Zdravím,
http://pc-help.cz/viewtopic.php?f=46&t=44422&p=301851 // ve zkratce: Win mi po restartu naběhly za cca 2:30
prosím o kontrolu, díky.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:38:18, on 7.9.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\TrueSuite Access Manager\PwdBank.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
E:\Programy\QIP Infium JadrisPack\infium.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\TrueSuite Access Manager\CssSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
E:\Programy\Nová složka\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmplayer.exe
E:\Programy\Last.fm\LastFM.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\rundll32.exe
E:\Programy\QIP\qip.exe
E:\Programy\PS7\Photoshop.exe
E:\Programy\HJT\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ThpSrv] C:\Windows\system32\thpsrv /logon
O4 - HKLM\..\Run: [FingerPrintNotifer] "C:\Program Files\TrueSuite Access Manager\FpNotifier.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PwdBank] "C:\Program Files\TrueSuite Access Manager\PwdBank.exe"
O4 - HKCU\..\Run: [Infium] "E:\Programy\QIP Infium JadrisPack\infium.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] E:\Programy\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] E:\Programy\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Authentec memory manager service (Authentec memory manager) - AuthenTec Inc. - C:\Windows\system32\TAMSvr.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Desktop Manager 5.9.906.4286 (GoogleDesktopManager-060409-093314) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: Ochrana HDD TOSHIBA (Thpsrv) - TOSHIBA Corporation - C:\Windows\system32\ThpSrv.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
--
End of file - 6571 bytes
Pomalý start Vista Business
Re: Pomalý start Vista Business
Nazdar. Stiahni DDS. Uloz na plochu, ukonci vsetky spustene programy a spust ho. Po skonceni scanu sa otvoria vysledky v 2 oknach - DDS.txt a Attach.txt. Obsah oboch by som rad videl.
P.S.: Musim ta ale upozornit, ze pokial ten start trva tak dlho naozaj uz od zakupenia PC, tak s tym vela nespravime (a urcite nie s nastrojmi proti malware
).
P.S.: Musim ta ale upozornit, ze pokial ten start trva tak dlho naozaj uz od zakupenia PC, tak s tym vela nespravime (a urcite nie s nastrojmi proti malware
).Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
Re: Pomalý start Vista Business
DDS
DDS (Ver_09-07-30.01) - NTFSx86
Run by Admin at 15:01:46,59 on po 07.09.2009
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_15
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.2936.1921 [GMT 2:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\TAMSvr.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
C:\Windows\system32\ThpSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\TrueSuite Access Manager\PwdBank.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\TrueSuite Access Manager\CssSvr.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Media Player\wmplayer.exe
E:\Programy\Last.fm\LastFM.exe
C:\Windows\system32\rundll32.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
E:\Snadné spuštění - složky\Downloads\dds.pif
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain ... bmod=TSEA;
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSEA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSEA
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
BHO: Podpora odkazu pro Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common
files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Infium] "e:\programy\qip infium jadrispack\infium.exe" /autorun
mRun: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ThpSrv] c:\windows\system32\thpsrv /logon
mRun: [FingerPrintNotifer] "c:\program files\truesuite access manager\FpNotifier.exe"
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [PwdBank] "c:\program files\truesuite access manager\PwdBank.exe"
dRun: [Nokia.PCSync] e:\programy\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ
IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\users\admin\appdata\roaming\mozilla\firefox\profiles\4lckzr1b.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows
presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.SOAPEncoding.schemaCollection", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.jit.chrome", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("security.checkloaduri", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("bidi.characterset", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\channel-prefs.js - pref("app.update.channel", "release");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
