Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

iexplorer+lsass+Vacu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
joke1
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 10 úno 2011 10:18

iexplorer+lsass+Vacu

#1 Příspěvek od joke1 »

Dobrý den, prosím o pomoc. NB se stal hlemýŽĎ nejpomalejší. XP SP3. Teď jedu v nouzovém režimu, abych se vůbec mohl tady regnout. Ve správci úloh asi 12x iexplorer.exe a cca 60-70% CPU lsass.exe, také VacuumPageClient (sand si to pamatuju správně). Použil jsem s vypnutým NODem combofix, vše šlo dle návodu až se zarazil, že nemůže najít CHeck_Hal. Po dvou hodinách jsem ho shodil a raději bych postupoval dle konzultace. Mám z něj vzhledem ke svým znalostem respekt. Můžete mi někdo pomoci, jak správně postupovat? Díky
Naposledy upravil(a) joke1 dne 10 úno 2011 21:50, celkem upraveno 1 x.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: iexplorer+lsass+Vacu

#2 Příspěvek od Rudy »

Můžete mi někdo pomoci, jak správně postupovat?
Rozhodně ne ComboFixem jako laik, tím si akorát shodíte systém úplně. Dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
joke1
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 10 úno 2011 10:18

Re: iexplorer+lsass+Vacu

#3 Příspěvek od joke1 »

Nevím, zda jsem neudělal chybu, že jsem to spustil v tom nouzovém režimu se sítí , v kterém jsem (s vypnutým NODem), ale přikládám log.txt RSIT.


Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-02-10 21:56:14
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (4%) free of 114 GB
Total RAM: 2046 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:56, on 2011-02-10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.europowersearch.com/Search.h ... rchLang=CZ
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD0.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O2 - BHO: Google Plus - {01677B4B-0610-4814-94A0-5F570DD7A88F} - C:\PROGRA~1\GOOGLE~1\23GOOG~1.DLL
O2 - BHO: Super-Search -Find more of what you need - {0286A85D-CD62-43bb-B7A9-A87D1D027160} - C:\PROGRA~1\EASYSE~1\BHO\15SUPE~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\bh\BabylonToolbar.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD0.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: mobilewitch Toolbar - {fcbf663e-8530-46f8-a880-ac5abe9d2b23} - C:\Program Files\mobilewitch\tbmob2.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: mobilewitch Toolbar - {fcbf663e-8530-46f8-a880-ac5abe9d2b23} - C:\Program Files\mobilewitch\tbmob2.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD0.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarTlbr.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [USB SECURITY DEVICE CoInstaller] JupitCo.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [gemstrmw] C:\WINDOWS\system32\gemstrmw.exe /r
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero8\InCD\InCD.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [etMonitor] C:\WINDOWS\etMon.exe
O4 - HKLM\..\Run: [BMClient] BMClient.exe
O4 - HKLM\..\Run: [ComplexWebServer] "C:\ComplexWebServer\bin\ServiceDirect.exe" /RUNHIDE /CONF="C:\ComplexWebServer\bin\ServiceDirect.conf"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SiteVacuum] C:\Program Files\EasySearch\SiteVacuumClient.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [VertrigoServ] "C:\Program Files\VertrigoServ\Vertrigo.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe
O4 - HKLM\..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarsrv.exe" /md I
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\web'n'walk Manager\Manager.exe"
O4 - HKCU\..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKCU\..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: emSwapTool.lnk = C:\Program Files\USB Camera\Driver\emSwapAp2.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Enterprise\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Enterprise\Add_AllO.htm
O8 - Extra context menu item: Download &Flash Movies - C:\Program Files\Flash2X\Flash Hunter\save.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Administrator\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Administrator\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\Program Files\Eltima Software\Flash Decompiler Trillix\saveflash\iebt.dll
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\Program Files\Eltima Software\Flash Decompiler Trillix\saveflash\iebt.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Flash2X Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (HKCU)
O9 - Extra 'Tools' menuitem: &Launch Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://get.adobe.com
O15 - Trusted Zone: http://bsplayer.ourtoolbar.com
O15 - Trusted Zone: http://*.periscop.cz
O15 - Trusted Zone: http://www.prestashop.com
O15 - Trusted Zone: http://www.topbenefit.net
O15 - Trusted Zone: http://download.windowsupdate.com
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {1AE23F24-D3E4-4C57-8468-6618B9B8B70F} (ICASign Class) - https://ib24.csob.cz/Comp/IcaSignerCZ.cab
O16 - DPF: {461A37E7-17B3-40E3-B6BB-7CAEC732C9E4} (CSOBEnroll Class) - https://ib24.csob.cz/Comp/CSOBEnroll.dll
O16 - DPF: {4C3CEE0B-4F2F-44C3-9586-4368F3200143} (ICApki Class) - https://tbica.ica.cz/icapki.cab
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2347054984
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/ ... TSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2495852531
O16 - DPF: {8DB83558-B5E6-4449-8E59-B91126580A99} (ICAHsmEngine Class) - https://ib24.csob.cz/comp/ICAHsmEngine.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: CWS_Apache_80 - Unknown owner - C:\ComplexWebServer\apache\bin\apache.exe (file missing)
O23 - Service: CWS_MySQL_3306 - Unknown owner - C:\ComplexWebServer\mysql\bin\mysqld.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 20126 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HALBOOK-Administrator.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{1469A1B0-ACC0-4933-98FD-E681C8D80892}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01677B4B-0610-4814-94A0-5F570DD7A88F}]
Google Plus - C:\PROGRA~1\GOOGLE~1\23GOOG~1.DLL [2010-08-09 114688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0286A85D-CD62-43bb-B7A9-A87D1D027160}]
Super-Search -Find more of what you need - C:\PROGRA~1\EASYSE~1\BHO\15SUPE~1.DLL [2010-04-25 319488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0 CE\Acrobat\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2010-01-24 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
CescrtHlpr Object - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\bh\BabylonToolbar.dll [2010-09-27 225720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVD0.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-25 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-25 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTo1.dll [2010-12-26 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fcbf663e-8530-46f8-a880-ac5abe9d2b23}]
mobilewitch Toolbar - C:\Program Files\mobilewitch\tbmob2.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2010-01-24 491520]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-25 297648]
