Gaming harbor - otvírání nežádoucích reklam

[lola3121]

Prosím o pomoc, bohužel jsem si nainstalovala gaming harbor a s tím i velký problém. Jak jsem se zde dočetla, nejsem jediná, proto prosím zkušené o radu, jak se toho zbavit. Program jsem odinstalovala, projela všemi anitiviry i antispamy a okna se otvírají stále. Zkopíruji zde HJT a prosím o radu jak dále postupovat, pokud možno polopaticky, protože nejsem moc zkušený uživatel. Předem děkuji za pomoc.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:02:58, on 22.8.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Sound Volume Hotkeys\SoundVolumeHotkeys.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0205.2\mswinext.exe
C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60341
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.5.900\HPIEAddOn.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.6.3.4500\NPIEAddOn.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.3.5.960\ssd.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0205.2\npwinext.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0205.2\npwinext.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundVolumeHotkeys.{9547D1C7-4F18-4104-8674-046DCD12BDF9}] C:\Program Files\Sound Volume Hotkeys\SoundVolumeHotkeys.exe -a
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0205.2\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O13 - Gopher Prefix:
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7614 bytes

[Reklama]

[pitimir]

Ahoj, nic sa neboj. Tu nemas co pokazit :)

1) Stiahni OTM. Do laveho policka skopiruj:

Kód: Vybrat vše

:files
C:\Program Files\Media Access Startup
C:\Program Files\Internet Saving Optimizer
C:\Program Files\System Search Dispatcher
C:\Program Files\DoubleD
C:\PROGRA~1\Crawler

:commands
[purity]
[emptytemp]
[reboot]

Klik na "Move It". Nasledne sa ti objavi v okne "Result" pokec, ktory sem cely skopiruj.

P.S.: Keby program ziadal restart, potvr ho. Nasledujuci log najdes v "C:\_OTM\MovedFiles\".


2) Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.


3) Stiahni RSIT. Spust, klik na "Continue". Po dokoneceni by se ti mal otvorit textovy subor. Ten skopiruj sem.
Pokial by sa nieco stalo, najdes ho aj na adrese "C:\rsit\log.txt".

[lola3121]

Děkuji za rychlou reakci. Je toho na mě trochu moc, takže se do toho dám postupně. Zatím jsem zvládla bod 1:

All processes killed
Error: Unable to interpret <Kód: Vybrat vše> in the current context!
========== FILES ==========
Folder move failed. C:\Program Files\Media Access Startup\1.5.5.900\FF\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Media Access Startup\1.5.5.900\FF\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Media Access Startup\1.5.5.900\FF\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Media Access Startup\1.5.5.900\FF scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Media Access Startup\1.5.5.900\Data scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Media Access Startup\1.5.5.900 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Media Access Startup scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Internet Saving Optimizer\3.6.3.4500\Data scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Internet Saving Optimizer\3.6.3.4500 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Internet Saving Optimizer scheduled to be moved on reboot.
Folder move failed. C:\Program Files\System Search Dispatcher\1.3.5.960\Data scheduled to be moved on reboot.
Folder move failed. C:\Program Files\System Search Dispatcher\1.3.5.960 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\System Search Dispatcher scheduled to be moved on reboot.
File/Folder C:\Program Files\DoubleD not found.
C:\PROGRA~1\Crawler\Toolbar\WSGData\domains moved successfully.
C:\PROGRA~1\Crawler\Toolbar\WSGData moved successfully.
C:\PROGRA~1\Crawler\Toolbar\Update moved successfully.
C:\PROGRA~1\Crawler\Toolbar\TBR5LanguageAct moved successfully.
C:\PROGRA~1\Crawler\Toolbar\STWSGLanguageAct moved successfully.
C:\PROGRA~1\Crawler\Toolbar\Languages moved successfully.
C:\PROGRA~1\Crawler\Toolbar\firefox\components moved successfully.
C:\PROGRA~1\Crawler\Toolbar\firefox\chrome moved successfully.
C:\PROGRA~1\Crawler\Toolbar\firefox moved successfully.
C:\PROGRA~1\Crawler\Toolbar moved successfully.
C:\PROGRA~1\Crawler\Download moved successfully.
C:\PROGRA~1\Crawler moved successfully.
File/Folder :commands not found.
File/Folder [purity] not found.
File/Folder [emptytemp] not found.
File/Folder [reboot] not found.

