Chtěl jsem trošku prozkoumat, co to je, ale googlit se mi moc nedaří (až na to, že to je nějaký svinstvo).
Taky jsem se chtěl podívat, co se děje, ve správci úloh, protože podle větráčku jel procesor na plno. Jenže ouha, po stisku Ctrl-shift-Esc se nic nestalo. Po pár pokusech jsem si všiml, že správce problikne, ale zase se ukončí!
Tomu programu jsem bloknul připojení a po chvíli vytížení procesoru vyskočil ještě dotaz na nějaký p1xzobrQ[1].exe, který jsem taky zakázal (2x se snažil připojit na IP viz výše a jednou na 31.44.184.59:80), tentokrát byl v Temporary Internet Files/Content.IE5
Asi po čtvrt hodině vytížení CPU zmizelo a správce úloh se už dá spustit. Zapnul jsem RSIT, který mě uvítal touhle hláškou:
Nakonec z něj ale log po několika minutách vypadl, takže tady je.Please help us improve HijackThis by reporting this error
Click 'Yes' to submit
Error Details:
An unexpected error has occurred at procedure: modRegistry_IniGetString(sFile=system.ini, sSection=boot, sValue=Shell)
Error #5 - Invalid procedure call or argument
Windows version: Windows NT 6.01.3505
MSIE version: 9.0.8112.16421
HijackThis version: 2.0.4
Mimochodem včera po výpadku elektriky jsem měl poškozený ovladače u síťový karty, zvukovky a ještě pár dalších. Nevím, jestli to s tím má něco společného.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jenda at 2011-12-04 23:19:55
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 485 MB (2%) free of 31 GB
Total RAM: 4094 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:20:16, on 4.12.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
E:\Programy\DAEMON Tools Lite\daemon.exe
C:\Users\Jenda\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Users\Jenda\Local Settings\Apps\F.lux\flux.exe
C:\Users\Jenda\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\SysWOW64\rundll32.exe
E:\Programy\Logitech\SetPoint\x86\SetPoint32.exe
E:\Programy\Miranda IM\miranda32.exe
E:\Programy\Opera\opera.exe
E:\Programy\Android\android-sdk\platform-tools\adb.exe
E:\Programy\Mozilla Thunderbird\thunderbird.exe
E:\programy\Android\android-sdk\tools\emulator-arm.exe
E:\Programy\PSpad\PSPad.exe
E:\Programy\PSpad\PSPad.exe
C:\Users\Jenda\AppData\Local\Temp\7zOFF58.tmp\procexp.exe
C:\Program Files\trend micro\Jenda.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=217.91.70.238:8085
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programy\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Programy\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Programy\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SansaDispatch] C:\Users\Jenda\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKCU\..\Run: [F.lux] "C:\Users\Jenda\Local Settings\Apps\F.lux\flux.exe" /noshow
O4 - HKUS\S-1-5-21-958960618-1215407809-944795458-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-958960618-1215407809-944795458-1006\..\Run: [DAEMON Tools Lite] "E:\Programy\DAEMON Tools Lite\daemon.exe" -autorun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-958960618-1215407809-944795458-1006\..\Run: [SansaDispatch] C:\Users\UpdatusUser\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-958960618-1215407809-944795458-1006\..\Run: [F.lux] "C:\Users\Jenda\Local Settings\Apps\F.lux\flux.exe" /noshow (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-958960618-1215407809-944795458-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = C:\Users\Jenda\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all with Free Download Manager - file://E:\Programy\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://E:\Programy\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://E:\Programy\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://E:\Programy\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - e:\programy\COMODO Internet Security\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - e:\Programy\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - E:\Programy\VMware\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Programy\VMware\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - E:\Programy\VMware\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10985 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"e:\programy\COMODO Internet Security\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\CISVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe" -Embedding