============= SERVICES / DRIVERS ===============
R0 AlfaFF;AlfaFF mini-filter driver;c:\windows\system32\drivers\AlfaFF.sys [2009-7-13 42608]
R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [2008-8-21 28792]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [2007-9-4 13336]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-7-13 114768]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2009-7-13 20384]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-7-13 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-7-13 53328]
R2 Authentec memory manager;Authentec memory manager service;c:\windows\system32\TAMSvr.exe [2009-7-13 49152]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-7-10 40960]
R2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\toshiba tempro\TempoSVC.exe [2008-4-24 99720]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2008-2-6 126976]
R2 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2008-5-27 628072]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2008-4-30 6144]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y6032.sys [2008-7-3 224384]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-8-25 77824]
S3 GoogleDesktopManager-060409-093314;Google Desktop Manager 5.9.906.4286;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-7-3
30192]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\jumpstart\jswpsapi.exe [2009-7-13 954368]
=============== Created Last 30 ================
2009-09-04 17:38 1,177,600 a------- c:\windows\system32\drivers\athr.sys
2009-09-04 17:33 <DIR> --d----- c:\windows\pss
2009-09-03 18:58 <DIR> --d----- c:\program files\trend micro
2009-09-03 16:02 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-09-03 16:02 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-01 16:35 61,440 a------- c:\windows\system32\ASUSW32N50.dll
2009-09-01 16:35 61,440 a------- c:\windows\system32\ASIW32N50.dll
2009-09-01 16:35 16,302 a------- c:\windows\system32\ASINDIS5.sys
2009-09-01 16:35 16,269 a------- c:\windows\system32\ASNDIS5.sys
2009-09-01 16:35 15,577 a------- c:\windows\system32\ASNDIS3.vxd
2009-09-01 16:35 15,577 a------- c:\windows\system32\ASINDIS3.vxd
2009-08-26 08:59 2,048 a------- c:\windows\system32\tzres.dll
2009-08-23 13:29 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-20 21:42 <DIR> --d----- c:\program files\common files\wcs
2009-08-20 21:19 <DIR> --d----- c:\windows\system32\appmgmt
2009-08-13 13:33 <DIR> --d----- c:\windows\system32\vi-VN
2009-08-13 13:33 <DIR> --d----- c:\windows\system32\eu-ES
2009-08-13 13:33 <DIR> --d----- c:\windows\system32\ca-ES
2009-08-12 08:54 1,259,008 a------- c:\windows\system32\lsasrv.dll
2009-08-12 08:54 499,712 a------- c:\windows\system32\kerberos.dll
2009-08-12 08:54 270,848 a------- c:\windows\system32\schannel.dll
2009-08-12 08:54 218,624 a------- c:\windows\system32\msv1_0.dll
2009-08-12 08:54 175,104 a------- c:\windows\system32\wdigest.dll
2009-08-12 08:54 439,864 a------- c:\windows\system32\drivers\ksecdd.sys
2009-08-12 08:54 72,704 a------- c:\windows\system32\secur32.dll
2009-08-12 08:54 9,728 a------- c:\windows\system32\lsass.exe
==================== Find3M ====================
2009-09-07 11:04 598,832 a------- c:\windows\system32\perfh005.dat
2009-09-07 11:04 114,992 a------- c:\windows\system32\perfc005.dat
2009-09-04 17:40 143,360 a------- c:\windows\inf\infstrng.dat
2009-09-04 17:40 51,200 a------- c:\windows\inf\infpub.dat
2009-09-04 17:40 86,016 a------- c:\windows\inf\infstor.dat
2009-08-29 04:30 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-08-29 04:30 458,752 a------- c:\windows\apppatch\AcSpecfc.dll
2009-08-29 04:30 2,159,616 a------- c:\windows\apppatch\AcGenral.dll
2009-08-29 04:30 542,720 a------- c:\windows\apppatch\AcLayers.dll
2009-08-17 18:05 53,328 a------- c:\windows\system32\drivers\aswMonFlt.sys
2009-08-13 13:33 665,600 a------- c:\windows\inf\drvindex.dat
2009-08-03 16:57 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-08-01 12:30 56 a---h--- c:\programdata\ezsidmv.dat
2009-08-01 12:30 56 a---h--- c:\progra~2\ezsidmv.dat
2009-07-26 21:58 0 a---h--- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
2009-07-23 15:09 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-07-18 18:01 78,336 a------- c:\windows\system32\ieencode.dll
2009-07-18 13:35 828,416 a------- c:\windows\system32\wininet.dll
2009-07-17 15:54 71,680 a------- c:\windows\system32\atl.dll
2009-07-15 14:40 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-07-15 14:39 313,344 a------- c:\windows\system32\wmpdxm.dll
2009-07-15 14:39 4,096 a------- c:\windows\system32\dxmasf.dll
