Dobrý den,
Při každém startu notebooku se objeví hláška o tom, že byl ukončen z bezpečnostních důvodů proces Generic Host Process for win32.
Jinak se mi zdá pc o trochu pomalejší než obvykle...
Zde je log:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Renatka at 2010-04-01 11:35:07
Microsoft Windows XP Professional Service Pack 3
System drive C: has 54 GB (54%) free of 100 GB
Total RAM: 3067 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:35:19, on 1.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\java\bin\jqs.exe
C:\xampp\mysql\bin\mysqld.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\java\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Free Desktop Clock\DesktopClock.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\RSIT.exe
C:\Program Files\trend micro\Renatka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\OFFICE~1\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\java\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\java\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\java\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Free Desktop Clock\DesktopClock.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\OfficeMrkvosoft\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\OFFICE~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\OFFICE~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send to Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\OFFICE~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c9b627470c7bb0) (gupdate1c9b627470c7bb0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\java\bin\jqs.exe
O23 - Service: MySQL - MySQL AB - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 8866 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07A11D74-9D25-4fea-A833-8B0D76A5577A}]
CmjBrowserHelperObject Object - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll [2008-06-10 70944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\OFFICE~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-05 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\java\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\java\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1044480]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-03-24 884736]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-06-20 1310720]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-10-10 177456]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"SunJavaUpdateSched"=C:\java\bin\jusched.exe [2009-10-11 149280]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-03-09 2769336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"SkinClock"=C:\Program Files\Free Desktop Clock\DesktopClock.exe [2006-10-01 334848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe [2007-08-30 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater6]
C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe [2009-01-08 2521464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CianoDock]
C:\Program Files\CianoDock.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTCheck]
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe [2007-11-06 397312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe [2007-07-17 868352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\OfficeMrkvosoft\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-02-20 4363504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMReminderService]
C:\Program Files\Mindjet\MindManager 7\MMReminderService.exe [2008-06-10 37656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooVoo.exe]
C:\Program Files\ooVoo\oovoo.exe [2009-11-25 18440376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-03-28 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-09-24 434176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-05 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Renatka^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-01-15 393216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Renatka^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE /tsr []
C:\Documents and Settings\Renatka\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\OfficeMrkvosoft\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-05-08 126976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\OFFICE~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\FileZilla FTP Client\filezilla.exe"="C:\Program Files\FileZilla FTP Client\filezilla.exe:*:Enabled:FileZilla FTP Client"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Enabled:File Transfer Program"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\OfficeMrkvosoft\Office12\GROOVE.EXE"="C:\Program Files\OfficeMrkvosoft\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\OfficeMrkvosoft\Office12\ONENOTE.EXE"="C:\Program Files\OfficeMrkvosoft\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fded649f-0df8-11de-9b2a-002264749b9c}]
shell\AutoRun\command - G:\LaunchU3.exe -a
======List of files/folders created in the last 1 months======
2010-04-01 11:35:08 ----D---- C:\Program Files\trend micro
2010-04-01 11:35:07 ----D---- C:\rsit
2010-04-01 11:34:53 ----A---- C:\Program Files\RSIT.exe
2010-03-31 11:34:48 ----D---- C:\WINDOWS\WBEM
2010-03-31 11:34:30 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-03-31 11:33:33 ----HDC---- C:\WINDOWS\ie8
2010-03-31 11:30:02 ----A---- C:\Program Files\IE8-WindowsXP-x86-ENU.exe
2010-03-31 11:27:20 ----A---- C:\Program Files\IE8-WindowsXP-x86-CSY.exe
2010-03-17 23:59:07 ----D---- C:\Documents and Settings\Renatka\Application Data\SAS
2010-03-17 23:58:25 ----D---- C:\Documents and Settings\All Users\Application Data\SAS
2010-03-17 23:57:41 ----A---- C:\WINDOWS\IsUninst.exe
2010-03-17 23:47:32 ----N---- C:\WINDOWS\system32\oc30.dll
2010-03-17 23:47:30 ----N---- C:\WINDOWS\system32\mfcans32.dll
2010-03-17 23:47:29 ----N---- C:\WINDOWS\system32\sasperf.dll
2010-03-17 23:28:28 ----D---- C:\WINDOWS\system32\URTTEMP
2010-03-17 23:27:50 ----A---- C:\WINDOWS\system32\msvcp70.dll
2010-03-17 23:27:50 ----A---- C:\WINDOWS\system32\msvci70.dll
2010-03-17 23:27:50 ----A---- C:\WINDOWS\system32\mfc70u.dll
2010-03-17 23:27:50 ----A---- C:\WINDOWS\system32\mfc70.dll
2010-03-17 23:27:50 ----A---- C:\WINDOWS\system32\gdiplus.dll
