Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

svchost.exe přestal pracovat

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
mr.tommy
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 23 říj 2010 17:36

svchost.exe přestal pracovat

#1 Příspěvek od mr.tommy »

Čaute...
Už asi týden mám problém se zpomaleným PC... Při každém spuštění Windows 7 mi naskočíte okno s textem "svchost.exe přestal pracovat"... Už si opravdu nevím rady... Stáhnul jsem si Ccleaner a vůbec to nepomohlo... Počítač mi při startu Windows téměř nepracuje, jen tak zlehka poblikává... Někdy mi Windows ani dokonce úplně nenajede... Prostě jako by se zasekl...Zasílám svůj vygenerovaný log... Prosím pomozte... :(


Logfile of HijackThis v1.99.1
Scan saved at 18:30:27, on 23.10.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\AsScrPro.exe
C:\Program Files\ASUS\Asus WebStorage\BackupService.exe
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Program Files\ASUS\LivCam\LivCam.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Creative\Sound Blaster Play\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\adidas\miCoach Manager\miCoachManager.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ASUS\Asus WebStorage\EeeStorageUploader.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Tommy\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Users\Tommy\AppData\Roaming\dll\svchost.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: ArcIEVideoUp - {4E18E9A4-95B3-4F8B-AE3B-AB7478DE92EE} - C:\PROGRA~1\ArcSoft\TOTALM~1\codec\ArcIEVideoUp.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [EeeStorageBackup] C:\Program Files\ASUS\Asus WebStorage\BackupService.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [DTRun] C:\Program Files\ArcSoft\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [LivCam] "C:\Program Files\ASUS\LivCam\LivCam.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [OOBESetup] C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe /restore -"C:\Program Files\asus\OOBERegBackup\OOBEReg.ini"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Play\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [dll] C:\Users\Tommy\AppData\Roaming\dll\svchost.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [micoach] "C:\Program Files\adidas\miCoach Manager\miCoachManager.exe" /autostart
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F68B4A1B-4FCB-4C91-A86E-40B1759FBB1E}: NameServer = 10.10.2.10,80.82.144.94
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: svchost.exe přestal pracovat

#2 Příspěvek od earl »

Zdravim,

:arrow: Pro zrychleni startu Windows stahnete a spustte program StartUpLite

Program vypise seznam zbytecnych programu spoustejicich se pri startu Windows .

K vypnuti spousteni techto programu zaskrtnete u prislusnych radku Disable a kliknete na Continue.

:arrow: Provedte nekolikrat po sobe defragmentaci systemoveho disku C: - Start-Vsechny programy-Prislusenstvi-Systemove nastroje-Defragmentace disku

:arrow: Stahnete DDS a ulozte ho na plochu.

Zavrete vsechna spustena okna a spustte program jako Administrator, potvrdte licencni podminky a postupujte podle pokynu. Zacne scanovani.

Az skonci, tak by mel vytvorit 2 logy proto se vam 2krat otevre notepad. Jeden log bude mit nazev DDS.txt a druhy attach.txt.

Zkopirujte sem pouze ten DDS.txt.

V pripade nejasnosti navod zde
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
mr.tommy
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 23 říj 2010 17:36

Re: svchost.exe přestal pracovat

#3 Příspěvek od mr.tommy »

Tak tady to je...


DDS (Ver_10-10-21.02) - NTFSx86
Run by Tommy at 19:19:01,30 on so 23.10.2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.1791.996 [GMT 2:00]

SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Spyware Terminator *enabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}