OTM by OldTimer - Version 3.0.0.6 log created on 08222009_105758

[pitimir]

Super. Teraz by to uz skakat nemalo, MbAMom sa to docisti a nasledny RSIT by dovoli to cele skontrolovat

[lola3121]

Tak mám menší problém, při provádění bodu 2 (Malwarebytes) mi to našlo 81 nějakých svinstev, dala jsem je odstranit, ale to závěrečné hlášení jsem nějak blbě zkopírovala, respektive vůbec, a teď nevím, jestli to lze ještě někde nalézt

[pitimir]

Ide :)
Znova spustis MbAM, kliknes na "Vypisy" (alebo tak nejak) a tam najdes pozadovany log.

[lola3121]

Tak dvojka je tady:

Malwarebytes' Anti-Malware 1.40
Verze databáze: 2675
Windows 6.0.6001 Service Pack 1

22.8.2009 12:22:21
mbam-log-2009-08-22 (12-22-21).txt

Typ skenu: Úplný sken (C:\|D:\|)
Objektu skenováno: 174135
Uplynulý cas: 1 hour(s), 6 minute(s), 41 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 27
Infikované hodnoty registru: 3
Infikované položky dat registru: 0
Infikované složky: 17
Infikované soubory: 34

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1fb52ab3-5987-45a2-85e0-f3ec30dddc29}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully.

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.5.960 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.5.960\Data (Adware.DoubleD) -> Quarantined and deleted successfully.

Infikované soubory:
C:\Program Files\Media Access Startup\1.5.5.900\HPIEAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.5.960\ssd.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\NPIEAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\adwpx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\NPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\HPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\hppx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\MAHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.5.900\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.5.960\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.5.960\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.5.960\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.5.960\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

[lola3121]

A trojka zde:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Compaq at 2009-08-22 12:46:06
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 196 GB (82%) free of 238 GB
Total RAM: 3002 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:46:24, on 22.8.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Sound Volume Hotkeys\SoundVolumeHotkeys.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0205.2\mswinext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Compaq\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Compaq.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60341
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (file missing)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0205.2\npwinext.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (file missing)
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0205.2\npwinext.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundVolumeHotkeys.{9547D1C7-4F18-4104-8674-046DCD12BDF9}] C:\Program Files\Sound Volume Hotkeys\SoundVolumeHotkeys.exe -a
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0205.2\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O13 - Gopher Prefix:
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7301 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-08-07 138608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar BHO - C:\Program Files\MSN Toolbar\Platform\4.0.0205.2\npwinext.dll [2009-08-09 502624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll []
{8dcb7100-df86-4384-8842-8fa844297b3f} - MSN Toolbar - C:\Program Files\MSN Toolbar\Platform\4.0.0205.2\npwinext.dll [2009-08-09 502624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-07-11 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-07-11 170520]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-07-11 145944]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-04-23 206392]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SoundVolumeHotkeys.{9547D1C7-4F18-4104-8674-046DCD12BDF9}"=C:\Program Files\Sound Volume Hotkeys\SoundVolumeHotkeys.exe [2008-04-12 136704]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-08-20 2171904]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]
"MSN Toolbar"=C:\Program Files\MSN Toolbar\Platform\4.0.0205.2\mswinext.exe [2009-08-09 239456]
"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-07-17 288080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-07-16 25604904]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-08-20 3055616]

