Preventivní kontrola logu

[lastsaves]

Zatím nic nepozoruji, dám vědět po nějaké době provozu.
Zatím velmi děkuji za pomoc.

[motji]

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[lastsaves]

Omlouvám se za prodlevu v reakci, nečekal jsem ještě další instrukce
Vše jsem provedl dle instrukcí, log bude níže.
Ccleaner používám pravidelně, odinstalovávám Revo Uninstallerem.
Počítač je zdá se mi svižnější, žádné problémy zatím nepozoruji.
Chci se ještě zeptat:
1) Mám znovu spustit T-Cleaner a/nebo OTC, abych odinstaloval RSIT?
2) Rád bych naistaloval CleanMem (http://www.pcwintech.com/cleanmem), ale nejsem si jistý, jestli ten Memsweep2, který jsme odstraňovali nepřišel od něj.
3) Po zásahu Combofixu mi dělají problémy Deamon Tools 4.40.1. Zdvojují se mi virtuální jednoty (netvoří se jedna, ale dvě zároveň) a připojené image se připojují k oběma zároveň. Může to mít nějakou souvislost nebo je to bug DT?

Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2011-01-16 19:38:41
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 20 GB (68%) free of 30 GB
Total RAM: 1023 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:38:50, on 16.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
E:\Apps\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe
C:\Program Files\Java\jre6\bin\jqs.exe
E:\Apps\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Secunia PSI\PSIA.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\VolumeTouch\VolumeTouch.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
E:\Apps\Taskbar Shuffle\taskbarshuffle.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
E:\Apps\Skype\Phone\Skype.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\Apps\Grindstone 2\Grindstone 2.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\VIA\RAID\vialogsv.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
E:\Apps\Evernote\EvernoteClipper.exe
E:\Apps\Crystal Disk Info\DiskInfo.exe
C:\Program Files\Secunia PSI\psi_tray.exe
E:\Apps\4t Tray Minimizer\4t-min.exe
N:\_SOFTWARE_\esmska-0.20.0\jre\launch4j-tmp\esmska-portable.exe
N:\_SOFTWARE_\EssentialPIM Pro\EssentialPIM.exe
N:\_SOFTWARE_\Miranda IM\miranda32.exe
N:\_SOFTWARE_\EssentialPIM Pro\EssentialPIM.exe
C:\WINDOWS\system32\wuauclt.exe
E:\Apps\NetWorx\networx.exe
N:\_SOFTWARE_\PhraseExpress\phraseexpress.exe
E:\Apps\TrayIt\TrayIt!.exe
E:\Apps\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Secunia PSI\sua.exe
C:\Documents and Settings\user\Plocha\RSIT.exe
C:\Program Files\trend micro\user.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Apps\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Apps\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Apps\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [Nitro PDF Printer Monitor] "E:\Apps\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "E:\Apps\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VolumeTouch] "C:\Program Files\VolumeTouch\VolumeTouch.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Taskbar Shuffle] E:\Apps\Taskbar Shuffle\taskbarshuffle.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [CrystalDiskInfo] "E:\Apps\Crystal Disk Info\DiskInfo.exe" /Startup
O4 - HKCU\..\Run: [Skype] "E:\Apps\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Grindstone 2] "e:\Apps\Grindstone 2\Grindstone 2.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: 4t Tray Minimizer.lnk = E:\Apps\4t Tray Minimizer\4t-min.exe
O4 - Startup: Crystal Disk Info.lnk = E:\Apps\Crystal Disk Info\DiskInfo.exe
O4 - Startup: Esmska.lnk = N:\_SOFTWARE_\esmska-0.20.0\esmska-portable.exe
O4 - Startup: EssentialPIM.lnk = N:\_SOFTWARE_\EssentialPIM Pro\EssentialPIM.exe
O4 - Startup: Miranda.lnk = N:\_SOFTWARE_\Miranda IM\miranda32.exe
O4 - Startup: NetWorx.lnk = E:\Apps\NetWorx\networx.exe
O4 - Startup: Phrase Express.lnk = N:\_SOFTWARE_\PhraseExpress\phraseexpress.exe
O4 - Startup: TrayIt!.lnk = E:\Apps\TrayIt\TrayIt!.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Evernote Clipper.lnk = ?
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia PSI\psi_tray.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://E:\Apps\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Convert link target to Adobe PDF - res://E:\Apps\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://E:\Apps\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://E:\Apps\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://E:\Apps\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://E:\Apps\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://E:\Apps\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://E:\Apps\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://E:\Apps\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://E:\Apps\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Apps\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @E:\Apps\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://E:\Apps\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @E:\Apps\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://E:\Apps\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9836744640
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia PSI\sua.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

