29 03:30:14 ----A---- C:\Windows\system32\ieframe.dll
2009-07-29 03:30:13 ----A---- C:\Windows\system32\iertutil.dll
2009-07-29 03:30:12 ----A---- C:\Windows\system32\wininet.dll
2009-07-29 03:30:12 ----A---- C:\Windows\system32\urlmon.dll
2009-07-29 03:30:12 ----A---- C:\Windows\system32\occache.dll
2009-07-29 03:30:12 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-29 03:30:11 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-29 03:30:10 ----A---- C:\Windows\system32\ieui.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\iesysprep.dll
2009-07-29 03:30:10 ----A---- C:\Windows\system32\iepeers.dll
2009-07-29 03:30:09 ----A---- C:\Windows\system32\msfeedssync.exe
2009-07-29 03:30:09 ----A---- C:\Windows\system32\iesetup.dll
2009-07-29 03:30:09 ----A---- C:\Windows\system32\iernonce.dll
2009-07-29 03:30:09 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-28 20:53:14 ----D---- C:\Users\Jirka\AppData\Roaming\skypePM
2009-07-28 20:47:31 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2009-07-28 20:47:04 ----D---- C:\Program Files\Common Files\Skype
2009-07-28 20:47:01 ----RD---- C:\Program Files\Skype
2009-07-28 20:46:57 ----D---- C:\ProgramData\Skype
2009-07-25 15:56:58 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2009-07-25 15:20:18 ----D---- C:\Users\Jirka\AppData\Roaming\x2xsoft
2009-07-25 15:20:18 ----D---- C:\Program Files\X2Xsoft
2009-07-25 12:41:10 ----D---- C:\Program Files\ICQ6Toolbar
2009-07-25 12:41:06 ----D---- C:\ProgramData\ICQ
2009-07-25 12:39:45 ----D---- C:\Program Files\ICQ6.5
2009-07-25 12:27:37 ----D---- C:\Users\Jirka\AppData\Roaming\IObit
2009-07-25 12:27:36 ----D---- C:\Program Files\IObit
2009-07-19 11:19:01 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-07-18 15:47:56 ----D---- C:\ProgramData\BVRP Software
2009-07-18 15:38:14 ----A---- C:\ProgramData\hpeFD7E.dll
2009-07-18 15:37:59 ----D---- C:\ProgramData\Sony Ericsson
2009-07-18 15:37:59 ----D---- C:\Program Files\Sony Ericsson
2009-07-18 15:35:57 ----D---- C:\Program Files\Defraggler
======List of files/folders modified in the last 1 months======
2009-08-17 22:13:15 ----D---- C:\Windows\temp
2009-08-17 22:11:35 ----D---- C:\Windows\Prefetch
2009-08-17 18:56:45 ----SHD---- C:\System Volume Information
2009-08-17 18:15:21 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-08-17 08:26:46 ----AD---- C:\Windows\System32
2009-08-17 08:26:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-08-17 08:26:45 ----D---- C:\Windows\inf
2009-08-16 11:18:13 ----D---- C:\Program Files\Mozilla Firefox
2009-08-16 11:17:11 ----D---- C:\Windows
2009-08-16 10:13:30 ----RD---- C:\Program Files
2009-08-15 16:01:20 ----SHD---- C:\Windows\Installer
2009-08-15 16:01:19 ----HD---- C:\Config.Msi
2009-08-13 17:36:29 ----D---- C:\Windows\Debug
2009-08-13 09:46:46 ----D---- C:\Windows\winsxs
2009-08-13 09:33:43 ----D---- C:\Windows\system32\drivers
2009-08-13 09:31:18 ----D---- C:\Windows\system32\catroot2
2009-08-13 09:31:18 ----D---- C:\Windows\system32\catroot
2009-08-13 09:23:42 ----D---- C:\Program Files\Windows Media Player
2009-08-13 09:16:59 ----D---- C:\Program Files\Windows Mail
2009-08-08 08:43:45 ----D---- C:\Windows\dog4 dir
2009-08-08 08:43:45 ----A---- C:\Windows\impborl.dll
2009-08-04 16:38:14 ----D---- C:\Windows\Tasks
2009-08-02 13:45:13 ----D---- C:\Program Files\Microsoft Silverlight
2009-08-02 13:45:13 ----D---- C:\Program Files\ESET
2009-07-30 02:49:14 ----A---- C:\Windows\system32\mrt.exe
2009-07-29 14:05:42 ----D---- C:\Windows\system32\migration
2009-07-29 14:05:40 ----D---- C:\Program Files\Internet Explorer
2009-07-28 20:53:16 ----HD---- C:\ProgramData
2009-07-28 20:47:30 ----D---- C:\Windows\system32\Tasks
2009-07-28 20:47:04 ----D---- C:\Program Files\Common Files
2009-07-25 12:41:17 ----D---- C:\Users\Jirka\AppData\Roaming\ICQ
2009-07-25 12:41:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-24 23:51:55 ----D---- C:\Program Files\Ashampoo
2009-07-24 23:00:10 ----D---- C:\Users\Jirka\AppData\Roaming\Vso
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2008-08-18 53256]
R1 EIO;EIO; \??\C:\Windows\system32\drivers\EIO.sys [2006-06-14 12288]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2008-08-18 54280]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2008-08-18 39944]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2008-08-18 71688]
R3 3xHybrid;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