C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-07-07 208896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-08-22 12:46:05 ----D---- C:\rsit
2009-08-22 11:13:23 ----D---- C:\Users\Compaq\AppData\Roaming\Malwarebytes
2009-08-22 11:13:10 ----D---- C:\ProgramData\Malwarebytes
2009-08-22 11:13:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-22 10:57:58 ----D---- C:\_OTM
2009-08-22 10:01:17 ----D---- C:\Program Files\Trend Micro
2009-08-21 22:54:02 ----D---- C:\Program Files\CCleaner
2009-08-21 16:40:36 ----D---- C:\Program Files\Microsoft
2009-08-21 16:40:30 ----D---- C:\Program Files\MSN Toolbar
2009-08-21 16:39:19 ----D---- C:\Program Files\Microsoft Silverlight
2009-08-21 16:30:38 ----D---- C:\Program Files\MSN Toolbar Installer
2009-08-21 00:04:23 ----D---- C:\Program Files\WinClamAVShield
2009-08-20 23:29:16 ----DC---- C:\Windows\system32\DRVSTORE
2009-08-20 23:28:33 ----HDC---- C:\ProgramData\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-20 23:28:02 ----D---- C:\ProgramData\Lavasoft
2009-08-20 23:28:02 ----D---- C:\Program Files\Lavasoft
2009-08-20 23:02:58 ----D---- C:\ProgramData\ESET
2009-08-20 23:02:58 ----D---- C:\Program Files\ESET
2009-08-20 18:36:49 ----D---- C:\Program Files\Crawler
2009-08-20 18:36:43 ----D---- C:\Users\Compaq\AppData\Roaming\Spyware Terminator
2009-08-20 18:36:41 ----D---- C:\ProgramData\Spyware Terminator
2009-08-20 18:36:39 ----D---- C:\Program Files\Spyware Terminator
2009-08-20 13:54:09 ----D---- C:\ProgramData\Bluetooth
2009-08-20 13:48:12 ----D---- C:\Program Files\IVT Corporation
2009-08-19 20:39:35 ----D---- C:\Users\Compaq\AppData\Roaming\vlc
2009-08-19 20:37:08 ----D---- C:\Program Files\VideoLAN
2009-08-19 15:02:35 ----D---- C:\Program Files\Sound Volume Hotkeys
2009-08-18 14:29:19 ----D---- C:\ProgramData\Google
2009-08-17 22:51:03 ----D---- C:\Program Files\MRP
2009-08-17 22:51:02 ----D---- C:\ProgramData\BDE
2009-08-17 22:50:48 ----D---- C:\Program Files\Common Files\Borland Shared
2009-08-17 22:48:16 ----D---- C:\MrpWin
2009-08-17 22:23:47 ----D---- C:\MRP
2009-08-15 20:39:03 ----D---- C:\ProgramData\Hewlett-Packard
2009-08-15 20:37:59 ----A---- C:\Windows\system32\hpz3l4v2.dll
2009-08-14 17:03:00 ----D---- C:\Users\Compaq\AppData\Roaming\OpenOffice.org
2009-08-14 17:00:37 ----D---- C:\Program Files\OpenOffice.org 3
2009-08-14 16:09:31 ----D---- C:\ProgramData\Adobe
2009-08-14 16:09:22 ----D---- C:\Program Files\Common Files\Adobe
2009-08-14 16:09:22 ----D---- C:\Program Files\Adobe
2009-08-14 15:47:23 ----D---- C:\Program Files\Mozilla Firefox
2009-08-14 08:45:46 ----A---- C:\Windows\system32\msshooks.dll
2009-08-14 08:45:46 ----A---- C:\Windows\system32\msscb.dll
2009-08-14 08:45:44 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-08-14 08:45:44 ----A---- C:\Windows\system32\propsys.dll
2009-08-14 08:45:44 ----A---- C:\Windows\system32\propdefs.dll
2009-08-14 08:45:44 ----A---- C:\Windows\system32\msstrc.dll
2009-08-14 08:45:44 ----A---- C:\Windows\system32\mssprxy.dll