2010-03-17 23:27:50 ----A---- C:\WINDOWS\system32\atl70.dll
2010-03-17 23:27:22 ----D---- C:\Program Files\SAS
2010-03-14 19:22:42 ----D---- C:\Program Files\Common Files\Protexis
2010-03-14 19:22:42 ----D---- C:\Documents and Settings\All Users\Application Data\Corel
2010-03-14 19:20:26 ----D---- C:\Program Files\Common Files\Corel
======List of files/folders modified in the last 1 months======
2010-04-01 11:35:08 ----RD---- C:\Program Files
2010-04-01 11:35:06 ----D---- C:\WINDOWS\Prefetch
2010-04-01 11:34:56 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-01 11:30:15 ----D---- C:\WINDOWS\system32
2010-04-01 11:30:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-01 11:29:50 ----D---- C:\WINDOWS\Temp
2010-04-01 11:20:27 ----SD---- C:\WINDOWS\Tasks
2010-04-01 01:47:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-01 01:47:02 ----A---- C:\WINDOWS\wincmd.ini
2010-04-01 00:51:57 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2010-04-01 00:50:39 ----AD---- C:\WINDOWS
2010-03-31 22:03:30 ----D---- C:\Program Files\Peggle Nights Deluxe
2010-03-31 18:47:55 ----D---- C:\Program Files\Mozilla Firefox
2010-03-31 18:14:07 ----D---- C:\Documents and Settings\Renatka\Application Data\XnView
2010-03-31 16:10:38 ----D---- C:\Program Files\Mozilla Thunderbird
2010-03-31 13:25:51 ----A---- C:\WINDOWS\WDICT32.INI
2010-03-31 11:37:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-31 11:37:09 ----HD---- C:\WINDOWS\inf
2010-03-31 11:37:09 ----D---- C:\WINDOWS\Help
2010-03-31 11:37:09 ----D---- C:\Program Files\Internet Explorer
2010-03-31 11:34:50 ----D---- C:\WINDOWS\system32\config
2010-03-31 11:34:48 ----D---- C:\WINDOWS\system32\en-us
2010-03-31 11:34:40 ----D---- C:\WINDOWS\Media
2010-03-30 00:15:15 ----D---- C:\Program Files\RocketDock
2010-03-29 23:21:11 ----SHD---- C:\WINDOWS\Installer
2010-03-28 20:27:45 ----D---- C:\Documents and Settings\Renatka\Application Data\Skype
2010-03-28 18:17:03 ----D---- C:\Documents and Settings\Renatka\Application Data\com.oxygenxml
2010-03-26 20:51:04 ----D---- C:\Documents and Settings\Renatka\Application Data\dvdcss
2010-03-25 10:31:38 ----D---- C:\Documents and Settings\Renatka\Application Data\ZoomBrowser EX
2010-03-25 10:31:38 ----D---- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2010-03-17 23:56:40 ----RSD---- C:\WINDOWS\Fonts
2010-03-17 23:44:24 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-17 23:29:26 ----D---- C:\WINDOWS\Registration
2010-03-17 23:29:19 ----RSD---- C:\WINDOWS\assembly
2010-03-14 19:23:28 ----D---- C:\Documents and Settings\Renatka\Application Data\Corel
2010-03-14 19:22:42 ----D---- C:\Program Files\Common Files
2010-03-14 19:19:58 ----D---- C:\Program Files\Corel
2010-03-14 18:52:20 ----D---- C:\Program Files\Comodo
2010-03-14 18:47:51 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-09 13:24:05 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-03-07 20:38:49 ----D---- C:\Documents and Settings\Renatka\Application Data\Adobe
2010-03-04 17:20:11 ----SD---- C:\Documents and Settings\Renatka\Application Data\Microsoft
2010-03-03 12:03:40 ----A---- C:\WINDOWS\BRWMARK.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-03-09 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-03-09 162640]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-03-09 46672]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-03-09 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-03-09 100432]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-04-11 338944]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-03-09 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-05-09 2880512]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2009-02-10 1391104]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-06-20 225696]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [2008-04-04 296320]
S3 alqjv22h;alqjv22h; C:\WINDOWS\system32\drivers\alqjv22h.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1018bus.sys [2008-06-04 90408]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys [2008-06-04 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1018mdm.sys [2008-06-04 122024]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys [2008-06-04 115368]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1018nd5.sys [2008-06-04 25768]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1018obex.sys [2008-06-04 111784]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1018unic.sys [2008-06-04 117544]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2008-03-18 13312]
R2 Apache2.2;Apache2.2; C:\xampp\apache\bin\httpd.exe [2009-12-20 29416]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-05-08 536576]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 JavaQuickStarterService;Java Quick Starter; C:\java\bin\jqs.exe [2009-10-11 153376]
R2 MySQL;MySQL; C:\xampp\mysql\bin\mysqld.exe [2009-12-20 6095504]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-04 222512]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-23 223232]
S2 gupdate1c9b627470c7bb0;Služba Google Update (gupdate1c9b627470c7bb0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-05 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-05 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FileZilla Server;FileZilla Server FTP server; C:\Program Files\FileZilla Server\FileZilla Server.exe [2009-03-03 691200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-25 654848]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\OfficeMrkvosoft\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Při každém startu notebooku se objeví hláška o GHP
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Při každém startu notebooku se objeví hláška o GHP
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Při každém startu notebooku se objeví hláška o GHP
zde je log z combofixu:
ComboFix 10-03-29.04 - Renatka 01.04.2010 23:26:45.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.3067.2549 [GMT 2:00]
Spuštěný z: c:\program files\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\hpe18.dll
c:\documents and settings\Renatka\Application Data\.#
c:\windows\system32\oem3.inf
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-01 do 2010-04-01 )))))))))))))))))))))))))))))))
.