2009-07-15 14:39 7,680 a------- c:\windows\system32\spwmp.dll
2009-07-13 17:11 0 a--shr-- c:\windows\system32\drivers\TOSHIBA_TECRA A10_07843-CZ_PTSB0E-00G00.MRK
2009-06-15 16:53 156,672 a------- c:\windows\system32\t2embed.dll
2009-06-15 16:53 270,848 a------- c:\windows\system32\schannel.dll
2009-06-15 16:52 23,552 a------- c:\windows\system32\lpk.dll
2009-06-15 16:52 72,704 a------- c:\windows\system32\fontsub.dll
2009-06-15 16:51 10,240 a------- c:\windows\system32\dciman32.dll
2009-06-15 14:42 289,792 a------- c:\windows\system32\atmfd.dll
2009-06-10 13:42 160,256 a------- c:\windows\system32\wkssvc.dll
2009-06-10 13:38 91,136 a------- c:\windows\system32\avifil32.dll
2008-01-21 08:00 286,912 a------- c:\windows\inf\perflib\0405\perfi.dat
2008-01-21 08:00 286,912 a------- c:\windows\inf\perflib\0405\perfh.dat
2008-01-21 08:00 34,724 a------- c:\windows\inf\perflib\0405\perfd.dat
2008-01-21 08:00 34,724 a------- c:\windows\inf\perflib\0405\perfc.dat
2008-01-21 04:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 15:02:07,13 ===============
Attach
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-07-30.01)
Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume2
Install Date: 13.7.2009 17:10:29
System Uptime: 9.7.2009 10:59:00 (1445 hours ago)
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz | uFC-PGA Socket | 2001/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 116 GiB total, 74,878 GiB free.
E: is FIXED (NTFS) - 115 GiB total, 56,88 GiB free.
F: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Nokia 5310 XpressMusic
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 5310 XpressMusic
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
==== System Restore Points ===================
==== Installed Programs ======================
2007 Microsoft Office system
Activation Assistant for the 2007 Microsoft Office suites
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 7.0 CE
Adobe Reader 8 - Czech
Adobe Reader 8.1.2 Security Update 1 (KB403742)
ALPS Touch Pad Driver
Atheros Driver Installation Program
Atheros Wi-Fi Protected Setup Library
avast! Antivirus
Balíček ovladače systému Windows - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
Balíček ovladače systému Windows - Nokia Modem (05/24/2007 6.84.0.1)
Bluetooth Stack for Windows by Toshiba
Camera Assistant Software for Toshiba
CCleaner (remove only)
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Google Desktop
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Intel(R) Network Connections Drivers
Intel® Matrix Storage Manager
Java(TM) 6 Update 15
Java(TM) 6 Update 6
Last.fm 1.5.4.24567
Microsoft .NET Framework 3.5 Language Pack SP1 - csy
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
Microsoft Office Access MUI (Czech) 2007
Microsoft Office Excel MUI (Czech) 2007
Microsoft Office Outlook MUI (Czech) 2007
Microsoft Office PowerPoint MUI (Czech) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (Czech) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Slovak) 2007
Microsoft Office Proofing (Czech) 2007
Microsoft Office Publisher MUI (Czech) 2007
Microsoft Office Shared MUI (Czech) 2007
Microsoft Office Word MUI (Czech) 2007
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.5.2)
Měřič spotřeby energie
NetSetMan 2.6.1
Nokia Connectivity Cable Driver
Nokia PC Suite
Návody TOSHIBA
Opera 10.00
PC Connectivity Solution
Picasa 2
Power Consumption Meter
Presto! BizCard 5 SE (English Version)
Presto! BizCard Component for Windows CE
Presto! BizCard5 SE
PSPad editor
QIP 2005 8090
QIP Infium JadrisPack 2.4.5 (9030)
Realtek High Definition Audio Driver
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.05
Skype™ 3.8
TOSHIBA 180 Degrees Rotation Utility
TOSHIBA Asistent zabezpeeení
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Cooling Performance Diagnostic Tool
TOSHIBA Diagnostický nástroj výkonu chlazení
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA HDD Protection
Toshiba Online Product Information
TOSHIBA PC Health Monitor
TOSHIBA Recovery Disc Creator
TOSHIBA SD Memory Boot Utility
TOSHIBA SD Memory Utilities
TOSHIBA Software Modem
Toshiba TEMPRO
TOSHIBA USB Sleep and Charge Utility
TOSHIBA Value Added Package
TOSHIBA Wireless Key Logon
Total Commander (Remove or Repair)
TRDCReminder
TRORDCLauncher
TrueSuite Access Manager
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Office 2007 (KB934528)
Update for Office System 2007 Setup (KB929722)
Webcam Simulator 6.3
Windows Media Player Firefox Plugin
ZipGenius 6 (6.0.3.1150)
Ztlumení jednotky CD/DVD
==== End Of File ===========================
Teď jdu na chvíli pryč, tak zareaguji později. Díky za pomoc.
