Dobrý večer,
prosím o preventivní kontrolu logu, avast nic nenašel, ale stejně se mi PC zdá trochu pomalejší.
Předem děkuji za Váš čas a ochotu.
Logfile of random's system information tool 1.07 (written by random/random)
Run by topfun at 2010-08-02 19:56:05
Microsoft Windows XP Professional Service Pack 2, v.2096
System drive C: has 4 GB (27%) free of 13 GB
Total RAM: 1279 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:56:12, on 2.8.2010
Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe
C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\topfun\Desktop\download\RSIT.exe
C:\Program Files\trend micro\topfun.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2542115
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: TP-LINK Wireless Utility.lnk = C:\Program Files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe
O4 - Global Startup: Wireless Connection Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 6697 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\system32\msdxm.ocx [2004-04-08 843802]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-05-02 4640768]
"nwiz"=nwiz.exe /install []
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"= []
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-21 37888]
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"SpywareTerminator"=C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe [2010-06-28 2176512]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NVMCTRAY.DLL [2003-05-02 49152]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-04-08 14336]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-06-28 3037696]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
TP-LINK Wireless Utility.lnk - C:\Program Files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe
Wireless Connection Manager.lnk - C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ip6fw]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xmlprov]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:Remote Assistance"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpotbx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpotbx08.exe:*:Enabled:hpotbx08.exe"
"C:\Program Files\HP\Digital Imaging\\unload\hpqphunl.exe"="C:\Program Files\HP\Digital Imaging\\unload\hpqphunl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\\unload\hpqdia.exe"="C:\Program Files\HP\Digital Imaging\\unload\hpqdia.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:Remote Assistance"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e762cac-33bc-11de-be4b-806d6172696f}]
shell\AutoRun\command - I:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1690e39b-739a-11df-b268-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL http://www.garmin.com/agent
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a16194c-6943-11de-b0ca-806d6172696f}]
shell\AutoRun\command - E:\LaunchU3.exe -a
======List of files/folders created in the last 1 months======
2010-08-02 19:56:05 ----D---- C:\rsit
2010-07-27 11:27:50 ----D---- C:\Program Files\CCleaner
2010-07-26 18:51:14 ----D---- C:\Documents and Settings\topfun\Application Data\HpUpdate
2010-07-26 18:49:03 ----D---- C:\WINDOWS\Hewlett-Packard
2010-07-13 22:50:49 ----A---- C:\WINDOWS\RTacDbg.txt
2010-07-13 22:49:49 ----D---- C:\WINDOWS\system32\TP-LINK Wireless Adapter Driver and Utility
2010-07-13 22:49:49 ----D---- C:\Program Files\TP-LINK
======List of files/folders modified in the last 1 months======
2010-08-02 19:56:12 ----D---- C:\Program Files\Trend Micro
2010-08-02 19:55:59 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-02 19:53:02 ----D---- C:\WINDOWS\Prefetch
2010-08-02 19:52:44 ----D---- C:\WINDOWS\Temp
2010-08-02 19:44:45 ----AD---- C:\WINDOWS
2010-08-02 19:09:20 ----A---- C:\WINDOWS\wincmd.ini
2010-08-02 11:57:11 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2010-08-02 08:47:17 ----D---- C:\Program Files\Spyware Terminator
2010-08-02 08:41:26 ----D---- C:\Documents and Settings\topfun\Application Data\Spyware Terminator
2010-08-02 02:47:43 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-01 21:41:19 ----D---- C:\Documents and Settings\topfun\Application Data\dvdcss
2010-07-29 11:43:12 ----D---- C:\WINDOWS\system32
2010-07-29 11:43:12 ----D---- C:\Program Files\Mozilla Firefox
2010-07-29 00:15:32 ----D---- C:\Documents and Settings\topfun\Application Data\Skype
2010-07-29 00:05:47 ----D---- C:\Documents and Settings\topfun\Application Data\skypePM
2010-07-28 20:31:15 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-07-28 00:34:47 ----D---- C:\Documents and Settings\topfun\Application Data\HPAppData
2010-07-27 23:45:56 ----D---- C:\Documents and Settings\topfun\Application Data\U3
2010-07-27 11:37:32 ----RD---- C:\Program Files
2010-07-27 11:35:31 ----SHD---- C:\WINDOWS\Installer
2010-07-27 11:35:31 ----HD---- C:\Config.Msi
2010-07-27 11:35:29 ----RSD---- C:\WINDOWS\Fonts
2010-07-27 11:32:56 ----D---- C:\WINDOWS\Minidump
2010-07-27 11:32:56 ----D---- C:\WINDOWS\Debug
2010-07-13 22:50:35 ----D---- C:\WINDOWS\system32\drivers
2010-07-13 22:50:34 ----HD---- C:\WINDOWS\inf