--
End of file - 11112 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - E:\Apps\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - E:\Apps\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - E:\Apps\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-11-15 2216960]
"WD Drive Manager"=C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [2008-07-24 450560]
"Nitro PDF Printer Monitor"=E:\Apps\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe [2009-05-27 209216]
"Acrobat Assistant 7.0"=E:\Apps\Adobe Acrobat 7.0\Distillr\Acrotray.exe [2008-04-23 483328]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-01-11 2548040]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"VolumeTouch"=C:\Program Files\VolumeTouch\VolumeTouch.exe [2005-07-22 184320]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Taskbar Shuffle"=E:\Apps\Taskbar Shuffle\taskbarshuffle.exe [2008-04-17 818176]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-12-01 3318784]
"CrystalDiskInfo"=E:\Apps\Crystal Disk Info\DiskInfo.exe [2010-11-07 998872]
"Skype"=E:\Apps\Skype\Phone\Skype.exe [2010-12-03 14944136]
"Grindstone 2"=e:\Apps\Grindstone 2\Grindstone 2.exe [2011-01-03 1447424]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-05 1305408]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
Evernote Clipper.lnk - C:\WINDOWS\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico
Secunia PSI Tray.lnk - C:\Program Files\Secunia PSI\psi_tray.exe

C:\Documents and Settings\user\Nabídka Start\Programy\Po spuštění
4t Tray Minimizer.lnk - E:\Apps\4t Tray Minimizer\4t-min.exe
Crystal Disk Info.lnk - E:\Apps\Crystal Disk Info\DiskInfo.exe
Esmska.lnk - N:\_SOFTWARE_\esmska-0.20.0\esmska-portable.exe
EssentialPIM.lnk - N:\_SOFTWARE_\EssentialPIM Pro\EssentialPIM.exe
Miranda.lnk - N:\_SOFTWARE_\Miranda IM\miranda32.exe
NetWorx.lnk - E:\Apps\NetWorx\networx.exe
Phrase Express.lnk - N:\_SOFTWARE_\PhraseExpress\phraseexpress.exe
TrayIt!.lnk - E:\Apps\TrayIt\TrayIt!.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"K:\uTorrent\utorrent.exe"="K:\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"E:\Apps\Skype\Plugin Manager\skypePM.exe"="E:\Apps\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\Apps\Skype\Phone\Skype.exe"="E:\Apps\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.js - edit -
.js - open - "E:\Apps\Subtitle Workshop\subtitleworkshop.exe" /OPEN("%1")