R3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\Windows\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2008-08-18 30728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-03-12 2342688]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-28 7738816]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-06-15 47360]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 a4tb70jf;a4tb70jf; C:\Windows\system32\drivers\a4tb70jf.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2009-07-25 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2009-07-25 25512]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32
\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 se3ebus;Sony Ericsson Device 062 (WDM); C:\Windows\system32\DRIVERS\se3ebus.sys [2007-04-10 83080]
S3 se3emdfl;Sony Ericsson Device 062 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\se3emdfl.sys [2007-04-10 15112]
S3 se3emdm;Sony Ericsson Device 062 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\se3emdm.sys [2007-04-10 108552]
S3 se3emgmt;Sony Ericsson Device 062 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\se3emgmt.sys [2007
-04-10 100360]
S3 se3eobex;Sony Ericsson Device 062 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\se3eobex.sys [2007-04-10 98568]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2008-08-18 468224]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-28 207392]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe []
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-08-18 19200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-
04-04 69632]
-----------------EOF-----------------
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Log vypadá čistý. Pravděpodobně vám vypadává připojení. Jaké máte připojení?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Mám O2 ADSL -doufám ,že jsem to napsal správně.Zatím jsem si nemohl na připojení stěžovat.
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Zkuste restartovat modem, popř jiné síť. prvky v datové cestě.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Tak jsem to vykonal a zdá se to být v pořádku. Neposlušné stránky se načetly svižně, a zdá se , že je to celé nějak rychlejší. Díky za pomoc a přeji "hezký zítřejší den". Pokud Vám ve Plzni nechčije už teď. Tady v Čáslavi to už pěkně bouchá a trocha vody už spadla.Tak ještě jednou díky!
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Také hezký den. Tady byla bouřka a déšť asi před 1,5hod. Už je klid. Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Zdravím Vás všechny na foru.
Myslím, že se problem opakuje, prosím pěkně o kontrolu logu. Zatím díky.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:05:23, on 16.3.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ScreenshotCaptor\ScreenshotCaptor.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: (no name) - {C9F97205-62A3-41F2-9F2C-D99392F882EB} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
--
End of file - 5558 bytes
Myslím, že se problem opakuje, prosím pěkně o kontrolu logu. Zatím díky.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:05:23, on 16.3.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ScreenshotCaptor\ScreenshotCaptor.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: (no name) - {C9F97205-62A3-41F2-9F2C-D99392F882EB} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
--
End of file - 5558 bytes
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 . Je podrobnější, než HJT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Omlouvám se, byl jsem na chvíli pryč z domu. Posílám žádané.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jirka at 2010-03-16 20:37:50
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 45 GB (38%) free of 119 GB
Total RAM: 2047 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:38:03, on 16.3.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ScreenshotCaptor\ScreenshotCaptor.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Jirka\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Jirka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: (no name) - {C9F97205-62A3-41F2-9F2C-D99392F882EB} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
--
End of file - 5723 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-08 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll [2009-12-22 157232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9F97205-62A3-41F2-9F2C-D99392F882EB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-03-12 6965792]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-03-12 1833504]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-08 202256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"UIWatcher"=C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe [2009-02-23 3508568]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8df7614d-624b-11de-ab76-0019dbae7b9f}]