DDS (Ver_09-07-30.01) - NTFSx86
Run by Admin at 15:01:46,59 on po 07.09.2009
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_15
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.2936.1921 [GMT 2:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\TAMSvr.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
C:\Windows\system32\ThpSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\TrueSuite Access Manager\PwdBank.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\TrueSuite Access Manager\CssSvr.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Media Player\wmplayer.exe
E:\Programy\Last.fm\LastFM.exe
C:\Windows\system32\rundll32.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
E:\Snadné spuštění - složky\Downloads\dds.pif
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain ... bmod=TSEA;
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSEA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSEA
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
BHO: Podpora odkazu pro Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common
files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Infium] "e:\programy\qip infium jadrispack\infium.exe" /autorun
mRun: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ThpSrv] c:\windows\system32\thpsrv /logon
mRun: [FingerPrintNotifer] "c:\program files\truesuite access manager\FpNotifier.exe"
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [PwdBank] "c:\program files\truesuite access manager\PwdBank.exe"
dRun: [Nokia.PCSync] e:\programy\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ
IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\users\admin\appdata\roaming\mozilla\firefox\profiles\4lckzr1b.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows
presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.SOAPEncoding.schemaCollection", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.jit.chrome", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("security.checkloaduri", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("bidi.characterset", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\channel-prefs.js - pref("app.update.channel", "release");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
============= SERVICES / DRIVERS ===============
R0 AlfaFF;AlfaFF mini-filter driver;c:\windows\system32\drivers\AlfaFF.sys [2009-7-13 42608]
R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [2008-8-21 28792]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [2007-9-4 13336]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-7-13 114768]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2009-7-13 20384]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-7-13 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-7-13 53328]
R2 Authentec memory manager;Authentec memory manager service;c:\windows\system32\TAMSvr.exe [2009-7-13 49152]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-7-10 40960]
R2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\toshiba tempro\TempoSVC.exe [2008-4-24 99720]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2008-2-6 126976]
R2 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2008-5-27 628072]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2008-4-30 6144]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y6032.sys [2008-7-3 224384]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-8-25 77824]
S3 GoogleDesktopManager-060409-093314;Google Desktop Manager 5.9.906.4286;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-7-3
30192]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\jumpstart\jswpsapi.exe [2009-7-13 954368]
=============== Created Last 30 ================
2009-09-04 17:38 1,177,600 a------- c:\windows\system32\drivers\athr.sys
2009-09-04 17:33 <DIR> --d----- c:\windows\pss
2009-09-03 18:58 <DIR> --d----- c:\program files\trend micro
2009-09-03 16:02 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-09-03 16:02 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-01 16:35 61,440 a------- c:\windows\system32\ASUSW32N50.dll
2009-09-01 16:35 61,440 a------- c:\windows\system32\ASIW32N50.dll