2010-04-01 21:12 . 2010-04-01 21:12 3906159 ----a-r- c:\program files\ComboFix.exe
2010-04-01 09:35 . 2010-04-01 09:35 -------- d-----w- c:\program files\trend micro
2010-04-01 09:35 . 2010-04-01 09:35 -------- d-----w- C:\rsit
2010-04-01 09:34 . 2010-04-01 09:34 781909 ----a-w- c:\program files\RSIT.exe
2010-03-31 16:47 . 2010-03-31 16:47 -------- d-sh--w- c:\documents and settings\Renatka\IECompatCache
2010-03-31 11:25 . 2010-03-31 11:25 -------- d-sh--w- c:\documents and settings\Renatka\PrivacIE
2010-03-31 09:37 . 2010-03-31 09:37 -------- d-sh--w- c:\documents and settings\Renatka\IETldCache
2010-03-31 09:33 . 2010-03-31 09:35 -------- dc-h--w- c:\windows\ie8
2010-03-31 09:30 . 2010-03-31 09:31 16883056 ----a-w- c:\program files\IE8-WindowsXP-x86-ENU.exe
2010-03-31 09:27 . 2010-03-31 09:29 17013088 ----a-w- c:\program files\IE8-WindowsXP-x86-CSY.exe
2010-03-17 21:59 . 2006-03-17 22:58 -------- d-----w- c:\documents and settings\Renatka\Application Data\SAS
2010-03-17 21:58 . 2010-03-17 21:58 130 ----a-w- c:\documents and settings\Renatka\Local Settings\Application Data\fusioncache.dat
2010-03-17 21:58 . 2010-03-22 19:54 -------- d-----w- c:\documents and settings\Renatka\Local Settings\Application Data\ApplicationHistory
2010-03-17 21:58 . 2006-03-17 22:58 -------- d-----w- c:\documents and settings\All Users\Application Data\SAS
2010-03-17 21:57 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-03-17 21:47 . 2004-04-21 14:38 638464 ------w- c:\windows\system32\oc30.dll
2010-03-17 21:47 . 2004-04-21 14:38 133904 ------w- c:\windows\system32\mfcans32.dll
2010-03-17 21:47 . 2004-07-22 09:57 13600 ------w- c:\windows\system32\sasperf.dll
2010-03-17 21:28 . 2010-03-17 21:28 -------- d-----w- c:\windows\system32\URTTEMP
2010-03-17 21:27 . 2002-01-05 06:48 974848 ----a-w- c:\windows\system32\mfc70.dll
2010-03-17 21:27 . 2002-01-05 06:36 964608 ----a-w- c:\windows\system32\mfc70u.dll
2010-03-17 21:27 . 2002-01-05 05:40 487424 ----a-w- c:\windows\system32\msvcp70.dll
2010-03-17 21:27 . 2002-01-05 05:38 54784 ----a-w- c:\windows\system32\msvci70.dll
2010-03-17 21:27 . 2002-01-05 04:18 84992 ----a-w- c:\windows\system32\atl70.dll
2010-03-17 21:27 . 2001-09-05 19:00 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-03-17 21:27 . 2010-03-17 21:44 -------- d-----w- c:\program files\SAS
2010-03-14 17:22 . 2010-03-14 17:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel
2010-03-14 17:22 . 2010-03-14 17:22 -------- d-----w- c:\program files\Common Files\Protexis
2010-03-14 17:20 . 2010-03-14 17:20 -------- d-----w- c:\program files\Common Files\Corel
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-01 14:09 . 2009-03-02 21:49 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-04-01 13:36 . 2009-03-09 16:59 -------- d-----w- c:\documents and settings\Renatka\Application Data\XnView
2010-03-31 22:51 . 2009-04-05 19:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-03-31 20:03 . 2009-09-07 18:47 -------- d-----w- c:\program files\Peggle Nights Deluxe
2010-03-29 22:15 . 2009-02-17 13:33 -------- d-----w- c:\program files\RocketDock
2010-03-28 18:27 . 2009-03-29 12:41 -------- d-----w- c:\documents and settings\Renatka\Application Data\Skype
2010-03-28 16:17 . 2010-02-20 15:39 -------- d-----w- c:\documents and settings\Renatka\Application Data\com.oxygenxml
2010-03-27 12:32 . 2010-02-21 17:05 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-03-27 12:32 . 2010-02-21 17:05 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-03-26 18:51 . 2009-02-13 22:07 -------- d-----w- c:\documents and settings\Renatka\Application Data\dvdcss
2010-03-25 08:31 . 2009-03-15 13:07 -------- d-----w- c:\documents and settings\Renatka\Application Data\ZoomBrowser EX
2010-03-25 08:31 . 2009-03-15 12:52 -------- d-----w- c:\documents and settings\All Users\Application Data\ZoomBrowser
2010-03-23 17:59 . 2009-02-17 11:23 1 ----a-w- c:\documents and settings\Renatka\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-03-17 22:00 . 2009-02-10 22:05 103224 ----a-w- c:\documents and settings\Renatka\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-17 21:44 . 2009-02-10 23:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-14 17:23 . 2010-02-21 17:05 88 --sh--r- c:\documents and settings\All Users\Application Data\3B396F4607.sys
2010-03-14 17:23 . 2010-02-21 17:05 88 --sh--r- c:\documents and settings\All Users\Application Data\3B396F4607.sys
2010-03-14 17:23 . 2010-02-21 17:05 -------- d-----w- c:\documents and settings\Renatka\Application Data\Corel