======List of files/folders created in the last 1 months======

2011-01-16 19:38:42 ----D---- C:\Program Files\trend micro
2011-01-16 19:38:41 ----D---- C:\rsit
2011-01-16 19:22:06 ----SHD---- C:\RECYCLER
2011-01-15 15:44:32 ----D---- C:\Documents and Settings\user\Data aplikací\avidemux
2011-01-15 11:36:28 ----D---- C:\Documents and Settings\user\Data aplikací\WebStripper
2011-01-13 10:20:16 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2011-01-13 09:44:06 ----D---- C:\Documents and Settings\user\Data aplikací\Winamp
2011-01-13 09:30:28 ----D---- C:\Program Files\DAEMON Tools Lite
2011-01-12 13:25:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-07 15:16:30 ----D---- C:\Program Files\Evernote
2011-01-04 10:07:06 ----D---- C:\Documents and Settings\user\Data aplikací\Avira
2011-01-04 10:04:40 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2011-01-04 10:04:35 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2011-01-04 10:04:35 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
2011-01-04 10:04:35 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2011-01-04 10:04:35 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
2011-01-04 10:04:33 ----D---- C:\Program Files\Avira
2011-01-04 10:04:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2011-01-02 23:31:56 ----A---- C:\Boot.bak
2011-01-02 23:31:51 ----RASHD---- C:\cmdcons
2010-12-30 16:49:19 ----D---- C:\Documents and Settings\user\Data aplikací\4t Niagara Software
2010-12-30 10:09:14 ----D---- C:\Documents and Settings\user\Data aplikací\Grindstone 2
2010-12-29 17:57:30 ----D---- C:\WINDOWS\SxsCaPendDel
2010-12-29 08:42:59 ----D---- C:\Apps
2010-12-27 11:09:37 ----D---- C:\Program Files\Common Files\Skype
2010-12-22 11:11:47 ----D---- C:\Program Files\Secunia PSI
2010-12-19 13:42:43 ----A---- C:\WINDOWS\_delis32.ini