2009-09-01 16:35 16,302 a------- c:\windows\system32\ASINDIS5.sys
2009-09-01 16:35 16,269 a------- c:\windows\system32\ASNDIS5.sys
2009-09-01 16:35 15,577 a------- c:\windows\system32\ASNDIS3.vxd
2009-09-01 16:35 15,577 a------- c:\windows\system32\ASINDIS3.vxd
2009-08-26 08:59 2,048 a------- c:\windows\system32\tzres.dll
2009-08-23 13:29 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-20 21:42 <DIR> --d----- c:\program files\common files\wcs
2009-08-20 21:19 <DIR> --d----- c:\windows\system32\appmgmt
2009-08-13 13:33 <DIR> --d----- c:\windows\system32\vi-VN
2009-08-13 13:33 <DIR> --d----- c:\windows\system32\eu-ES
2009-08-13 13:33 <DIR> --d----- c:\windows\system32\ca-ES
2009-08-12 08:54 1,259,008 a------- c:\windows\system32\lsasrv.dll
2009-08-12 08:54 499,712 a------- c:\windows\system32\kerberos.dll
2009-08-12 08:54 270,848 a------- c:\windows\system32\schannel.dll
2009-08-12 08:54 218,624 a------- c:\windows\system32\msv1_0.dll
2009-08-12 08:54 175,104 a------- c:\windows\system32\wdigest.dll
2009-08-12 08:54 439,864 a------- c:\windows\system32\drivers\ksecdd.sys
2009-08-12 08:54 72,704 a------- c:\windows\system32\secur32.dll
2009-08-12 08:54 9,728 a------- c:\windows\system32\lsass.exe
==================== Find3M ====================
2009-09-07 11:04 598,832 a------- c:\windows\system32\perfh005.dat
2009-09-07 11:04 114,992 a------- c:\windows\system32\perfc005.dat
2009-09-04 17:40 143,360 a------- c:\windows\inf\infstrng.dat
2009-09-04 17:40 51,200 a------- c:\windows\inf\infpub.dat
2009-09-04 17:40 86,016 a------- c:\windows\inf\infstor.dat
2009-08-29 04:30 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-08-29 04:30 458,752 a------- c:\windows\apppatch\AcSpecfc.dll
2009-08-29 04:30 2,159,616 a------- c:\windows\apppatch\AcGenral.dll
2009-08-29 04:30 542,720 a------- c:\windows\apppatch\AcLayers.dll
2009-08-17 18:05 53,328 a------- c:\windows\system32\drivers\aswMonFlt.sys
2009-08-13 13:33 665,600 a------- c:\windows\inf\drvindex.dat
2009-08-03 16:57 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-08-01 12:30 56 a---h--- c:\programdata\ezsidmv.dat
2009-08-01 12:30 56 a---h--- c:\progra~2\ezsidmv.dat
2009-07-26 21:58 0 a---h--- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
2009-07-23 15:09 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-07-18 18:01 78,336 a------- c:\windows\system32\ieencode.dll
2009-07-18 13:35 828,416 a------- c:\windows\system32\wininet.dll
2009-07-17 15:54 71,680 a------- c:\windows\system32\atl.dll
2009-07-15 14:40 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-07-15 14:39 313,344 a------- c:\windows\system32\wmpdxm.dll
2009-07-15 14:39 4,096 a------- c:\windows\system32\dxmasf.dll
2009-07-15 14:39 7,680 a------- c:\windows\system32\spwmp.dll
2009-07-13 17:11 0 a--shr-- c:\windows\system32\drivers\TOSHIBA_TECRA A10_07843-CZ_PTSB0E-00G00.MRK
2009-06-15 16:53 156,672 a------- c:\windows\system32\t2embed.dll
2009-06-15 16:53 270,848 a------- c:\windows\system32\schannel.dll
2009-06-15 16:52 23,552 a------- c:\windows\system32\lpk.dll
2009-06-15 16:52 72,704 a------- c:\windows\system32\fontsub.dll
2009-06-15 16:51 10,240 a------- c:\windows\system32\dciman32.dll
2009-06-15 14:42 289,792 a------- c:\windows\system32\atmfd.dll
2009-06-10 13:42 160,256 a------- c:\windows\system32\wkssvc.dll
2009-06-10 13:38 91,136 a------- c:\windows\system32\avifil32.dll
2008-01-21 08:00 286,912 a------- c:\windows\inf\perflib\0405\perfi.dat
2008-01-21 08:00 286,912 a------- c:\windows\inf\perflib\0405\perfh.dat
2008-01-21 08:00 34,724 a------- c:\windows\inf\perflib\0405\perfd.dat
2008-01-21 08:00 34,724 a------- c:\windows\inf\perflib\0405\perfc.dat
2008-01-21 04:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 15:02:07,13 ===============
Attach
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-07-30.01)
Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume2
Install Date: 13.7.2009 17:10:29
System Uptime: 9.7.2009 10:59:00 (1445 hours ago)
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz | uFC-PGA Socket | 2001/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 116 GiB total, 74,878 GiB free.
E: is FIXED (NTFS) - 115 GiB total, 56,88 GiB free.
