Díky za rady JARO, další kroky udělám večer, mám dotazy:
Co přesně dělá ten ComboFix?
Ostatními cviky prověřujem nepřítomnost viru, malware or spyware?
Zatím čisto? Nebo máš nějaké podezření? Comp pořád stejně, jede jako šnek, CPU na 100%. Takže i toto různé prověřování trvá věčnost.
Prosím o kontrolu logu - SYSTEM 99% Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - SYSTEM 99%
Nemáš zač , zatím jsem nepomohl.
Combofix maže nákazy , vypisuje standardní i nestandardní soubory , složky a klíče.
Závada může být i v HW , zkontroluj HDD ( zkus defragmentaci) na chyby a RAM .
Memtest:
http://www.stahuj.centrum.cz/utility_a_ ... i/memtest/
Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
Combofix maže nákazy , vypisuje standardní i nestandardní soubory , složky a klíče.
Závada může být i v HW , zkontroluj HDD ( zkus defragmentaci) na chyby a RAM .
Memtest:
http://www.stahuj.centrum.cz/utility_a_ ... i/memtest/
Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - SYSTEM 99%
OK vyzkouším,
ještě krátce popíšu, kdy se problém vyskytl poprvé. Mám v kompu ATI RADEON XPRESS 200 chipset, grafika je integrovaná ATI RADEON 9600.
Měl jsem driver ATI Catalyst drivers 10.2 a když jsem upgradoval na 10.3 přestaly jít některé USB vstupy (4 z 8 ) a objevila se pomalost a CPU na 100%. Tak jsem to downgradoval zpět a CPU ok, i když ty 4 USB zůstaly nefunční. Pak to pár týdnů jelo a od pondělního výpadku proudu se tak trápím....tak uvidíme....zkusím další Tvoje doporučení.
ještě krátce popíšu, kdy se problém vyskytl poprvé. Mám v kompu ATI RADEON XPRESS 200 chipset, grafika je integrovaná ATI RADEON 9600.
Měl jsem driver ATI Catalyst drivers 10.2 a když jsem upgradoval na 10.3 přestaly jít některé USB vstupy (4 z 8 ) a objevila se pomalost a CPU na 100%. Tak jsem to downgradoval zpět a CPU ok, i když ty 4 USB zůstaly nefunční. Pak to pár týdnů jelo a od pondělního výpadku proudu se tak trápím....tak uvidíme....zkusím další Tvoje doporučení.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - SYSTEM 99%
Koukni do BIOS zda máš povolené vstupy USB. pokud si upgradoval ATI Catalyst drivers , měl si možná provést i upgrate BIOSU (Flash), jinak Ti to možná proto nefungovalo.Výpaky proudu mohou mít za následek i poškození zákl. desky či HDD atd.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - SYSTEM 99%
Něco z Avira AntiVir ze čtvrtku, kdy jsem vypínal rezist. ochranu pro reporty zde:
Exported events:
13.5.2010 23:45 [Guard] Malware found
Virus or unwanted program 'TR/Drop.Softomat.AN [trojan]'
detected in file 'C:\System Volume
Information\_restore{DBEAD42F-ABEB-4F8B-A598-EB64EFD9F1B7}\RP156\A0044554.DLL.
Action performed: Deny access
Exported events:
13.5.2010 23:45 [Guard] Malware found
Virus or unwanted program 'TR/Drop.Softomat.AN [trojan]'
detected in file 'C:\System Volume
Information\_restore{DBEAD42F-ABEB-4F8B-A598-EB64EFD9F1B7}\RP156\A0044554.DLL.
Action performed: Deny access
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - SYSTEM 99%
'C:\System Volume
Information --tam se ukládají body obnovy-nejsou činné , takže žádná nákaza.
Information --tam se ukládají body obnovy-nejsou činné , takže žádná nákaza.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - SYSTEM 99%
Soubor MatsRes.dll přijatý 2010.05.14 21:43:14 (UTC)
Současný stav: Dokončeno
Výsledek: 0/41 (0%)
Formátované
Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.15.00 2010.05.14 -
AntiVir 8.2.1.242 2010.05.14 -
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.14 -
Avast 4.8.1351.0 2010.05.14 -
Avast5 5.0.332.0 2010.05.14 -
AVG 9.0.0.787 2010.05.14 -
BitDefender 7.2 2010.05.14 -
CAT-QuickHeal 10.00 2010.05.14 -
ClamAV 0.96.0.3-git 2010.05.14 -
Comodo 4841 2010.05.14 -
DrWeb 5.0.2.03300 2010.05.14 -
eSafe 7.0.17.0 2010.05.13 -
eTrust-Vet 35.2.7488 2010.05.14 -
F-Prot 4.5.1.85 2010.05.14 -
F-Secure 9.0.15370.0 2010.05.14 -
Fortinet 4.1.133.0 2010.05.14 -
GData 21 2010.05.14 -
Ikarus T3.1.1.84.0 2010.05.14 -
Jiangmin 13.0.900 2010.05.14 -
Kaspersky 7.0.0.125 2010.05.14 -
McAfee 5.400.0.1158 2010.05.14 -
McAfee-GW-Edition 2010.1 2010.05.14 -
Microsoft 1.5703 2010.05.14 -
NOD32 5115 2010.05.14 -
Norman 6.04.12 2010.05.14 -
nProtect 2010-05-14.01 2010.05.14 -
Panda 10.0.2.7 2010.05.14 -
PCTools 7.0.3.5 2010.05.14 -
Prevx 3.0 2010.05.14 -
Rising 22.47.04.03 2010.05.14 -
Sophos 4.53.0 2010.05.14 -
Sunbelt 6303 2010.05.14 -
Symantec 20101.1.0.89 2010.05.14 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.14 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.14 -
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.14.2316 2010.05.14 -
VirusBuster 5.0.27.0 2010.05.14 -
Současný stav: Dokončeno
Výsledek: 0/41 (0%)
Formátované
Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.15.00 2010.05.14 -
AntiVir 8.2.1.242 2010.05.14 -
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.14 -
Avast 4.8.1351.0 2010.05.14 -
Avast5 5.0.332.0 2010.05.14 -
AVG 9.0.0.787 2010.05.14 -
BitDefender 7.2 2010.05.14 -
CAT-QuickHeal 10.00 2010.05.14 -
ClamAV 0.96.0.3-git 2010.05.14 -
Comodo 4841 2010.05.14 -
DrWeb 5.0.2.03300 2010.05.14 -
eSafe 7.0.17.0 2010.05.13 -
eTrust-Vet 35.2.7488 2010.05.14 -
F-Prot 4.5.1.85 2010.05.14 -
F-Secure 9.0.15370.0 2010.05.14 -
Fortinet 4.1.133.0 2010.05.14 -
GData 21 2010.05.14 -
Ikarus T3.1.1.84.0 2010.05.14 -
Jiangmin 13.0.900 2010.05.14 -
Kaspersky 7.0.0.125 2010.05.14 -
McAfee 5.400.0.1158 2010.05.14 -
McAfee-GW-Edition 2010.1 2010.05.14 -
Microsoft 1.5703 2010.05.14 -
NOD32 5115 2010.05.14 -
Norman 6.04.12 2010.05.14 -
nProtect 2010-05-14.01 2010.05.14 -
Panda 10.0.2.7 2010.05.14 -
PCTools 7.0.3.5 2010.05.14 -
Prevx 3.0 2010.05.14 -
Rising 22.47.04.03 2010.05.14 -
Sophos 4.53.0 2010.05.14 -
Sunbelt 6303 2010.05.14 -
Symantec 20101.1.0.89 2010.05.14 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.14 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.14 -
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.14.2316 2010.05.14 -
VirusBuster 5.0.27.0 2010.05.14 -
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - SYSTEM 99%
Ještě sken ze F-Secure.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - SYSTEM 99%
Sobota, Květen 15, 2010 04:00:38 - 04:19:03
Název počítače: LIGHTHOUSE
Typ kontroly: Rychlá kontrola
Cíl: Systém
Nebyl nalezen žádný malware.
