Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vyskakující okna v IE 8.0
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
- Návštěvník
- Příspěvky: 20
- Registrován: 28 pro 2009 23:56
Vyskakující okna v IE 8.0
Zdravím,
náhodně mi vyskakují okna při "práci" v IE 8.0, např.
http://www.cz.mundome.com
http://getiton.com
...
něco jsem odinstaloval, ale nemůžu se toho zbavit. Děkuji předem za pomoc.
Log z RSIT přikládám:
Logfile of random's system information tool 1.06 (written by random/random)
Run by marketa at 2009-12-29 00:27:13
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 263 GB (89%) free of 295 GB
Total RAM: 2812 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:27:21, on 29.12.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\marketa\Downloads\RSIT.exe
C:\Program Files\trend micro\marketa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: McAfee Application Installer Cleanup (0004551247511994) (0004551247511994mcinstcleanup) - Unknown owner - C:\Users\marketa\AppData\Local\Temp\000455~1.EXE (file missing)
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exe
--
End of file - 10830 bytes
======Scheduled tasks folder======
C:\windows\tasks\Ad-Aware Update (Daily 1).job
C:\windows\tasks\Ad-Aware Update (Daily 2).job
C:\windows\tasks\Ad-Aware Update (Daily 3).job
C:\windows\tasks\Ad-Aware Update (Daily 4).job
C:\windows\tasks\Ad-Aware Update (Weekly).job
C:\windows\tasks\User_Feed_Synchronization-{23FEF777-50EE-41A3-A9DB-0ED2A7CACCB6}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
BHO_Startup Class - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2008-05-14 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll [2009-08-31 196608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-21 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2008-05-21 58128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
""= []
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]
"PTHOSTTR"=c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2008-06-02 238984]
"CognizanceTS"=c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2008-05-12 318488]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2008-05-14 10244096]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-21 149280]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-05-14 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-05-24 197904]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2008-03-19 3842048]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-18 2289664]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
C:\Users\marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\windows\System32\Notepad.exe %1
.js - open - C:\windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-12-29 00:27:13 ----D---- C:\rsit
2009-12-28 23:42:21 ----D---- C:\Program Files\Trend Micro
2009-12-27 23:48:51 ----AD---- C:\windows\rundll16.exe
2009-12-27 23:48:51 ----AD---- C:\windows\logo1_.exe
2009-12-26 22:27:29 ----DC---- C:\windows\system32\DRVSTORE
2009-12-26 22:25:34 ----D---- C:\ProgramData\Lavasoft
2009-12-21 12:34:32 ----HD---- C:\$AVG
2009-12-21 09:31:26 ----D---- C:\Users\marketa\AppData\Roaming\GHISLER
2009-12-21 09:31:26 ----D---- C:\totalcmd
2009-12-21 01:22:03 ----A---- C:\windows\system32\deploytk.dll
2009-12-20 23:04:06 ----AD---- C:\windows\VDLL.DLL
2009-12-20 23:04:06 ----AD---- C:\windows\system32\runouce.exe
2009-12-20 23:04:06 ----AD---- C:\windows\RUNDL132.EXE
2009-12-20 23:04:06 ----AD---- C:\windows\logo_1.exe
2009-12-20 22:56:13 ----A---- C:\windows\system32\msvcr80.dll
2009-12-20 22:56:11 ----A---- C:\windows\system32\msvcp80.dll
2009-12-20 22:56:10 ----A---- C:\windows\system32\eEmpty.exe
2009-12-20 22:56:05 ----D---- C:\Program Files\Common Files\MicroWorld
2009-12-20 22:56:03 ----D---- C:\ProgramData\MicroWorld
2009-12-13 21:49:18 ----A---- C:\windows\system32\winhttp.dll
2009-12-13 21:49:06 ----A---- C:\windows\system32\mshtml.dll
2009-12-13 21:49:05 ----A---- C:\windows\system32\ieframe.dll
2009-12-13 21:49:04 ----A---- C:\windows\system32\iertutil.dll
2009-12-13 21:49:03 ----A---- C:\windows\system32\urlmon.dll
2009-12-13 21:49:02 ----A---- C:\windows\system32\wininet.dll
2009-12-13 21:49:02 ----A---- C:\windows\system32\occache.dll
2009-12-13 21:49:02 ----A---- C:\windows\system32\msfeeds.dll
2009-12-13 21:49:02 ----A---- C:\windows\system32\iedkcs32.dll
2009-12-13 21:49:01 ----A---- C:\windows\system32\msfeedsbs.dll
2009-12-13 21:49:01 ----A---- C:\windows\system32\ieUnatt.exe