2010-07-13 22:49:48 ----HD---- C:\Program Files\InstallShield Installation Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-04-08 35072]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2001-08-10 3252]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-06-30 21419]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 EAPPkt;Realtek EAPPkt Protocol; C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2006-11-15 38144]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-06-19 752764]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-04-24 41984]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-04-08 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-03-12 1893728]
R3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\rtl8185.sys [2007-07-18 306688]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-04-08 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-04-08 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-04-08 20480]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2002-11-13 10496]
S3 AVerBDA3x;AVerMedia SAA713x BDA Service; C:\WINDOWS\system32\DRIVERS\AVerBDA3x.sys [2006-12-14 1171456]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-03-12 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\H:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-03-12 15360]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-03-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-03-12 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-03-12 10752]
S3 NTACCESS;NTACCESS; \??\H:\NTACCESS.sys []
S3 RT73;D-Link DWA-111 Wireless G USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-09-07 347776]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\H:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-03-12 11264]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-03-12 15360]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-03-12 59392]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-04-08 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-03-12 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-03-12 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-03-12 26624]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2002-10-24 6912]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-03-12 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2004-04-08 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-04-08 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-04-08 14336]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-06-28 488960]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-04-08 14336]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2003-05-02 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-20 32768]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka
Zdravim a pekne rano preji 
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy
Odinstalujte Spybot - Search & Destroy je v konfliktu s SpywareTerminatorem - jeden antispyware staci - navic Spybot ma uz nejlepsi leta za sebou a cca posledni 3 roky neni schopen celit aktualnim hrozbam. Terminator je dobra volba 
U SpywareTerminatora vypnete rezidentni stit - je v konfliktu s Avastem. Terminatora nechte zcela vypleho a pouzivejte jej jen na obcasny rucni sken. Jinak navod na Terminatora mate zde http://www.viry.cz/forum/viewtopic.php?f=29&t=44730
Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)
Stahnete OTM (viz muj podpis)
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy Odinstalujte Spybot - Search & Destroy je v konfliktu s SpywareTerminatorem - jeden antispyware staci - navic Spybot ma uz nejlepsi leta za sebou a cca posledni 3 roky neni schopen celit aktualnim hrozbam. Terminator je dobra volba U SpywareTerminatora vypnete rezidentni stit - je v konfliktu s Avastem. Terminatora nechte zcela vypleho a pouzivejte jej jen na obcasny rucni sken. Jinak navod na Terminatora mate zde http://www.viry.cz/forum/viewtopic.php?f=29&t=44730 Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)
- Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
- Spustte a kliknete na Deletion
- Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt
Stahnete OTM (viz muj podpis)
- Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
- Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize
Kód: Vybrat vše
:reg [HKCU\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.seznam.cz/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-21 37888] "NeroCheck"=- "hpqSRMon"=- "Adobe Reader Speed Launcher"=- "SpywareTerminator"=- "KernelFaultCheck"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpywareTerminatorUpdate"=- :files C:\WINDOWS\system32\*.tmp.dll /s C:\WINDOWS\system32\SET*.tmp /s C:\WINDOWS\*.tmp /s :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [CLEARALLRESTOREPOINTS]- Kliknete na cervene tlacitko MoveIt!
- Sem pote dejte obsah okna Results (pod zelenou carou)
- Pokud budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
Dobrý večer,
konečně jsem si udělal čas, abych postupoval dle vašich instrukcí....přikládám log z USB FIxu:
############################## | UsbFix V6.059 |
User : topfun (Administrators) # TFCOMP
Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 23:38:13 | 3.8.2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Athlon(tm) XP 2500+
Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 2, v.2096
Internet Explorer 6.0.2900.2096
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1368 [VPS 100803-1] 4.8.1368 [ Enabled | Updated ]
