prosba o pomoc - ROOTKIT

[lusi86]

počítač vyzerá byť ok niekedy mu trošku dlhšie trvá, kým sa reštartuje po ukončení niektorého programu, ale inak funguje dobre. Rezidentná ochrana Avastu už žiadny vírus nevyhadzuje

[motji]

spusťte přejmenované HJT C:\Program Files\Trend Micro\HijackThis\lucka.exe , má tuto ikonku

- Klikněte na "Do a system scan only"
- U řádku
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll

- Dejte fajfku do čtverečku a zmáčkněte Fix checked
- restartujte pc


odinstalujte přes CCleaner - nástroje - Ask toolbar,

-pokud nepoužíváte, odinstalujte i ICQ toolbar


smažte
C:\Program Files\AskBarDis
C:\potvora.com


Můžete omezit spouštění zbytečných programů po startu
- Stáhněte z mého podpisu program StartUpLite
- vypíše seznam zbytečně spouštěných programů po startu,
- vyberete které chcete zastavit,u nich zaškrtnete Disable a klikněte na Continue


Fleška je který disk? Spustte USBfix znovu a dejte volbu 2.

[lusi86]

C:\Program Files\AskBarDis

tento subor tam nemam

[lusi86]

USB kluce su H: a I:, dala som obidva, ked ste povedali, ze mam dat vsetky, ktore pouzivam.

[motji]

Spuste znovu Usbfix a volbu 2 a poprosím o nový log ze Rsitu

[lusi86]

Log z UsbFixu:


############################## | UsbFix V6.104 |

User : lucka (Administrators) # LUCKA
Update on 14/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 22:18:57 | 14.4.2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz
Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Windows Firewall Status : Disabled
AV : avast! antivirus 4.8.1368 [VPS 100414-1] 4.8.1368 [ Enabled | Updated ]
FW : ZoneAlarm Firewall[ Enabled ]8.0.298.000

C:\ -> Local Fixed Disk # 58,59 Go (7,5 Go free) # NTFS
D:\ -> CD-ROM Disc
E:\ -> Local Fixed Disk # 97,65 Go (28,94 Go free) # NTFS
F:\ -> Local Fixed Disk # 76,63 Go (12,23 Go free) # NTFS
H:\ -> Removable Disk # 992,53 Mo (992,52 Mo free) # FAT32
I:\ -> Removable Disk # 982,05 Mo (982,04 Mo free) # FAT32

################## | Files # Infected Folders |

Deleted ! C:\Documents and Settings\lucka\bclmr.exe
Deleted ! C:\Recycler\S-1-5-21-606747145-1214440339-725345543-1003
Deleted ! E:\Recycler\S-1-5-21-606747145-1214440339-725345543-1003
Deleted ! F:\Recycler\S-1-5-21-606747145-1214440339-725345543-1003

################## | Registry |

Deleted ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
Deleted ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |


################## | Listing of the present files |

[26.03.2008 20:19|--a------|211] C:\Boot.bak
[12.04.2010 23:04|-rahs----|281] C:\boot.ini
[03.08.2004 23:00|--a------|260272] C:\cmldr
[26.03.2008 20:24|--a------|0] C:\CONFIG.SYS
[26.03.2008 20:39|--a------|286720] C:\Debug.txt
[26.10.2009 16:33|--a------|3532] C:\drmHeader.bin
[21.03.2009 09:30|--a------|23319598] C:\dwshield.log
[25.02.2008 14:27|-r-h-----|1048576] C:\F3L.BIN
[?|?|?] C:\hiberfil.sys
[26.03.2008 20:24|-rahs----|0] C:\IO.SYS
[26.03.2008 20:24|-rahs----|0] C:\MSDOS.SYS
[31.08.2004 13:33|-rahs----|47564] C:\NTDETECT.COM
[26.03.2008 20:40|-rahs----|250048] C:\ntldr
[?|?|?] C:\pagefile.sys
[26.03.2008 20:48|--a------|347] C:\RHDSetup.log
[26.03.2008 21:16|--a------|195] C:\setup.log
[14.04.2010 22:25|--a------|2276] C:\UsbFix.txt
[12.04.2010 22:48|--a------|934] E:\rootkit.rtf

################## | Vaccination |

# C:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# E:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# F:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).

################## | Upload |

Please send the file : C:\UsbFix_Upload_Me_LUCKA.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .

################## | ! End of report # UsbFix V6.104 ! |

[lusi86]

Log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by lucka at 2010-04-14 22:35:13
Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (13%) free of 60 GB
Total RAM: 1015 MB (41% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-1214440339-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-1214440339-725345543-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"=C:\Program Files\ATK Hotkey\Hcontrol.exe [2007-06-29 225280]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-07-03 7708672]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"ACU"=C:\Program Files\Atheros\ACU.exe [2006-11-17 348249]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-07-19 49520]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"PowerForPhone"=C:\Program Files\P4P\P4P.exe [2007-07-19 778240]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2007-06-26 851968]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-02-16 981384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MultiFrame"=C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe [2007-06-21 999792]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-06-20 451872]
"Google Update"=C:\Documents and Settings\lucka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-29 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ask and Record FLV Service]
C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe [2009-03-10 156672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\lucka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-29 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ6.5\ICQ.exe [2010-01-03 172792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-24 630784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WHITNEY_S2P]
C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe [2006-03-27 229376]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-06-05 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe"

======List of files/folders created in the last 1 months======

2010-04-14 22:32:54 ----A---- C:\WINDOWS\system32\acovcnt.exe
2010-04-14 22:25:14 ----RASHD---- C:\autorun.inf
2010-04-14 22:18:02 ----A---- C:\UsbFix.txt
2010-04-14 21:58:03 ----D---- C:\Program Files\TrendMicro
2010-04-14 21:40:56 ----D---- C:\UsbFix
2010-04-14 21:35:46 ----D---- C:\rsit
2010-04-13 22:37:34 ----A---- C:\WINDOWS\system32\vsregexp.dll
2010-04-13 22:37:32 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-04-13 22:37:32 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-04-13 22:37:28 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-04-13 22:37:27 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-04-13 22:37:27 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-04-13 22:37:27 ----A---- C:\WINDOWS\system32\vsxml.dll
2010-04-13 22:37:27 ----A---- C:\WINDOWS\system32\vspubapi.dll
2010-04-13 22:37:27 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-04-13 22:35:54 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-04-13 22:35:54 ----A---- C:\WINDOWS\system32\vsdata.dll
2010-04-13 22:35:53 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-04-13 22:20:41 ----HDC---- C:\WINDOWS\$NtUninstallKB943232$
2010-04-13 22:20:32 ----D---- C:\Program Files\Zone Labs
2010-04-13 22:20:21 ----D---- C:\WINDOWS\Internet Logs
2010-04-13 22:19:42 ----SHD---- C:\RECYCLER
2010-04-13 11:36:16 ----D---- C:\Documents and Settings\lucka\Application Data\Malwarebytes
2010-04-13 11:36:07 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-04-13 11:36:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-12 23:04:25 ----A---- C:\Boot.bak
2010-04-12 23:04:18 ----RASHD---- C:\cmdcons

======List of files/folders modified in the last 1 months======

2010-04-14 22:32:54 ----D---- C:\WINDOWS\system32
2010-04-14 22:32:50 ----HD---- C:\WINDOWS\inf
2010-04-14 22:32:48 ----AD---- C:\WINDOWS\Temp
2010-04-14 22:32:46 ----A---- C:\WINDOWS\ModemLog_Motorola SM56 Speakerphone Modem.txt
2010-04-14 22:30:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-14 22:25:18 ----D---- C:\WINDOWS\Prefetch
2010-04-14 22:22:44 ----D---- C:\WINDOWS
2010-04-14 22:06:29 ----RD---- C:\Program Files
2010-04-14 21:58:04 ----SHD---- C:\WINDOWS\Installer
2010-04-14 21:33:23 ----D---- C:\WINDOWS\system32\drivers
2010-04-14 21:28:16 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-14 21:13:37 ----SHD---- C:\System Volume Information
2010-04-14 21:13:37 ----D---- C:\WINDOWS\system32\Restore
2010-04-14 21:10:04 ----A---- C:\WINDOWS\winamp.ini
2010-04-14 11:16:50 ----D---- C:\WINDOWS\Minidump
2010-04-13 22:49:17 ----D---- C:\Program Files\Mozilla Firefox
2010-04-13 22:20:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-13 22:20:25 ----D---- C:\WINDOWS\WinSxS
2010-04-13 22:18:19 ----D---- C:\WINDOWS\msapps
2010-04-13 21:37:58 ----A---- C:\WINDOWS\system.ini
2010-04-13 21:36:05 ----D---- C:\WINDOWS\system32\config
2010-04-13 21:33:35 ----D---- C:\WINDOWS\AppPatch
2010-04-13 21:33:32 ----D---- C:\Program Files\Common Files
2010-04-13 12:26:36 ----N---- C:\WINDOWS\system32\svchost.exe
2010-04-12 23:04:25 ----RASH---- C:\boot.ini
2010-04-10 19:15:36 ----D---- C:\Documents and Settings\lucka\Application Data\ICQ
2010-04-10 11:11:21 ----D---- C:\Documents and Settings\lucka\Application Data\Skype
2010-04-10 10:48:39 ----D---- C:\Documents and Settings\lucka\Application Data\skypePM
2010-04-06 23:04:13 ----D---- C:\Documents and Settings\lucka\Application Data\BitTorrent
2010-04-04 12:58:09 ----A---- C:\WINDOWS\WDICT32.INI
2010-03-28 09:34:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-19 11:12:52 ----D---- C:\Documents and Settings\lucka\Application Data\Facebook