"e:\Programy\Sandboxie\SbieSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
E:\Programy\VMware\vmware-authd.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe" -m
"C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\system32\svchost.exe -k WindowsMobile
"E:\Programy\COMODO Internet Security\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"E:\Programy\DAEMON Tools Lite\daemon.exe" -autorun
"C:\Users\Jenda\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe"
"C:\Users\Jenda\Local Settings\Apps\F.lux\flux.exe" /noshow
"E:\Programy\Logitech\SetPoint\SetPoint.exe"
"C:\Users\Jenda\AppData\Roaming\Dropbox\bin\Dropbox.exe"
"C:\Windows\System32\rundll32.exe" P17RunE.dll,RunDLLEntry
"E:\Programy\Logitech\SetPoint\x86\SetPoint32.exe"
KHALMNPR.EXE /API
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"E:\Programy\Miranda IM\miranda32.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\System32\mobsync.exe -Embedding
"C:\Windows\system32\wuauclt.exe"
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"E:\Programy\Opera\opera.exe"
"E:\Programy\eclipse\eclipse.exe"
C:\Windows\system32\javaw.exe -Dosgi.requiredJavaVersion=1.5 -Xms40m -Xmx384m -XX:MaxPermSize=256m -jar E:\Programy\eclipse\\plugins/org.eclipse.equinox.launcher_1.2.0.v20110502.jar -os win32 -ws win32 -arch x86_64 -showsplash -launcher E:\Programy\eclipse\eclipse.exe -name Eclipse --launcher.library E:\Programy\eclipse\\plugins/org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.100.v20110502\eclipse_1406.dll -startup E:\Programy\eclipse\\plugins/org.eclipse.equinox.launcher_1.2.0.v20110502.jar --launcher.overrideVmargs -exitdata 7cc_5c -product org.eclipse.epp.package.java.product -vm C:\Windows\system32\javaw.exe -vmargs -Dosgi.requiredJavaVersion=1.5 -Xms40m -Xmx384m -XX:MaxPermSize=256m -jar E:\Programy\eclipse\\plugins/org.eclipse.equinox.launcher_1.2.0.v20110502.jar
adb fork-server server
"E:\Programy\Mozilla Thunderbird\thunderbird.exe"
\??\C:\Windows\system32\conhost.exe "1019155832-101318358-2021117092-4393451102048637656-1181214697276297936-1885013960
E:\programy\Android\android-sdk\tools/emulator-arm.exe -avd 2.3.3_WVGA -dns-server 8.8.8.8
"E:\Programy\PSpad\PSPad.exe" "E:\Sandbox\Jenda\VS2008\drive\E\System\Documents\Visual Studio 2008\Projects\GeocachingParser\GeocachingParser\SeekNearby.cs"
"e:\Programy\Sandboxie\SandboxieRpcSs.exe"
"e:\Programy\Sandboxie\SbieCtrl.exe"
"e:\Programy\Sandboxie\SandboxieDcomLaunch.exe"
"E:\Programy\PSpad\PSPad.exe" "E:\Sandbox\Jenda\VS2008\drive\E\System\Documents\Visual Studio 2008\Projects\CacheDownloaderCS\CacheDownloaderCS\frmStahovac.cs"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"E:\Programy\7-Zip\7zFM.exe" "C:\Users\Jenda\AppData\Local\Opera\Opera\temporary_downloads\ProcessExplorer.zip"
"C:\Users\Jenda\AppData\Local\Temp\7zOFF58.tmp\procexp.exe"
"E:\Programy\7-Zip\7zFM.exe" "C:\Users\Jenda\AppData\Local\Opera\Opera\temporary_downloads\ProcessMonitor.zip"
"C:\Users\Jenda\AppData\Local\Temp\7zOFF58.tmp\procexp.exe"
C:\Windows\system32\wbem\wmiprvse.exe
taskmgr.exe /2
"C:\Windows\system32\msconfig.exe"
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\compmgmt.msc" /s
"C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 09BEC896-0618-E731-AAA2-94638966EEBF -Reinvoke
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Jenda\AppData\Local\Opera\Opera\temporary_downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Programy\Java\jre7\bin\jp2ssv.dll [2011-10-20 75656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Programy\Java\jre6\bin\jp2ssv.dll [2009-10-23 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 130576]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-11 2345848]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 1436224]