Statistika
Kontrolováno:
Soubory: 4200
Systém: 4200
Nekontrolováno: 0
Akce:
Vyléčeno: 0
Přejmenováno: 0
Odstraněno: 0
Nevyčištěno: 0
Odesláno: 0
Název počítače: LIGHTHOUSE
Typ kontroly: Rychlá kontrola
Cíl: Systém
Nebyl nalezen žádný malware.
Statistika
Kontrolováno:
Soubory: 4200
Systém: 4200
Nekontrolováno: 0
Akce:
Vyléčeno: 0
Přejmenováno: 0
Odstraněno: 0
Nevyčištěno: 0
Odesláno: 0
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - SYSTEM 99%
Vypadá to , že PC je čisté.
Stahni si SREng -- System Repair Engineer
- rozbal na plochu a spust ho
- zvol "zvol Smart Scan", nech nastaveni tak jak je
- zvol "Verify the digital signature of process modules"
- klik na "Scan"
- klik na Save Reports, uloz log na plochu a cely obsah logu zkopirujt sem
- rozbal na plochu a spust ho
+
- Spusť ho a zvol možnost System Repair
- Na první záložce File Associations pokud bude zatrhnutý/vybraný některý čtvereček z výpisu, tak klikni dole na tlačítko Repair
Stáhni si OTH
na svojí plochu( pokud používáš Firefox , pravým klikni na OTH link a vyber uložit jako (Save as..).
Stáhni si OTL
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).
Stáhni si soubor Scan.txt
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).
Poklepej na soubor OTH na ploše , po spuštění programu klikni na Kill All Processes.Poté klikni na Start OTL .Poklepej Do prázdného okna pod Vlastní skenování /opravy ( Custom Scans box). Objeví se zpráva: Kliknutím na OK vyberete cestu k souboru, kliknutím na Zrušit zrušíte výběr.
Klikni na OK. Objeví se okno průzkumníku , zde klikneš na plochu a najdeš na ní soubor Scan.txt .Klikni na Otevřít.
Poté klikni na Rychle prohledat (Quick Scan). Neměň žádná jiná nastavení . Sken může trvat dlouho.
Kdy sken skončí , objeví se na ploše dva logy:
OTL.Txt a Extras.Txt , jsou uloženy ve stejném místě jako OTL.
Zkopíruj sem prosím celý obsah obou logů.
Stahni si SREng -- System Repair Engineer
- rozbal na plochu a spust ho
- zvol "zvol Smart Scan", nech nastaveni tak jak je
- zvol "Verify the digital signature of process modules"
- klik na "Scan"
- klik na Save Reports, uloz log na plochu a cely obsah logu zkopirujt sem
- rozbal na plochu a spust ho
+
- Spusť ho a zvol možnost System Repair
- Na první záložce File Associations pokud bude zatrhnutý/vybraný některý čtvereček z výpisu, tak klikni dole na tlačítko Repair
Stáhni si OTH
na svojí plochu( pokud používáš Firefox , pravým klikni na OTH link a vyber uložit jako (Save as..).
Stáhni si OTL
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).
Stáhni si soubor Scan.txt
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).
Poklepej na soubor OTH na ploše , po spuštění programu klikni na Kill All Processes.Poté klikni na Start OTL .Poklepej Do prázdného okna pod Vlastní skenování /opravy ( Custom Scans box). Objeví se zpráva: Kliknutím na OK vyberete cestu k souboru, kliknutím na Zrušit zrušíte výběr.
Klikni na OK. Objeví se okno průzkumníku , zde klikneš na plochu a najdeš na ní soubor Scan.txt .Klikni na Otevřít.
Poté klikni na Rychle prohledat (Quick Scan). Neměň žádná jiná nastavení . Sken může trvat dlouho.
Kdy sken skončí , objeví se na ploše dva logy:
OTL.Txt a Extras.Txt , jsou uloženy ve stejném místě jako OTL.
Zkopíruj sem prosím celý obsah obou logů.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - SYSTEM 99%
Díky Jaro za další cviky, jinak jsem během dneška dal test HDD, defrag, MemTest, i kontrolu BIOSu a vše zdá se OK
tady je log z SREng (kromě stovek localhosts - nevím, co to přesně je):
2010-05-15,19:32:07
System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)
Windows XP Home Edition Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed
Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Scheduled Tasks
Windows Security Update Check
API HOOK
Hidden Process
Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<avgnt><"C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min> [(Verified)Avira GmbH]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
<{56F9679E-7826-4C84-81F3-532071A8BCC5}><C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\shell32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%Systemroot%\system32\webcheck.dll> [(Verified)Microsoft Windows]
<SysTray><%systemroot%\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<Aktualizace verze aplikace Internet Explorer><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<Browser Customizations><"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<Vlastní nastavení prohlížeče><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
<LightScribe Control Panel><"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"> [(Verified)Hewlett-Packard Company]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Adresář 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Aktualizace plochy systému Windows><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Adobe ARM><; "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"> [(Verified)Adobe Systems, Incorporated]
<Adobe Reader Speed Launcher><; "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"> [(Verified)Adobe Systems, Incorporated]
<LanguageShortcut><; "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"> []
<LGODDFU><; "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun> [File is missing]
<RemoteControl><; "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"> [(Verified)CyberLink]
<SunJavaUpdateSched><; "C:\Program Files\Common Files\Java\Java Update\jusched.exe"> [(Verified)Sun Microsystems, Inc.]