2009-12-13 21:49:01 ----A---- C:\windows\system32\ieui.dll
2009-12-13 21:49:01 ----A---- C:\windows\system32\iepeers.dll
2009-12-13 21:48:59 ----A---- C:\windows\system32\msfeedssync.exe
2009-12-13 21:48:59 ----A---- C:\windows\system32\jsproxy.dll
2009-12-13 21:48:59 ----A---- C:\windows\system32\iesysprep.dll
2009-12-13 21:48:59 ----A---- C:\windows\system32\iesetup.dll
2009-12-13 21:48:59 ----A---- C:\windows\system32\iernonce.dll
2009-12-13 21:48:59 ----A---- C:\windows\system32\ie4uinit.exe
2009-12-13 21:48:33 ----A---- C:\windows\system32\nshhttp.dll
2009-12-13 21:48:33 ----A---- C:\windows\system32\httpapi.dll
2009-12-13 21:48:02 ----A---- C:\windows\system32\rastls.dll
======List of files/folders modified in the last 1 months======
2009-12-29 00:27:21 ----D---- C:\windows\Prefetch
2009-12-29 00:27:16 ----D---- C:\windows\Temp
2009-12-29 00:25:07 ----D---- C:\windows\System32
2009-12-29 00:25:07 ----D---- C:\windows\inf
2009-12-29 00:25:07 ----A---- C:\windows\system32\PerfStringBackup.INI
2009-12-29 00:18:32 ----A---- C:\windows\system32\rpcnetp.exe
2009-12-29 00:18:30 ----A---- C:\windows\system32\rpcnet.dll
2009-12-29 00:18:29 ----D---- C:\ProgramData\hpqLog
2009-12-29 00:18:14 ----HD---- C:\ProgramData
2009-12-29 00:16:57 ----SHD---- C:\windows\Installer
2009-12-29 00:16:56 ----RD---- C:\Program Files
2009-12-27 23:48:51 ----D---- C:\Windows
2009-12-26 22:33:56 ----D---- C:\windows\Tasks
2009-12-26 22:33:04 ----D---- C:\windows\system32\Tasks
2009-12-26 22:27:29 ----D---- C:\windows\system32\drivers
2009-12-26 22:27:29 ----D---- C:\windows\system32\catroot
2009-12-26 22:25:30 ----D---- C:\windows\winsxs
2009-12-21 14:52:17 ----SHD---- C:\System Volume Information
2009-12-21 14:38:00 ----SD---- C:\Users\marketa\AppData\Roaming\Microsoft
2009-12-21 11:57:33 ----D---- C:\ProgramData\Microsoft Help
2009-12-21 11:57:30 ----RSD---- C:\windows\assembly
2009-12-21 11:56:02 ----RSD---- C:\windows\Fonts
2009-12-21 11:55:55 ----D---- C:\Program Files\Common Files\microsoft shared
2009-12-21 11:55:33 ----D---- C:\Program Files\Microsoft Works
2009-12-21 11:52:42 ----A---- C:\windows\win.ini
2009-12-21 11:52:41 ----D---- C:\Program Files\Common Files\System
2009-12-21 01:21:52 ----A---- C:\windows\system32\javaws.exe
2009-12-21 01:21:52 ----A---- C:\windows\system32\javaw.exe
2009-12-21 01:21:52 ----A---- C:\windows\system32\java.exe
2009-12-21 01:21:49 ----D---- C:\Program Files\Java
2009-12-21 01:16:20 ----D---- C:\windows\system32\catroot2
2009-12-20 23:57:14 ----D---- C:\Program Files\MSN Messenger
2009-12-20 22:56:05 ----D---- C:\Program Files\Common Files
2009-12-20 21:58:17 ----SD---- C:\ProgramData\Microsoft
2009-12-20 21:28:51 ----D---- C:\windows\system32\NDF
2009-12-20 21:14:33 ----D---- C:\windows\rescache
2009-12-15 09:36:04 ----D---- C:\windows\system32\migration
2009-12-15 09:36:03 ----D---- C:\Program Files\Windows Mail
2009-12-15 09:36:03 ----D---- C:\Program Files\Internet Explorer
2009-12-15 09:36:03 ----AD---- C:\windows\system32\cs-CZ
2009-12-01 21:06:19 ----A---- C:\windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-30 12496]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2008-05-21 3552768]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2008-03-21 1207288]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2008-04-10 1804160]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-04-03 310272]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2008-05-28 80424]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2008-05-28 81960]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2008-05-28 16168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2008-05-21 671744]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-05-13 440872]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-06-02 18944]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-30 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-14 77824]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\windows\system32\rpcnet.exe [2009-09-29 56680]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
S2 0004551247511994mcinstcleanup;McAfee Application Installer Cleanup (0004551247511994); C:\Users\marketa\AppData\Local\Temp\000455~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
náhodně mi vyskakují okna při "práci" v IE 8.0, např.
http://www.cz.mundome.com
http://getiton.com
...
něco jsem odinstaloval, ale nemůžu se toho zbavit. Děkuji předem za pomoc.