A:\ -> 3 1/2 Inch Floppy Drive
C:\ -> Local Fixed Disk # 12,69 Go (3,5 Go free) # NTFS
D:\ -> Local Fixed Disk # 26,35 Go (8,82 Go free) [JIRKO1] # FAT32
E:\ -> Removable Disk # 3,77 Go (469,14 Mo free) [CORSAIR] # FAT32
F:\ -> Local Fixed Disk # 37,26 Go (22,06 Go free) [JIRKO2] # FAT32
G:\ -> CD-ROM Disc # 0 Mo (0 Mo free) [Audio CD] # CDFS
H:\ -> CD-ROM Disc
J:\ -> CD-ROM Disc # 5,45 Mo (0 Mo free) [U3 System] # CDFS
K:\ -> Removable Disk # 1,91 Go (172,31 Mo free) # FAT
############################## | Active processes |
C:\WINDOWS\System32\smss.exe 712
C:\WINDOWS\system32\csrss.exe 784
C:\WINDOWS\system32\winlogon.exe 808
C:\WINDOWS\system32\services.exe 852
C:\WINDOWS\system32\lsass.exe 864
C:\WINDOWS\system32\svchost.exe 1024
C:\WINDOWS\system32\svchost.exe 1056
C:\WINDOWS\System32\svchost.exe 1096
C:\WINDOWS\system32\svchost.exe 1164
C:\WINDOWS\system32\svchost.exe 1348
C:\WINDOWS\Explorer.EXE 1600
C:\WINDOWS\system32\ctfmon.exe 1636
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1696
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1748
C:\WINDOWS\system32\spoolsv.exe 248
C:\WINDOWS\system32\svchost.exe 444
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 464
C:\WINDOWS\System32\svchost.exe 504
C:\WINDOWS\System32\svchost.exe 564
C:\Program Files\Spyware Terminator\sp_rsser.exe 648
C:\WINDOWS\system32\svchost.exe 776
C:\WINDOWS\system32\wdfmgr.exe 124
C:\WINDOWS\system32\wuauclt.exe 1588
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 1968
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 560
C:\WINDOWS\system32\wbem\wmiprvse.exe 576
################## | Files # Infected Folders |
Not deleted ! J:\autorun.inf
################## | Spyware.OnlineGames |
Deleted ! C:\System Volume Information\_restore{20376D46-00C2-4709-9C48-6E6F2EDBD0BC}\RP245\A0044885.cmd
Deleted ! C:\System Volume Information\_restore{20376D46-00C2-4709-9C48-6E6F2EDBD0BC}\RP245\A0044885.cmd
Deleted ! C:\System Volume Information\_restore{20376D46-00C2-4709-9C48-6E6F2EDBD0BC}\RP245\A0044885.cmd
Deleted ! C:\System Volume Information\_restore{20376D46-00C2-4709-9C48-6E6F2EDBD0BC}\RP245\A0044885.cmd
################## | Registry # Infected Keys |
################## | Registry # Mountpoints2 |
Deleted ! HKCU\...\Explorer\MountPoints2\{0e762cac-33bc-11de-be4b-806d6172696f}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1690e39b-739a-11df-b268-806d6172696f}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{7a16194c-6943-11de-b0ca-806d6172696f}\Shell\AutoRun\Command
################## | Listing of the present files |
[27.04.2009 22:46|--a------|0] C:\AUTOEXEC.BAT
[27.04.2009 22:36|---hs----|194] C:\boot.ini
[27.04.2009 22:46|--a------|0] C:\CONFIG.SYS
[?|?|?] C:\hiberfil.sys
[27.04.2009 22:46|-rahs----|0] C:\IO.SYS
[27.04.2009 22:46|-rahs----|0] C:\MSDOS.SYS
[08.04.2004 23:53|-rahs----|47564] C:\NTDETECT.COM
[08.04.2004 23:53|-rahs----|247984] C:\ntldr
[?|?|?] C:\pagefile.sys
[03.08.2010 23:40|--a------|3583] C:\UsbFix.txt
[27.07.2006 18:04|--a------|44032] D:\pocitanie vydavkov2.xls
[25.07.2006 23:27|--a------|30208] D:\pocitanie vydavkov.xls
[17.06.2010 14:43|--a------|11614518] E:\K05.jpg
[26.06.2010 11:41|--a------|181453776] E:\The.IT.Crowd.S04E01.WS.PDTV.XviD-RiVER.[VTV].avi
[04.07.2010 08:18|--a------|181768642] E:\The.IT.Crowd.S04E02.WS.PDTV.XviD-RiVER.[VTV].avi
[09.03.2010 21:08|--a------|6061056] E:\LA_CALESITA_TEMATICA+AVIACION_SEGUNDA_GUERRA-22-7-09-.pps
[07.11.2008 05:03|--a------|285057] F:\Mzdy_2008_CZATCA%20.pdf
[23.07.2009 11:18|--a------|44150272] F:\ps c02_09_DPLR_005 v-1_0.doc
[14.03.2010 12:26|--a------|4294967295] F:\U2 - Image.nrg
[14.03.2010 13:21|--a------|209727645] F:\U2 - Image.nrg.001
[20.03.2010 20:34|--a------|793762094] F:\He sings the blues 1 - Image.nrg
[20.03.2010 21:06|--a------|730283918] F:\He sings the blues 2 - Image.nrg
[15.02.2010 07:31|--a------|20480] F:\¬estn‚ prohl çenˇ.doc
[21.03.2010 13:32|--a------|5539840] F:\doc1.doc
[12.03.2010 22:14|--a------|367434956] F:\The.Mentalist.S02E16.avi
[13.03.2010 11:07|--a------|53276] F:\The.Mentalist.S02E16.srt
[18.03.2010 08:39|--a------|79872] F:\zhodnocenˇ věcviku.doc
[13.07.2010 16:14|--a------|76718713] F:\MVI_2680.MOV
[01.01.1995 02:00|-r-------|44] G:\Track01.cda
[01.01.1995 02:03|-r-------|44] G:\Track02.cda
[01.01.1995 02:08|-r-------|44] G:\Track03.cda
[01.01.1995 02:11|-r-------|44] G:\Track04.cda
[01.01.1995 02:15|-r-------|44] G:\Track05.cda
[01.01.1995 02:19|-r-------|44] G:\Track06.cda
[01.01.1995 02:23|-r-------|44] G:\Track07.cda
[01.01.1995 02:27|-r-------|44] G:\Track08.cda
[01.01.1995 02:30|-r-------|44] G:\Track09.cda
[01.01.1995 02:34|-r-------|44] G:\Track10.cda
[01.01.1995 02:37|-r-------|44] G:\Track11.cda
[01.01.1995 02:41|-r-------|44] G:\Track12.cda
[01.01.1995 02:45|-r-------|44] G:\Track13.cda
[01.01.1995 02:48|-r-------|44] G:\Track14.cda
[11.12.2006 22:03|-r-------|277] J:\autorun.inf
[07.12.2006 20:45|-r-------|1095224] J:\LaunchU3.exe
[11.12.2006 22:26|-r-------|4557609] J:\LaunchPad.zip
[29.09.2009 12:07|--a------|2764] K:\BOOTEX.LOG
[07.12.2006 20:45|-ra------|1095224] K:\LaunchU3.exe
[21.02.2010 14:47|--a------|5319680] K:\15-AN 225 Mria.pps
################## | Vaccination |
# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.