==================================
Startup Folders
[Speedfan]
<C:\Documents and Settings\Ondra\Nabídka Start\Programy\Po spuštění\Speedfan.lnk --> C:\PROGRA~1\SpeedFan\speedfan.exe [Almico Software (http://www.almico.com)]><N>
==================================
Services
[Avira AntiVir Scheduler / AntiVirSchedulerService][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir Desktop\sched.exe"><Avira GmbH>
[Avira AntiVir Guard / AntiVirService][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir Desktop\avguard.exe"><Avira GmbH>
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
<"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple, Inc.>
[Správa aplikací / AppMgmt][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Canon Camera Access Library 8 / CCALib8][Running/Auto Start]
<C:\Program Files\Canon\CAL\CALMAIN.exe><Canon Inc.>
[Google Update Service (gupdate1c8dd34fc938ba8) / gupdate1c8dd34fc938ba8][Stopped/Auto Start]
<"C:\Program Files\Google\Update\GoogleUpdate.exe" /svc><Google Inc.>
[Přístup k zařízením standardu HID / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
<"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[Lavasoft Ad-Aware Service / Lavasoft Ad-Aware Service][Running/Auto Start]
<"C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe"><Lavasoft>
[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
<"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[Nero BackItUp Scheduler 4.0 / Nero BackItUp Scheduler 4.0][Stopped/Auto Start]
<C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe><(File is missing)>
[NMIndexingService / NMIndexingService][Stopped/Manual Start]
<"C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"><(File is missing)>
[NMSAccessU / NMSAccessU][Running/Auto Start]
<C:\Program Files\CDBurnerXP\NMSAccessU.exe><N/A>
[Plánovač automatické aktualizace LiveUpdate / Plánovač automatické aktualizace LiveUpdate][Stopped/Auto Start]
<"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"><(File is missing)>
[Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start]
<"C:\Program Files\CyberLink\Shared Files\RichVideo.exe"><>
==================================
Drivers
[Služba instalace zvukového ovladače Intel(r) (WDM) / ac97intc][Stopped/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[General Purpose USB Driver (adildr.sys) / ADILOADER][Stopped/Auto Start]
<System32\Drivers\adildr.sys><N/A>
[USB ADSL WAN Adapter / adiusbaw][Stopped/Manual Start]
<system32\DRIVERS\adiusbaw.sys><N/A>
[adpu320 / adpu320][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Ovladač procesoru AMD / AmdK8][Running/System Start]
<system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[avgio / avgio][Running/System Start]
<\??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Auto Start]
<system32\DRIVERS\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
<system32\DRIVERS\avipbb.sys><Avira GmbH>
[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]
<system32\DRIVERS\b57xp32.sys><Broadcom Corporation>
[catchme / catchme][Stopped/Manual Start]
<\??\C:\ComboFix\catchme.sys><N/A>
[Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start]
<system32\DRIVERS\e100b325.sys><Intel Corporation>
[giveio / giveio][Running/Boot Start]
<\SystemRoot\system32\giveio.sys><N/A>
[i81x / i81x][Stopped/Manual Start]
<system32\DRIVERS\i81xnt5.sys><Intel(R) Corporation>
[iAimFP0 / iAimFP0][Stopped/Manual Start]
<system32\DRIVERS\wADV01nt.sys><Intel(R) Corporation>
[iAimFP1 / iAimFP1][Stopped/Manual Start]
<system32\DRIVERS\wADV02NT.sys><Intel(R) Corporation>
[iAimFP2 / iAimFP2][Stopped/Manual Start]
<system32\DRIVERS\wADV05NT.sys><Intel(R) Corporation>
[iAimFP3 / iAimFP3][Stopped/Manual Start]
<system32\DRIVERS\wSiINTxx.sys><Intel(R) Corporation>
[iAimFP4 / iAimFP4][Stopped/Manual Start]
<system32\DRIVERS\wVchNTxx.sys><Intel(R) Corporation>
[iAimFP5 / iAimFP5][Stopped/Manual Start]
<system32\DRIVERS\wADV07nt.sys><Intel(R) Corporation>
[iAimFP6 / iAimFP6][Stopped/Manual Start]
<system32\DRIVERS\wADV08nt.sys><Intel(R) Corporation>
[iAimFP7 / iAimFP7][Stopped/Manual Start]
<system32\DRIVERS\wADV09nt.sys><Intel(R) Corporation>
[iAimTV0 / iAimTV0][Stopped/Manual Start]
<system32\DRIVERS\wATV01nt.sys><Intel(R) Corporation>
[iAimTV1 / iAimTV1][Stopped/Manual Start]
<system32\DRIVERS\wATV02NT.sys><Intel(R) Corporation>
[iAimTV3 / iAimTV3][Stopped/Manual Start]
<system32\DRIVERS\wATV04nt.sys><Intel(R) Corporation>
[iAimTV4 / iAimTV4][Stopped/Manual Start]
<system32\DRIVERS\wCh7xxNT.sys><Intel(R) Corporation>
[iAimTV5 / iAimTV5][Stopped/Manual Start]
<system32\DRIVERS\wATV10nt.sys><Intel(R) Corporation>
[iAimTV6 / iAimTV6][Stopped/Manual Start]
<system32\DRIVERS\wATV06nt.sys><Intel(R) Corporation>
[Lbd / Lbd][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\Lbd.sys><Lavasoft AB>
[VSO Software pcouffin / pcouffin][Running/Manual Start]
<System32\Drivers\pcouffin.sys><VSO Software>
[PSI / PSI][Stopped/Manual Start]
<system32\DRIVERS\psi_mf.sys><Secunia>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Sony Ericsson Device 115 driver (WDM) / s115bus][Stopped/Manual Start]
<system32\DRIVERS\s115bus.sys><MCCI Corporation>
[Sony Ericsson Device 115 USB WMC Modem Filter / s115mdfl][Stopped/Manual Start]
<system32\DRIVERS\s115mdfl.sys><MCCI Corporation>
[Sony Ericsson Device 115 USB WMC Modem Driver / s115mdm][Stopped/Manual Start]
<system32\DRIVERS\s115mdm.sys><MCCI Corporation>
[Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) / s115mgmt][Stopped/Manual Start]
<system32\DRIVERS\s115mgmt.sys><MCCI Corporation>
[Sony Ericsson Device 115 USB WMC OBEX Interface / s115obex][Stopped/Manual Start]
<system32\DRIVERS\s115obex.sys><MCCI Corporation>
[Sony Ericsson Device 125 driver (WDM) / s125bus][Stopped/Manual Start]
<system32\DRIVERS\s125bus.sys><MCCI Corporation>
[Sony Ericsson Device 125 USB WMC Modem Filter / s125mdfl][Stopped/Manual Start]
<system32\DRIVERS\s125mdfl.sys><MCCI Corporation>
[Sony Ericsson Device 125 USB WMC Modem Driver / s125mdm][Stopped/Manual Start]
<system32\DRIVERS\s125mdm.sys><MCCI Corporation>
[Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM) / s125mgmt][Stopped/Manual Start]