Log z RSIT přikládám:
Logfile of random's system information tool 1.06 (written by random/random)
Run by marketa at 2009-12-29 00:27:13
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 263 GB (89%) free of 295 GB
Total RAM: 2812 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:27:21, on 29.12.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\marketa\Downloads\RSIT.exe
C:\Program Files\trend micro\marketa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: McAfee Application Installer Cleanup (0004551247511994) (0004551247511994mcinstcleanup) - Unknown owner - C:\Users\marketa\AppData\Local\Temp\000455~1.EXE (file missing)
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exe
--
End of file - 10830 bytes
======Scheduled tasks folder======
C:\windows\tasks\Ad-Aware Update (Daily 1).job
C:\windows\tasks\Ad-Aware Update (Daily 2).job
C:\windows\tasks\Ad-Aware Update (Daily 3).job
C:\windows\tasks\Ad-Aware Update (Daily 4).job
C:\windows\tasks\Ad-Aware Update (Weekly).job
C:\windows\tasks\User_Feed_Synchronization-{23FEF777-50EE-41A3-A9DB-0ED2A7CACCB6}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
BHO_Startup Class - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2008-05-14 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll [2009-08-31 196608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-21 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2008-05-21 58128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
""= []
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]
"PTHOSTTR"=c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2008-06-02 238984]
"CognizanceTS"=c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2008-05-12 318488]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2008-05-14 10244096]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-21 149280]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-05-14 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-05-24 197904]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2008-03-19 3842048]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-18 2289664]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
C:\Users\marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\windows\System32\Notepad.exe %1
.js - open - C:\windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-12-29 00:27:13 ----D---- C:\rsit
2009-12-28 23:42:21 ----D---- C:\Program Files\Trend Micro
2009-12-27 23:48:51 ----AD---- C:\windows\rundll16.exe
2009-12-27 23:48:51 ----AD---- C:\windows\logo1_.exe
2009-12-26 22:27:29 ----DC---- C:\windows\system32\DRVSTORE
2009-12-26 22:25:34 ----D---- C:\ProgramData\Lavasoft
2009-12-21 12:34:32 ----HD---- C:\$AVG
2009-12-21 09:31:26 ----D---- C:\Users\marketa\AppData\Roaming\GHISLER
2009-12-21 09:31:26 ----D---- C:\totalcmd
2009-12-21 01:22:03 ----A---- C:\windows\system32\deploytk.dll
2009-12-20 23:04:06 ----AD---- C:\windows\VDLL.DLL
2009-12-20 23:04:06 ----AD---- C:\windows\system32\runouce.exe
2009-12-20 23:04:06 ----AD---- C:\windows\RUNDL132.EXE
2009-12-20 23:04:06 ----AD---- C:\windows\logo_1.exe
2009-12-20 22:56:13 ----A---- C:\windows\system32\msvcr80.dll
2009-12-20 22:56:11 ----A---- C:\windows\system32\msvcp80.dll
2009-12-20 22:56:10 ----A---- C:\windows\system32\eEmpty.exe
2009-12-20 22:56:05 ----D---- C:\Program Files\Common Files\MicroWorld
2009-12-20 22:56:03 ----D---- C:\ProgramData\MicroWorld
2009-12-13 21:49:18 ----A---- C:\windows\system32\winhttp.dll
2009-12-13 21:49:06 ----A---- C:\windows\system32\mshtml.dll
2009-12-13 21:49:05 ----A---- C:\windows\system32\ieframe.dll
2009-12-13 21:49:04 ----A---- C:\windows\system32\iertutil.dll
2009-12-13 21:49:03 ----A---- C:\windows\system32\urlmon.dll
2009-12-13 21:49:02 ----A---- C:\windows\system32\wininet.dll
2009-12-13 21:49:02 ----A---- C:\windows\system32\occache.dll
2009-12-13 21:49:02 ----A---- C:\windows\system32\msfeeds.dll
2009-12-13 21:49:02 ----A---- C:\windows\system32\iedkcs32.dll
2009-12-13 21:49:01 ----A---- C:\windows\system32\msfeedsbs.dll
2009-12-13 21:49:01 ----A---- C:\windows\system32\ieUnatt.exe
2009-12-13 21:49:01 ----A---- C:\windows\system32\ieui.dll
2009-12-13 21:49:01 ----A---- C:\windows\system32\iepeers.dll
2009-12-13 21:48:59 ----A---- C:\windows\system32\msfeedssync.exe
2009-12-13 21:48:59 ----A---- C:\windows\system32\jsproxy.dll
2009-12-13 21:48:59 ----A---- C:\windows\system32\iesysprep.dll
2009-12-13 21:48:59 ----A---- C:\windows\system32\iesetup.dll
2009-12-13 21:48:59 ----A---- C:\windows\system32\iernonce.dll
2009-12-13 21:48:59 ----A---- C:\windows\system32\ie4uinit.exe
2009-12-13 21:48:33 ----A---- C:\windows\system32\nshhttp.dll
2009-12-13 21:48:33 ----A---- C:\windows\system32\httpapi.dll
2009-12-13 21:48:02 ----A---- C:\windows\system32\rastls.dll
======List of files/folders modified in the last 1 months======
2009-12-29 00:27:21 ----D---- C:\windows\Prefetch
2009-12-29 00:27:16 ----D---- C:\windows\Temp
2009-12-29 00:25:07 ----D---- C:\windows\System32
2009-12-29 00:25:07 ----D---- C:\windows\inf