F: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Nokia 5310 XpressMusic
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 5310 XpressMusic
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
==== System Restore Points ===================
==== Installed Programs ======================
2007 Microsoft Office system
Activation Assistant for the 2007 Microsoft Office suites
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 7.0 CE
Adobe Reader 8 - Czech
Adobe Reader 8.1.2 Security Update 1 (KB403742)
ALPS Touch Pad Driver
Atheros Driver Installation Program
Atheros Wi-Fi Protected Setup Library
avast! Antivirus
Balíček ovladače systému Windows - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
Balíček ovladače systému Windows - Nokia Modem (05/24/2007 6.84.0.1)
Bluetooth Stack for Windows by Toshiba
Camera Assistant Software for Toshiba
CCleaner (remove only)
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Google Desktop
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Intel(R) Network Connections Drivers
Intel® Matrix Storage Manager
Java(TM) 6 Update 15
Java(TM) 6 Update 6
Last.fm 1.5.4.24567
Microsoft .NET Framework 3.5 Language Pack SP1 - csy
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
Microsoft Office Access MUI (Czech) 2007
Microsoft Office Excel MUI (Czech) 2007
Microsoft Office Outlook MUI (Czech) 2007
Microsoft Office PowerPoint MUI (Czech) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (Czech) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Slovak) 2007
Microsoft Office Proofing (Czech) 2007
Microsoft Office Publisher MUI (Czech) 2007
Microsoft Office Shared MUI (Czech) 2007
Microsoft Office Word MUI (Czech) 2007
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.5.2)
Měřič spotřeby energie
NetSetMan 2.6.1
Nokia Connectivity Cable Driver
Nokia PC Suite
Návody TOSHIBA
Opera 10.00
PC Connectivity Solution
Picasa 2
Power Consumption Meter
Presto! BizCard 5 SE (English Version)
Presto! BizCard Component for Windows CE
Presto! BizCard5 SE
PSPad editor
QIP 2005 8090
QIP Infium JadrisPack 2.4.5 (9030)
Realtek High Definition Audio Driver
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.05
Skype™ 3.8
TOSHIBA 180 Degrees Rotation Utility
TOSHIBA Asistent zabezpeeení
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Cooling Performance Diagnostic Tool
TOSHIBA Diagnostický nástroj výkonu chlazení
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA HDD Protection
Toshiba Online Product Information
TOSHIBA PC Health Monitor
TOSHIBA Recovery Disc Creator
TOSHIBA SD Memory Boot Utility
TOSHIBA SD Memory Utilities
TOSHIBA Software Modem
Toshiba TEMPRO
TOSHIBA USB Sleep and Charge Utility
TOSHIBA Value Added Package
TOSHIBA Wireless Key Logon
Total Commander (Remove or Repair)
TRDCReminder
TRORDCLauncher
TrueSuite Access Manager
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Office 2007 (KB934528)
Update for Office System 2007 Setup (KB929722)
Webcam Simulator 6.3
Windows Media Player Firefox Plugin
ZipGenius 6 (6.0.3.1150)
Ztlumení jednotky CD/DVD
==== End Of File ===========================
Teď jdu na chvíli pryč, tak zareaguji později. Díky za pomoc.
Re: Pomalý start Vista Business
1) Pouzi JavaRa, mas staru Javu.
2) Stiahni MWAV. Spust ho a riad sa instrukciami. Aktualizuj ho a nastav parametre.
Po scane skopiruj log zo spodneho okna.
3) Stiahni RootRepeal. Spustis program, kliknes na "Report" -> "Scan" a zafajknes vsetky polozky. Stlac "OK" a spusti sa scan. Po jeho dokonceni klik na "Save Report" a vzniknuty log skopiruj sem.
2) Stiahni MWAV. Spust ho a riad sa instrukciami. Aktualizuj ho a nastav parametre.
Po scane skopiruj log zo spodneho okna.
3) Stiahni RootRepeal. Spustis program, kliknes na "Report" -> "Scan" a zafajknes vsetky polozky. Stlac "OK" a spusti sa scan. Po jeho dokonceni klik na "Save Report" a vzniknuty log skopiruj sem.
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
Re: Pomalý start Vista Business
Takže Java snad aktualizovaná.
Jen se mi nepodařilo ve Vista najít, kde mám vypnout Bod obnovy ... snad to až tak nevadí.