2010-03-14 17:19 . 2010-02-21 16:55 -------- d-----w- c:\program files\Corel
2010-03-14 16:52 . 2010-02-28 23:23 -------- d-----w- c:\program files\Comodo
2010-03-09 11:24 . 2010-02-10 13:40 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-03-09 11:24 . 2010-02-10 13:40 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-03-09 11:12 . 2010-02-10 13:40 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-09 11:12 . 2010-02-10 13:40 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-09 11:09 . 2010-02-10 13:40 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-09 11:08 . 2010-02-10 13:40 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-03-09 11:08 . 2010-02-10 13:40 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-03-09 11:08 . 2010-02-10 13:40 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-09 11:08 . 2010-02-10 13:40 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-28 23:22 . 2010-02-28 23:22 22014144 ----a-w- c:\program files\DragonSetup.exe
2010-02-28 16:39 . 2010-02-28 16:39 -------- d-----w- c:\documents and settings\Renatka\Application Data\GameBlend
2010-02-28 16:39 . 2010-02-28 16:39 -------- d-----w- c:\documents and settings\All Users\Application Data\GameBlend
2010-02-28 16:38 . 2010-02-28 16:38 10 ----a-w- c:\windows\popcinfo.dat
2010-02-27 19:03 . 2010-02-27 19:00 -------- d-----w- c:\documents and settings\Renatka\Application Data\Mobipocket
2010-02-27 18:53 . 2010-02-27 18:52 5606400 ----a-w- c:\program files\mobireadersetup.msi
2010-02-21 01:32 . 2009-05-23 21:03 -------- d-----w- c:\documents and settings\Renatka\Application Data\uTorrent
2010-02-20 18:25 . 2010-02-20 18:25 -------- d-----w- c:\documents and settings\Renatka\Application Data\Apple Computer
2010-02-20 15:45 . 2010-02-20 15:44 -------- d-----w- c:\program files\xep
2010-02-20 15:37 . 2010-02-20 15:36 -------- d-----w- c:\program files\Oxygen XML Editor 11
2010-02-20 15:29 . 2010-02-20 15:16 90781104 ----a-w- c:\program files\oxygen.exe
2010-02-17 07:13 . 2009-02-10 23:50 -------- d-----w- c:\documents and settings\Renatka\Application Data\vlc
2010-02-14 14:29 . 2010-02-14 14:28 6778161 ----a-w- c:\program files\Joomla_1.5.15-Stable-Full_Package.zip
2010-02-10 13:40 . 2010-02-10 13:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-02-10 13:40 . 2009-03-02 21:15 -------- d-----w- c:\program files\Alwil Software
2010-02-10 13:37 . 2010-02-10 13:35 43750888 ----a-w- c:\program files\setup_av_free.exe
2010-02-06 23:19 . 2009-04-05 19:46 -------- d-----w- c:\program files\Google
2010-02-03 14:13 . 2010-02-03 14:13 -------- d-----w- c:\program files\Common Files\SWF Studio
2010-02-03 14:09 . 2010-02-03 14:09 -------- d-----w- c:\program files\Free Desktop Clock
2010-02-03 14:08 . 2010-02-03 14:08 2158345 ----a-w- c:\program files\FBReaderSetup-0.8.17.exe
2010-02-03 14:05 . 2010-02-03 14:05 690129 ----a-w- c:\program files\freeclock.zip
2010-01-03 14:27 . 2009-09-07 18:50 22 ----a-w- c:\windows\popcinfot.dat
2009-11-28 15:15 . 2009-11-28 15:15 29 ---ha-w- c:\program files\lndlng11.lic
2009-11-28 15:14 . 2009-11-28 15:14 67 ----a-w- c:\program files\LINGO.CNF
2008-06-11 14:08 . 2009-11-28 15:15 2772992 ----a-w- c:\program files\Lingf11.dll.BAK
2008-06-11 14:00 . 2009-11-28 15:15 495616 ----a-w- c:\program files\Lingo11.exe.BAK
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"SkinClock"="c:\program files\Free Desktop Clock\DesktopClock.exe" [2006-10-01 334848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1044480]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1310720]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 177456]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SunJavaUpdateSched"="c:\java\bin\jusched.exe" [2009-10-11 149280]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
c:\documents and settings\Renatka\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\OfficeMrkvosoft\Office12\ONENOTEM.EXE [2006-10-26 98632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^Renatka^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\Renatka\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Renatka^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Renatka\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2007-08-30 05:32 61440 ----a-r- c:\program files\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 16:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater6]
2009-01-08 06:36 2521464 ----a-w- c:\program files\Common Files\Adobe\Updater6\Adobe_Updater.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTCheck]