"COMODO Internet Security"=e:\programy\COMODO Internet Security\COMODO\COMODO Internet Security\cfp.exe [2010-12-29 8862024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=E:\Programy\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"SansaDispatch"=C:\Users\Jenda\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [2011-01-07 79872]
"F.lux"=C:\Users\Jenda\Local Settings\Apps\F.lux\flux.exe [2009-08-29 966656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=E:\Programy\Java\jre6\bin\jusched.exe [2009-10-23 149280]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"EasyTuneVI"=C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [2007-07-26 20480]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - E:\Programy\Logitech\SetPoint\SetPoint.exe
C:\Users\Jenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Jenda\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 76816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-06-27 249344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.txt - open - C:\Windows\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2011-12-04 23:19:55 ----D---- C:\rsit
2011-12-03 23:41:36 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2011-12-03 23:41:36 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2011-12-03 23:41:36 ----A---- C:\Windows\system32\wrap_oal.dll
2011-12-03 23:41:36 ----A---- C:\Windows\system32\OpenAL32.dll
2011-12-03 23:41:35 ----N---- C:\Windows\SYSWOW64\Sens_oal.dll
2011-12-03 23:41:35 ----N---- C:\Windows\system32\Sens_oal.dll
2011-12-03 23:39:02 ----A---- C:\Windows\SYSWOW64\CmdRtr.DLL
2011-12-03 23:39:01 ----A---- C:\Windows\SYSWOW64\APOMngr.DLL
2011-12-03 23:39:01 ----A---- C:\Windows\system32\CmdRtr64.DLL
2011-12-03 23:39:01 ----A---- C:\Windows\system32\APOMgr64.DLL
2011-12-03 23:37:04 ----A---- C:\Windows\SYSWOW64\INRES.DLL
2011-12-03 23:37:04 ----A---- C:\Windows\system32\INRES.DLL
2011-12-03 23:36:20 ----A---- C:\Windows\SYSWOW64\AddCat.exe
2011-12-03 23:36:20 ----A---- C:\Windows\system32\ludap17.ini
2011-12-03 23:36:20 ----A---- C:\Windows\system32\ctzapxx.ini
2011-12-03 23:36:18 ----A---- C:\Windows\system32\CTAPO64.dll
2011-12-03 23:36:11 ----A---- C:\Windows\SYSWOW64\CTAPO32.dll
2011-12-03 23:36:10 ----A---- C:\Windows\ResDefE.exe
2011-12-03 19:13:23 ----A---- C:\Windows\system32\11-30_20-03-38_NOVA CINEMA_Psychopat z Green River (1 2) - (The Capture of the Green River Killer aka Chasing the Devil) Mrtvých prostitutek v Seattlu děsivou rychlostí přibývá. Detektiv Tom Cavana.ts.lnk
2011-12-01 18:24:15 ----A---- C:\Windows\system32\WinUSBCoInstaller.dll
2011-12-01 18:24:15 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2011-12-01 18:24:14 ----A---- C:\Windows\system32\drivers\pneteth.sys
2011-12-01 18:24:13 ----D---- C:\Program Files (x86)\PdaNet for Android
2011-11-30 18:39:43 ----A---- C:\Windows\SYSWOW64\osenxpsuite2007.dll
2011-11-30 18:39:42 ----A---- C:\Windows\SYSWOW64\Redemption.dll
2011-11-18 10:28:08 ----D---- C:\Windows\system32\Macromed
2011-11-18 02:20:27 ----A---- C:\Windows\system32\mshtmled.dll
2011-11-18 02:20:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-11-18 02:20:25 ----A---- C:\Windows\SYSWOW64\url.dll
2011-11-18 02:20:25 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-11-18 02:20:25 ----A---- C:\Windows\system32\url.dll
2011-11-18 02:20:25 ----A---- C:\Windows\system32\iertutil.dll
2011-11-18 02:20:24 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-11-18 02:20:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-11-18 02:20:24 ----A---- C:\Windows\system32\wininet.dll
2011-11-18 02:20:24 ----A---- C:\Windows\system32\urlmon.dll
2011-11-18 02:20:24 ----A---- C:\Windows\system32\jsproxy.dll
2011-11-18 02:20:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-11-18 02:20:23 ----A---- C:\Windows\system32\jscript9.dll