2009-12-29 00:25:07 ----A---- C:\windows\system32\PerfStringBackup.INI
2009-12-29 00:18:32 ----A---- C:\windows\system32\rpcnetp.exe
2009-12-29 00:18:30 ----A---- C:\windows\system32\rpcnet.dll
2009-12-29 00:18:29 ----D---- C:\ProgramData\hpqLog
2009-12-29 00:18:14 ----HD---- C:\ProgramData
2009-12-29 00:16:57 ----SHD---- C:\windows\Installer
2009-12-29 00:16:56 ----RD---- C:\Program Files
2009-12-27 23:48:51 ----D---- C:\Windows
2009-12-26 22:33:56 ----D---- C:\windows\Tasks
2009-12-26 22:33:04 ----D---- C:\windows\system32\Tasks
2009-12-26 22:27:29 ----D---- C:\windows\system32\drivers
2009-12-26 22:27:29 ----D---- C:\windows\system32\catroot
2009-12-26 22:25:30 ----D---- C:\windows\winsxs
2009-12-21 14:52:17 ----SHD---- C:\System Volume Information
2009-12-21 14:38:00 ----SD---- C:\Users\marketa\AppData\Roaming\Microsoft
2009-12-21 11:57:33 ----D---- C:\ProgramData\Microsoft Help
2009-12-21 11:57:30 ----RSD---- C:\windows\assembly
2009-12-21 11:56:02 ----RSD---- C:\windows\Fonts
2009-12-21 11:55:55 ----D---- C:\Program Files\Common Files\microsoft shared
2009-12-21 11:55:33 ----D---- C:\Program Files\Microsoft Works
2009-12-21 11:52:42 ----A---- C:\windows\win.ini
2009-12-21 11:52:41 ----D---- C:\Program Files\Common Files\System
2009-12-21 01:21:52 ----A---- C:\windows\system32\javaws.exe
2009-12-21 01:21:52 ----A---- C:\windows\system32\javaw.exe
2009-12-21 01:21:52 ----A---- C:\windows\system32\java.exe
2009-12-21 01:21:49 ----D---- C:\Program Files\Java
2009-12-21 01:16:20 ----D---- C:\windows\system32\catroot2
2009-12-20 23:57:14 ----D---- C:\Program Files\MSN Messenger
2009-12-20 22:56:05 ----D---- C:\Program Files\Common Files
2009-12-20 21:58:17 ----SD---- C:\ProgramData\Microsoft
2009-12-20 21:28:51 ----D---- C:\windows\system32\NDF
2009-12-20 21:14:33 ----D---- C:\windows\rescache
2009-12-15 09:36:04 ----D---- C:\windows\system32\migration
2009-12-15 09:36:03 ----D---- C:\Program Files\Windows Mail
2009-12-15 09:36:03 ----D---- C:\Program Files\Internet Explorer
2009-12-15 09:36:03 ----AD---- C:\windows\system32\cs-CZ
2009-12-01 21:06:19 ----A---- C:\windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-30 12496]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2008-05-21 3552768]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2008-03-21 1207288]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2008-04-10 1804160]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-04-03 310272]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2008-05-28 80424]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2008-05-28 81960]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2008-05-28 16168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2008-05-21 671744]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-05-13 440872]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-06-02 18944]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-30 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-14 77824]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\windows\system32\rpcnet.exe [2009-09-29 56680]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
S2 0004551247511994mcinstcleanup;McAfee Application Installer Cleanup (0004551247511994); C:\Users\marketa\AppData\Local\Temp\000455~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
-
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Vyskakující okna v IE 8.0
Dobrý den
pošlete ještě log z Combofix
Stáhneme na plochu, ukončíme všechna aktivní okna a spustíme ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Po spuštění potvrdíme podmínky užití
- Dále postupujeme dle pokynů, během aplikování ComboFixu neklikejte do zobrazujících se oken
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt
- ComboFix je třeba spustit pod účtem s právy administrátora
pošlete ještě log z Combofix
Stáhneme na plochu, ukončíme všechna aktivní okna a spustíme ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Po spuštění potvrdíme podmínky užití
- Dále postupujeme dle pokynů, během aplikování ComboFixu neklikejte do zobrazujících se oken
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt
- ComboFix je třeba spustit pod účtem s právy administrátora
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
-
- Návštěvník
- Příspěvky: 20
- Registrován: 28 pro 2009 23:56
Re: Vyskakující okna v IE 8.0
Zdravím,
byl to mazec, Combofix smazal nějaké soubory, pak restaroval Windows a začal vytvářet log, přitom se to seklo a po samovolném restartu to spadlo na: Spustit systém běžným způsobem, pak to spustilo kontrolu disku a udělalo to docela dost úprav. Nicméně po restartu to běží a už tam ta okna neskáčou. Bohužel asi nezjistím, co vlastně Combofix smazal, protože v logu je jen:
ComboFix 09-12-29.06 - marketa 30.12.2009 22:02:11.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2812.1762 [GMT 1:00]
Spuštěný z: C:\Users\marketa\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
patrně mu vadil spuštěný Windows Defender?!? A nemůžu najít log z té opravy disku, pokud se nějaký vytváří, tak fakt nevím kde.