2009-08-14 08:45:44 ----A---- C:\Windows\system32\mssitlb.dll
2009-08-14 08:45:44 ----A---- C:\Windows\system32\msshsq.dll
2009-08-14 08:45:43 ----A---- C:\Windows\system32\thawbrkr.dll
2009-08-14 08:45:43 ----A---- C:\Windows\system32\srchadmin.dll
2009-08-14 08:45:43 ----A---- C:\Windows\system32\korwbrkr.dll
2009-08-14 08:45:42 ----A---- C:\Windows\system32\wsepno.dll
2009-08-14 08:45:42 ----A---- C:\Windows\system32\rtffilt.dll
2009-08-14 08:45:42 ----A---- C:\Windows\system32\offfilt.dll
2009-08-14 08:45:42 ----A---- C:\Windows\system32\nlhtml.dll
2009-08-14 08:45:42 ----A---- C:\Windows\system32\mimefilt.dll
2009-08-14 08:45:41 ----A---- C:\Windows\system32\xmlfilter.dll
2009-08-14 08:45:41 ----A---- C:\Windows\system32\msscntrs.dll
2009-08-14 08:45:41 ----A---- C:\Windows\system32\chtbrkr.dll
2009-08-14 08:45:41 ----A---- C:\Windows\system32\chsbrkr.dll
2009-08-14 08:45:40 ----A---- C:\Windows\system32\tquery.dll
2009-08-14 08:45:40 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-08-14 08:45:40 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-08-14 08:45:40 ----A---- C:\Windows\system32\mssvp.dll
2009-08-14 08:45:40 ----A---- C:\Windows\system32\mssrch.dll
2009-08-14 08:45:39 ----A---- C:\Windows\system32\mssphtb.dll
2009-08-14 08:45:39 ----A---- C:\Windows\system32\mssph.dll
2009-08-14 08:43:28 ----A---- C:\Windows\system32\tzres.dll
2009-08-14 08:02:56 ----A---- C:\Windows\system32\infocardapi.dll
2009-08-14 08:02:54 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-08-14 08:02:52 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-08-14 08:02:52 ----A---- C:\Windows\system32\icardres.dll
2009-08-14 08:02:52 ----A---- C:\Windows\system32\icardagt.exe
2009-08-14 08:02:47 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-08-14 08:02:40 ----A---- C:\Windows\system32\PresentationHost.exe
2009-08-14 07:52:40 ----A---- C:\Windows\system32\dfshim.dll
2009-08-14 07:52:35 ----A---- C:\Windows\system32\mscoree.dll
2009-08-14 07:52:34 ----A---- C:\Windows\system32\netfxperf.dll
2009-08-14 07:52:13 ----A---- C:\Windows\system32\mscorier.dll
2009-08-14 07:52:02 ----A---- C:\Windows\system32\mscories.dll
2009-08-14 07:50:49 ----A---- C:\Windows\system32\shell32.dll
2009-08-14 07:49:56 ----A---- C:\Windows\system32\avifil32.dll
2009-08-14 07:49:32 ----A---- C:\Windows\system32\rpcss.dll
2009-08-14 07:49:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-08-14 07:49:31 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-08-14 07:49:29 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-08-14 07:49:28 ----A---- C:\Windows\system32\sdohlp.dll
2009-08-14 07:49:28 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-08-14 07:49:28 ----A---- C:\Windows\system32\iasrecst.dll
2009-08-14 07:49:28 ----A---- C:\Windows\system32\iashost.exe
2009-08-14 07:49:28 ----A---- C:\Windows\system32\iasdatastore.dll
2009-08-14 07:49:28 ----A---- C:\Windows\system32\iasads.dll
2009-08-13 21:37:11 ----A---- C:\Windows\system32\MSVCR71.dll
2009-08-13 21:37:11 ----A---- C:\Windows\system32\MSVCP71.dll