shell\AutoRun\command - J:\autorun.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-03-11 17:20:01 ----D---- C:\Program Files\MSECache
2010-03-11 04:11:31 ----D---- C:\Program Files\NVIDIA Corporation
2010-03-11 04:06:22 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-11 00:41:59 ----A---- C:\Windows\system32\nshhttp.dll
2010-03-11 00:41:53 ----A---- C:\Windows\system32\httpapi.dll
2010-03-08 21:34:37 ----D---- C:\Program Files\Common Files\xing shared
2010-02-24 03:04:26 ----A---- C:\Windows\system32\jscript.dll
2010-02-24 03:04:18 ----A---- C:\Windows\system32\tzres.dll
2010-02-24 03:03:37 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-24 03:03:36 ----A---- C:\Windows\system32\secproc.dll
2010-02-24 03:03:18 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-24 03:03:16 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-24 03:03:16 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-24 03:03:15 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-24 03:03:13 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-24 03:03:13 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-24 03:03:13 ----A---- C:\Windows\system32\msdrm.dll
2010-02-24 03:03:08 ----A---- C:\Windows\system32\gameux.dll
2010-02-24 03:03:06 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-02-24 03:03:06 ----A---- C:\Windows\system32\Apphlpdm.dll
======List of files/folders modified in the last 1 months======
2010-03-16 20:38:03 ----D---- C:\Windows\Prefetch
2010-03-16 20:37:54 ----D---- C:\Windows\temp
2010-03-16 20:24:34 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2010-03-16 17:24:02 ----D---- C:\Users\Jirka\AppData\Roaming\skypePM
2010-03-16 12:35:53 ----D---- C:\Windows\inf
2010-03-16 12:35:53 ----AD---- C:\Windows\System32
2010-03-16 12:35:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-16 01:41:52 ----SHD---- C:\System Volume Information
2010-03-16 01:24:56 ----RD---- C:\Program Files
2010-03-15 16:42:38 ----D---- C:\Users\Jirka\AppData\Roaming\BITS
2010-03-15 15:33:39 ----D---- C:\Downloads
2010-03-14 17:14:17 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-03-14 17:13:49 ----D---- C:\Windows\system32\Tasks
2010-03-14 09:21:57 ----D---- C:\Windows
2010-03-12 17:39:26 ----AD---- C:\ProgramData\TEMP
2010-03-12 16:58:07 ----D---- C:\Windows\system32\catroot2
2010-03-11 17:35:57 ----D---- C:\ProgramData\Real
2010-03-11 17:29:28 ----SHD---- C:\Windows\Installer
2010-03-11 17:29:28 ----HD---- C:\Config.Msi
2010-03-11 17:29:26 ----D---- C:\Windows\winsxs
2010-03-11 17:29:19 ----D---- C:\Program Files\Common Files\microsoft shared
2010-03-11 04:15:00 ----SD---- C:\ProgramData\Microsoft
2010-03-11 04:12:53 ----D---- C:\ProgramData\NVIDIA
2010-03-11 04:11:27 ----D---- C:\Windows\system32\drivers
2010-03-11 04:11:20 ----D---- C:\Windows\system32\catroot
2010-03-11 03:58:59 ----D---- C:\Program Files\Windows Mail
2010-03-11 03:58:59 ----D---- C:\Program Files\Movie Maker
2010-03-08 21:36:01 ----D---- C:\Users\Jirka\AppData\Roaming\Real
2010-03-08 21:35:19 ----D---- C:\Program Files\Common Files\Real
2010-03-08 21:35:16 ----A---- C:\Windows\system32\rmoc3260.dll
2010-03-08 21:35:08 ----A---- C:\Windows\system32\pndx5032.dll
2010-03-08 21:35:08 ----A---- C:\Windows\system32\pndx5016.dll
2010-03-08 21:34:44 ----D---- C:\Program Files\real
2010-03-08 21:34:37 ----D---- C:\Program Files\Common Files
2010-03-08 21:34:12 ----A---- C:\Windows\system32\pncrt.dll
2010-03-05 20:53:20 ----D---- C:\Users\Jirka\AppData\Roaming\Vso
2010-03-02 06:30:12 ----A---- C:\Windows\system32\mrt.exe
2010-02-27 00:22:18 ----D---- C:\Program Files\CCleaner
2010-02-24 14:36:24 ----D---- C:\Windows\rescache
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-24 05:37:00 ----D---- C:\Windows\system32\cs-CZ
2010-02-24 05:36:56 ----D---- C:\Windows\AppPatch
2010-02-24 05:36:54 ----RSD---- C:\Windows\Fonts
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 EIO;EIO; \??\C:\Windows\system32\drivers\EIO.sys [2006-06-14 12288]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R3 3xHybrid;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
R3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\Windows\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-03-12 2342688]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-01-12 11586280]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 ae9isuy4;ae9isuy4; C:\Windows\system32\drivers\ae9isuy4.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2009-07-25 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2009-07-25 25512]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-06-15 47360]
S3 se3ebus;Sony Ericsson Device 062 (WDM); C:\Windows\system32\DRIVERS\se3ebus.sys [2007-04-10 83080]