Díky
byl to mazec, Combofix smazal nějaké soubory, pak restaroval Windows a začal vytvářet log, přitom se to seklo a po samovolném restartu to spadlo na: Spustit systém běžným způsobem, pak to spustilo kontrolu disku a udělalo to docela dost úprav. Nicméně po restartu to běží a už tam ta okna neskáčou. Bohužel asi nezjistím, co vlastně Combofix smazal, protože v logu je jen:
ComboFix 09-12-29.06 - marketa 30.12.2009 22:02:11.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2812.1762 [GMT 1:00]
Spuštěný z: C:\Users\marketa\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
patrně mu vadil spuštěný Windows Defender?!? A nemůžu najít log z té opravy disku, pokud se nějaký vytváří, tak fakt nevím kde.
Díky
-
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Vyskakující okna v IE 8.0
OK, použijte http://sweb.cz/Marinus/T-Cleaner.exe - pro potvrzení stiskněte vždy klávesu A nebo Enter restartujte PC a postup zopakujte - dojde k odebrání všech komponent Combofixu
(utilita může být označena antivirem jako vir - po použití ji smažte)
znovu stáhněte Combofix, spusťte sken a vložte sem log
(utilita může být označena antivirem jako vir - po použití ji smažte)
znovu stáhněte Combofix, spusťte sken a vložte sem log
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
-
- Návštěvník
- Příspěvky: 20
- Registrován: 28 pro 2009 23:56
Re: Vyskakující okna v IE 8.0
Zdravím,
takže nejdřív jsem musel zastavit a zakázat spuštění servisů antiviru (AVAST) a
Windows Defenderu a konečně se zadařilo:
ComboFix 09-12-30.01 - marketa 31.12.2009 11:56:47.3.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2812.1859 [GMT 1:00]
Spuštěný z: c:\users\marketa\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-28 do 2009-12-31 )))))))))))))))))))))))))))))))
.
2009-12-31 11:03 . 2009-12-31 11:04 -------- d-----w- c:\users\marketa\AppData\Local\temp
2009-12-31 11:03 . 2009-12-31 11:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-31 08:12 . 2009-12-31 08:12 -------- d---a-w- c:\windows\rundll16.exe
2009-12-31 08:12 . 2009-12-31 08:12 -------- d---a-w- c:\windows\logo1_.exe
2009-12-30 22:36 . 2009-12-30 23:13 -------- d-----w- C:\found.001
2009-12-28 22:42 . 2009-12-28 23:27 -------- d-----w- c:\program files\Trend Micro
2009-12-26 21:27 . 2009-12-28 23:16 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-26 21:25 . 2009-12-28 23:16 -------- d-----w- c:\programdata\Lavasoft
2009-12-21 11:34 . 2009-12-21 12:21 -------- d-----w- C:\$AVG
2009-12-21 10:46 . 2009-12-21 10:46 -------- d-----w- c:\users\marketa\AppData\Local\GHISLER
2009-12-21 08:39 . 2009-12-21 08:39 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\UC.PIF
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\RAR.PIF
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKZIP.PIF
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKUNZIP.PIF
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\NOCLOSE.PIF
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\LHA.PIF
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\ARJ.PIF
2009-12-21 08:31 . 2009-12-21 08:31 -------- d-----w- C:\totalcmd
2009-12-21 08:31 . 2009-12-21 08:31 -------- d-----w- c:\users\marketa\AppData\Roaming\GHISLER
2009-12-21 00:22 . 2009-12-21 00:21 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-20 22:04 . 2009-12-20 22:04 -------- d---a-w- c:\windows\VDLL.DLL
2009-12-20 22:04 . 2009-12-20 22:04 -------- d---a-w- c:\windows\system32\runouce.exe
2009-12-20 22:04 . 2009-12-20 22:04 -------- d---a-w- c:\windows\RUNDL132.EXE
2009-12-20 22:04 . 2009-12-20 22:04 -------- d---a-w- c:\windows\logo_1.exe
2009-12-20 21:56 . 2009-12-20 21:56 632064 ----a-w- c:\windows\system32\msvcr80.dll
2009-12-20 21:56 . 2009-12-20 21:56 554240 ----a-w- c:\windows\system32\msvcp80.dll
2009-12-20 21:56 . 2009-12-20 21:56 34048 ----a-w- c:\windows\system32\eEmpty.exe
2009-12-20 21:56 . 2009-12-20 21:56 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-12-20 21:56 . 2009-12-20 21:56 -------- d-----w- c:\programdata\MicroWorld
2009-12-20 21:24 . 2009-12-20 21:24 -------- d-----w- c:\users\marketa\AppData\Local\WindowsUpdate
2009-12-13 20:48 . 2009-11-21 06:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-12-13 20:48 . 2009-11-21 06:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-12-13 20:48 . 2009-11-03 19:41 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-13 20:48 . 2009-11-03 21:43 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-13 20:48 . 2009-11-03 21:42 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-13 20:48 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-31 10:42 . 2008-04-17 10:02 635994 ----a-w- c:\windows\system32\perfh005.dat
2009-12-31 10:42 . 2008-04-17 10:02 134788 ----a-w- c:\windows\system32\perfc005.dat
2009-12-31 10:36 . 2009-09-29 06:14 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2009-12-31 10:36 . 2009-09-29 06:35 56680 ----a-w- c:\windows\system32\rpcnet.dll
2009-12-31 10:36 . 2008-08-04 13:56 -------- d-----w- c:\programdata\hpqLog