============== Running Processes ===============

C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\taskhost.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Windows\System32\AsusService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Windows\AsScrPro.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
C:\Program Files\ASUS\Asus WebStorage\BackupService.exe
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\Program Files\ASUS\LivCam\LivCam.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Creative\Sound Blaster Play\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\adidas\miCoach Manager\miCoachManager.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\ASUS\Asus WebStorage\EeeStorageUploader.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\BitTorrent\bittorrent.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\Tommy\Desktop\dds.scr
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.seznam.cz/
uDefault_Page_URL = hxxp://asus.msn.com
uURLSearchHooks: H - No File
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\users\tommy\appdata\roaming\dll\svchost.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: ArcSoft Video Helper: {4e18e9a4-95b3-4f8b-ae3b-ab7478de92ee} - c:\progra~1\arcsoft\totalm~1\codec\ArcIEVideoUp.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: &Crawler lišta: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\toolbar\ctbr.dll
TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: @c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
uRun: [SpywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe"
uRun: [Power2GoExpress]
uRun: [micoach] "c:\program files\adidas\micoach manager\miCoachManager.exe" /autostart
uRun: [CreativeTaskScheduler] "c:\program files\creative\shared files\CTSched.exe" /logon
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [HotkeyMon] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotKeyMon.exe
mRun: [HotkeyService] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotkeyService.exe
mRun: [SuperHybridEngine] AsusSender.exe c:\program files\eeepc\she\SuperHybridEngine.exe
mRun: [ASUS Screen Saver Protector] c:\windows\AsScrPro.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [EeeStorageBackup] c:\program files\asus\asus webstorage\BackupService.exe
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
mRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exe autorun
mRun: [LiveUpdate] AsusSender.exe c:\program files\asus\liveupdate\LiveUpdate.exe auto
mRun: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
mRun: [DTRun] c:\program files\arcsoft\totalmedia theatre 3\uDTRun.exe
mRun: [LivCam] "c:\program files\asus\livcam\LivCam.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [OOBESetup] c:\program files\asus\ooberegbackup\ooberegbackup.exe /restore -"c:\program files\asus\ooberegbackup\OOBEReg.ini"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [Ulead AutoDetector v2] c:\program files\common files\ulead systems\autodetector\monitor.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 5.0\apdproxy.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [CTSysVol] c:\program files\creative\sound blaster play\surround mixer\CTSysVol.exe /r
mRun: [VolPanel] "c:\program files\creative\sound blaster play\volume panel\VolPanlu.exe" /r
mRun: [dll] c:\users\tommy\appdata\roaming\dll\svchost.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SpywareTerminator] "c:\program files\spyware terminator\SpywareTerminatorShield.exe"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{b0bf7057-6869-4e4b-920c-ea2a58da07f0}\Icon3E5562ED7.ico
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab
TCP: 96E6475627E65647 = 80.82.146.11,80.82.144.142
TCP: {F68B4A1B-4FCB-4C91-A86E-40B1759FBB1E} = 10.10.2.10,80.82.144.94
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\crawler\toolbar\ctbr.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\tommy\appdata\roaming\mozilla\firefox\profiles\ona1ocxb.default\
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=39&tp=ab&q=
FF - component: c:\program files\crawler\toolbar\firefox\components\xcomm.dll
FF - component: c:\program files\crawler\toolbar\firefox\components\xshared.dll
FF - component: c:\program files\crawler\toolbar\firefox\components\xsupport.dll
FF - component: c:\program files\crawler\toolbar\firefox\components\xwsg.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.jit.chrome", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("security.checkloaduri", true);
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2009-11-4 11448]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-22 165584]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 298448]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-2-28 142592]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2009-11-4 219136]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-22 17744]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-10-22 50768]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-22 40384]
R2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\asus\game park\gameconsole\OberonGameConsoleService.exe [2009-11-4 44312]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-10-22 1153368]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-22 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-22 40384]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-10-21 51712]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-10-21 66592]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2010-1-29 997408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 249424]
S2 gupdate;Služba Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-27 135664]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2010-9-15 1334784]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 21072]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-10-21 43944]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-11-4 29472]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2010-9-2 79360]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2010-8-16 112128]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-23 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2010-8-16 102912]
S3 twtyfilt;twtyfilt;c:\windows\system32\drivers\twtyfilt.sys [2010-8-31 20480]