2011-11-18 02:20:23 ----A---- C:\Windows\system32\ieui.dll
2011-11-18 02:20:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-11-18 02:20:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-11-18 02:20:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-11-18 02:20:22 ----A---- C:\Windows\system32\jscript.dll
2011-11-18 02:20:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-11-18 02:20:19 ----A---- C:\Windows\system32\mshtml.dll
2011-11-18 02:20:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-11-18 02:20:17 ----A---- C:\Windows\system32\ieframe.dll
2011-11-18 02:17:35 ----A---- C:\Windows\system32\shell32.dll
2011-11-18 02:17:33 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-11-09 16:48:28 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-09 16:48:22 ----A---- C:\Windows\system32\win32k.sys
======List of files/folders modified in the last 1 month======
2011-12-04 23:20:01 ----D---- C:\Program Files\trend micro
2011-12-04 23:19:42 ----D---- C:\Windows\Temp
2011-12-04 23:17:50 ----D---- C:\Windows\system32\config
2011-12-04 23:10:52 ----D---- C:\Windows\system32\drivers
2011-12-04 20:07:57 ----SHD---- C:\System Volume Information
2011-12-04 19:56:46 ----D---- C:\Windows\System32
2011-12-04 19:56:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-12-04 19:56:45 ----D---- C:\Windows\inf
2011-12-04 19:54:09 ----D---- C:\Windows\Downloaded Program Files
2011-12-04 19:52:07 ----D---- C:\Users\Jenda\AppData\Roaming\Dropbox
2011-12-04 19:51:54 ----D---- C:\Windows
2011-12-04 19:51:53 ----D---- C:\Windows\Prefetch
2011-12-04 19:51:31 ----D---- C:\Windows\SysWOW64
2011-12-04 19:51:04 ----D---- C:\ProgramData\VMware
2011-12-04 19:50:48 ----D---- C:\ProgramData\NVIDIA
2011-12-03 23:42:22 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-12-03 23:40:23 ----D---- C:\Program Files (x86)\Creative
2011-12-03 23:38:58 ----D---- C:\Windows\system32\catroot
2011-12-03 23:38:10 ----D---- C:\Windows\system32\DriverStore
2011-12-03 13:44:46 ----A---- C:\Windows\Sandboxie.ini
2011-12-01 18:24:13 ----RD---- C:\Program Files (x86)
2011-11-24 21:58:16 ----D---- C:\Users\Jenda\AppData\Roaming\FileZilla
2011-11-23 21:28:57 ----D---- C:\Users\Jenda\AppData\Roaming\Mozilla
2011-11-23 20:13:39 ----D---- C:\Users\Jenda\AppData\Roaming\VMware
2011-11-22 22:31:33 ----ASD---- C:\ProgramData\Microsoft
2011-11-22 22:31:33 ----A---- C:\Windows\SurCode.INI
2011-11-18 12:25:49 ----D---- C:\Windows\Microsoft.NET
2011-11-18 12:24:55 ----RSD---- C:\Windows\assembly
2011-11-18 11:02:25 ----D---- C:\Windows\winsxs
2011-11-18 10:54:39 ----D---- C:\Users\Jenda\AppData\Roaming\MotionDSP
2011-11-18 10:53:49 ----D---- C:\Windows\WindowsMobile
2011-11-18 10:52:23 ----SHD---- C:\Windows\Installer
2011-11-18 10:52:22 ----D---- C:\Config.Msi
2011-11-18 02:25:23 ----D---- C:\Windows\SYSWOW64\migration
2011-11-18 02:25:23 ----D---- C:\Windows\system32\migration
2011-11-18 02:25:23 ----D---- C:\Program Files\Internet Explorer
2011-11-18 02:25:23 ----D---- C:\Program Files\Common Files\System
2011-11-18 02:25:23 ----D---- C:\Program Files (x86)\Internet Explorer
2011-11-18 02:20:35 ----D---- C:\Windows\system32\catroot2
2011-11-17 09:26:26 ----A---- C:\Windows\WDICT32.INI
2011-11-08 19:21:24 ----D---- C:\Windows\Tasks
2011-11-08 19:21:24 ----D---- C:\Windows\system32\Tasks
2011-11-08 19:16:55 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-09-27 871408]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2011-08-08 116336]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-12-29 250008]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-12-29 39376]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-12-29 89840]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 188928]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2010-12-31 294232]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2011-08-21 39024]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2011-08-22 45680]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2011-08-22 30320]