2009-08-13 21:37:11 ----A---- C:\Windows\system32\MFC71.dll
2009-08-13 21:37:11 ----A---- C:\Windows\system32\aswBoot.exe
2009-08-13 21:37:08 ----D---- C:\Program Files\Alwil Software
2009-08-13 18:15:36 ----D---- C:\Users\Compaq\AppData\Roaming\skypePM
2009-08-13 18:14:48 ----D---- C:\Users\Compaq\AppData\Roaming\Skype
2009-08-13 18:14:14 ----D---- C:\Program Files\Common Files\Skype
2009-08-13 18:14:13 ----RD---- C:\Program Files\Skype
2009-08-13 18:14:09 ----D---- C:\ProgramData\Skype
2009-08-13 18:08:49 ----D---- C:\Users\Compaq\AppData\Roaming\Macromedia
2009-08-13 18:08:49 ----D---- C:\Users\Compaq\AppData\Roaming\Adobe
2009-08-13 18:08:44 ----D---- C:\Windows\system32\Macromed
2009-08-13 18:05:06 ----D---- C:\Users\Compaq\AppData\Roaming\Mozilla
2009-08-13 17:39:29 ----A---- C:\Windows\system32\mf.dll
2009-08-13 17:39:28 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-08-13 17:39:28 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-08-13 17:39:28 ----A---- C:\Windows\system32\logagent.exe
2009-08-13 17:39:24 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-08-13 17:39:20 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-08-13 17:39:10 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-08-13 17:38:47 ----A---- C:\Windows\system32\xolehlp.dll
2009-08-13 17:38:47 ----A---- C:\Windows\system32\msdtcprx.dll
2009-08-13 17:38:45 ----A---- C:\Windows\system32\wkssvc.dll
2009-08-13 17:38:43 ----A---- C:\Windows\system32\localspl.dll
2009-08-13 17:38:36 ----A---- C:\Windows\system32\occache.dll
2009-08-13 17:38:36 ----A---- C:\Windows\system32\mshtml.dll
2009-08-13 17:38:36 ----A---- C:\Windows\system32\ieframe.dll
2009-08-13 17:38:35 ----A---- C:\Windows\system32\urlmon.dll
2009-08-13 17:38:33 ----A---- C:\Windows\system32\wininet.dll
2009-08-13 17:38:33 ----A---- C:\Windows\system32\msfeeds.dll
2009-08-13 17:38:33 ----A---- C:\Windows\system32\iertutil.dll
2009-08-13 17:38:33 ----A---- C:\Windows\system32\iedkcs32.dll
2009-08-13 17:38:33 ----A---- C:\Windows\system32\ieaksie.dll
2009-08-13 17:38:32 ----A---- C:\Windows\system32\mstime.dll
2009-08-13 17:38:32 ----A---- C:\Windows\system32\jsproxy.dll
2009-08-13 17:38:32 ----A---- C:\Windows\system32\ieUnatt.exe
2009-08-13 17:38:32 ----A---- C:\Windows\system32\ieencode.dll
2009-08-13 17:38:21 ----A---- C:\Windows\system32\connect.dll
2009-08-13 15:35:19 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-08-13 15:35:19 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-08-13 15:35:19 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-08-13 15:35:17 ----A---- C:\Windows\explorer.exe
2009-08-13 15:35:15 ----A---- C:\Windows\system32\wdigest.dll
2009-08-13 15:35:15 ----A---- C:\Windows\system32\schannel.dll
2009-08-13 15:35:15 ----A---- C:\Windows\system32\secur32.dll
2009-08-13 15:35:15 ----A---- C:\Windows\system32\msv1_0.dll
2009-08-13 15:35:15 ----A---- C:\Windows\system32\lsass.exe
2009-08-13 15:35:15 ----A---- C:\Windows\system32\lsasrv.dll
2009-08-13 15:35:15 ----A---- C:\Windows\system32\kerberos.dll