{fcbf663e-8530-46f8-a880-ac5abe9d2b23} - mobilewitch Toolbar - C:\Program Files\mobilewitch\tbmob2.dll [2010-10-18 3908192]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVD0.dll [2010-10-18 3908192]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarTlbr.dll [2010-09-27 180664]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTo1.dll [2010-12-26 3911776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-06-30 729178]
"USB SECURITY DEVICE CoInstaller"=JupitCo.exe []
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"gemstrmw"=C:\WINDOWS\system32\gemstrmw.exe [2003-04-02 24576]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"SecurDisc"=C:\Program Files\Nero\Nero8\InCD\NBHGui.exe [2008-06-10 2049320]
"InCD"=C:\Program Files\Nero\Nero8\InCD\InCD.exe [2008-06-10 1083176]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]
"etMonitor"=C:\WINDOWS\etMon.exe [2007-09-19 102400]
"BMClient"=C:\WINDOWS\BMClient.exe [2009-07-24 112128]
"ComplexWebServer"=C:\ComplexWebServer\bin\ServiceDirect.exe /RUNHIDE /CONF=C:\ComplexWebServer\bin\ServiceDirect.conf []
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-08-21 122368]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-09-21 47904]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2009-10-07 917504]
"SiteVacuum"=C:\Program Files\EasySearch\SiteVacuumClient.exe [2010-06-09 479323]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]
"VertrigoServ"=C:\Program Files\VertrigoServ\Vertrigo.exe [2008-07-03 373760]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-10-01 500208]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"BtTray"=C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2009-02-27 278016]
"UpdateReminder"=C:\Program Files\Eset\UpdateReminder.exe [2010-12-01 434176]
"BabylonToolbar"=C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarsrv.exe [2010-08-09 286720]
"USBToolTip"=C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [2005-06-13 192512]
"PinnacleDriverCheck"=C:\WINDOWS\system32\\PSDrvCheck.exe [2004-03-11 406016]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-01-25 421160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe []
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile\web'n'walk Manager\Manager.exe [2007-02-21 928448]
"CTZDetec.exe"=C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe [2007-12-18 401408]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"OEXPRESS"= []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-21 39408]
"WEBTRAN"= []
"AdobeBridge"= []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2006-09-10 218032]
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe []
"uTorrent"=C:\Program Files\uTorrent\utorrent.exe [2010-12-17 395640]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
emSwapTool.lnk - C:\Program Files\USB Camera\Driver\emSwapAp2.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Rychlé spuštění aplikace HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-01-22 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe:*:Enabled:Spouštěč softwaru Nokia Nseries"
"C:\Program Files\T-Mobile\Speedmanager plus\Speedmanager plus.exe"="C:\Program Files\T-Mobile\Speedmanager plus\Speedmanager plus.exe:*:Enabled:Speedmanager plus"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"C:\Program Files\T-Mobile\web'n'walk Manager\Manager.exe"="C:\Program Files\T-Mobile\web'n'walk Manager\Manager.exe:*:Enabled:web'n'walk Manager"
"C:\Program Files\Epocware\Handy Safe Desktop\Safe.exe"="C:\Program Files\Epocware\Handy Safe Desktop\Safe.exe:*:Enabled:Handy Safe Desktop 5.06"
"C:\Program Files\Ubisoft\Splinter Cell Pandora Tomorrow\pandora.exe"="C:\Program Files\Ubisoft\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:pandora"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Instal\StrongDC++ 2.21\StrongDC.exe"="C:\Instal\StrongDC++ 2.21\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\SOFTIK\CZDC++ 0.4033(B)\CZDCPlusPlus.exe"="C:\Program Files\SOFTIK\CZDC++ 0.4033(B)\CZDCPlusPlus.exe:*:Enabled:CZDC++"
"C:\Program Files\THQ\Pandemic Studios\Full Spectrum Warrior\Launcher.locked"="C:\Program Files\THQ\Pandemic Studios\Full Spectrum Warrior\Launcher.locked:*:Disabled:Launcher"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\VertrigoServ\Mysql\bin\mysqld.exe"="C:\Program Files\VertrigoServ\Mysql\bin\mysqld.exe:*:Enabled:mysqld"
"C:\Program Files\VertrigoServ\Mysql\bin\v_mysqld.exe"="C:\Program Files\VertrigoServ\Mysql\bin\v_mysqld.exe:*:Enabled:v_mysqld"
"C:\Program Files\VertrigoServ\Apache\bin\v_apache.exe"="C:\Program Files\VertrigoServ\Apache\bin\v_apache.exe:*:Enabled:Apache HTTP Server"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Eidos Interactive\Pyro\Commandos\mpserver.exe"="C:\Program Files\Eidos Interactive\Pyro\Commandos\mpserver.exe:*:Enabled:mpserver"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\StrongDC++\StrongDC.exe"="C:\Program Files\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\VertrigoServ\Vertrigo.exe"="C:\Program Files\VertrigoServ\Vertrigo.exe:*:Enabled:VertrigoServ"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\BitTorrent\BitTorrent.exe"="C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"C:\Program Files\Mobile Witch Remote Control\Mobile Witch Remote Control.exe"="C:\Program Files\Mobile Witch Remote Control\Mobile Witch Remote Control.exe:*:Enabled:Mobile Witch Remote Control"
"C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\MKWB1UX1\MWRemoteCtrl[2].jar"="C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\MKWB1UX1\MWRemoteCtrl[2].jar:*:Enabled:MWRemoteCtrl[2].jar"
"C:\Program Files\Adobe\Adobe Flash CS5\Flash.exe"="C:\Program Files\Adobe\Adobe Flash CS5\Flash.exe:*:Enabled:Adobe Flash CS5"
"C:\Instal\Super Video Converter 2010 build 42 - free\VideoConverter_Setup.exe"="C:\Instal\Super Video Converter 2010 build 42 - free\VideoConverter_Setup.exe:*:Enabled:Video Converter"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\R6JDG779\n11975310_09.JPG-www.facebook[1].exe"="c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 months======