# E:\autorun.inf -> Folder created by UsbFix.
# F:\autorun.inf -> Folder created by UsbFix.
# K:\autorun.inf -> Folder created by UsbFix.
################## | Cracks / Keygens / Serials |
################## | Upload |
Please send the file : C:\DOCUME~1\topfun\Desktop\UsbFix_Upload_Me_TFCOMP.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .
################## | ! End of report # UsbFix V6.059 ! |
konečně jsem si udělal čas, abych postupoval dle vašich instrukcí....přikládám log z USB FIxu:
############################## | UsbFix V6.059 |
User : topfun (Administrators) # TFCOMP
Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 23:38:13 | 3.8.2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Athlon(tm) XP 2500+
Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 2, v.2096
Internet Explorer 6.0.2900.2096
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1368 [VPS 100803-1] 4.8.1368 [ Enabled | Updated ]
A:\ -> 3 1/2 Inch Floppy Drive
C:\ -> Local Fixed Disk # 12,69 Go (3,5 Go free) # NTFS
D:\ -> Local Fixed Disk # 26,35 Go (8,82 Go free) [JIRKO1] # FAT32
E:\ -> Removable Disk # 3,77 Go (469,14 Mo free) [CORSAIR] # FAT32
F:\ -> Local Fixed Disk # 37,26 Go (22,06 Go free) [JIRKO2] # FAT32
G:\ -> CD-ROM Disc # 0 Mo (0 Mo free) [Audio CD] # CDFS
H:\ -> CD-ROM Disc
J:\ -> CD-ROM Disc # 5,45 Mo (0 Mo free) [U3 System] # CDFS
K:\ -> Removable Disk # 1,91 Go (172,31 Mo free) # FAT
############################## | Active processes |
C:\WINDOWS\System32\smss.exe 712
C:\WINDOWS\system32\csrss.exe 784
C:\WINDOWS\system32\winlogon.exe 808
C:\WINDOWS\system32\services.exe 852
C:\WINDOWS\system32\lsass.exe 864
C:\WINDOWS\system32\svchost.exe 1024
C:\WINDOWS\system32\svchost.exe 1056
C:\WINDOWS\System32\svchost.exe 1096
C:\WINDOWS\system32\svchost.exe 1164
C:\WINDOWS\system32\svchost.exe 1348
C:\WINDOWS\Explorer.EXE 1600
C:\WINDOWS\system32\ctfmon.exe 1636
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1696
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1748
C:\WINDOWS\system32\spoolsv.exe 248
C:\WINDOWS\system32\svchost.exe 444
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 464
C:\WINDOWS\System32\svchost.exe 504
C:\WINDOWS\System32\svchost.exe 564
C:\Program Files\Spyware Terminator\sp_rsser.exe 648
C:\WINDOWS\system32\svchost.exe 776
C:\WINDOWS\system32\wdfmgr.exe 124
C:\WINDOWS\system32\wuauclt.exe 1588
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 1968
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 560
C:\WINDOWS\system32\wbem\wmiprvse.exe 576
################## | Files # Infected Folders |
Not deleted ! J:\autorun.inf
################## | Spyware.OnlineGames |
Deleted ! C:\System Volume Information\_restore{20376D46-00C2-4709-9C48-6E6F2EDBD0BC}\RP245\A0044885.cmd
Deleted ! C:\System Volume Information\_restore{20376D46-00C2-4709-9C48-6E6F2EDBD0BC}\RP245\A0044885.cmd
Deleted ! C:\System Volume Information\_restore{20376D46-00C2-4709-9C48-6E6F2EDBD0BC}\RP245\A0044885.cmd
Deleted ! C:\System Volume Information\_restore{20376D46-00C2-4709-9C48-6E6F2EDBD0BC}\RP245\A0044885.cmd
################## | Registry # Infected Keys |
################## | Registry # Mountpoints2 |
Deleted ! HKCU\...\Explorer\MountPoints2\{0e762cac-33bc-11de-be4b-806d6172696f}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{1690e39b-739a-11df-b268-806d6172696f}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{7a16194c-6943-11de-b0ca-806d6172696f}\Shell\AutoRun\Command
################## | Listing of the present files |
[27.04.2009 22:46|--a------|0] C:\AUTOEXEC.BAT
[27.04.2009 22:36|---hs----|194] C:\boot.ini
[27.04.2009 22:46|--a------|0] C:\CONFIG.SYS
[?|?|?] C:\hiberfil.sys
[27.04.2009 22:46|-rahs----|0] C:\IO.SYS
[27.04.2009 22:46|-rahs----|0] C:\MSDOS.SYS
[08.04.2004 23:53|-rahs----|47564] C:\NTDETECT.COM
[08.04.2004 23:53|-rahs----|247984] C:\ntldr
[?|?|?] C:\pagefile.sys
[03.08.2010 23:40|--a------|3583] C:\UsbFix.txt
[27.07.2006 18:04|--a------|44032] D:\pocitanie vydavkov2.xls
[25.07.2006 23:27|--a------|30208] D:\pocitanie vydavkov.xls
[17.06.2010 14:43|--a------|11614518] E:\K05.jpg
[26.06.2010 11:41|--a------|181453776] E:\The.IT.Crowd.S04E01.WS.PDTV.XviD-RiVER.[VTV].avi
[04.07.2010 08:18|--a------|181768642] E:\The.IT.Crowd.S04E02.WS.PDTV.XviD-RiVER.[VTV].avi
[09.03.2010 21:08|--a------|6061056] E:\LA_CALESITA_TEMATICA+AVIACION_SEGUNDA_GUERRA-22-7-09-.pps
[07.11.2008 05:03|--a------|285057] F:\Mzdy_2008_CZATCA%20.pdf
[23.07.2009 11:18|--a------|44150272] F:\ps c02_09_DPLR_005 v-1_0.doc
[14.03.2010 12:26|--a------|4294967295] F:\U2 - Image.nrg
[14.03.2010 13:21|--a------|209727645] F:\U2 - Image.nrg.001
[20.03.2010 20:34|--a------|793762094] F:\He sings the blues 1 - Image.nrg