======List of files/folders modified in the last 1 months======

2011-01-16 19:38:49 ----D---- C:\WINDOWS\Prefetch
2011-01-16 19:38:42 ----RD---- C:\Program Files
2011-01-16 19:32:24 ----D---- C:\Documents and Settings\user\Data aplikací\Skype
2011-01-16 19:31:33 ----D---- C:\Documents and Settings\user\Data aplikací\skypePM
2011-01-16 19:31:11 ----D---- C:\WINDOWS\Temp
2011-01-16 19:31:00 ----D---- C:\WINDOWS
2011-01-16 19:29:44 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-16 19:28:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-16 19:28:03 ----A---- C:\WINDOWS\config6.ini
2011-01-16 19:22:11 ----D---- C:\Documents and Settings\user\Data aplikací\Media Player Classic
2011-01-16 19:22:07 ----D---- C:\WINDOWS\Debug
2011-01-16 19:20:44 ----D---- C:\WINDOWS\Minidump
2011-01-16 19:20:44 ----D---- C:\WINDOWS\Internet Logs
2011-01-16 19:05:26 ----SHD---- C:\System Volume Information
2011-01-16 16:53:47 ----A---- C:\WINDOWS\cdplayer.ini
2011-01-15 20:26:03 ----A---- C:\WINDOWS\NeroDigital.ini
2011-01-15 19:51:50 ----D---- C:\Zotero
2011-01-14 10:50:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-01-13 19:02:48 ----D---- C:\Documents and Settings\user\Data aplikací\dvdcss
2011-01-13 16:55:51 ----D---- C:\WINDOWS\system32
2011-01-13 16:55:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-13 10:20:59 ----HD---- C:\WINDOWS\inf
2011-01-13 10:20:49 ----D---- C:\WINDOWS\system32\drivers
2011-01-13 10:20:17 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-01-13 10:18:08 ----D---- C:\Documents and Settings\user\Data aplikací\Spyware Terminator
2011-01-13 00:47:21 ----D---- C:\Documents and Settings\user\Data aplikací\uTorrent
2011-01-12 13:25:41 ----A---- C:\WINDOWS\system32\MRT.exe
2011-01-12 13:25:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-12 13:20:12 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-12 09:50:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\COMODO
2011-01-12 09:35:56 ----A---- C:\WINDOWS\system.ini
2011-01-12 09:35:01 ----D---- C:\WINDOWS\system32\drivers\etc
2011-01-12 09:33:13 ----D---- C:\WINDOWS\system32\config
2011-01-12 09:30:46 ----D---- C:\WINDOWS\AppPatch
2011-01-12 09:30:42 ----D---- C:\Program Files\Common Files
2011-01-11 19:48:20 ----A---- C:\WINDOWS\system32\guard32.dll
2011-01-07 15:16:31 ----SHD---- C:\WINDOWS\Installer
2011-01-04 11:43:43 ----D---- C:\WINDOWS\system32\NtmsData
2011-01-04 10:18:59 ----D---- C:\WINDOWS\repair
2011-01-04 10:18:50 ----D---- C:\WINDOWS\Registration
2011-01-04 10:03:34 ----D---- C:\WINDOWS\WinSxS
2011-01-02 23:31:56 ----RASH---- C:\boot.ini
2011-01-01 20:50:34 ----A---- C:\WINDOWS\VACCA.INI
2011-01-01 11:41:02 ----A---- C:\WINDOWS\seRapid.INI
2010-12-31 09:53:38 ----D---- C:\Program Files\Common Files\Adobe
2010-12-30 16:34:26 ----RSD---- C:\WINDOWS\assembly
2010-12-29 23:19:01 ----SD---- C:\WINDOWS\Tasks
2010-12-29 18:17:02 ----D---- C:\WINDOWS\Microsoft.NET
2010-12-27 11:09:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-12-26 17:16:44 ----D---- C:\Documents and Settings\user\Data aplikací\DeskSoft
2010-12-26 16:18:09 ----D---- C:\Program Files\Spyware Terminator
2010-12-19 23:07:25 ----A---- C:\WINDOWS\AviSplitter.INI
2010-12-19 12:59:30 ----A---- C:\cleanmem_log.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-01-11 94784]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-01-13 431672]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2008-07-09 117248]
R0 viasraid;viasraid; C:\WINDOWS\system32\DRIVERS\viasraid.sys [2003-11-01 77312]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2011-01-04 135096]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-01-11 239368]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-01-11 27576]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-01-13 218176]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-01-04 61960]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2005-04-12 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2005-04-12 45504]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2003-11-10 174464]
S3 CrystalSysInfo;CrystalSysInfo; \??\E:\Apps\MediaCoder\SysInfo.sys []
S3 dsnpfdMP;dsnpfdMP; C:\WINDOWS\system32\DRIVERS\dsnpfd.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2005-04-12 22240]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2005-04-12 17632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-01-04 267944]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336]
R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-19 148744]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-01-11 1771288]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2009-04-08 1377536]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files\Secunia PSI\PSIA.exe [2010-12-21 987704]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files\Secunia PSI\sua.exe [2010-12-21 399416]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-11-15 496128]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2008-09-24 52888]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2008-07-24 102400]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-11-05 69632]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-12-12 537896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-02-26 652800]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Rsit si můžete odinstalovat i přes Revo, tedy HJT a složku Rsitu smazat, nebo si ho nechte na další kontrolu zde .

Ten Cleanmem sice nenzám, ale klidně si ho nainstalujte. Nevěděla jsem, k čemu ten driver patřil, může to být šmejd, ale nemusí, proto jsem ho smazala.

U daemonu - to zavinil combofix. Zkuste ho přeinstalovat

[lastsaves]

Ozývám se znovu po nějaké době provozu.
Deamon Tools jsem přenstaloval, už šlapou normálně.
Co se týče lagování při psaní, vypnutí rezidentního štítu ST nepomohlo.
Ale teď se mi stalo, že psaní lagovalo i na noteooku (kde by se to dít nemělo).
Nemůže to být způsobeno něčím jiným (napadá mě Firefox 3.6, ve kterém má na obou počítačích stejné addony a to relativně hodně).
Nebo je to prostě příliš starou instalací WinXP, která (i přes údržbu Ccleanerem a používání Revo Uninstaleru) potřebuje reinstall?

[motji]

Nevím čím to je, ale zrovna dnes mi to dělá taky . Když Vám to bude lagovat, zkuste jiný prohlížeč, jestli je to stejné . Já používám Mozillu, možná je to fakt v ní. Instalaci xp mám novou