2007-11-06 10:08 397312 ------w- c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
2007-07-17 10:03 868352 ------w- c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
2007-09-06 13:08 136136 ----a-w- c:\program files\DAEMON Tools Pro\DTProAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\OfficeMrkvosoft\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-02-20 13:22 4363504 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMReminderService]
2008-06-10 01:30 37656 ----a-w- c:\program files\Mindjet\MindManager 7\MmReminderService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 04:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooVoo.exe]
2009-11-25 17:24 18440376 ----a-w- c:\program files\ooVoo\ooVoo.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-03-28 21:37 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-09-24 13:41 434176 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-04-05 19:46 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\FileZilla FTP Client\\filezilla.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\OfficeMrkvosoft\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\OfficeMrkvosoft\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [3/28/2008 11:14 AM 24064]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/10/2010 3:40 PM 162640]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [5/6/2009 7:01 PM 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [6/21/2008 4:54 AM 66600]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2/14/2010 5:02 PM 29416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/10/2010 3:40 PM 19024]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [10/31/2008 7:24 AM 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [10/31/2008 7:24 AM 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [5/6/2009 7:01 PM 65576]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [1/3/2010 4:34 PM 27632]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8/7/2009 10:39 AM 685816]
S2 gupdate1c9b627470c7bb0;Služba Google Update (gupdate1c9b627470c7bb0);c:\program files\Google\Update\GoogleUpdate.exe [4/5/2009 9:46 PM 133104]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [1/3/2010 4:33 PM 90112]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2/11/2009 1:18 AM 222512]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [9/12/2009 2:06 PM 90408]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [9/12/2009 2:06 PM 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [9/12/2009 2:06 PM 122024]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [9/12/2009 2:06 PM 115368]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [9/12/2009 2:06 PM 25768]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [9/12/2009 2:06 PM 111784]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [9/12/2009 2:06 PM 117544]
.
Obsah adresáře 'Naplánované úlohy'
2010-04-01 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-05 19:46]
2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-05 19:46]
2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-05 19:46]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Renatka\Application Data\Mozilla\Firefox\Profiles\f1l619w9.default\
FF - prefs.js: browser.startup.homepage - hxxp://igoogle.com/
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\java\bin\new_plugin\npdeploytk.dll
FF - plugin: c:\java\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v2.01.01c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
MSConfigStartUp-Acrobat Assistant 8 - c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
MSConfigStartUp-CianoDock - c:\program files\CianoDock.exe
**************************************************************************
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory:
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1328)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-04-01 23:36:29
ComboFix-quarantined-files.txt 2010-04-01 21:36
Před spuštěním: 56 248 418 304 bytes free
Po spuštění: 56 218 726 400 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
- - End Of File - - 34C500F5D5688F45FEE475EDA8F799B0
ComboFix 10-03-29.04 - Renatka 01.04.2010 23:26:45.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.3067.2549 [GMT 2:00]
Spuštěný z: c:\program files\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\hpe18.dll
c:\documents and settings\Renatka\Application Data\.#
c:\windows\system32\oem3.inf
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-01 do 2010-04-01 )))))))))))))))))))))))))))))))
.