<system32\DRIVERS\s125mgmt.sys><MCCI Corporation>
[Sony Ericsson Device 125 USB WMC OBEX Interface / s125obex][Stopped/Manual Start]
<system32\DRIVERS\s125obex.sys><MCCI Corporation>
[SBKUPNT / SBKUPNT][Running/Auto Start]
<\??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[ATI-4379 Serial ATA Controller / SI3112r][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\SI3112r.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc>
[speedfan / speedfan][Running/Boot Start]
<\SystemRoot\system32\speedfan.sys><Windows (R) 2000 DDK provider>
[ssmdrv / ssmdrv][Running/System Start]
<system32\DRIVERS\ssmdrv.sys><Avira GmbH>
[symc810 / symc810][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[Symmpi / Symmpi][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\symmpi.sys><LSI Logic>
[sym_hi / sym_hi][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[Ovladač protokolu TCP/IP / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[Sony Ericsson W800 driver (WDM) / w800bus][Stopped/Manual Start]
<system32\DRIVERS\w800bus.sys><MCCI>
[Sony Ericsson W800 USB WMC Modem Filter / w800mdfl][Stopped/Manual Start]
<system32\DRIVERS\w800mdfl.sys><MCCI>
[Sony Ericsson W800 USB WMC Modem Drivers / w800mdm][Stopped/Manual Start]
<system32\DRIVERS\w800mdm.sys><MCCI>
[Sony Ericsson W800 USB WMC Device Management Drivers / w800mgmt][Stopped/Manual Start]
<system32\DRIVERS\w800mgmt.sys><MCCI>
[Sony Ericsson W800 USB WMC OBEX Interface Drivers / w800obex][Stopped/Manual Start]
<system32\DRIVERS\w800obex.sys><MCCI>
==================================
Browser Add-ons
[Pomocník pro přihlášení ke službě Windows Live]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[CHelper Class]
{99A7C4DD-B2E6-4CA0-BB6E-737A61364155} <C:\PROGRA~1\EUROTR~1\e2003i.dll, >
[Skype add-on for Internet Explorer]
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} <C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll, (Signed) Skype Technologies S.A.>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[Google Gears Helper]
{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} <C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll, Google Inc.>
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, (Signed) Sun Microsystems, Inc.>
[Google Gears ToolsMenuItem]
{09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} <C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll, Google Inc.>
[BlogThisToolbarButton Class]
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} <C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll, (Signed) Microsoft Corporation>
[Handler Class]
{572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} <C:\PROGRA~1\EUROTR~1\e2003i.dll, >
[Skype add-on for Internet Explorer (toolbar button)]
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} <C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll, (Signed) Skype Technologies S.A.>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[]
{0A6112F2-F9D1-4FBF-A6EC-B67B22915873} <, >
[Windows Live Safety Center Base Module]
{5ED80217-570B-4DA9-BF44-BE107C0EC166} <C:\WINDOWS\Downloaded Program Files\wlscBase.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_20]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_20]
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_20]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_20.dll, (Signed) Sun Microsystems, Inc.>
[Podpora odkazu pro Adobe PDF Reader]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
{09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} <, >
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <, >
[]
{201F27D4-3704-41D6-89C1-AA35E39143ED} <, >
[]
{219C3416-8CB2-491A-A3C7-D9FCDDC9D600} <, >
[]
{22BF413B-C6D2-4D91-82A9-A0F997BA588C} <, >
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <, >
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[]
{25D596E9-BD03-4D4A-8310-5DF3B31E8D26} <, >
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[]
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} <, >
[]
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} <, >
[]
{3041D03E-FD4B-44E0-B742-2D9B88305F98} <, >
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <, >
[Windows Desktop Search Combo Control]
{4E430174-1673-4FF3-BF28-A3B37F6573E7} <C:\Program Files\Windows Desktop Search\wdsShell.dll, (Signed) Microsoft Corporation>
[Microsoft Terminal Services Client Control (redist)]
{4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
{5067A26B-1337-4436-8AFE-EE169C2DA79F} <, >
[]
{53707962-6F74-2D53-2644-206D7942484F} <, >
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[]
{572BF76C-9EFF-4E1E-93DE-72EF1E91B3DF} <, >
[]
{5C255C8A-E604-49B4-9D64-90988571CECB} <, >
[Windows Live Safety Center Base Module]
{5ED80217-570B-4DA9-BF44-BE107C0EC166} <C:\WINDOWS\Downloaded Program Files\wlscBase.dll, (Signed) Microsoft Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[]
{6F282C89-3BD3-4387-92D9-C76428B07E07} <, >
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
{7530BFB8-7293-4D34-9923-61A11451AFC5} <, >
[Microsoft Terminal Services Client Control (redist)]
{7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <, >
[]
{77BF5300-1474-4EC7-9980-D32B190E9B07} <, >
[]
{77D7E795-33C5-4323-974D-A2A49AB75517} <, >
[]
{7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 6.0]
{88D96A06-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XSL Template 6.0]
{88D96A08-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XML HTTP 6.0]
{88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[Skype add-on for Internet Explorer (toolbar button)]
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} <C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll, (Signed) Skype Technologies S.A.>
[DEGetBlockFmtNamesParam Class]
{8D91090E-B955-11D1-ADC5-006008A5848C} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[Windows Live Safety Center Control Module]
{8E5C8BEE-1887-414C-8AC9-7C3951F28476} <C:\Program Files\Windows Live Safety Center\wlscCtrl.dll, (Signed) Microsoft Corporation>
[Pomocník pro přihlášení ke službě Windows Live]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Microsoft Terminal Services Client Control (redist)]