S3 se3emdfl;Sony Ericsson Device 062 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\se3emdfl.sys [2007-04-10 15112]
S3 se3emdm;Sony Ericsson Device 062 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\se3emdm.sys [2007-04-10 108552]
S3 se3emgmt;Sony Ericsson Device 062 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\se3emgmt.sys [2007-04-10 100360]
S3 se3eobex;Sony Ericsson Device 062 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\se3eobex.sys [2007-04-10 98568]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-11 129640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe []
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jirka at 2010-03-16 20:37:50
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 45 GB (38%) free of 119 GB
Total RAM: 2047 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:38:03, on 16.3.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ScreenshotCaptor\ScreenshotCaptor.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Jirka\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Jirka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: (no name) - {C9F97205-62A3-41F2-9F2C-D99392F882EB} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
--
End of file - 5723 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-08 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll [2009-12-22 157232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9F97205-62A3-41F2-9F2C-D99392F882EB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-03-12 6965792]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-03-12 1833504]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-08 202256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"UIWatcher"=C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe [2009-02-23 3508568]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8df7614d-624b-11de-ab76-0019dbae7b9f}]
shell\AutoRun\command - J:\autorun.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-03-11 17:20:01 ----D---- C:\Program Files\MSECache
2010-03-11 04:11:31 ----D---- C:\Program Files\NVIDIA Corporation
2010-03-11 04:06:22 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-11 00:41:59 ----A---- C:\Windows\system32\nshhttp.dll
2010-03-11 00:41:53 ----A---- C:\Windows\system32\httpapi.dll
2010-03-08 21:34:37 ----D---- C:\Program Files\Common Files\xing shared
2010-02-24 03:04:26 ----A---- C:\Windows\system32\jscript.dll
2010-02-24 03:04:18 ----A---- C:\Windows\system32\tzres.dll
2010-02-24 03:03:37 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-24 03:03:36 ----A---- C:\Windows\system32\secproc.dll
2010-02-24 03:03:18 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-24 03:03:16 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-24 03:03:16 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-24 03:03:15 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-24 03:03:13 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-24 03:03:13 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-24 03:03:13 ----A---- C:\Windows\system32\msdrm.dll
2010-02-24 03:03:08 ----A---- C:\Windows\system32\gameux.dll
2010-02-24 03:03:06 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-02-24 03:03:06 ----A---- C:\Windows\system32\Apphlpdm.dll
======List of files/folders modified in the last 1 months======
2010-03-16 20:38:03 ----D---- C:\Windows\Prefetch
2010-03-16 20:37:54 ----D---- C:\Windows\temp
2010-03-16 20:24:34 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2010-03-16 17:24:02 ----D---- C:\Users\Jirka\AppData\Roaming\skypePM
2010-03-16 12:35:53 ----D---- C:\Windows\inf
2010-03-16 12:35:53 ----AD---- C:\Windows\System32
2010-03-16 12:35:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-16 01:41:52 ----SHD---- C:\System Volume Information
2010-03-16 01:24:56 ----RD---- C:\Program Files
2010-03-15 16:42:38 ----D---- C:\Users\Jirka\AppData\Roaming\BITS
2010-03-15 15:33:39 ----D---- C:\Downloads
2010-03-14 17:14:17 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-03-14 17:13:49 ----D---- C:\Windows\system32\Tasks
2010-03-14 09:21:57 ----D---- C:\Windows
2010-03-12 17:39:26 ----AD---- C:\ProgramData\TEMP
2010-03-12 16:58:07 ----D---- C:\Windows\system32\catroot2
2010-03-11 17:35:57 ----D---- C:\ProgramData\Real
2010-03-11 17:29:28 ----SHD---- C:\Windows\Installer
2010-03-11 17:29:28 ----HD---- C:\Config.Msi
2010-03-11 17:29:26 ----D---- C:\Windows\winsxs
2010-03-11 17:29:19 ----D---- C:\Program Files\Common Files\microsoft shared
2010-03-11 04:15:00 ----SD---- C:\ProgramData\Microsoft
2010-03-11 04:12:53 ----D---- C:\ProgramData\NVIDIA