2011-02-10 21:56:14 ----D---- C:\rsit
2011-02-10 21:56:14 ----D---- C:\Program Files\trend micro
2011-02-10 21:27:52 ----SD---- C:\ComboFix
2011-02-10 19:30:37 ----A---- C:\WINDOWS\MBR.exe
2011-02-10 19:30:36 ----A---- C:\WINDOWS\PEV.exe
2011-02-10 03:39:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-10 03:38:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-10 03:37:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-10 03:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-10 03:08:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-10 03:06:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-10 03:05:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-02-09 09:04:40 ----A---- C:\WINDOWS\ntbtlog.txt
2011-02-09 09:04:32 ----ASH---- C:\pagefile.sys
2011-02-08 18:44:33 ----A---- C:\Boot.bak
2011-02-08 18:43:54 ----RASHD---- C:\cmdcons
2011-02-08 18:29:07 ----A---- C:\WINDOWS\zip.exe
2011-02-08 18:29:07 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-02-08 18:29:07 ----A---- C:\WINDOWS\SWSC.exe
2011-02-08 18:29:07 ----A---- C:\WINDOWS\SWREG.exe
2011-02-08 18:29:07 ----A---- C:\WINDOWS\sed.exe
2011-02-08 18:29:07 ----A---- C:\WINDOWS\NIRCMD.exe
2011-02-08 18:29:07 ----A---- C:\WINDOWS\grep.exe
2011-02-08 18:27:11 ----D---- C:\WINDOWS\ERDNT
2011-02-08 18:27:06 ----A---- C:\WINDOWS\system32\CF2925.exe
2011-02-08 18:27:02 ----A---- C:\WINDOWS\system32\CF2918.exe
2011-02-08 17:34:10 ----D---- C:\Qoobox
2011-02-02 20:31:41 ----D---- C:\Program Files\Citrix
2011-01-28 18:24:57 ----D---- C:\Program Files\iPod
2011-01-28 18:23:44 ----D---- C:\Program Files\iTunes
2011-01-24 09:55:03 ----D---- C:\Program Files\WMP Tag Plus
2011-01-24 09:27:27 ----A---- C:\WINDOWS\system32\CoreFLACDecoder-uninstall.exe
2011-01-15 11:21:26 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2011-01-15 11:21:18 ----D---- C:\WINDOWS\system32\winrm
2011-01-15 11:20:56 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2011-01-15 11:20:52 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2011-01-15 11:20:17 ----D---- C:\WINDOWS\system32\DRM
2011-01-13 03:05:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$