2010-04-01 21:12 . 2010-04-01 21:12 3906159 ----a-r- c:\program files\ComboFix.exe
2010-04-01 09:35 . 2010-04-01 09:35 -------- d-----w- c:\program files\trend micro
2010-04-01 09:35 . 2010-04-01 09:35 -------- d-----w- C:\rsit
2010-04-01 09:34 . 2010-04-01 09:34 781909 ----a-w- c:\program files\RSIT.exe
2010-03-31 16:47 . 2010-03-31 16:47 -------- d-sh--w- c:\documents and settings\Renatka\IECompatCache
2010-03-31 11:25 . 2010-03-31 11:25 -------- d-sh--w- c:\documents and settings\Renatka\PrivacIE
2010-03-31 09:37 . 2010-03-31 09:37 -------- d-sh--w- c:\documents and settings\Renatka\IETldCache
2010-03-31 09:33 . 2010-03-31 09:35 -------- dc-h--w- c:\windows\ie8
2010-03-31 09:30 . 2010-03-31 09:31 16883056 ----a-w- c:\program files\IE8-WindowsXP-x86-ENU.exe
2010-03-31 09:27 . 2010-03-31 09:29 17013088 ----a-w- c:\program files\IE8-WindowsXP-x86-CSY.exe
2010-03-17 21:59 . 2006-03-17 22:58 -------- d-----w- c:\documents and settings\Renatka\Application Data\SAS
2010-03-17 21:58 . 2010-03-17 21:58 130 ----a-w- c:\documents and settings\Renatka\Local Settings\Application Data\fusioncache.dat
2010-03-17 21:58 . 2010-03-22 19:54 -------- d-----w- c:\documents and settings\Renatka\Local Settings\Application Data\ApplicationHistory
2010-03-17 21:58 . 2006-03-17 22:58 -------- d-----w- c:\documents and settings\All Users\Application Data\SAS
2010-03-17 21:57 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-03-17 21:47 . 2004-04-21 14:38 638464 ------w- c:\windows\system32\oc30.dll
2010-03-17 21:47 . 2004-04-21 14:38 133904 ------w- c:\windows\system32\mfcans32.dll
2010-03-17 21:47 . 2004-07-22 09:57 13600 ------w- c:\windows\system32\sasperf.dll
2010-03-17 21:28 . 2010-03-17 21:28 -------- d-----w- c:\windows\system32\URTTEMP
2010-03-17 21:27 . 2002-01-05 06:48 974848 ----a-w- c:\windows\system32\mfc70.dll
2010-03-17 21:27 . 2002-01-05 06:36 964608 ----a-w- c:\windows\system32\mfc70u.dll
2010-03-17 21:27 . 2002-01-05 05:40 487424 ----a-w- c:\windows\system32\msvcp70.dll
2010-03-17 21:27 . 2002-01-05 05:38 54784 ----a-w- c:\windows\system32\msvci70.dll
2010-03-17 21:27 . 2002-01-05 04:18 84992 ----a-w- c:\windows\system32\atl70.dll
2010-03-17 21:27 . 2001-09-05 19:00 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-03-17 21:27 . 2010-03-17 21:44 -------- d-----w- c:\program files\SAS
2010-03-14 17:22 . 2010-03-14 17:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel
2010-03-14 17:22 . 2010-03-14 17:22 -------- d-----w- c:\program files\Common Files\Protexis
2010-03-14 17:20 . 2010-03-14 17:20 -------- d-----w- c:\program files\Common Files\Corel
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-01 14:09 . 2009-03-02 21:49 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-04-01 13:36 . 2009-03-09 16:59 -------- d-----w- c:\documents and settings\Renatka\Application Data\XnView
2010-03-31 22:51 . 2009-04-05 19:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-03-31 20:03 . 2009-09-07 18:47 -------- d-----w- c:\program files\Peggle Nights Deluxe
2010-03-29 22:15 . 2009-02-17 13:33 -------- d-----w- c:\program files\RocketDock
2010-03-28 18:27 . 2009-03-29 12:41 -------- d-----w- c:\documents and settings\Renatka\Application Data\Skype
2010-03-28 16:17 . 2010-02-20 15:39 -------- d-----w- c:\documents and settings\Renatka\Application Data\com.oxygenxml
2010-03-27 12:32 . 2010-02-21 17:05 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-03-27 12:32 . 2010-02-21 17:05 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-03-26 18:51 . 2009-02-13 22:07 -------- d-----w- c:\documents and settings\Renatka\Application Data\dvdcss
2010-03-25 08:31 . 2009-03-15 13:07 -------- d-----w- c:\documents and settings\Renatka\Application Data\ZoomBrowser EX
2010-03-25 08:31 . 2009-03-15 12:52 -------- d-----w- c:\documents and settings\All Users\Application Data\ZoomBrowser
2010-03-23 17:59 . 2009-02-17 11:23 1 ----a-w- c:\documents and settings\Renatka\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-03-17 22:00 . 2009-02-10 22:05 103224 ----a-w- c:\documents and settings\Renatka\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-17 21:44 . 2009-02-10 23:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-14 17:23 . 2010-02-21 17:05 88 --sh--r- c:\documents and settings\All Users\Application Data\3B396F4607.sys
2010-03-14 17:23 . 2010-02-21 17:05 88 --sh--r- c:\documents and settings\All Users\Application Data\3B396F4607.sys
2010-03-14 17:23 . 2010-02-21 17:05 -------- d-----w- c:\documents and settings\Renatka\Application Data\Corel
2010-03-14 17:19 . 2010-02-21 16:55 -------- d-----w- c:\program files\Corel
2010-03-14 16:52 . 2010-02-28 23:23 -------- d-----w- c:\program files\Comodo