2010-03-11 04:11:27 ----D---- C:\Windows\system32\drivers
2010-03-11 04:11:20 ----D---- C:\Windows\system32\catroot
2010-03-11 03:58:59 ----D---- C:\Program Files\Windows Mail
2010-03-11 03:58:59 ----D---- C:\Program Files\Movie Maker
2010-03-08 21:36:01 ----D---- C:\Users\Jirka\AppData\Roaming\Real
2010-03-08 21:35:19 ----D---- C:\Program Files\Common Files\Real
2010-03-08 21:35:16 ----A---- C:\Windows\system32\rmoc3260.dll
2010-03-08 21:35:08 ----A---- C:\Windows\system32\pndx5032.dll
2010-03-08 21:35:08 ----A---- C:\Windows\system32\pndx5016.dll
2010-03-08 21:34:44 ----D---- C:\Program Files\real
2010-03-08 21:34:37 ----D---- C:\Program Files\Common Files
2010-03-08 21:34:12 ----A---- C:\Windows\system32\pncrt.dll
2010-03-05 20:53:20 ----D---- C:\Users\Jirka\AppData\Roaming\Vso
2010-03-02 06:30:12 ----A---- C:\Windows\system32\mrt.exe
2010-02-27 00:22:18 ----D---- C:\Program Files\CCleaner
2010-02-24 14:36:24 ----D---- C:\Windows\rescache
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-24 05:37:00 ----D---- C:\Windows\system32\cs-CZ
2010-02-24 05:36:56 ----D---- C:\Windows\AppPatch
2010-02-24 05:36:54 ----RSD---- C:\Windows\Fonts
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 EIO;EIO; \??\C:\Windows\system32\drivers\EIO.sys [2006-06-14 12288]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R3 3xHybrid;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
R3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\Windows\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-03-12 2342688]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-01-12 11586280]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 ae9isuy4;ae9isuy4; C:\Windows\system32\drivers\ae9isuy4.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2009-07-25 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2009-07-25 25512]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-06-15 47360]
S3 se3ebus;Sony Ericsson Device 062 (WDM); C:\Windows\system32\DRIVERS\se3ebus.sys [2007-04-10 83080]
S3 se3emdfl;Sony Ericsson Device 062 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\se3emdfl.sys [2007-04-10 15112]
S3 se3emdm;Sony Ericsson Device 062 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\se3emdm.sys [2007-04-10 108552]
S3 se3emgmt;Sony Ericsson Device 062 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\se3emgmt.sys [2007-04-10 100360]
S3 se3eobex;Sony Ericsson Device 062 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\se3eobex.sys [2007-04-10 98568]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-11 129640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe []
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
-----------------EOF-----------------
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Nic nebezpečného nevidím. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Tak jdu na to.
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Asi jsem to zmotal, udělám to znovu.
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3874
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882
16.3.2010 22:47:26
mbam-log-2010-03-16 (22-47-13).txt
Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 218255
Uplynulý čas: 33 minute(s), 47 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 3
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
C:\Program Files\WinRAR\Patch.exe (Malware.Tool) -> No action taken.
D:\INSTALL\ESET_Smart_Security_v3.0.672\ESET Smart Security v3.0.672 + NodLogin 9.6 (Working RETAIL)\NodLogin 9.6 For NOD32 32 & 64 bits\NodLogin 9.6 32Bits\setup.exe (Trojan.Downloader) -> No action taken.
D:\PROGRAMY\Instalované-war\WinRAR_3.80_CZ\Patch.exe (Malware.Tool) -> No action taken.
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3874
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882
16.3.2010 22:47:26
mbam-log-2010-03-16 (22-47-13).txt
Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 218255
Uplynulý čas: 33 minute(s), 47 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 3
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
C:\Program Files\WinRAR\Patch.exe (Malware.Tool) -> No action taken.
D:\INSTALL\ESET_Smart_Security_v3.0.672\ESET Smart Security v3.0.672 + NodLogin 9.6 (Working RETAIL)\NodLogin 9.6 For NOD32 32 & 64 bits\NodLogin 9.6 32Bits\setup.exe (Trojan.Downloader) -> No action taken.
D:\PROGRAMY\Instalované-war\WinRAR_3.80_CZ\Patch.exe (Malware.Tool) -> No action taken.
Naposledy upravil(a) Hooker dne 17 bře 2010 10:25, celkem upraveno 2 x.
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé hledání stránek a velmi často "server nenalezen"
Vše smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?