======List of files/folders modified in the last 1 months======

2011-02-10 21:56:14 ----RD---- C:\Program Files
2011-02-10 21:51:53 ----D---- C:\Instal
2011-02-10 21:51:53 ----A---- C:\WINDOWS\wincmd.ini
2011-02-10 21:28:36 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-10 21:27:49 ----D---- C:\WINDOWS\system32\drivers
2011-02-10 21:25:15 ----D---- C:\WINDOWS
2011-02-10 21:23:16 ----D---- C:\WINDOWS\system32\inetsrv
2011-02-10 21:23:06 ----A---- C:\WINDOWS\system32\LOCALSERVICE.INI
2011-02-10 21:22:38 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2011-02-10 21:22:36 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-02-10 21:22:05 ----D---- C:\WINDOWS\Temp
2011-02-10 19:31:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-10 19:27:25 ----D---- C:\Documents and Settings\Administrator\Data aplikací\PriceGong
2011-02-10 19:26:54 ----A---- C:\WINDOWS\MAILTRAN.INI
2011-02-10 19:12:50 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2011-02-10 19:08:04 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt
2011-02-10 19:07:59 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt
2011-02-10 19:07:59 ----A---- C:\WINDOWS\ModemLog_Nokia N95 Bluetooth Modem.txt
2011-02-10 19:07:58 ----A---- C:\WINDOWS\ModemLog_Nokia N97 mini Bluetooth Modem #2.txt
2011-02-10 19:05:13 ----D---- C:\WINDOWS\Prefetch
2011-02-10 19:04:11 ----A---- C:\WINDOWS\system32\bscs.ini
2011-02-10 16:06:23 ----D---- C:\WINDOWS\system32
2011-02-10 09:08:15 ----D---- C:\WINDOWS\system32\config
2011-02-10 05:42:27 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-02-10 05:17:59 ----D---- C:\Program Files\Internet Explorer
2011-02-10 03:40:08 ----HD---- C:\WINDOWS\inf
2011-02-10 03:39:53 ----DC---- C:\WINDOWS\system32\dllcache
2011-02-10 03:39:13 ----A---- C:\WINDOWS\imsins.BAK
2011-02-10 03:12:08 ----A---- C:\WINDOWS\system32\MRT.exe
2011-02-10 03:09:22 ----D---- C:\WINDOWS\ie8updates
2011-02-10 03:09:07 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-10 03:08:09 ----SHD---- C:\WINDOWS\Installer
2011-02-10 03:08:08 ----HD---- C:\Config.Msi
2011-02-10 03:07:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-02-09 13:50:33 ----A---- C:\WINDOWS\WDICT32.INI
2011-02-08 22:12:52 ----SHD---- C:\WINDOWS\CSC
2011-02-08 18:44:34 ----RASH---- C:\boot.ini
2011-02-08 14:37:04 ----D---- C:\Share
2011-02-08 14:31:41 ----D---- C:\Program Files\CoffeeCup Software
2011-02-06 18:00:04 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-02-04 11:30:01 ----A---- C:\WINDOWS\TextSpy.ini
2011-02-04 06:14:01 ----A---- C:\WINDOWS\WEBTRAN4.INI
2011-02-03 18:20:48 ----A---- C:\WINDOWS\TRNCOM.INI
2011-02-02 23:32:50 ----D---- C:\Ptakovinky
2011-02-02 12:49:35 ----D---- C:\Program Files\Opera
2011-01-31 13:58:02 ----D---- C:\Pomoc
2011-01-30 22:51:28 ----D---- C:\Documents and Settings\Administrator\Data aplikací\FileZilla
2011-01-28 18:24:50 ----D---- C:\Program Files\Common Files\Apple
2011-01-28 17:41:30 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-01-24 09:55:05 ----D---- C:\Program Files\Windows Media Player
2011-01-24 09:00:08 ----A---- C:\WINDOWS\NeroDigital.ini
2011-01-22 19:35:27 ----D---- C:\WINDOWS\security
2011-01-21 20:33:01 ----D---- C:\Ekonom
2011-01-21 15:44:07 ----N---- C:\WINDOWS\system32\shimgvw.dll
2011-01-21 15:44:07 ----A---- C:\WINDOWS\system32\shell32.dll
2011-01-18 21:14:53 ----D---- C:\Program Files\KompoZer
2011-01-17 12:27:46 ----D---- C:\VID
2011-01-16 21:36:08 ----D---- C:\Zalohy
2011-01-15 11:30:18 ----D---- C:\WINDOWS\Microsoft.NET
2011-01-15 11:30:15 ----RSD---- C:\WINDOWS\assembly
2011-01-15 11:21:52 ----D---- C:\WINDOWS\Help
2011-01-15 11:21:19 ----D---- C:\WINDOWS\system32\wbem
2011-01-15 11:20:19 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-15 11:19:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\NOS
2011-01-15 11:18:10 ----D---- C:\WINDOWS\system32\ReinstallBackups

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
Nahoru
joke1
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 10 úno 2011 10:18

Re: iexplorer+lsass+Vacu

#4 Příspěvek od joke1 »