[20.03.2010 21:06|--a------|730283918] F:\He sings the blues 2 - Image.nrg
[15.02.2010 07:31|--a------|20480] F:\¬estn‚ prohl çenˇ.doc
[21.03.2010 13:32|--a------|5539840] F:\doc1.doc
[12.03.2010 22:14|--a------|367434956] F:\The.Mentalist.S02E16.avi
[13.03.2010 11:07|--a------|53276] F:\The.Mentalist.S02E16.srt
[18.03.2010 08:39|--a------|79872] F:\zhodnocenˇ věcviku.doc
[13.07.2010 16:14|--a------|76718713] F:\MVI_2680.MOV
[01.01.1995 02:00|-r-------|44] G:\Track01.cda
[01.01.1995 02:03|-r-------|44] G:\Track02.cda
[01.01.1995 02:08|-r-------|44] G:\Track03.cda
[01.01.1995 02:11|-r-------|44] G:\Track04.cda
[01.01.1995 02:15|-r-------|44] G:\Track05.cda
[01.01.1995 02:19|-r-------|44] G:\Track06.cda
[01.01.1995 02:23|-r-------|44] G:\Track07.cda
[01.01.1995 02:27|-r-------|44] G:\Track08.cda
[01.01.1995 02:30|-r-------|44] G:\Track09.cda
[01.01.1995 02:34|-r-------|44] G:\Track10.cda
[01.01.1995 02:37|-r-------|44] G:\Track11.cda
[01.01.1995 02:41|-r-------|44] G:\Track12.cda
[01.01.1995 02:45|-r-------|44] G:\Track13.cda
[01.01.1995 02:48|-r-------|44] G:\Track14.cda
[11.12.2006 22:03|-r-------|277] J:\autorun.inf
[07.12.2006 20:45|-r-------|1095224] J:\LaunchU3.exe
[11.12.2006 22:26|-r-------|4557609] J:\LaunchPad.zip
[29.09.2009 12:07|--a------|2764] K:\BOOTEX.LOG
[07.12.2006 20:45|-ra------|1095224] K:\LaunchU3.exe
[21.02.2010 14:47|--a------|5319680] K:\15-AN 225 Mria.pps
################## | Vaccination |
# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.
# E:\autorun.inf -> Folder created by UsbFix.
# F:\autorun.inf -> Folder created by UsbFix.
# K:\autorun.inf -> Folder created by UsbFix.
################## | Cracks / Keygens / Serials |
################## | Upload |
Please send the file : C:\DOCUME~1\topfun\Desktop\UsbFix_Upload_Me_TFCOMP.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .
################## | ! End of report # UsbFix V6.059 ! |
Re: Preventivka
a nyní log z OTM:
All processes killed
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"http://www.seznam.cz/" /E : value set successfully!
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\"WinampAgent"|C:\Program Files\Winamp\winampa.exe [2009-04-21 37888] /E :invalid edit format. Invalid data type.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\hpqSRMon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminator deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdate deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET7.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 47448 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: topfun
->Temp folder emptied: 12278762 bytes
->Temporary Internet Files folder emptied: 94401 bytes
->FireFox cache emptied: 77417422 bytes
->Google Chrome cache emptied: 225497363 bytes
->Flash cache emptied: 932 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 125335 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2021242 bytes
Total Files Cleaned = 303,00 mb
Restore points cleared and new OTM Restore Point set!
OTM by OldTimer - Version 3.1.15.0 log created on 08052010_224910
Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_6e4.dat not found!
Registry entries deleted on Reboot...
All processes killed
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"http://www.seznam.cz/" /E : value set successfully!
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\"WinampAgent"|C:\Program Files\Winamp\winampa.exe [2009-04-21 37888] /E :invalid edit format. Invalid data type.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\hpqSRMon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminator deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdate deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET7.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 47448 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: topfun
->Temp folder emptied: 12278762 bytes
->Temporary Internet Files folder emptied: 94401 bytes
->FireFox cache emptied: 77417422 bytes
->Google Chrome cache emptied: 225497363 bytes
->Flash cache emptied: 932 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 125335 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2021242 bytes
Total Files Cleaned = 303,00 mb
Restore points cleared and new OTM Restore Point set!
OTM by OldTimer - Version 3.1.15.0 log created on 08052010_224910
Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_6e4.dat not found!
Registry entries deleted on Reboot...
Re: Preventivka
Fajn, co na skripty PC, jak se chova 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
Zatím jsem nezpozoroval nějaké odlišnosti od normálu, vše běží tak jak by běžet mělo. Je tedy vše v pořádku?