2010-03-09 11:24 . 2010-02-10 13:40 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-03-09 11:24 . 2010-02-10 13:40 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-03-09 11:12 . 2010-02-10 13:40 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-09 11:12 . 2010-02-10 13:40 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-09 11:09 . 2010-02-10 13:40 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-09 11:08 . 2010-02-10 13:40 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-03-09 11:08 . 2010-02-10 13:40 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-03-09 11:08 . 2010-02-10 13:40 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-09 11:08 . 2010-02-10 13:40 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-28 23:22 . 2010-02-28 23:22 22014144 ----a-w- c:\program files\DragonSetup.exe
2010-02-28 16:39 . 2010-02-28 16:39 -------- d-----w- c:\documents and settings\Renatka\Application Data\GameBlend
2010-02-28 16:39 . 2010-02-28 16:39 -------- d-----w- c:\documents and settings\All Users\Application Data\GameBlend
2010-02-28 16:38 . 2010-02-28 16:38 10 ----a-w- c:\windows\popcinfo.dat
2010-02-27 19:03 . 2010-02-27 19:00 -------- d-----w- c:\documents and settings\Renatka\Application Data\Mobipocket
2010-02-27 18:53 . 2010-02-27 18:52 5606400 ----a-w- c:\program files\mobireadersetup.msi
2010-02-21 01:32 . 2009-05-23 21:03 -------- d-----w- c:\documents and settings\Renatka\Application Data\uTorrent
2010-02-20 18:25 . 2010-02-20 18:25 -------- d-----w- c:\documents and settings\Renatka\Application Data\Apple Computer
2010-02-20 15:45 . 2010-02-20 15:44 -------- d-----w- c:\program files\xep
2010-02-20 15:37 . 2010-02-20 15:36 -------- d-----w- c:\program files\Oxygen XML Editor 11
2010-02-20 15:29 . 2010-02-20 15:16 90781104 ----a-w- c:\program files\oxygen.exe
2010-02-17 07:13 . 2009-02-10 23:50 -------- d-----w- c:\documents and settings\Renatka\Application Data\vlc
2010-02-14 14:29 . 2010-02-14 14:28 6778161 ----a-w- c:\program files\Joomla_1.5.15-Stable-Full_Package.zip
2010-02-10 13:40 . 2010-02-10 13:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-02-10 13:40 . 2009-03-02 21:15 -------- d-----w- c:\program files\Alwil Software
2010-02-10 13:37 . 2010-02-10 13:35 43750888 ----a-w- c:\program files\setup_av_free.exe
2010-02-06 23:19 . 2009-04-05 19:46 -------- d-----w- c:\program files\Google
2010-02-03 14:13 . 2010-02-03 14:13 -------- d-----w- c:\program files\Common Files\SWF Studio
2010-02-03 14:09 . 2010-02-03 14:09 -------- d-----w- c:\program files\Free Desktop Clock
2010-02-03 14:08 . 2010-02-03 14:08 2158345 ----a-w- c:\program files\FBReaderSetup-0.8.17.exe
2010-02-03 14:05 . 2010-02-03 14:05 690129 ----a-w- c:\program files\freeclock.zip
2010-01-03 14:27 . 2009-09-07 18:50 22 ----a-w- c:\windows\popcinfot.dat
2009-11-28 15:15 . 2009-11-28 15:15 29 ---ha-w- c:\program files\lndlng11.lic
2009-11-28 15:14 . 2009-11-28 15:14 67 ----a-w- c:\program files\LINGO.CNF
2008-06-11 14:08 . 2009-11-28 15:15 2772992 ----a-w- c:\program files\Lingf11.dll.BAK
2008-06-11 14:00 . 2009-11-28 15:15 495616 ----a-w- c:\program files\Lingo11.exe.BAK
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"SkinClock"="c:\program files\Free Desktop Clock\DesktopClock.exe" [2006-10-01 334848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1044480]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1310720]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 177456]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SunJavaUpdateSched"="c:\java\bin\jusched.exe" [2009-10-11 149280]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
c:\documents and settings\Renatka\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\OfficeMrkvosoft\Office12\ONENOTEM.EXE [2006-10-26 98632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^Renatka^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\Renatka\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Renatka^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Renatka\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2007-08-30 05:32 61440 ----a-r- c:\program files\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 16:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater6]
2009-01-08 06:36 2521464 ----a-w- c:\program files\Common Files\Adobe\Updater6\Adobe_Updater.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTCheck]
2007-11-06 10:08 397312 ------w- c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
2007-07-17 10:03 868352 ------w- c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