{9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[CHelper Class]
{99A7C4DD-B2E6-4CA0-BB6E-737A61364155} <C:\PROGRA~1\EUROTR~1\e2003i.dll, >
[]
{A4CC8907-3EA6-49EE-8B74-D09660120910} <, >
[]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <, >
[]
{ADD57508-1A52-4FAA-A7B3-A3ADE8FAEFEC} <, >
[Skype add-on for Internet Explorer]
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} <C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll, (Signed) Skype Technologies S.A.>
[]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <, >
[]
{BDF3E430-B101-42AD-A544-FADC6B084872} <, >
[Google Gears Factory]
{C93A7319-17B3-4504-87CD-03EFC6103E6E} <C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll, Google Inc.>
[Adobe PDF Reader]
{CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll, (Signed) Adobe Systems, Inc.>
[Java Plug-in 1.5.0]
{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_03]
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_05]
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_07]
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_11]
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_20]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_20.dll, (Signed) Sun Microsystems, Inc.>
[Microsoft Url Search Hook]
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, (Signed) RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx, (Signed) Adobe Systems, Inc.>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[QuickTimeCheck Class]
{DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx, (Signed) Apple Inc.>
[]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} <, >
[Microsoft Silverlight]
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} <C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll, Microsoft Corporation>
[Google Gears Helper]
{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} <C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll, Google Inc.>
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, (Signed) Sun Microsystems, Inc.>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
{F6ACF75C-C32C-447B-9BEF-46B766368D29} <, >
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[Google Update Plugin]
{FF4E22ED-17D0-4D43-AD6F-E53D11FA3C61} <C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Update\1.2.183.23\npGoogleOneClick8.dll, (Signed) Google Inc.>
[E&xport to Microsoft Excel]
<res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000, N/A>
==================================
Running Processes
[PID: 372 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 620 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4112]
[PID: 692 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[PID: 704 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 892 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4112]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2496]
[PID: 908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1024 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1120 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[c:\windows\system32\uxtuneup.dll] [TuneUp Software GmbH, 2.0.0.8]
[PID: 1244 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1312 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1424 / SYSTEM][C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe] [Lavasoft, 8, 2, 2, 0]
[C:\Program Files\Lavasoft\Ad-Aware\sbap.dll] [Sunbelt Software, 3.1.2849]
[C:\Program Files\Lavasoft\Ad-Aware\SBTE.dll] [Sunbelt Software, 3.1.2849]
[C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll] [N/A, ]
[C:\Program Files\Lavasoft\Ad-Aware\Resources.dll] [Lavasoft, 8, 2, 2, 0]
[C:\Program Files\Lavasoft\Ad-Aware\lavalicense.dll] [Lavasoft, 8, 2, 2, 0]
[C:\Program Files\Lavasoft\Ad-Aware\ceapi.dll] [Lavasoft, 8, 2, 2, 0]
[PID: 1512 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\system32\HP1006LM.DLL] [Software 2000 Limited, 2.6]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\HP1006S.DLL] [Hewlett-Packard , 1.0.2]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MT.DLL] [Software 2000 Limited, 4.0.0.47]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MP.DLL] [Software 2000 Limited, 4.0.0.47]
[PID: 1608 / Ondra][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4112]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2496]
[PID: 1692 / Ondra][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\BROWSEUI.dll] [Společnost Microsoft, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll] [Microsoft Corporation, 7.00.6001.18260 (vistasp1_gdr_oobsvc.090524-1500)]
[C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll] [OpenOffice.org, 3.02.9483]
[C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll] [STLport Consulting, Inc., 4.5.2003.0120]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 9.3.2.163]
[C:\Program Files\WinRAR\rarext.dll] [, ]
[C:\Program Files\Avira\AntiVir Desktop\shlext.dll] [Avira GmbH, 10.00.00.03]
[C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll] [Malwarebytes Corporation, 1.45]
[C:\WINDOWS\system32\ShellExt\Cryptext.dll] [, 3.4]
[C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll] [TuneUp Software GmbH, 2.0.0.4]
[PID: 1744 / SYSTEM][C:\Program Files\Avira\AntiVir Desktop\sched.exe] [Avira GmbH, 10.00.00.17]
[C:\Program Files\Avira\AntiVir Desktop\schedr.dll] [Avira GmbH, 10.00.04.00]
[C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll] [Avira GmbH, 10.00.00.08]
[C:\Program Files\Avira\AntiVir Desktop\cfglib.dll] [Avira GmbH, 10.00.13.00]
[C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll] [, 3.06.19.00]
[PID: 1812 / SYSTEM][C:\Program Files\Avira\AntiVir Desktop\avguard.exe] [Avira GmbH, 10.00.01.44]
[C:\Program Files\Avira\AntiVir Desktop\libdb44.dll] [Sleepycat Software, 4.4.20]
[C:\Program Files\Avira\AntiVir Desktop\AVEvtLog.dll] [Avira GmbH, 10.00.00.08]
[C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll] [Avira GmbH, 10.00.07.00]
[C:\Program Files\Avira\AntiVir Desktop\cfglib.dll] [Avira GmbH, 10.00.13.00]
[C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll] [, 3.06.19.00]