Re: Preventivka
System by mel nabihat mozna o neco rychleji - omezil jsem zbytecnosti spoustene po startu Znovu spusťte Usbfix a zvolte možnost Uninstall. Havet se usadila v bodech obnoveni - smazte je dle navodu kolegy riffa http://www.viry.cz/forum/viewtopic.php?f=11&t=47040 TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaruPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Vlozte novy log ze RSITu"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
splněno, zde je RSIT log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by topfun at 2010-08-06 00:10:44
Microsoft Windows XP Professional Service Pack 2, v.2096
System drive C: has 5 GB (37%) free of 13 GB
Total RAM: 1279 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:10:50, on 6.8.2010
Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe
C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\topfun\Desktop\download\RSIT.exe
C:\Program Files\trend micro\topfun.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: TP-LINK Wireless Utility.lnk = C:\Program Files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe
O4 - Global Startup: Wireless Connection Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 5841 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\system32\msdxm.ocx [2004-04-08 843802]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-05-02 4640768]
"nwiz"=nwiz.exe /install []
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-21 37888]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"SpywareTerminator"=C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe [2010-06-28 2176512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NVMCTRAY.DLL [2003-05-02 49152]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-04-08 14336]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
TP-LINK Wireless Utility.lnk - C:\Program Files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe
Wireless Connection Manager.lnk - C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ip6fw]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xmlprov]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=145
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=145
"NoDriveTypeAutoRun"=145
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:Remote Assistance"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpotbx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpotbx08.exe:*:Enabled:hpotbx08.exe"
"C:\Program Files\HP\Digital Imaging\\unload\hpqphunl.exe"="C:\Program Files\HP\Digital Imaging\\unload\hpqphunl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\\unload\hpqdia.exe"="C:\Program Files\HP\Digital Imaging\\unload\hpqdia.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:Remote Assistance"
======List of files/folders created in the last 1 months======
2010-08-06 00:10:44 ----D---- C:\rsit
2010-08-03 23:40:18 ----RASHD---- C:\autorun.inf
2010-07-27 11:27:50 ----D---- C:\Program Files\CCleaner
2010-07-26 18:51:14 ----D---- C:\Documents and Settings\topfun\Application Data\HpUpdate
2010-07-26 18:49:03 ----D---- C:\WINDOWS\Hewlett-Packard
2010-07-13 22:50:49 ----A---- C:\WINDOWS\RTacDbg.txt
2010-07-13 22:50:18 ----RA---- C:\WINDOWS\system32\drivers\rtl8185.sys
2010-07-13 22:49:49 ----D---- C:\WINDOWS\system32\TP-LINK Wireless Adapter Driver and Utility
2010-07-13 22:49:49 ----D---- C:\Program Files\TP-LINK
2010-07-13 22:49:49 ----A---- C:\WINDOWS\system32\drivers\EAPPkt.sys
======List of files/folders modified in the last 1 months======
2010-08-06 00:10:48 ----D---- C:\Program Files\Trend Micro
2010-08-06 00:10:38 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-06 00:10:34 ----D---- C:\Program Files\Spyware Terminator
2010-08-06 00:06:29 ----AD---- C:\WINDOWS
2010-08-06 00:04:44 ----D---- C:\WINDOWS\Temp
2010-08-06 00:02:01 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-08-05 23:46:07 ----SHD---- C:\System Volume Information
2010-08-05 23:46:07 ----D---- C:\WINDOWS\system32\Restore
2010-08-05 23:40:12 ----D---- C:\UsbFix
2010-08-05 23:02:19 ----A---- C:\WINDOWS\wincmd.ini
2010-08-05 22:55:43 ----D---- C:\WINDOWS\Prefetch
2010-08-05 22:49:16 ----D---- C:\WINDOWS\system32\drivers\etc
2010-08-05 22:49:15 ----D---- C:\WINDOWS\twain_32
2010-08-05 22:49:15 ----D---- C:\WINDOWS\system32
2010-08-05 22:48:25 ----D---- C:\Documents and Settings\topfun\Application Data\Spyware Terminator
2010-08-05 22:39:21 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2010-08-05 20:45:58 ----D---- C:\Documents and Settings\topfun\Application Data\dvdcss
2010-08-03 23:47:26 ----D---- C:\Documents and Settings\topfun\Application Data\HPAppData
2010-08-03 23:40:15 ----SHD---- C:\RECYCLER
2010-08-03 23:32:42 ----D---- C:\Documents and Settings\topfun\Application Data\U3
2010-08-03 23:24:55 ----D---- C:\WINDOWS\Minidump
2010-08-03 23:16:01 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-08-03 23:14:36 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-07-29 11:43:12 ----D---- C:\Program Files\Mozilla Firefox
2010-07-29 00:15:32 ----D---- C:\Documents and Settings\topfun\Application Data\Skype
2010-07-29 00:05:47 ----D---- C:\Documents and Settings\topfun\Application Data\skypePM
2010-07-27 11:37:32 ----RD---- C:\Program Files
2010-07-27 11:35:31 ----SHD---- C:\WINDOWS\Installer
2010-07-27 11:35:31 ----HD---- C:\Config.Msi
2010-07-27 11:35:29 ----RSD---- C:\WINDOWS\Fonts
2010-07-27 11:32:56 ----D---- C:\WINDOWS\Debug
2010-07-13 22:50:35 ----D---- C:\WINDOWS\system32\drivers
2010-07-13 22:50:34 ----HD---- C:\WINDOWS\inf
2010-07-13 22:49:48 ----HD---- C:\Program Files\InstallShield Installation Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2002-12-27 26880]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-04-08 35072]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2001-08-10 3252]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-06-30 21419]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 EAPPkt;Realtek EAPPkt Protocol; C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2006-11-15 38144]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-06-19 752764]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-04-24 41984]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-04-08 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-03-12 1893728]