Zbytek:

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2009-01-07 20744]
R0 d347bus;d347bus; C:\WINDOWS\system32\DRIVERS\d347bus.sys [2004-08-22 155136]
R0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-04-08 70400]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 RecAgent;RecAgent; C:\WINDOWS\system32\DRIVERS\SLDRV\RecAgent.sys [2005-05-10 14680]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 InCDPass;Nero InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2008-06-10 38952]
R1 incdrm;Nero InCD MRW Remapper; C:\WINDOWS\system32\drivers\InCDRm.sys [2008-06-10 40488]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R3 ASAPIW2K;ASAPIW2K; \??\C:\WINDOWS\system32\Drivers\asapiW2k.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-06-02 171008]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2010-06-26 10368]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-06-30 190560]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w29n51;Intel(R) PRO/Wireless 2915ABG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-04-30 3281408]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-06-27 234752]
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 ISODrive;ISO CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
S1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-04-08 54272]
S2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
S2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2005-03-14 41984]
S2 Ethpdrv;Ethernet Packet Driver; C:\WINDOWS\system32\DRIVERS\ethpdrv.sys [2005-09-08 9728]
S2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
S2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2006-03-02 63232]
S2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2006-03-02 55936]
S2 SECURITY;%JUPITER.DeviceDesc%; C:\WINDOWS\system32\DRIVERS\JUPITER.sys [2009-07-24 6528]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-01-22 2845696]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2008-11-25 33800]
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2008-11-25 27528]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2008-12-07 14088]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2005-06-21 401152]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2009-01-03 39304]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2005-06-21 30363]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys []
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-06-21 1341466]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2005-06-21 148040]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-06-21 56648]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cglptnt;cglptnt; \??\C:\totalcmd\cglptnt.sys []
S3 DCamUSBET;ET USB 2760 Camera; C:\WINDOWS\system32\DRIVERS\etDevice.sys [2007-11-29 121856]
S3 FiltUSBET;ET USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\etFilter.sys [2007-09-12 217088]
S3 FLMCKUSB;AuthenTec TruePrint USB Driver (AES3400, AES3500, AES4000); C:\WINDOWS\System32\Drivers\FLMckUSB.sys [2009-07-24 80724]
S3 GemCCID;GemCCID; C:\WINDOWS\System32\Drivers\GemCCID.sys [2009-08-10 89600]
S3 GTwinUSB;GTwinUSB; C:\WINDOWS\System32\Drivers\GTwinUSB.sys [2002-10-04 61776]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 IpwP;IPWireless 3G PCMCIA Network Adapter; C:\WINDOWS\system32\DRIVERS\ipwpnet.sys [2005-07-30 43184]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys [2005-05-10 237616]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys [2005-05-10 1464848]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-06-18 34064]
S3 odysseyIM4;Odyssey Network Agent Miniport; C:\WINDOWS\system32\DRIVERS\odysseyIM4.sys [2004-06-15 173056]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\Sandra.sys []
S3 ScanUSBET;ET USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\etScan.sys [2007-09-07 6656]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\SLDRV\slntamr.sys [2005-05-10 698848]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys [2005-05-10 101328]
S3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys [2005-05-10 13248]
S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-28 220992]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-06-23 162176]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2008-01-21 14856]
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2009-01-08 31880]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2005-10-11 110080]
S4 InCDfs;Nero InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2008-06-10 128424]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S1 InCDRec;Nero InCD File System Recognizer; C:\WINDOWS\system32\drivers\InCDRec.sys [2008-06-10 18088]
S2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-01-05 37664]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-01-22 512000]
S2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
S2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2009-02-27 850432]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
S2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2009-02-27 143467]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2005-06-21 258103]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
S2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
S2 CWS_Apache_80;CWS_Apache_80; C:\ComplexWebServer\apache\bin\apache.exe -k runservice []
S2 CWS_MySQL_3306;CWS_MySQL_3306; C:\ComplexWebServer\mysql\bin\mysqld.exe --defaults-file=C:\ComplexWebServer\mysql\conf\mysqld.conf CWS_MySQL_3306 []
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
S2 IISADMIN;Správa služby IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe [2008-06-10 1442088]
S2 Iprip;Naslouchání RIP; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
S2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2008-04-14 4608]
S2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2008-04-14 117248]
S2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [2008-06-10 53032]
S2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2009-10-07 495616]
S2 pgsql-8.3;PostgreSQL Database Server 8.3; C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [2008-09-19 65536]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S2 SLService;SmartLinkService; C:\WINDOWS\system32\slmdmsr.exe [2005-05-10 61440]
S2 SMTPSVC;Simple Mail Transport Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
S2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
S2 W3SVC;Publikování na webu; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
S2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2009-02-27 98407]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-21 182768]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-01-25 820008]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2006-03-02 19456]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 p2pgasvc;Ověřování v síti skupiny rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2pimsvc;Správce identit sítě rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2psvc;Síť rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 PNRPSvc;Protokol PNRP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-02-26 652800]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: iexplorer+lsass+Vacu