=============== Created Last 30 ================

2010-10-23 06:35:21 -------- d-----w- c:\users\tommy\Tracing
2010-10-23 06:24:26 -------- d-----w- c:\windows\cs
2010-10-23 06:23:33 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-10-23 06:15:11 -------- d-----w- c:\program files\MSN Toolbar
2010-10-23 06:14:30 -------- d-----w- c:\program files\Bing Bar Installer
2010-10-23 06:13:49 469256 ----a-w- c:\program files\common files\windows live\.cache\7220c2b01cb72790b\InstallManager_WLE_WLE.exe
2010-10-23 06:13:42 15712 ----a-w- c:\program files\common files\windows live\.cache\71073c601cb72790a\MeshBetaRemover.exe
2010-10-23 06:13:30 94040 ----a-w- c:\program files\common files\windows live\.cache\67d766101cb727909\DSETUP.dll
2010-10-23 06:13:30 525656 ----a-w- c:\program files\common files\windows live\.cache\67d766101cb727909\DXSETUP.exe
2010-10-23 06:13:30 1691480 ----a-w- c:\program files\common files\windows live\.cache\67d766101cb727909\dsetup32.dll
2010-10-23 06:13:24 94040 ----a-w- c:\program files\common files\windows live\.cache\6586e6601cb727908\DSETUP.dll
2010-10-23 06:13:24 525656 ----a-w- c:\program files\common files\windows live\.cache\6586e6601cb727908\DXSETUP.exe
2010-10-23 06:13:24 1691480 ----a-w- c:\program files\common files\windows live\.cache\6586e6601cb727908\dsetup32.dll
2010-10-23 06:12:25 -------- d-----w- c:\users\tommy\appdata\local\Windows Live
2010-10-22 11:04:34 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-10-22 11:04:04 38848 ----a-w- c:\windows\avastSS.scr
2010-10-22 11:03:56 -------- d-----w- c:\progra~2\Alwil Software
2010-10-22 08:16:45 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-10-22 08:16:45 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2010-10-22 07:26:32 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{1de2ca4f-61eb-4340-8f87-85f8fd24bd45}\mpengine.dll
2010-10-21 18:22:41 3181568 ----a-w- c:\windows\system32\mf.dll
2010-10-21 18:22:41 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2010-10-21 18:22:38 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2010-10-20 07:53:54 -------- d-----w- c:\users\tommy\appdata\roaming\AVG10
2010-10-20 07:52:37 -------- d--h--w- c:\progra~2\Common Files
2010-10-20 07:30:11 -------- d-----w- c:\windows\system32\drivers\AVG
2010-10-20 07:30:11 -------- d-----w- c:\progra~2\AVG10
2010-10-20 07:06:20 -------- d-----w- c:\progra~2\MFAData
2010-10-16 09:53:50 -------- d-----w- c:\program files\CCleaner
2010-10-13 14:06:00 4247040 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2010-10-13 14:06:00 1413632 ----a-w- c:\windows\system32\ole32.dll
2010-10-13 14:04:13 224256 ----a-w- c:\windows\system32\schannel.dll
2010-10-12 08:11:50 -------- d-----w- c:\users\tommy\appdata\local\Apple Computer
2010-10-12 08:00:51 -------- d-----w- C:\Vypálit!!!
2010-10-11 18:35:32 -------- d-----w- c:\progra~2\RegCure
2010-10-09 13:43:42 -------- d-----w- c:\users\tommy\appdata\local\Tauchfahrt zur Titanic
2010-10-09 13:32:04 -------- d-----w- c:\users\tommy\appdata\local\Apple
2010-10-09 13:24:19 -------- d-----w- c:\program files\Titanic - Der Tauchfahrt-Simulator
2010-10-09 11:02:41 749568 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iKernel.dll
2010-10-09 11:02:41 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\ctor.dll
2010-10-09 11:02:41 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\DotNetInstaller.exe
2010-10-09 11:02:41 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iscript.dll
2010-10-09 11:02:41 180224 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iuser.dll
2010-10-09 11:02:34 192644 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iGdi.dll
2010-10-09 11:02:33 323716 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\setup.dll
2010-10-09 09:12:50 -------- d-sh--r- c:\users\tommy\appdata\roaming\dll
2010-10-08 20:54:15 -------- d-----w- C:\temp
2010-10-07 17:30:58 -------- d-----w- c:\program files\common files\Voyetra
2010-10-07 17:23:36 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
2010-10-06 20:50:12 34304 ------w- c:\windows\VF2US.DLL
2010-10-06 20:50:12 25600 ------w- c:\windows\MsgV3US.DLL
2010-10-06 15:25:50 -------- d-----w- c:\program files\Kingpin
2010-10-06 15:25:42 306688 ----a-w- c:\windows\IsUninst.exe
2010-10-03 17:10:53 -------- d-----w- C:\Games X10 mini
2010-09-30 06:34:35 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2010-09-30 06:34:34 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-09-29 11:55:14 -------- d-----w- c:\program files\Activision
2010-09-29 10:35:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-29 10:35:22 13312 ----a-w- c:\program files\internet explorer\iecompat.dll
2010-09-28 20:55:50 -------- d-----w- c:\program files\MSXML 4.0
2010-09-28 11:26:54 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\backup\mpengine.dll
2010-09-28 07:51:24 -------- d-----w- c:\users\tommy\appdata\local\NokiaAccount
2010-09-28 07:51:20 -------- d-----w- c:\users\tommy\appdata\local\Nokia
2010-09-28 07:43:50 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-09-28 07:43:39 -------- d-----w- c:\program files\PC Connectivity Solution
2010-09-28 07:40:05 -------- d-----w- c:\progra~2\NokiaInstallerCache
2010-09-27 09:49:19 -------- d-----w- c:\users\tommy\appdata\roaming\SQL Developer
2010-09-27 09:34:09 -------- d-----w- C:\DevSuiteHome_1
2010-09-27 09:33:57 -------- d-----w- c:\program files\Oracle
2010-09-27 09:20:09 -------- d-----w- c:\program files\common files\Deterministic Networks
2010-09-27 09:20:06 -------- d-----w- c:\program files\Cisco Systems
2010-09-26 19:09:46 171368 ----a-w- c:\progra~2\microsoft\windows\sqm\manifest\Sqm10133.bin
2010-09-24 08:08:59 222080 ------w- c:\windows\system32\MpSigStub.exe