2009-12-31 10:35 . 2009-07-14 02:43 12 ----a-w- c:\windows\bthservsdp.dat
2009-12-30 22:38 . 2008-04-19 19:51 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2009-12-21 11:10 . 2009-07-13 18:17 99864 ----a-w- c:\users\marketa\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-21 10:57 . 2008-08-04 14:23 -------- d-----w- c:\programdata\Microsoft Help
2009-12-21 10:55 . 2009-09-13 15:48 -------- d-----w- c:\program files\Microsoft Works
2009-12-21 00:21 . 2008-08-04 15:02 -------- d-----w- c:\program files\Java
2009-12-20 22:57 . 2009-07-13 18:10 -------- d-----w- c:\program files\MSN Messenger
2009-12-15 08:36 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-11-24 23:54 . 2009-07-13 18:44 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2009-07-13 18:45 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-07-13 18:45 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-07-13 18:44 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2009-07-13 18:45 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-07-13 18:45 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-07-13 18:45 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 20:59 . 2009-11-23 20:59 680 ----a-w- c:\users\marketa\AppData\Local\d3d9caps.dat
2009-11-21 06:40 . 2009-12-13 20:49 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 04:59 . 2009-12-13 20:49 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-17 20:50 . 2009-11-17 20:50 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-17 20:50 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-17 20:49 . 2009-11-17 20:49 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-17 19:15 . 2009-11-17 19:15 -------- d-----w- c:\program files\BSPlayer
2009-11-17 19:09 . 2009-11-17 19:09 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-11-17 19:07 . 2009-11-17 19:09 737280 ----a-w- c:\windows\iun6002.exe
2009-11-02 19:42 . 2009-10-04 15:53 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-29 09:17 . 2009-11-28 17:08 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-21 16:45 . 2008-10-10 06:36 33792 ----a-w- c:\windows\system32\identprv.dll
2009-10-08 21:08 . 2009-11-17 18:34 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-11-17 18:34 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-11-17 18:34 4096 ----a-w- c:\windows\system32\oleaccrc.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-06-02 238984]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 24848]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-14 10244096]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-21 149280]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-05-24 197904]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
c:\users\marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-8-4 197904]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):bd,6d,95,89,c2,42,ca,01
R0 SbAlg;SbAlg;c:\windows\System32\drivers\SbAlg.sys [30.5.2008 17:37 51376]
R0 SbFsLock;SbFsLock;c:\windows\System32\drivers\SbFsLock.sys [30.5.2008 17:37 12928]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [13.7.2009 19:45 114768]
R1 RsvLock;RsvLock;c:\windows\System32\drivers\rsvlock.sys [30.5.2008 17:37 12496]
R2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [16.5.2007 0:08 182576]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [21.1.2008 3:33 21504]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [21.1.2008 3:33 21504]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [13.7.2009 19:45 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [13.7.2009 19:44 53328]
R2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2.6.2008 18:32 18944]
R2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [30.5.2008 17:36 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [4.8.2008 16:01 77824]
R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [7.4.2008 19:13 24936]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [4.8.2008 15:11 576024]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [4.8.2008 16:03 193840]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [21.1.2008 3:32 179712]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:33 21504]
S4 0004551247511994mcinstcleanup;McAfee Application Installer Cleanup (0004551247511994);c:\users\marketa\AppData\Local\Temp\000455~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\users\marketa\AppData\Local\Temp\000455~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - 0004551247511994MCINSTCLEANUP
*NewlyCreated* - ASWUPDSV
*NewlyCreated* - AVAST!_ANTIVIRUS
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2009-12-30 c:\windows\Tasks\User_Feed_Synchronization-{23FEF777-50EE-41A3-A9DB-0ED2A7CACCB6}.job
- c:\windows\system32\msfeedssync.exe [2009-12-13 04:59]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_cz&c=83&bd=all&pf=cmnb
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-31 12:13
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(4816)
c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
c:\users\marketa\AppData\Local\Temp\catchme.dll
.