2009-08-13 15:35:11 ----A---- C:\Windows\system32\winresume.exe
2009-08-13 15:35:11 ----A---- C:\Windows\system32\winload.exe
2009-08-13 15:35:11 ----A---- C:\Windows\system32\kd1394.dll
2009-08-13 15:35:11 ----A---- C:\Windows\system32\ci.dll
2009-08-13 15:35:10 ----A---- C:\Windows\system32\srdelayed.exe
2009-08-13 15:35:10 ----A---- C:\Windows\system32\srcore.dll
2009-08-13 15:35:10 ----A---- C:\Windows\system32\srclient.dll
2009-08-13 15:35:10 ----A---- C:\Windows\system32\setbcdlocale.dll
2009-08-13 15:35:10 ----A---- C:\Windows\system32\rstrui.exe
2009-08-13 15:35:10 ----A---- C:\Windows\system32\kbd106n.dll
2009-08-13 15:35:05 ----A---- C:\Windows\system32\kernel32.dll
2009-08-13 15:35:05 ----A---- C:\Windows\system32\apilogen.dll
2009-08-13 15:35:05 ----A---- C:\Windows\system32\amxread.dll
2009-08-13 15:35:02 ----A---- C:\Windows\system32\quartz.dll
2009-08-13 15:35:01 ----A---- C:\Windows\system32\wshext.dll
2009-08-13 15:35:01 ----A---- C:\Windows\system32\wscript.exe
2009-08-13 15:35:01 ----A---- C:\Windows\system32\vbscript.dll
2009-08-13 15:35:01 ----A---- C:\Windows\system32\scrrun.dll
2009-08-13 15:35:01 ----A---- C:\Windows\system32\scrobj.dll
2009-08-13 15:35:01 ----A---- C:\Windows\system32\jscript.dll
2009-08-13 15:35:01 ----A---- C:\Windows\system32\cscript.exe
2009-08-13 15:34:02 ----A---- C:\Windows\system32\atl.dll
2009-08-13 15:33:31 ----A---- C:\Windows\system32\mstscax.dll
2009-08-13 15:31:17 ----A---- C:\Windows\system32\wmp.dll
2009-08-13 15:31:16 ----A---- C:\Windows\system32\wmpdxm.dll
2009-08-13 15:31:15 ----A---- C:\Windows\system32\spwmp.dll
2009-08-13 15:31:14 ----A---- C:\Windows\system32\wmploc.DLL
2009-08-13 15:31:14 ----A---- C:\Windows\system32\dxmasf.dll
2009-08-13 15:29:55 ----D---- C:\Program Files\CONEXANT
2009-08-13 15:28:48 ----A---- C:\Windows\system32\rpcrt4.dll
2009-08-13 15:27:44 ----A---- C:\Windows\system32\msxml6.dll
2009-08-13 15:22:59 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-08-13 15:22:58 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-08-13 15:22:58 ----A---- C:\Windows\system32\gameux.dll
2009-08-13 15:22:56 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-08-13 15:22:54 ----A---- C:\Windows\system32\wmpeffects.dll
2009-08-13 15:22:52 ----A---- C:\Windows\system32\win32spl.dll
2009-08-13 15:22:46 ----A---- C:\Windows\system32\gdi32.dll
2009-08-13 15:22:44 ----A---- C:\Windows\system32\emdmgmt.dll
2009-08-13 15:22:43 ----A---- C:\Windows\system32\dataclen.dll
2009-08-13 15:22:43 ----A---- C:\Windows\system32\cdd.dll
2009-08-13 15:22:42 ----A---- C:\Windows\system32\es.dll
2009-08-13 15:22:41 ----A---- C:\Windows\system32\netapi32.dll
2009-08-13 15:22:40 ----A---- C:\Windows\system32\msxml3.dll
2009-08-13 15:22:39 ----A---- C:\Windows\system32\wersvc.dll
2009-08-13 15:22:39 ----A---- C:\Windows\system32\Faultrep.dll
2009-08-13 15:22:38 ----A---- C:\Windows\system32\inetcomm.dll
2009-08-13 15:22:28 ----A---- C:\Windows\system32\pacerprf.dll
2009-08-13 15:18:11 ----A---- C:\Windows\system32\EncDec.dll