R3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\rtl8185.sys [2007-07-18 306688]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-04-08 20480]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2002-11-13 10496]
S3 AVerBDA3x;AVerMedia SAA713x BDA Service; C:\WINDOWS\system32\DRIVERS\AVerBDA3x.sys [2006-12-14 1171456]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-03-12 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\H:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-03-12 15360]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-03-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-03-12 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-03-12 10752]
S3 NTACCESS;NTACCESS; \??\H:\NTACCESS.sys []
S3 RT73;D-Link DWA-111 Wireless G USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-09-07 347776]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\H:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-03-12 11264]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-03-12 15360]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-03-12 59392]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-04-08 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-03-12 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-03-12 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-03-12 26624]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2002-10-24 6912]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-03-12 19328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2004-04-08 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-04-08 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-04-08 14336]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-06-28 488960]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-04-08 14336]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2003-05-02 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-20 32768]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by topfun at 2010-08-06 00:10:44
Microsoft Windows XP Professional Service Pack 2, v.2096
System drive C: has 5 GB (37%) free of 13 GB
Total RAM: 1279 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:10:50, on 6.8.2010
Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe
C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\topfun\Desktop\download\RSIT.exe
C:\Program Files\trend micro\topfun.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: TP-LINK Wireless Utility.lnk = C:\Program Files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe
O4 - Global Startup: Wireless Connection Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 5841 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\system32\msdxm.ocx [2004-04-08 843802]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-05-02 4640768]
"nwiz"=nwiz.exe /install []
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-21 37888]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"SpywareTerminator"=C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe [2010-06-28 2176512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NVMCTRAY.DLL [2003-05-02 49152]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-04-08 14336]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
TP-LINK Wireless Utility.lnk - C:\Program Files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe
Wireless Connection Manager.lnk - C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ip6fw]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xmlprov]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=145
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=145
"NoDriveTypeAutoRun"=145
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:Remote Assistance"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpotbx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpotbx08.exe:*:Enabled:hpotbx08.exe"
"C:\Program Files\HP\Digital Imaging\\unload\hpqphunl.exe"="C:\Program Files\HP\Digital Imaging\\unload\hpqphunl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\\unload\hpqdia.exe"="C:\Program Files\HP\Digital Imaging\\unload\hpqdia.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:Remote Assistance"
======List of files/folders created in the last 1 months======
2010-08-06 00:10:44 ----D---- C:\rsit
2010-08-03 23:40:18 ----RASHD---- C:\autorun.inf
2010-07-27 11:27:50 ----D---- C:\Program Files\CCleaner
2010-07-26 18:51:14 ----D---- C:\Documents and Settings\topfun\Application Data\HpUpdate
2010-07-26 18:49:03 ----D---- C:\WINDOWS\Hewlett-Packard
2010-07-13 22:50:49 ----A---- C:\WINDOWS\RTacDbg.txt
2010-07-13 22:50:18 ----RA---- C:\WINDOWS\system32\drivers\rtl8185.sys
2010-07-13 22:49:49 ----D---- C:\WINDOWS\system32\TP-LINK Wireless Adapter Driver and Utility
2010-07-13 22:49:49 ----D---- C:\Program Files\TP-LINK
2010-07-13 22:49:49 ----A---- C:\WINDOWS\system32\drivers\EAPPkt.sys
======List of files/folders modified in the last 1 months======
2010-08-06 00:10:48 ----D---- C:\Program Files\Trend Micro
2010-08-06 00:10:38 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-06 00:10:34 ----D---- C:\Program Files\Spyware Terminator
2010-08-06 00:06:29 ----AD---- C:\WINDOWS
2010-08-06 00:04:44 ----D---- C:\WINDOWS\Temp
2010-08-06 00:02:01 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-08-05 23:46:07 ----SHD---- C:\System Volume Information
2010-08-05 23:46:07 ----D---- C:\WINDOWS\system32\Restore
2010-08-05 23:40:12 ----D---- C:\UsbFix
2010-08-05 23:02:19 ----A---- C:\WINDOWS\wincmd.ini
2010-08-05 22:55:43 ----D---- C:\WINDOWS\Prefetch
2010-08-05 22:49:16 ----D---- C:\WINDOWS\system32\drivers\etc
2010-08-05 22:49:15 ----D---- C:\WINDOWS\twain_32
2010-08-05 22:49:15 ----D---- C:\WINDOWS\system32
2010-08-05 22:48:25 ----D---- C:\Documents and Settings\topfun\Application Data\Spyware Terminator
2010-08-05 22:39:21 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2010-08-05 20:45:58 ----D---- C:\Documents and Settings\topfun\Application Data\dvdcss
2010-08-03 23:47:26 ----D---- C:\Documents and Settings\topfun\Application Data\HPAppData
2010-08-03 23:40:15 ----SHD---- C:\RECYCLER
2010-08-03 23:32:42 ----D---- C:\Documents and Settings\topfun\Application Data\U3
2010-08-03 23:24:55 ----D---- C:\WINDOWS\Minidump