Celkový čas: 2009-12-31 12:14:26
ComboFix-quarantined-files.txt 2009-12-31 11:14
Před spuštěním: Volných bajtů: 277 243 375 616
Po spuštění: Volných bajtů: 277 208 686 592
- - End Of File - - 11DF774AD02839875E69F264EA48E30C
takže nejdřív jsem musel zastavit a zakázat spuštění servisů antiviru (AVAST) a
Windows Defenderu a konečně se zadařilo:
ComboFix 09-12-30.01 - marketa 31.12.2009 11:56:47.3.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2812.1859 [GMT 1:00]
Spuštěný z: c:\users\marketa\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-28 do 2009-12-31 )))))))))))))))))))))))))))))))
.
2009-12-31 11:03 . 2009-12-31 11:04 -------- d-----w- c:\users\marketa\AppData\Local\temp
2009-12-31 11:03 . 2009-12-31 11:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-31 08:12 . 2009-12-31 08:12 -------- d---a-w- c:\windows\rundll16.exe
2009-12-31 08:12 . 2009-12-31 08:12 -------- d---a-w- c:\windows\logo1_.exe
2009-12-30 22:36 . 2009-12-30 23:13 -------- d-----w- C:\found.001
2009-12-28 22:42 . 2009-12-28 23:27 -------- d-----w- c:\program files\Trend Micro
2009-12-26 21:27 . 2009-12-28 23:16 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-26 21:25 . 2009-12-28 23:16 -------- d-----w- c:\programdata\Lavasoft
2009-12-21 11:34 . 2009-12-21 12:21 -------- d-----w- C:\$AVG
2009-12-21 10:46 . 2009-12-21 10:46 -------- d-----w- c:\users\marketa\AppData\Local\GHISLER
2009-12-21 08:39 . 2009-12-21 08:39 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\UC.PIF
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\RAR.PIF
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKZIP.PIF
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKUNZIP.PIF
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\NOCLOSE.PIF
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\LHA.PIF
2009-12-21 08:31 . 2009-09-24 06:50 545 ----a-w- c:\windows\ARJ.PIF
2009-12-21 08:31 . 2009-12-21 08:31 -------- d-----w- C:\totalcmd
2009-12-21 08:31 . 2009-12-21 08:31 -------- d-----w- c:\users\marketa\AppData\Roaming\GHISLER
2009-12-21 00:22 . 2009-12-21 00:21 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-20 22:04 . 2009-12-20 22:04 -------- d---a-w- c:\windows\VDLL.DLL
2009-12-20 22:04 . 2009-12-20 22:04 -------- d---a-w- c:\windows\system32\runouce.exe
2009-12-20 22:04 . 2009-12-20 22:04 -------- d---a-w- c:\windows\RUNDL132.EXE
2009-12-20 22:04 . 2009-12-20 22:04 -------- d---a-w- c:\windows\logo_1.exe
2009-12-20 21:56 . 2009-12-20 21:56 632064 ----a-w- c:\windows\system32\msvcr80.dll
2009-12-20 21:56 . 2009-12-20 21:56 554240 ----a-w- c:\windows\system32\msvcp80.dll
2009-12-20 21:56 . 2009-12-20 21:56 34048 ----a-w- c:\windows\system32\eEmpty.exe
2009-12-20 21:56 . 2009-12-20 21:56 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-12-20 21:56 . 2009-12-20 21:56 -------- d-----w- c:\programdata\MicroWorld
2009-12-20 21:24 . 2009-12-20 21:24 -------- d-----w- c:\users\marketa\AppData\Local\WindowsUpdate
2009-12-13 20:48 . 2009-11-21 06:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-12-13 20:48 . 2009-11-21 06:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-12-13 20:48 . 2009-11-03 19:41 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-13 20:48 . 2009-11-03 21:43 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-13 20:48 . 2009-11-03 21:42 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-13 20:48 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-31 10:42 . 2008-04-17 10:02 635994 ----a-w- c:\windows\system32\perfh005.dat
2009-12-31 10:42 . 2008-04-17 10:02 134788 ----a-w- c:\windows\system32\perfc005.dat
2009-12-31 10:36 . 2009-09-29 06:14 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2009-12-31 10:36 . 2009-09-29 06:35 56680 ----a-w- c:\windows\system32\rpcnet.dll
2009-12-31 10:36 . 2008-08-04 13:56 -------- d-----w- c:\programdata\hpqLog
2009-12-31 10:35 . 2009-07-14 02:43 12 ----a-w- c:\windows\bthservsdp.dat
2009-12-30 22:38 . 2008-04-19 19:51 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2009-12-21 11:10 . 2009-07-13 18:17 99864 ----a-w- c:\users\marketa\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-21 10:57 . 2008-08-04 14:23 -------- d-----w- c:\programdata\Microsoft Help
2009-12-21 10:55 . 2009-09-13 15:48 -------- d-----w- c:\program files\Microsoft Works
2009-12-21 00:21 . 2008-08-04 15:02 -------- d-----w- c:\program files\Java
2009-12-20 22:57 . 2009-07-13 18:10 -------- d-----w- c:\program files\MSN Messenger
2009-12-15 08:36 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-11-24 23:54 . 2009-07-13 18:44 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2009-07-13 18:45 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-07-13 18:45 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-07-13 18:44 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2009-07-13 18:45 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-07-13 18:45 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-07-13 18:45 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 20:59 . 2009-11-23 20:59 680 ----a-w- c:\users\marketa\AppData\Local\d3d9caps.dat