2009-08-13 15:18:10 ----A---- C:\Windows\system32\psisdecd.dll
2009-08-13 15:18:02 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-08-13 15:17:48 ----A---- C:\Windows\system32\t2embed.dll
2009-08-13 15:17:48 ----A---- C:\Windows\system32\fontsub.dll
2009-08-13 15:17:48 ----A---- C:\Windows\system32\dciman32.dll
2009-08-13 15:17:48 ----A---- C:\Windows\system32\atmfd.dll
2009-08-13 15:17:46 ----A---- C:\Windows\system32\winhttp.dll
2009-08-13 15:17:22 ----D---- C:\Program Files\Intel
2009-08-13 15:17:22 ----A---- C:\Windows\system32\CSVer.dll
2009-08-13 15:12:09 ----A---- C:\Windows\system32\wups2.dll
2009-08-13 15:12:09 ----A---- C:\Windows\system32\wucltux.dll
2009-08-13 15:12:09 ----A---- C:\Windows\system32\wuaueng.dll
2009-08-13 15:12:09 ----A---- C:\Windows\system32\wuauclt.exe
2009-08-13 15:11:59 ----A---- C:\Windows\system32\wups.dll
2009-08-13 15:11:59 ----A---- C:\Windows\system32\wudriver.dll
2009-08-13 15:11:59 ----A---- C:\Windows\system32\wuapi.dll
2009-08-13 15:11:53 ----A---- C:\Windows\system32\wuwebv.dll
2009-08-13 15:11:53 ----A---- C:\Windows\system32\wuapp.exe
2009-08-13 15:10:09 ----D---- C:\Program Files\Realtek
2009-08-13 15:08:22 ----D---- C:\Windows\Panther
2009-08-13 15:08:09 ----RAS---- C:\BOOTSECT.BAK
2009-08-13 15:08:07 ----SHD---- C:\Boot
2009-08-13 15:03:36 ----D---- C:\Users\Compaq\AppData\Roaming\hpqLog
2009-08-13 15:02:50 ----D---- C:\Program Files\Hewlett-Packard
2009-08-13 15:02:50 ----A---- C:\Windows\system32\BttnCmns.dll
2009-08-13 15:02:50 ----A---- C:\Windows\system32\BttnCmn.dll
2009-08-13 15:00:41 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-13 15:00:41 ----D---- C:\Program Files\Atheros
2009-08-13 15:00:38 ----D---- C:\ProgramData\Atheros
2009-08-13 15:00:33 ----D---- C:\Users\Compaq\AppData\Roaming\InstallShield
2009-08-13 14:59:25 ----SHD---- C:\Windows\Installer
2009-08-13 14:57:14 ----A---- C:\Windows\system32\NVUNINST.EXE
2009-08-13 14:45:43 ----D---- C:\Windows\system32\Lang
2009-08-13 14:45:43 ----A---- C:\Windows\system32\igxpun.exe
2009-08-13 14:45:43 ----A---- C:\Windows\system32\difxapi.dll
2009-08-13 14:45:40 ----D---- C:\Intel
2009-08-13 14:45:37 ----D---- C:\Swsetup
2009-08-13 14:22:40 ----D---- C:\Users\Compaq\AppData\Roaming\Identities
2009-08-13 14:22:25 ----SD---- C:\Users\Compaq\AppData\Roaming\Microsoft
2009-08-13 14:22:25 ----D---- C:\Users\Compaq\AppData\Roaming\Media Center Programs
2009-08-13 14:22:10 ----SHD---- C:\ProgramData\Šablony
2009-08-13 14:22:10 ----SHD---- C:\ProgramData\Plocha
2009-08-13 14:22:10 ----SHD---- C:\ProgramData\Oblíbené položky
2009-08-13 14:22:10 ----SHD---- C:\ProgramData\Nabídka Start
2009-08-13 14:22:10 ----SHD---- C:\ProgramData\Dokumenty
2009-08-13 14:22:10 ----SHD---- C:\ProgramData\Data aplikací
2009-08-13 14:21:45 ----D---- C:\Windows\Debug
2009-08-13 14:11:54 ----D---- C:\Windows\SoftwareDistribution
2009-08-13 14:09:01 ----D---- C:\Windows\Prefetch
2009-08-13 14:08:50 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 1 months======