2010-08-03 23:16:01 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-08-03 23:14:36 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-07-29 11:43:12 ----D---- C:\Program Files\Mozilla Firefox
2010-07-29 00:15:32 ----D---- C:\Documents and Settings\topfun\Application Data\Skype
2010-07-29 00:05:47 ----D---- C:\Documents and Settings\topfun\Application Data\skypePM
2010-07-27 11:37:32 ----RD---- C:\Program Files
2010-07-27 11:35:31 ----SHD---- C:\WINDOWS\Installer
2010-07-27 11:35:31 ----HD---- C:\Config.Msi
2010-07-27 11:35:29 ----RSD---- C:\WINDOWS\Fonts
2010-07-27 11:32:56 ----D---- C:\WINDOWS\Debug
2010-07-13 22:50:35 ----D---- C:\WINDOWS\system32\drivers
2010-07-13 22:50:34 ----HD---- C:\WINDOWS\inf
2010-07-13 22:49:48 ----HD---- C:\Program Files\InstallShield Installation Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2002-12-27 26880]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-04-08 35072]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2001-08-10 3252]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-06-30 21419]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 EAPPkt;Realtek EAPPkt Protocol; C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2006-11-15 38144]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-06-19 752764]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-04-24 41984]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-04-08 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-03-12 1893728]
R3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\rtl8185.sys [2007-07-18 306688]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-04-08 20480]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2002-11-13 10496]
S3 AVerBDA3x;AVerMedia SAA713x BDA Service; C:\WINDOWS\system32\DRIVERS\AVerBDA3x.sys [2006-12-14 1171456]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-03-12 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\H:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-03-12 15360]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-03-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-03-12 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-03-12 10752]
S3 NTACCESS;NTACCESS; \??\H:\NTACCESS.sys []
S3 RT73;D-Link DWA-111 Wireless G USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-09-07 347776]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\H:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-03-12 11264]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-03-12 15360]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-03-12 59392]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-04-08 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-03-12 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-03-12 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-03-12 26624]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2002-10-24 6912]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-03-12 19328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2004-04-08 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-04-08 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-04-08 14336]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-06-28 488960]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-04-08 14336]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2003-05-02 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-20 32768]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Re: Preventivka
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy Vypnete rezidentni stit u ST at se nepere s Avastem - ST pouzivejte jen na rucni skenovani Z logu je patrno, ze nemate aktualni verzi Internet Exploreru - aktualizujte jej
- Aktualizaci najdete zde (pod tlacitkem "Ke stazeni") http://www.microsoft.com/cze/windows/internet-explorer/
- Doporucuji vsak pouzivat alternativni prohlizece - vice zde http://www.viry.cz/forum/viewtopic.php?f=19&t=6116
Z logu je patrno, ze nemate aktualni verzi Windows - chybi Vam ServicePack 3 - doinstalujte jej
- Vice info mate zde http://www.viry.cz/forum/viewtopic.php?f=46&t=86100
Z logu je patrno, ze nepouzivate firewall - doporucuji doinstalovat
- k cemu je dobry http://www.viry.cz/forum/viewtopic.php?f=41&t=20980
- prehled osobnich firewallu http://www.viry.cz/forum/viewtopic.php?f=41&t=6523
Otevrete si poznamkovy blok
- Start->spustit->notepad
- Vlozte text nize
Kód: Vybrat vše
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"=- "WinampAgent"=- "SpywareTerminator"=-- Soubor ulozte jako oprava.reg
- Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
- Zavrit notepad a spustit oprava.reg
- Pripadny dotaz na zmenu registru potvrdte
- Okno jen problikne a opravi regsitry - soubor muzete smazat
Jinak log vypada na havet OK "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
Ještě jednou moc děkuji za Vaši ochotu a pomoc, zařídil jsem se dle vašich posledních instrukcí. Po pročištění byl PC o něco rychlejší, než býval Ještě jeden rychlý dotaz....po instalaci firewallu Zone Alarm, se PC dost zpomalil(surfování na internetu) - to bude asi daň za vyšší bezpečnost, že?
Ještě jeden rychlý dotaz....po instalaci firewallu Zone Alarm, se PC dost zpomalil(surfování na internetu) - to bude asi daň za vyšší bezpečnost, že?Re: Preventivka
Spise bych rekl ze se Vam tam dostaly toolbary spolu s ZA...FW by urcite nemel zpomalovat serfovani po netu...Zkuste odinstalovat ty toolbary, PC projet TFC a CCleanerem a pokud to bude stale zpomalene, tak zkuste ZA odinstalovat, restart PC a uvidite...pokud to bude rychle tak vyberte jiny FW - je mozne ze si ZA nesedl s Vasim OS...
Pokud budou problemy, tak se klidne ozvete a kouknem na to...
Pokud budou problemy, tak se klidne ozvete a kouknem na to...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
Odinstaloval jsem ZoneAlarm toolbar, jiné jsem v přidat/odebrat programy nenašel, spustil jsem TFC, CCleaner a internet už šlape normálně
Díky moc !!!
Přeji dobrou noc!
Díky moc !!!
Přeji dobrou noc!
Re: Preventivka
OK, kdyby byly problemy tak se ozvete
Nemate zac, rad jsem pomohl I Vam peknou noc
Zase nekdy
Nemate zac, rad jsem pomohl
I Vam peknou noc Zase nekdy
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
Díky moc, mějte se krásně
Re: Preventivka
Jeste jednou, nemate zac
Vy tez
Vy tez
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?