2009-11-21 06:40 . 2009-12-13 20:49 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 04:59 . 2009-12-13 20:49 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-17 20:50 . 2009-11-17 20:50 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-17 20:50 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-17 20:49 . 2009-11-17 20:49 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-17 19:15 . 2009-11-17 19:15 -------- d-----w- c:\program files\BSPlayer
2009-11-17 19:09 . 2009-11-17 19:09 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-11-17 19:07 . 2009-11-17 19:09 737280 ----a-w- c:\windows\iun6002.exe
2009-11-02 19:42 . 2009-10-04 15:53 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-29 09:17 . 2009-11-28 17:08 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-21 16:45 . 2008-10-10 06:36 33792 ----a-w- c:\windows\system32\identprv.dll
2009-10-08 21:08 . 2009-11-17 18:34 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-11-17 18:34 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-11-17 18:34 4096 ----a-w- c:\windows\system32\oleaccrc.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-06-02 238984]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 24848]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-14 10244096]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-21 149280]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-05-24 197904]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
c:\users\marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-8-4 197904]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):bd,6d,95,89,c2,42,ca,01
R0 SbAlg;SbAlg;c:\windows\System32\drivers\SbAlg.sys [30.5.2008 17:37 51376]
R0 SbFsLock;SbFsLock;c:\windows\System32\drivers\SbFsLock.sys [30.5.2008 17:37 12928]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [13.7.2009 19:45 114768]
R1 RsvLock;RsvLock;c:\windows\System32\drivers\rsvlock.sys [30.5.2008 17:37 12496]
R2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [16.5.2007 0:08 182576]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [21.1.2008 3:33 21504]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [21.1.2008 3:33 21504]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [13.7.2009 19:45 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [13.7.2009 19:44 53328]
R2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2.6.2008 18:32 18944]
R2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [30.5.2008 17:36 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [4.8.2008 16:01 77824]
R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [7.4.2008 19:13 24936]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [4.8.2008 15:11 576024]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [4.8.2008 16:03 193840]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [21.1.2008 3:32 179712]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:33 21504]
S4 0004551247511994mcinstcleanup;McAfee Application Installer Cleanup (0004551247511994);c:\users\marketa\AppData\Local\Temp\000455~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\users\marketa\AppData\Local\Temp\000455~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - 0004551247511994MCINSTCLEANUP
*NewlyCreated* - ASWUPDSV
*NewlyCreated* - AVAST!_ANTIVIRUS
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2009-12-30 c:\windows\Tasks\User_Feed_Synchronization-{23FEF777-50EE-41A3-A9DB-0ED2A7CACCB6}.job
- c:\windows\system32\msfeedssync.exe [2009-12-13 04:59]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_cz&c=83&bd=all&pf=cmnb
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-31 12:13
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(4816)
c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
c:\users\marketa\AppData\Local\Temp\catchme.dll
.
Celkový čas: 2009-12-31 12:14:26
ComboFix-quarantined-files.txt 2009-12-31 11:14
Před spuštěním: Volných bajtů: 277 243 375 616
Po spuštění: Volných bajtů: 277 208 686 592
- - End Of File - - 11DF774AD02839875E69F264EA48E30C
-
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Vyskakující okna v IE 8.0
vypadá, že je to v pořádku
zopakujte postup s T-Cleanerem
potom použijte CCleaner - položky Čistič a Registry - čištění opakujte do odstranění všech problémů
a nakonec ATF Cleaner - http://www.atribune.org/ccount/click.php?id=1:
po spuštění staženého souboru se objeví okno:
zatrhněte Select All, klikněte na Empty Selected a Exit
stejným způsobem vymažte případně cache Firefoxu a Opery
restartujte PC
zopakujte postup s T-Cleanerem
potom použijte CCleaner - položky Čistič a Registry - čištění opakujte do odstranění všech problémů
a nakonec ATF Cleaner - http://www.atribune.org/ccount/click.php?id=1:
po spuštění staženého souboru se objeví okno:
zatrhněte Select All, klikněte na Empty Selected a Exit
stejným způsobem vymažte případně cache Firefoxu a Opery
restartujte PC
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
-
- Návštěvník
- Příspěvky: 20
- Registrován: 28 pro 2009 23:56
Re: Vyskakující okna v IE 8.0
Zdravím,
vypadá to, že funguje vše co má fungovat a to co nemá nefunguje.
Ještě jednou díky za pomoc.
vypadá to, že funguje vše co má fungovat a to co nemá nefunguje.
Ještě jednou díky za pomoc.
-
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Vyskakující okna v IE 8.0
nemáte zač
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)