==================== Find3M ====================

2010-09-22 22:47:28 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 22:32:56 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-21 12:03:14 208768 ----a-w- c:\windows\system32\LIVESSP.DLL
2010-09-16 13:53:18 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-09-08 04:30:04 978432 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 04:28:15 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 03:22:31 386048 ----a-w- c:\windows\system32\html.iec
2010-09-08 02:48:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-02 08:06:22 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-02 08:06:22 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-01 04:23:49 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2010-09-01 02:34:52 2327552 ----a-w- c:\windows\system32\win32k.sys
2010-08-31 04:32:30 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-30 20:06:52 368640 ----a-w- c:\windows\system32\ReWire.dll
2010-08-30 20:06:52 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2010-08-27 05:46:48 168448 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 04:39:58 109056 ----a-w- c:\windows\system32\t2embed.dll
2010-08-21 05:36:33 738816 ----a-w- c:\windows\system32\wmpmde.dll
2010-08-21 05:33:24 530432 ----a-w- c:\windows\system32\comctl32.dll
2010-08-21 05:32:37 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-07-29 06:30:49 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30:34 82944 ----a-w- c:\windows\system32\iccvid.dll

============= FINISH: 19:22:43,28 ===============
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: svchost.exe přestal pracovat

#4 Příspěvek od earl »

:arrow: otestujte na VIRUSTOTALu

c:\windows\system32\mf.dll

c:\windows\system32\mfreadwrite.dll

(navod prosty: po nacteni stranky kliknete na tlacitko Prochazet , najdete cestu k vyse zminenemu souboru a kliknete na tlacitko Odeslat soubor; dejte skenerum nejakych deset minut; vysledek sem vlozte)

Pokud skener napíše, že soubor již byl testován, dejte otestovat znovu.

Odinstalujte Spybot SaD,je zastaraly a AVG,mate Avast,ten je schopnejsi.

:arrow: Klepnete na Tento pocitac-Nastroje-Moznosti slozky-Zobrazeni-a odfajfkujte Skryt chranene soubory operacniho systemu a oznacte Zobrazovat skryte soubory a slozky.Po ukonceni vsech procedur stejnou cestou vratte nastaveni zpet.

Najdete a smazte tento soubor:

c:\users\tommy\appdata\roaming\dll\svchost.exe
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
mr.tommy
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 23 říj 2010 17:36

Re: svchost.exe přestal pracovat

#5 Příspěvek od mr.tommy »