2009-08-22 12:46:20 ----D---- C:\Windows\Temp
2009-08-22 12:35:53 ----D---- C:\Windows\System32
2009-08-22 12:35:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-08-22 12:35:49 ----D---- C:\Windows\inf
2009-08-22 12:28:07 ----D---- C:\Windows\system32\drivers
2009-08-22 12:22:21 ----RD---- C:\Program Files
2009-08-22 11:13:10 ----HD---- C:\ProgramData
2009-08-22 09:52:28 ----RSD---- C:\Windows\assembly
2009-08-21 22:55:20 ----D---- C:\Windows
2009-08-21 16:40:39 ----SD---- C:\ProgramData\Microsoft
2009-08-21 16:38:38 ----D---- C:\Program Files\Common Files\microsoft shared
2009-08-20 23:30:01 ----D---- C:\Windows\Tasks
2009-08-20 23:30:01 ----D---- C:\Windows\system32\Tasks
2009-08-20 23:29:17 ----D---- C:\Windows\system32\catroot
2009-08-20 23:27:49 ----D---- C:\Windows\winsxs
2009-08-20 13:50:26 ----D---- C:\Windows\system32\catroot2
2009-08-19 16:13:29 ----D---- C:\Windows\system32\LogFiles
2009-08-18 22:59:24 ----D---- C:\Windows\system32\WDI
2009-08-18 13:45:55 ----A---- C:\Windows\win.ini
2009-08-17 22:50:48 ----D---- C:\Program Files\Common Files
2009-08-16 10:30:00 ----D---- C:\Windows\rescache
2009-08-15 23:35:30 ----D---- C:\Windows\system32\wbem
2009-08-14 17:01:04 ----RSD---- C:\Windows\Fonts
2009-08-14 15:05:21 ----D---- C:\Windows\Microsoft.NET
2009-08-14 09:15:35 ----D---- C:\Windows\ehome
2009-08-14 09:15:31 ----D---- C:\Windows\system32\cs-CZ
2009-08-14 09:15:31 ----D---- C:\Windows\PolicyDefinitions
2009-08-14 09:15:31 ----D---- C:\Windows\AppPatch
2009-08-14 09:15:28 ----D---- C:\Windows\system32\Boot
2009-08-14 09:15:27 ----D---- C:\Windows\system32\manifeststore
2009-08-14 09:15:26 ----D---- C:\Windows\system32\migration
2009-08-14 09:15:26 ----D---- C:\Program Files\Internet Explorer
2009-08-14 09:15:24 ----D---- C:\Program Files\Windows Media Player
2009-08-14 09:15:17 ----D---- C:\Windows\system32\XPSViewer
2009-08-14 09:15:17 ----D---- C:\Windows\system32\en-US
2009-08-14 09:15:09 ----D---- C:\Program Files\Windows Mail
2009-08-13 19:57:50 ----D---- C:\Windows\Logs
2009-08-13 18:02:17 ----D---- C:\Windows\system32\NDF
2009-08-13 15:16:39 ----SD---- C:\Windows\Downloaded Program Files
2009-08-13 15:02:09 ----D---- C:\Windows\system
2009-08-13 14:45:46 ----D---- C:\Windows\system32\restore
2009-08-13 14:22:58 ----SHD---- C:\$Recycle.Bin
2009-08-13 14:22:24 ----RD---- C:\Users
2009-08-13 14:22:10 ----D---- C:\Program Files\Windows NT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2009-08-20 142592]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-05-14 93312]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-12-20 1093120]
R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-06-05 222208]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-07-07 2378752]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2008-06-30 112128]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-06-10 123904]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-04-23 64512]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-05-09 36496]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-07-03 1029456]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-08-07 242048]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-08-20 487424]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-04-23 239160]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-21 228656]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]

-----------------EOF-----------------

[pitimir]

OK. Teraz dve otazky:

Ktory antivirus si nechas (Avast/NOD) - jeden musi ist prec. Ak mas plnu verziu NODa, nechal by som ho. Ak je to len nejaky shareware, odinstalovat a nechat Avasta. Tu su linky na oficialne odinstalatory, rozhodni sa, ktory pouzijes:

- Avast
- NOD


A ktory antispyware? Spyware Terminator alebo Windows Defender?

[lola3121]

Tak zatím to vypadá, že problém je odstraněný. Moc moc děkuji za pomoc

[lola3121]

NODu nemám plnou verzi, ten jsem si instalovala už ze zoufalství, když mi nic nepomáhalo. Takže si nechám ten AVAST a asi Spyware terminator?? Nebo si nechám poradit...

[pitimir]

Moze byt. Odinstaluj NODa. A daj novy log z RSITu.