[C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL] [Avira GmbH, 10.00.00.00]
[C:\Program Files\Avira\AntiVir Desktop\avsmtp.dll] [Avira GmbH, 10.00.00.17]
[C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL] [Avira GmbH, 10.00.01.01]
[C:\Program Files\Avira\AntiVir Desktop\aecore.dll] [Avira GmbH, 8.1.15.3]
[C:\Program Files\Avira\AntiVir Desktop\aevdf.dll] [Avira GmbH, 8.1.2.0]
[C:\Program Files\Avira\AntiVir Desktop\aescript.dll] [Avira GmbH, 8.1.3.29]
[C:\Program Files\Avira\AntiVir Desktop\aescn.dll] [Avira GmbH, 8.1.6.1]
[C:\Program Files\Avira\AntiVir Desktop\aesbx.dll] [Avira GmbH, 8.1.3.1]
[C:\Program Files\Avira\AntiVir Desktop\aerdl.dll] [Avira GmbH, 8.1.4.6]
[C:\Program Files\Avira\AntiVir Desktop\aepack.dll] [Avira GmbH, 8.2.1.1]
[C:\Program Files\Avira\AntiVir Desktop\unacev2.dll] [ACE Compression Software, 2.6.0.2]
[C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll] [Avira GmbH, 8.1.1.0]
[C:\Program Files\Avira\AntiVir Desktop\aeheur.dll] [Avira GmbH, 8.1.1.27]
[C:\Program Files\Avira\AntiVir Desktop\aehelp.dll] [Avira GmbH, 8.1.11.3]
[C:\Program Files\Avira\AntiVir Desktop\aegen.dll] [Avira GmbH, 8.1.3.9]
[C:\Program Files\Avira\AntiVir Desktop\aeemu.dll] [Avira GmbH, 8.1.2.0]
[C:\Program Files\Avira\AntiVir Desktop\aebb.dll] [Avira GmbH, 8.1.1.0]
[C:\Program Files\Avira\AntiVir Desktop\avipc.dll] [Avira GmbH, 1.2.0.24]
[PID: 1976 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 168 / SYSTEM][C:\Program Files\Avira\AntiVir Desktop\avshadow.exe] [Avira GmbH, 1.0.0.6]
[C:\Program Files\Avira\AntiVir Desktop\avipc.dll] [Avira GmbH, 1.2.0.24]
[PID: 656 / SYSTEM][C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE] [Software 2000 Limited, 4.0.0.47]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MP.DLL] [Software 2000 Limited, 4.0.0.47]
[PID: 1076 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple, Inc., 1, 14, 0, 0]
[PID: 1176 / SYSTEM][C:\Program Files\Java\jre6\bin\jqs.exe] [Sun Microsystems, Inc., 6.0.200.2]
[C:\Program Files\Java\jre6\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\netfxperf.dll] [Microsoft Corporation, 1.1.4322.573]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll] [Microsoft Corporation, 1.1.4322.2443]
[PID: 1240 / SYSTEM][C:\Program Files\Google\Update\GoogleUpdate.exe] [Google Inc., 1.2.131.7]
[C:\Program Files\Google\Update\1.2.183.23\goopdate.dll] [Google Inc., 1.2.183.23]
[PID: 1276 / SYSTEM][C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe] [Google Inc., 1.2.183.23]
[C:\Program Files\Google\Update\1.2.183.23\goopdate.dll] [Google Inc., 1.2.183.23]
[PID: 1300 / SYSTEM][C:\Program Files\Common Files\LightScribe\LSSrvc.exe] [Hewlett-Packard Company, 1.18.1.1]
[C:\Program Files\Common Files\LightScribe\LSSProxy.dll] [Hewlett-Packard Company, 1.18.1.1]
[C:\Program Files\Common Files\LightScribe\LSLog.dll] [Hewlett-Packard Company, 1.18.1.1]
[PID: 1576 / SYSTEM][C:\Program Files\CDBurnerXP\NMSAccessU.exe] [N/A, ]
[PID: 1636 / SYSTEM][C:\Program Files\CyberLink\Shared Files\RichVideo.exe] [, 2.0.0425 ]
[PID: 1896 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 144 / SYSTEM][C:\WINDOWS\system32\SearchIndexer.exe] [Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)]
[PID: 428 / Ondra][C:\Program Files\Avira\AntiVir Desktop\avgnt.exe] [Avira GmbH, 10.00.13.17]
[C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll] [Avira GmbH, 10.00.00.17]
[c:\program files\avira\antivir desktop\cfglib.dll] [Avira GmbH, 10.00.13.00]
[c:\program files\avira\antivir desktop\ccgen.dll] [Avira GmbH, 10.00.33.00]
[c:\program files\avira\antivir desktop\ccgenrc.dll] [Avira GmbH, 10.00.33.00]
[c:\program files\avira\antivir desktop\ccguard.dll] [Avira GmbH, 10.00.28.12]
[c:\program files\avira\antivir desktop\ccgrdrc.dll] [Avira GmbH, 10.00.29.00]
[c:\program files\avira\antivir desktop\ccgrdw.dll] [Avira GmbH, 10.00.09.25]
[C:\Program Files\Avira\AntiVir Desktop\avipc.dll] [Avira GmbH, 1.2.0.24]
[c:\program files\avira\antivir desktop\ccupdate.dll] [Avira GmbH, 10.00.29.09]
[c:\program files\avira\antivir desktop\ccupdrc.dll] [Avira GmbH, 10.00.29.01]
[c:\program files\avira\antivir desktop\cclic.dll] [Avira GmbH, 10.00.09.22]
[c:\program files\avira\antivir desktop\cclicrc.dll] [Avira GmbH, 10.00.09.00]
[c:\program files\avira\antivir desktop\ccmsg.dll] [Avira GmbH, 10.00.09.34]
[c:\program files\avira\antivir desktop\ccmsgrc.dll] [Avira GmbH, 10.00.09.00]
[C:\Program Files\Avira\AntiVir Desktop\rcimage.dll] [Avira GmbH, 10.00.00.26]
[c:\program files\avira\antivir desktop\ccmainrc.dll] [Avira GmbH, 10.00.11.00]
[PID: 1316 / SYSTEM][C:\Program Files\Canon\CAL\CALMAIN.exe] [Canon Inc., 8, 4, 0, 1]
[PID: 1800 / Ondra][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 2208 / Ondra][C:\Program Files\SpeedFan\speedfan.exe] [Almico Software (http://www.almico.com), 4.40.0.265]
[C:\DOCUME~1\Ondra\LOCALS~1\Temp\sfareca00001.dll] [N/A, ]
[C:\DOCUME~1\Ondra\LOCALS~1\Temp\sfamcc00001.dll] [N/A, ]
[PID: 2344 / SYSTEM][C:\WINDOWS\system32\wbem\unsecapp.exe] [(Verified) Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2628 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 2652 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[PID: 2232 / Ondra][C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\chrome.dll] [Google Inc., 4.1.249.1064]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\icudt42.dll] [IBM Corporation and others, 4, 2, 1, 0]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\locales\cs.dll] [N/A, ]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\gears.dll] [Google Inc., 0.5.33.0]
[C:\WINDOWS\system32\browseui.dll] [Společnost Microsoft, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll] [Microsoft Corporation, 7.00.6001.18260 (vistasp1_gdr_oobsvc.090524-1500)]
[PID: 3300 / Ondra][C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\chrome.dll] [Google Inc., 4.1.249.1064]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\icudt42.dll] [IBM Corporation and others, 4, 2, 1, 0]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\locales\cs.dll] [N/A, ]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\gears.dll] [Google Inc., 0.5.33.0]