R2 VMparport;VMware VMparport; \??\C:\Windows\system32\drivers\VMparport.sys [2011-08-22 31344]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2011-08-22 62064]
R2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi10-shared.sys [2011-07-08 33392]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\E:\Programy\VMware\vstor2-ws60.sys [2010-04-27 32816]
R3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-12-04 25640]
R3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2011-12-04 30528]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2009-06-17 74256]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2009-06-17 13328]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
R3 lvpopf64;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640]
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
R3 LVUVC64;Logitech QuickCam Pro 5000(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2007-11-16 1276928]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL2832U_IRHID;HID Infrared Remote Receiver; C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys [2009-07-13 42912]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2010-07-01 224488]
R3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2010-07-01 39016]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 SbieDrv;SbieDrv; \??\e:\Programy\Sandboxie\SbieDrv.sys [2011-10-12 157824]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2010-08-01 31792]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2011-08-22 20080]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2007-01-29 79760]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 com0com;com0com - emulates the serial ports interconnected via a null-modem cable; C:\Windows\system32\DRIVERS\com0com.sys [2011-01-25 76800]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2011-11-06 25640]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-26 21832]
S3 L8042Kbd;SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2009-06-17 30736]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2009-06-17 40976]
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
S3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2010-03-12 97280]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 tapoas;TAP-Win32 Adapter OAS; C:\Windows\system32\DRIVERS\tapoas.sys [2010-07-11 30720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-08-15 146736]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 19456]
R2 cmdAgent;COMODO Internet Security Helper Service; e:\programy\COMODO Internet Security\COMODO\COMODO Internet Security\cmdagent.exe [2010-12-29 2418128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 12784]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-08-03 980072]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 SbieSvc;Sandboxie Service; e:\Programy\Sandboxie\SbieSvc.exe [2011-10-12 94992]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-08-03 379496]
R2 VMAuthdService;VMware Authorization Service; E:\Programy\VMware\vmware-authd.exe [2011-08-22 79872]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2011-08-22 354416]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-21 846448]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2011-08-22 432752]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-09-19 1431888]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-12 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 160784]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-12-28 403240]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 ufad-ws60;VMware Agent Service; E:\Programy\VMware\vmware-ufad.exe [2010-04-27 191024]
S3 VMwareHostd;VMware Workstation Server; E:\Programy\VMware\vmware-hostd.exe [2011-08-22 11837440]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-03-22 1255736]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2007-11-07 4466688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Přispějete na provoz fóra?