2007-09-06 13:08 136136 ----a-w- c:\program files\DAEMON Tools Pro\DTProAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\OfficeMrkvosoft\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-02-20 13:22 4363504 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMReminderService]
2008-06-10 01:30 37656 ----a-w- c:\program files\Mindjet\MindManager 7\MmReminderService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 04:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooVoo.exe]
2009-11-25 17:24 18440376 ----a-w- c:\program files\ooVoo\ooVoo.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-03-28 21:37 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-09-24 13:41 434176 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-04-05 19:46 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\FileZilla FTP Client\\filezilla.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\OfficeMrkvosoft\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\OfficeMrkvosoft\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [3/28/2008 11:14 AM 24064]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/10/2010 3:40 PM 162640]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [5/6/2009 7:01 PM 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [6/21/2008 4:54 AM 66600]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2/14/2010 5:02 PM 29416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/10/2010 3:40 PM 19024]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [10/31/2008 7:24 AM 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [10/31/2008 7:24 AM 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [5/6/2009 7:01 PM 65576]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [1/3/2010 4:34 PM 27632]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8/7/2009 10:39 AM 685816]
S2 gupdate1c9b627470c7bb0;Služba Google Update (gupdate1c9b627470c7bb0);c:\program files\Google\Update\GoogleUpdate.exe [4/5/2009 9:46 PM 133104]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [1/3/2010 4:33 PM 90112]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2/11/2009 1:18 AM 222512]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [9/12/2009 2:06 PM 90408]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [9/12/2009 2:06 PM 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [9/12/2009 2:06 PM 122024]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [9/12/2009 2:06 PM 115368]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [9/12/2009 2:06 PM 25768]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [9/12/2009 2:06 PM 111784]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [9/12/2009 2:06 PM 117544]
.
Obsah adresáře 'Naplánované úlohy'
2010-04-01 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-05 19:46]
2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-05 19:46]
2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-05 19:46]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Renatka\Application Data\Mozilla\Firefox\Profiles\f1l619w9.default\
FF - prefs.js: browser.startup.homepage - hxxp://igoogle.com/
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\java\bin\new_plugin\npdeploytk.dll
FF - plugin: c:\java\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v2.01.01c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
MSConfigStartUp-Acrobat Assistant 8 - c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
MSConfigStartUp-CianoDock - c:\program files\CianoDock.exe
**************************************************************************
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory:
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1328)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-04-01 23:36:29
ComboFix-quarantined-files.txt 2010-04-01 21:36
Před spuštěním: 56 248 418 304 bytes free
Po spuštění: 56 218 726 400 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
- - End Of File - - 34C500F5D5688F45FEE475EDA8F799B0
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Při každém startu notebooku se objeví hláška o GHP
3 položky smazány, zbytek logu vypadá čistý. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Při každém startu notebooku se objeví hláška o GHP
upřímně, trochu jsem se bála, co všechno se po těch operacích, které jste mi zde doporučili, stane, ale výsledek stojí za to- už žádné problémy a fajn rychlý start:) děkuji mnohokrát a přeji krásné Velikonoce.
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Při každém startu notebooku se objeví hláška o GHP
Při čištění PC od virů se opravdu může stát ledacos. Proto mám ve svém podpisu upozornění na zálohování. Přeji rovněž krásné velikonoce a nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?