#5 Příspěvek od Rudy »

1. PC vyčistěte CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 .
2. Odinstalujte AskBar.
3. Proveďte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
joke1
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 10 úno 2011 10:18

Re: iexplorer+lsass+Vacu

#6 Příspěvek od joke1 »

Bod 1. a 2. jsem provedl. Zde je log.


Malwarebytes' Anti-Malware 1.50.1.1100
http://www.malwarebytes.org

Verze databáze: 5735

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

2011-02-10 23:25:22
mbam-log-2011-02-10 (23-25-10).txt

Typ kontroly: Rychlý test
Testované objekty: 193640
Uplynulý čas: 7 minut, 46 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 23
Infikované hodnoty v registru: 2
Infikované datové položky v registru: 0
Infikované složky: 8
Infikované soubory: 31

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{0286A85D-CD62-43bb-B7A9-A87D1D027160} (Adware.SuperSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{EE53711B-0711-4999-88F0-33DC043623B1} (Adware.SuperSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{48C9E279-C48C-48C1-9AFC-E4E9E5E5E350} (Adware.SuperSearch) -> No action taken.
HKEY_CLASSES_ROOT\SuperSearch.BHOBridge.1 (Adware.SuperSearch) -> No action taken.
HKEY_CLASSES_ROOT\SuperSearch.BHOBridge (Adware.SuperSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0286A85D-CD62-43BB-B7A9-A87D1D027160} (Adware.SuperSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0286A85D-CD62-43BB-B7A9-A87D1D027160} (Adware.SuperSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0286A85D-CD62-43BB-B7A9-A87D1D027160} (Adware.SuperSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{01677B4B-0610-4814-94A0-5F570DD7A88F} (Trojan.SearchRedir.G) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{A5B0779F-0A3E-482E-BB31-B7B871599F60} (Trojan.SearchRedir.G) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{5106ED5C-7245-4F5A-ABCA-67B0C15333D2} (Trojan.SearchRedir.G) -> No action taken.
HKEY_CLASSES_ROOT\GooglePlusVideos.BHOBridge.1 (Trojan.SearchRedir.G) -> No action taken.
HKEY_CLASSES_ROOT\GooglePlusVideos.BHOBridge (Trojan.SearchRedir.G) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01677B4B-0610-4814-94A0-5F570DD7A88F} (Trojan.SearchRedir.G) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{01677B4B-0610-4814-94A0-5F570DD7A88F} (Trojan.SearchRedir.G) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01677B4B-0610-4814-94A0-5F570DD7A88F} (Trojan.SearchRedir.G) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2EA256ED-74B3-4322-B1E0-53D00C693E6E} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\SuperSearch.SuperSearchFirefoxMgr.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\SuperSearch.SuperSearchFirefoxMgr (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000005-0000-0000-0000-100009000004} (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{FD90C192-481B-4A89-9FD7-CFA65709F541} (Adware.SuperSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{0FDCF5F0-D211-4412-A6E3-DD4938E26E24} (Adware.SuperSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SiteVacuum (Adware.SuperSearch) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run\NVIDIA driver monitor (Backdoor.Agent) -> Value: NVIDIA driver monitor -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SiteVacuum (Adware.SuperSearch) -> Value: SiteVacuum -> No action taken.