První log:
Objekt "ezula Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "CyberSitter Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\vsavb7rt.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.enterpriseservices.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorrc.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscordbi.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorsec.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.configuration.install.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.vsa.vb.codedomprocessor.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\wminet_utils.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\iehost.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.data.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxwma.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxsfs.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxafs.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxinsa64.exe". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxinsi64.exe". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxcpya64.exe". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxcpyi64.exe". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Users\Admin\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\Msvcrt10.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Users\Admin\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\MSVCP60.DLL". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".15". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".331-whql". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".autoreg". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".bak". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".BUP". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".CZ". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".CZ-EXeC". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".CZ-TreZzoR". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".CZ-VIPEXeC". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".default". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".DVDR-VoX". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".fcgi". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".IFO". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".json". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".Lenishek". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".net]". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".nth". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".part". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".php". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".rar". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".sfv". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".sqlite". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".srt". Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\Toshiba\Drivers\Toshiba Europe iGoogle Support Installer 1.2.exe je infikovaný virem BehavesLike:Trojan.StartPage (DB) !! Provedené akce: Ponecháno, neodstraněno!.
Ad.3. bod: The bandwidth or page view limit for this site has been exceeded and the page cannot be viewed at this time. Once the site is below the limit, it will once again begin serving as normal.
Jen se mi nepodařilo ve Vista najít, kde mám vypnout Bod obnovy ... snad to až tak nevadí.
První log:
Objekt "ezula Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "CyberSitter Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\vsavb7rt.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.enterpriseservices.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorrc.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscordbi.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorsec.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.configuration.install.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.vsa.vb.codedomprocessor.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\wminet_utils.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\iehost.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.data.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxwma.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxsfs.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxafs.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxinsa64.exe". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxinsi64.exe". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxcpya64.exe". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\system32\pxcpyi64.exe". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Users\Admin\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\Msvcrt10.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Users\Admin\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\MSVCP60.DLL". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".15". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".331-whql". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".autoreg". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".bak". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".BUP". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".CZ". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".CZ-EXeC". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".CZ-TreZzoR". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".CZ-VIPEXeC". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".default". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".DVDR-VoX". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".fcgi". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".IFO". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".json". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".Lenishek". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".net]". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".nth". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".part". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".php". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".rar". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".sfv". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".sqlite". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".srt". Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\Toshiba\Drivers\Toshiba Europe iGoogle Support Installer 1.2.exe je infikovaný virem BehavesLike:Trojan.StartPage (DB) !! Provedené akce: Ponecháno, neodstraněno!.
Ad.3. bod: The bandwidth or page view limit for this site has been exceeded and the page cannot be viewed at this time. Once the site is below the limit, it will once again begin serving as normal.
Re: Pomalý start Vista Business
Už podruhé jsem spustil RootRepeal a mám pocit, že se mi to vždy sekne na C:/Windows/winsxs/Manifests/ (pardon za ta obrácená lomítka, nevím proč, ale nejde mi klávesovou zkratkou ALT GR + W napsat zpětné :-/ )
Re: Pomalý start Vista Business
1) Otestuj subor(y) na VIRUSTOTALe:
Ak vypise, ze subor uz bol testovany, daj ho otestovat znovu. Vysledok posli ako LINK.
2) Stiahni GMER, rozbal ho na plochu a spust. Program automaticky zacne scan (po jeho skonceni vloz log c. 1) - pokial pri scanovani nieco najde (=vyskoci nejake upozornenie), klik na "NO" a vpravo zafajknes vsetky polozky OKREM:
Ak nic nenajde (=nevyskoci nic), zaskrtaj vpravo vsetko a spusti scan. Po jeho ukonceni klik na "Copy" a vloz log c. 2.
Kód: Vybrat vše
C:\Toshiba\Drivers\Toshiba Europe iGoogle Support Installer 1.2.exeAk vypise, ze subor uz bol testovany, daj ho otestovat znovu. Vysledok posli ako LINK.
2) Stiahni GMER, rozbal ho na plochu a spust. Program automaticky zacne scan (po jeho skonceni vloz log c. 1) - pokial pri scanovani nieco najde (=vyskoci nejake upozornenie), klik na "NO" a vpravo zafajknes vsetky polozky OKREM:
- Sections
- IAT/EAT
- Registry
- nesystemovych diskov a particii (system je zvycajne na "C:\" - takze nezaskrtnute nechas "D:\", "E:\"...atd.)
- Show All
Ak nic nenajde (=nevyskoci nic), zaskrtaj vpravo vsetko a spusti scan. Po jeho ukonceni klik na "Copy" a vloz log c. 2.
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
Re: Pomalý start Vista Business
1. http://www.virustotal.com/cs/analisis/4 ... 1252405974
2.