mf.dll

Antivirus Version Last Update Result
AhnLab-V3 2010.10.23.01 2010.10.23 -
AntiVir 7.10.13.27 2010.10.22 -
Antiy-AVL 2.0.3.7 2010.10.23 -
Authentium 5.2.0.5 2010.10.23 -
Avast 4.8.1351.0 2010.10.23 -
Avast5 5.0.594.0 2010.10.23 -
AVG 9.0.0.851 2010.10.23 -
BitDefender 7.2 2010.10.23 -
CAT-QuickHeal 11.00 2010.10.22 -
ClamAV 0.96.2.0-git 2010.10.23 -
Comodo 6486 2010.10.23 -
DrWeb 5.0.2.03300 2010.10.23 -
Emsisoft 5.0.0.50 2010.10.23 -
eSafe 7.0.17.0 2010.10.21 -
eTrust-Vet 36.1.7929 2010.10.22 -
F-Prot 4.6.2.117 2010.10.22 -
F-Secure 9.0.16160.0 2010.10.23 -
Fortinet 4.2.249.0 2010.10.23 -
GData 21 2010.10.23 -
Ikarus T3.1.1.90.0 2010.10.23 -
Jiangmin 13.0.900 2010.10.23 -
K7AntiVirus 9.66.2813 2010.10.22 -
Kaspersky 7.0.0.125 2010.10.23 -
McAfee 5.400.0.1158 2010.10.23 -
McAfee-GW-Edition 2010.1C 2010.10.23 -
Microsoft 1.6301 2010.10.23 -
NOD32 5558 2010.10.23 -
Norman 6.06.10 2010.10.23 -
nProtect 2010-10-23.01 2010.10.23 -
Panda 10.0.2.7 2010.10.23 -
PCTools 7.0.3.5 2010.10.23 -
Rising 22.70.03.04 2010.10.22 -
Sophos 4.58.0 2010.10.23 -
Sunbelt 7125 2010.10.23 -
SUPERAntiSpyware 4.40.0.1006 2010.10.23 -
Symantec 20101.2.0.161 2010.10.23 -
TheHacker 6.7.0.1.065 2010.10.23 -
TrendMicro 9.120.0.1004 2010.10.23 -
TrendMicro-HouseCall 9.120.0.1004 2010.10.23 -
VBA32 3.12.14.1 2010.10.22 -
ViRobot 2010.8.31.4017 2010.10.23 -
VirusBuster 12.69.15.5 2010.10.23 -




mfreadwrite.dll


Antivirus Version Last Update Result
AhnLab-V3 2010.10.23.01 2010.10.23 -
AntiVir 7.10.13.27 2010.10.22 -
Antiy-AVL 2.0.3.7 2010.10.23 -
Authentium 5.2.0.5 2010.10.23 -
Avast 4.8.1351.0 2010.10.23 -
Avast5 5.0.594.0 2010.10.23 -
AVG 9.0.0.851 2010.10.23 -
BitDefender 7.2 2010.10.23 -
CAT-QuickHeal 11.00 2010.10.22 -
ClamAV 0.96.2.0-git 2010.10.23 -
Comodo 6486 2010.10.23 -
DrWeb 5.0.2.03300 2010.10.23 -
Emsisoft 5.0.0.50 2010.10.23 -
eSafe 7.0.17.0 2010.10.21 -
eTrust-Vet 36.1.7929 2010.10.22 -
F-Prot 4.6.2.117 2010.10.22 -
F-Secure 9.0.16160.0 2010.10.23 -
Fortinet 4.2.249.0 2010.10.23 -
GData 21 2010.10.23 -
Ikarus T3.1.1.90.0 2010.10.23 -
Jiangmin 13.0.900 2010.10.23 -
K7AntiVirus 9.66.2813 2010.10.22 -
Kaspersky 7.0.0.125 2010.10.23 -
McAfee 5.400.0.1158 2010.10.23 -
McAfee-GW-Edition 2010.1C 2010.10.23 -
Microsoft 1.6301 2010.10.23 -
NOD32 5558 2010.10.23 -
Norman 6.06.10 2010.10.23 -
nProtect 2010-10-23.01 2010.10.23 -
Panda 10.0.2.7 2010.10.23 -
PCTools 7.0.3.5 2010.10.23 -
Prevx 3.0 2010.10.23 -
Rising 22.70.03.04 2010.10.22 -
Sophos 4.58.0 2010.10.23 -
Sunbelt 7125 2010.10.23 -
SUPERAntiSpyware 4.40.0.1006 2010.10.23 -
Symantec 20101.2.0.161 2010.10.23 -
TheHacker 6.7.0.1.065 2010.10.23 -
TrendMicro 9.120.0.1004 2010.10.23 -
TrendMicro-HouseCall 9.120.0.1004 2010.10.23 -
VBA32 3.12.14.1 2010.10.22 -
ViRobot 2010.8.31.4017 2010.10.23 -
VirusBuster 12.69.15.5 2010.10.23 -
Nahoru
mr.tommy
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 23 říj 2010 17:36

Re: svchost.exe přestal pracovat

#6 Příspěvek od mr.tommy »

A můžu opravdu smazat ten svchost.exe??? K čemu soubor vůbec slouží???
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: svchost.exe přestal pracovat

#7 Příspěvek od earl »

Smazat presne dle mnou popsaneho umisteni.