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
c:\program files\easysearch (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\FFExt (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\FFExt\chrome (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\FFExt\chrome\content (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\FFExt (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\FFExt\chrome (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\FFExt\chrome\content (Adware.SuperSearch) -> No action taken.

Infikované soubory:
c:\program files\easysearch\BHO\15.supersearch.dll (Adware.SuperSearch) -> No action taken.
c:\program files\googleplusvideos\23.googleplusvideos.dll (Trojan.SearchRedir.G) -> No action taken.
c:\program files\mozilla firefox\extensions\supersearch@supersearch.com (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\isitevacuumxpcom.xpt (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\MFC42U.DLL (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\sitevacuumclient.bue (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\sitevacuumclient.exe (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\sitevacuumclient.tlb (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\sitevacuumlicense.txt (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\sitevacuumxpcom.dll (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\tskill.exe (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\uninst.exe (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\updatehelper.exe (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\what.is.sitevacuumclient.exe.txt (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\WSConfig.ini (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\deploymenthelper.exe (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\isupersearchxpcom.xpt (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\MFC42U.DLL (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\supersearchlicense.txt (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\supersearchxpcom.dll (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\SVConfig.ini (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\uninst.exe (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\what.is.sitevacuum.txt (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\FFExt\chrome.manifest (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\FFExt\install.rdf (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\FFExt\chrome\content\script-injector.js (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\BHO\FFExt\chrome\content\supersearch.xul (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\FFExt\chrome.manifest (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\FFExt\install.rdf (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\FFExt\chrome\content\script-injector.js (Adware.SuperSearch) -> No action taken.
c:\program files\easysearch\FFExt\chrome\content\sitevacuum.xul (Adware.SuperSearch) -> No action taken.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: iexplorer+lsass+Vacu

#7 Příspěvek od Rudy »

Nalezené položky smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
joke1
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 10 úno 2011 10:18

Re: iexplorer+lsass+Vacu

#8 Příspěvek od joke1 »

smazáno, CPU mezi 20-100 (75 nečinné procesy), paměť 1010/4961, je tam 5x chrome.exe - Admin, 6x postgres.exe - postgres, 2x ati2evxx.exe - System. Spuštěn jen Srávce a Prohlížeč Chrome (1 záložka). Rychlost se zvýšila. Spustil jsem ještě Operu, Firefox a IE. Všechno se nějak pohybovalo a dalo se s tím pracovat. Děkuju moc, tedy pokud je to vše. Nebo mám ještě něco udělat?
Naposledy upravil(a) joke1 dne 11 úno 2011 21:25, celkem upraveno 1 x.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: iexplorer+lsass+Vacu

#9 Příspěvek od Rudy »

Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
joke1
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 10 úno 2011 10:18

Re: iexplorer+lsass+Vacu

#10 Příspěvek od joke1 »

jj, doplnil jsem výše. Jen si nejsem jistý, že chápu co jsem všechno dělal.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: iexplorer+lsass+Vacu

#11 Příspěvek od Rudy »

Mělo by to být vše. provedl jste čištění od balastu, odinstaloval jste AdWare a odviroval PC AV skenerem.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
joke1
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 10 úno 2011 10:18

Re: iexplorer+lsass+Vacu

#12 Příspěvek od joke1 »

Já měl na mysli ten RSIT, ten jsem neznal. Ještě jednou DÍKY. Plznička ať chutná na věky věků...
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: iexplorer+lsass+Vacu

#13 Příspěvek od Rudy »

RSIT je základní sken, podle kterého se rozhodujeme, jaké nástroje použít. Bez něj bych se bál na to pustit ComboFix. Díky za přání a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“