Spustil se test. Test asi doběhl - nic na mě nevyskočilo, ani žádný log, tak jsem klikl na Copy a tady je výsledek:
GMER 1.0.15.15077 [gmer.exe] - http://www.gmer.net
Rootkit quick scan 2009-09-08 12:36:07
Windows 6.0.6002 Service Pack 2
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
Pak jsem tedy zaklikl vše (i "E:")
V současné době mi probíhá druhý test, takže vložím log po jeho skončení (podle toho, jak dlouho bude trvat, za 15 minut musím pryč, tak ho případně dodám později).
2.
Spustil se test. Test asi doběhl - nic na mě nevyskočilo, ani žádný log, tak jsem klikl na Copy a tady je výsledek:
GMER 1.0.15.15077 [gmer.exe] - http://www.gmer.net
Rootkit quick scan 2009-09-08 12:36:07
Windows 6.0.6002 Service Pack 2
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
Pak jsem tedy zaklikl vše (i "E:")
V současné době mi probíhá druhý test, takže vložím log po jeho skončení (podle toho, jak dlouho bude trvat, za 15 minut musím pryč, tak ho případně dodám později).
Re: Pomalý start Vista Business
GMER 1.0.15.15077 [gmer.exe] - http://www.gmer.net
Rootkit scan 2009-09-08 15:46:14
Windows 6.0.6002 Service Pack 2
---- Kernel code sections - GMER 1.0.15 ----
? C:\Windows\system32\drivers\rootrepeal.sys Systém nemůže nalézt uvedený soubor. !
---- User code sections - GMER 1.0.15 ----
.text E:\Programy\QIP Infium JadrisPack\infium.exe[7536] kernel32.dll!CreateThread + 1A 7640C928 4 Bytes CALL 00450DB1 E:\Programy\QIP Infium JadrisPack\infium.exe (QIP Infium/QIP)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\system32\services.exe[764] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00070002
IAT C:\Windows\system32\services.exe[764] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 00070000
IAT E:\Programy\QIP Infium JadrisPack\infium.exe[7536] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!QueueUserWorkItem] [00450F08] E:\Programy\QIP Infium JadrisPack\infium.exe (QIP Infium/QIP)
IAT E:\Programy\QIP Infium JadrisPack\infium.exe[7536] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!QueueUserWorkItem] [00450F08] E:\Programy\QIP Infium JadrisPack\infium.exe (QIP Infium/QIP)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
---- EOF - GMER 1.0.15 ----
Rootkit scan 2009-09-08 15:46:14
Windows 6.0.6002 Service Pack 2
---- Kernel code sections - GMER 1.0.15 ----
? C:\Windows\system32\drivers\rootrepeal.sys Systém nemůže nalézt uvedený soubor. !
---- User code sections - GMER 1.0.15 ----
.text E:\Programy\QIP Infium JadrisPack\infium.exe[7536] kernel32.dll!CreateThread + 1A 7640C928 4 Bytes CALL 00450DB1 E:\Programy\QIP Infium JadrisPack\infium.exe (QIP Infium/QIP)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\system32\services.exe[764] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00070002
IAT C:\Windows\system32\services.exe[764] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 00070000
IAT E:\Programy\QIP Infium JadrisPack\infium.exe[7536] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!QueueUserWorkItem] [00450F08] E:\Programy\QIP Infium JadrisPack\infium.exe (QIP Infium/QIP)
IAT E:\Programy\QIP Infium JadrisPack\infium.exe[7536] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!QueueUserWorkItem] [00450F08] E:\Programy\QIP Infium JadrisPack\infium.exe (QIP Infium/QIP)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
---- EOF - GMER 1.0.15 ----
Re: Pomalý start Vista Business
Cisto. Myslim, ze malware infekciu mozme povazovat za vylucenu.
1) Docistime to:
2) Log z HJT.
1) Docistime to:
- Odinstaluj Combofix:
Start -> Spustit -> (napis) combofix /u
- Pouzi T-Cleaner (ak by ho antivirus hlasil ako smejda, nic sa netreba bat, ide len o paranoju AV programu).
- Precisti PC CCleanerom (vratane registrov).
- Pouzi TFC (spust program a klikni na "Start". Pozor, PC moze byt restartovane).
2) Log z HJT.
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
Re: Pomalý start Vista Business
Nejde odinstalovat, píše mi to, že to Win nemůže najít ... mám to přeskočit a udělat ty další kroky?
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 109 hostů