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-31 36096]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-02-16 353672]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-12-05 529344]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-31 60800]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ATKHOT~1\ASNDIS5.SYS []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l151x86.sys [2007-07-03 39424]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-06-05 5761728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-31 61824]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-31 5888]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-31 67584]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-11-24 982272]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-05-25 1743232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2006-07-20 54432]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 FlrnUSB;Leadtek USB Network Interface; C:\WINDOWS\system32\DRIVERS\LtkUSB.sys [2008-05-14 41907]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2006-10-30 88960]
S3 lvupdtio;lvupdtio; \??\C:\Program Files\ASUS\ASUS Live Update\SYS\lvupdtio.sys []
S3 motccgp;Motorola USB Composite Device Driver; C:\WINDOWS\system32\DRIVERS\motccgp.sys [2007-06-18 17920]
S3 motccgpfl;MotCcgpFlService; C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2007-01-22 7680]
S3 MotoSwitchService;MotoSwitch Service; C:\WINDOWS\system32\DRIVERS\motswch.sys [2006-12-06 6400]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-31 11136]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-31 10240]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-31 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 dwshd;dwshd; C:\WINDOWS\System32\drivers\dwshd.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-31 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2006-11-17 360533]
R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2007-05-18 73728]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-06-11 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 FMMService;FMMService; C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE [2007-12-06 40960]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-09-29 266343]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-02-16 2402184]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

[motji]

Soubor C:\UsbFix_Upload_Me_LUCKA.zip uploadněte na http://chiquitine.changelog.fr/Sample/Upload.php . Díky

Spustte znovu USBfix, zvolte volbu 6 - odinstaluje se program

Kterou verzi Zone alarmu máte nainstalovanou? Jestli verzi 9, řekla bych že ano, tak ta má nějaké problémy, že zpomaluje náběh systému a vypínání pc. Pokud chcete, můžeme zkusit nainstalovat verzi 8, ta tohle nedělá



Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

 

-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.


start - spustit - napište do okénka
sc delete dwshd

ok


Doporučuji používat jiný prohlížeč než IE, třeba Mozillu nebo Operu.

Nemáte sp3 http://www.viry.cz/forum/viewtopic.php?f=46&t=86100


start-spustit - napište chkdsk /f/r
-[enter]
souhlas - restartuje se pc a nechá se disk zkontrolovat

defragmentace disku
- start - ovládací panely - nástroje pro správu - správa počítače - defragmentace disku

-- můžete použít i jiný nástroj na defragmentaci, ten ve windows není nic moc

Za sebe můžu doporučit JK defrag, který se neinstaluje
http://www.stahuj.centrum.cz/utility_a_ ... g[oz]=3.36


jak to vypadá s počítačem? Nezaznamenala jste nějaké utoky na firewall nebo pokusy nějakého neznámého programu dostat se na internet?

[lusi86]

ZA mam verziu 8. PC sa mi vypinal pomaly, lebo mi nahodilo, ze program EventWnd sa ukoncuje a neukoncil sa, tak som dala end now a potom to dlho trvalo, kym sa vypol. pouzivam prehliadac google chrome, internet explorer nepouzivam vobec. o chvilu budem mat stiahnuty sp3. mozem kontrolu a defragmentaciu spravit neskor? musim sa este ucit na pc, lebo zajtra mam pisomku z jedneho statistickeho programu a prakticku cast robim na pc... neviem posudit, ktore programy su nezname, ked sa chcu dostat na internet, nerozoznam to... davam povolit len tie, ktore pouzivam a poznam, vcera som zaznamenala nejaky utoky na firewall ZA z nejakej IP adresy, ale dnes uz nie.

[lusi86]

USB kluce uz mozem odpojit? ci az po tej kontrole?

[motji]

USB klíče můžete odpojit

Ty kontroly a sp3 provedte, až budete mít čas , škola je přednější. Pak se ozvěte, jak to vypadá.

[lusi86]

SP3 - chyba instalacneho programu aktualizacie SP3
Instalacny program nemoze aktualizovat subory sytemu Windows XP, pretoze jeho jazykova verzia je ina ako jazykova verzia aktualizacie.

[motji]

Stahla jste si asi špatný sp. Stahla jste si ho v rámci aktualizace windows, nebo někde z netu?

[lusi86]

chkdsk /f/r

The type of a file system is NTFS.
Cannot lock current drive.
Chkdsk cannot run because the volume is in use by another
process. Would you like to schedule this volume to be
checked the next time the system restarts? (Y/N)

[lusi86]

stiahla som sp3 z tej stranky, co ste mi doporucili.