[PID: 3780 / Ondra][C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\chrome.dll] [Google Inc., 4.1.249.1064]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\icudt42.dll] [IBM Corporation and others, 4, 2, 1, 0]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\locales\cs.dll] [N/A, ]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\avcodec-52.dll] [N/A, ]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\avutil-50.dll] [N/A, ]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\avformat-52.dll] [N/A, ]
[PID: 3752 / SYSTEM][C:\WINDOWS\system32\wbem\wmiapsrv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
[PID: 2388 / Ondra][C:\Documents and Settings\Ondra\Plocha\System Repair Engineer\SREngLdr.EXE] [Smallfrogs Studio, 2.8.2.1321]
[PID: 3560 / Ondra][C:\Documents and Settings\Ondra\Plocha\System Repair Engineer\SRE1c98ec0d.EXE] [Smallfrogs Studio, 2.8.2.1321]
[C:\Documents and Settings\Ondra\Plocha\System Repair Engineer\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["%SYSTEMROOT%\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock Provider
N/A
==================================
Autorun.Inf
N/A
==================================
HOSTS File
127.0.0.1 localhost
==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1076, C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE]
==================================
Scheduled Tasks
[Enabled] User_Feed_Synchronization-{587E890E-4E85-46C0-AA8C-7270A63E678D}.job
C:\WINDOWS\system32\msfeedssync.exe
==================================
Windows Security Update Check
N/A
==================================
API HOOK
N/A
==================================
Hidden Process
N/A
==================================
tady je log z SREng (kromě stovek localhosts - nevím, co to přesně je):
2010-05-15,19:32:07
System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)
Windows XP Home Edition Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed
Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Scheduled Tasks
Windows Security Update Check
API HOOK
Hidden Process
Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<avgnt><"C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min> [(Verified)Avira GmbH]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
<{56F9679E-7826-4C84-81F3-532071A8BCC5}><C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\shell32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%Systemroot%\system32\webcheck.dll> [(Verified)Microsoft Windows]
<SysTray><%systemroot%\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<Aktualizace verze aplikace Internet Explorer><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<Browser Customizations><"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<Vlastní nastavení prohlížeče><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
<LightScribe Control Panel><"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"> [(Verified)Hewlett-Packard Company]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Adresář 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Aktualizace plochy systému Windows><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Adobe ARM><; "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"> [(Verified)Adobe Systems, Incorporated]
<Adobe Reader Speed Launcher><; "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"> [(Verified)Adobe Systems, Incorporated]
<LanguageShortcut><; "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"> []
<LGODDFU><; "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun> [File is missing]
<RemoteControl><; "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"> [(Verified)CyberLink]
<SunJavaUpdateSched><; "C:\Program Files\Common Files\Java\Java Update\jusched.exe"> [(Verified)Sun Microsystems, Inc.]
==================================
Startup Folders
[Speedfan]
<C:\Documents and Settings\Ondra\Nabídka Start\Programy\Po spuštění\Speedfan.lnk --> C:\PROGRA~1\SpeedFan\speedfan.exe [Almico Software (http://www.almico.com)]><N>
==================================
Services
[Avira AntiVir Scheduler / AntiVirSchedulerService][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir Desktop\sched.exe"><Avira GmbH>
[Avira AntiVir Guard / AntiVirService][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir Desktop\avguard.exe"><Avira GmbH>
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
<"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple, Inc.>
[Správa aplikací / AppMgmt][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Canon Camera Access Library 8 / CCALib8][Running/Auto Start]
<C:\Program Files\Canon\CAL\CALMAIN.exe><Canon Inc.>
[Google Update Service (gupdate1c8dd34fc938ba8) / gupdate1c8dd34fc938ba8][Stopped/Auto Start]
<"C:\Program Files\Google\Update\GoogleUpdate.exe" /svc><Google Inc.>
[Přístup k zařízením standardu HID / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
<"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[Lavasoft Ad-Aware Service / Lavasoft Ad-Aware Service][Running/Auto Start]
<"C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe"><Lavasoft>
[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
<"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[Nero BackItUp Scheduler 4.0 / Nero BackItUp Scheduler 4.0][Stopped/Auto Start]
<C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe><(File is missing)>
[NMIndexingService / NMIndexingService][Stopped/Manual Start]
<"C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"><(File is missing)>
[NMSAccessU / NMSAccessU][Running/Auto Start]
<C:\Program Files\CDBurnerXP\NMSAccessU.exe><N/A>
[Plánovač automatické aktualizace LiveUpdate / Plánovač automatické aktualizace LiveUpdate][Stopped/Auto Start]
<"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"><(File is missing)>
[Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start]
<"C:\Program Files\CyberLink\Shared Files\RichVideo.exe"><>
==================================
Drivers
[Služba instalace zvukového ovladače Intel(r) (WDM) / ac97intc][Stopped/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[General Purpose USB Driver (adildr.sys) / ADILOADER][Stopped/Auto Start]
<System32\Drivers\adildr.sys><N/A>