Je to infekce.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
mr.tommy
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 23 říj 2010 17:36

Re: svchost.exe přestal pracovat

#8 Příspěvek od mr.tommy »

Dal jsem na virustotal.com projet taky svchost.exe...


Antivirus Version Last Update Result
AhnLab-V3 2010.10.23.01 2010.10.23 -
AntiVir 7.10.13.27 2010.10.22 TR/ATRAPS.Gen
Antiy-AVL 2.0.3.7 2010.10.23 -
Authentium 5.2.0.5 2010.10.23 -
Avast 4.8.1351.0 2010.10.23 -
Avast5 5.0.594.0 2010.10.23 -
AVG 9.0.0.851 2010.10.23 -
BitDefender 7.2 2010.10.23 -
CAT-QuickHeal 11.00 2010.10.22 -
ClamAV 0.96.2.0-git 2010.10.23 -
Comodo 6486 2010.10.23 TrojWare.Win32.Agent.~FGU
DrWeb 5.0.2.03300 2010.10.23 -
Emsisoft 5.0.0.50 2010.10.23 Trojan.ATRAPS!IK
eSafe 7.0.17.0 2010.10.21 -
eTrust-Vet 36.1.7929 2010.10.22 -
F-Prot 4.6.2.117 2010.10.22 -
F-Secure 9.0.16160.0 2010.10.23 -
Fortinet 4.2.249.0 2010.10.23 -
GData 21 2010.10.23 -
Ikarus T3.1.1.90.0 2010.10.23 Trojan.ATRAPS
Jiangmin 13.0.900 2010.10.23 -
K7AntiVirus 9.66.2813 2010.10.22 -
Kaspersky 7.0.0.125 2010.10.23 -
McAfee 5.400.0.1158 2010.10.23 Artemis!EAA11B4AAF5B
McAfee-GW-Edition 2010.1C 2010.10.23 Artemis!EAA11B4AAF5B
Microsoft 1.6301 2010.10.23 -
NOD32 5558 2010.10.23 -
Norman 6.06.10 2010.10.23 -
nProtect 2010-10-23.01 2010.10.23 -
Panda 10.0.2.7 2010.10.23 -
PCTools 7.0.3.5 2010.10.23 -
Prevx 3.0 2010.10.23 Medium Risk Malware
Rising 22.70.03.04 2010.10.22 -
Sophos 4.58.0 2010.10.23 -
Sunbelt 7125 2010.10.23 -
SUPERAntiSpyware 4.40.0.1006 2010.10.23 Trojan.Agent/Gen-MSFake
Symantec 20101.2.0.161 2010.10.23 WS.Reputation.1
TheHacker 6.7.0.1.065 2010.10.23 -
TrendMicro 9.120.0.1004 2010.10.23 -
TrendMicro-HouseCall 9.120.0.1004 2010.10.23 -
VBA32 3.12.14.1 2010.10.22 -
ViRobot 2010.8.31.4017 2010.10.23 -
VirusBuster 12.69.15.5 2010.10.23 -
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: svchost.exe přestal pracovat

#9 Příspěvek od earl »

Staci,kdyz budete delat to,co vam reknu. :)

Smazte jej,restart pc a popiste chovani pc.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
mr.tommy
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 23 říj 2010 17:36

Re: svchost.exe přestal pracovat

#10 Příspěvek od mr.tommy »

Tak jsem to provedl a PC šlape skvěle :-)... Díky mockrát ;-)... Klobouk dolů...
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: svchost.exe přestal pracovat

#11 Příspěvek od earl »

:arrow: Stahnete OTC

spustte a klepnete na CleanUp.

Obrázek

:arrow: Vycistete pc Ccleanerem.

Vzdy nejprve Analyzovat a pak Spustit Cleaner.2x po sobe.

Windows-odskrtnout historii a historii automatickeho vyplnovani formularu - prisel byste o historii navstivenych stranek a o ulozena hesla ve formularich

(je to sice z pohledu zabezpeceni spatne,ale aspon pak uzivatel nenadava,kam ze mu to zmizelo :D )

Aplikace-u prohlizecu internetu odskrtnout Historii internetu.

Registry-nechat vse zaskrtle,Hledej problemy,Opravit vybrane problemy

(nechat ho udelat zalohu-ta je ulozena v Dokumentech-DULEZITE).

Taktez 2x-3x po sobe.

A nemate zac. :)
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“