[USB ADSL WAN Adapter / adiusbaw][Stopped/Manual Start]
<system32\DRIVERS\adiusbaw.sys><N/A>
[adpu320 / adpu320][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[Ovladač procesoru AMD / AmdK8][Running/System Start]
<system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[avgio / avgio][Running/System Start]
<\??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Auto Start]
<system32\DRIVERS\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
<system32\DRIVERS\avipbb.sys><Avira GmbH>
[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]
<system32\DRIVERS\b57xp32.sys><Broadcom Corporation>
[catchme / catchme][Stopped/Manual Start]
<\??\C:\ComboFix\catchme.sys><N/A>
[Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start]
<system32\DRIVERS\e100b325.sys><Intel Corporation>
[giveio / giveio][Running/Boot Start]
<\SystemRoot\system32\giveio.sys><N/A>
[i81x / i81x][Stopped/Manual Start]
<system32\DRIVERS\i81xnt5.sys><Intel(R) Corporation>
[iAimFP0 / iAimFP0][Stopped/Manual Start]
<system32\DRIVERS\wADV01nt.sys><Intel(R) Corporation>
[iAimFP1 / iAimFP1][Stopped/Manual Start]
<system32\DRIVERS\wADV02NT.sys><Intel(R) Corporation>
[iAimFP2 / iAimFP2][Stopped/Manual Start]
<system32\DRIVERS\wADV05NT.sys><Intel(R) Corporation>
[iAimFP3 / iAimFP3][Stopped/Manual Start]
<system32\DRIVERS\wSiINTxx.sys><Intel(R) Corporation>
[iAimFP4 / iAimFP4][Stopped/Manual Start]
<system32\DRIVERS\wVchNTxx.sys><Intel(R) Corporation>
[iAimFP5 / iAimFP5][Stopped/Manual Start]
<system32\DRIVERS\wADV07nt.sys><Intel(R) Corporation>
[iAimFP6 / iAimFP6][Stopped/Manual Start]
<system32\DRIVERS\wADV08nt.sys><Intel(R) Corporation>
[iAimFP7 / iAimFP7][Stopped/Manual Start]
<system32\DRIVERS\wADV09nt.sys><Intel(R) Corporation>
[iAimTV0 / iAimTV0][Stopped/Manual Start]
<system32\DRIVERS\wATV01nt.sys><Intel(R) Corporation>
[iAimTV1 / iAimTV1][Stopped/Manual Start]
<system32\DRIVERS\wATV02NT.sys><Intel(R) Corporation>
[iAimTV3 / iAimTV3][Stopped/Manual Start]
<system32\DRIVERS\wATV04nt.sys><Intel(R) Corporation>
[iAimTV4 / iAimTV4][Stopped/Manual Start]
<system32\DRIVERS\wCh7xxNT.sys><Intel(R) Corporation>
[iAimTV5 / iAimTV5][Stopped/Manual Start]
<system32\DRIVERS\wATV10nt.sys><Intel(R) Corporation>
[iAimTV6 / iAimTV6][Stopped/Manual Start]
<system32\DRIVERS\wATV06nt.sys><Intel(R) Corporation>
[Lbd / Lbd][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\Lbd.sys><Lavasoft AB>
[VSO Software pcouffin / pcouffin][Running/Manual Start]
<System32\Drivers\pcouffin.sys><VSO Software>
[PSI / PSI][Stopped/Manual Start]
<system32\DRIVERS\psi_mf.sys><Secunia>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Sony Ericsson Device 115 driver (WDM) / s115bus][Stopped/Manual Start]
<system32\DRIVERS\s115bus.sys><MCCI Corporation>
[Sony Ericsson Device 115 USB WMC Modem Filter / s115mdfl][Stopped/Manual Start]
<system32\DRIVERS\s115mdfl.sys><MCCI Corporation>
[Sony Ericsson Device 115 USB WMC Modem Driver / s115mdm][Stopped/Manual Start]
<system32\DRIVERS\s115mdm.sys><MCCI Corporation>
[Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) / s115mgmt][Stopped/Manual Start]
<system32\DRIVERS\s115mgmt.sys><MCCI Corporation>
[Sony Ericsson Device 115 USB WMC OBEX Interface / s115obex][Stopped/Manual Start]
<system32\DRIVERS\s115obex.sys><MCCI Corporation>
[Sony Ericsson Device 125 driver (WDM) / s125bus][Stopped/Manual Start]
<system32\DRIVERS\s125bus.sys><MCCI Corporation>
[Sony Ericsson Device 125 USB WMC Modem Filter / s125mdfl][Stopped/Manual Start]
<system32\DRIVERS\s125mdfl.sys><MCCI Corporation>
[Sony Ericsson Device 125 USB WMC Modem Driver / s125mdm][Stopped/Manual Start]
<system32\DRIVERS\s125mdm.sys><MCCI Corporation>
[Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM) / s125mgmt][Stopped/Manual Start]
<system32\DRIVERS\s125mgmt.sys><MCCI Corporation>
[Sony Ericsson Device 125 USB WMC OBEX Interface / s125obex][Stopped/Manual Start]
<system32\DRIVERS\s125obex.sys><MCCI Corporation>
[SBKUPNT / SBKUPNT][Running/Auto Start]
<\??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[ATI-4379 Serial ATA Controller / SI3112r][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\SI3112r.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc>
[speedfan / speedfan][Running/Boot Start]
<\SystemRoot\system32\speedfan.sys><Windows (R) 2000 DDK provider>
[ssmdrv / ssmdrv][Running/System Start]
<system32\DRIVERS\ssmdrv.sys><Avira GmbH>
[symc810 / symc810][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[Symmpi / Symmpi][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\symmpi.sys><LSI Logic>
[sym_hi / sym_hi][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[Ovladač protokolu TCP/IP / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[Sony Ericsson W800 driver (WDM) / w800bus][Stopped/Manual Start]
<system32\DRIVERS\w800bus.sys><MCCI>
[Sony Ericsson W800 USB WMC Modem Filter / w800mdfl][Stopped/Manual Start]
<system32\DRIVERS\w800mdfl.sys><MCCI>
[Sony Ericsson W800 USB WMC Modem Drivers / w800mdm][Stopped/Manual Start]
<system32\DRIVERS\w800mdm.sys><MCCI>
[Sony Ericsson W800 USB WMC Device Management Drivers / w800mgmt][Stopped/Manual Start]
<system32\DRIVERS\w800mgmt.sys><MCCI>
[Sony Ericsson W800 USB WMC OBEX Interface Drivers / w800obex][Stopped/Manual Start]
<system32\DRIVERS\w800obex.sys><MCCI>
==================================
Browser Add-ons
[Pomocník pro přihlášení ke službě Windows Live]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[CHelper Class]
{99A7C4DD-B2E6-4CA0-BB6E-737A61364155} <C:\PROGRA~1\EUROTR~1\e2003i.dll, >
[Skype add-on for Internet Explorer]
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} <C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll, (Signed) Skype Technologies S.A.>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[Google Gears Helper]
{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} <C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll, Google Inc.>
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, (Signed) Sun Microsystems, Inc.>
[Google Gears ToolsMenuItem]
{09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} <C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll, Google Inc.>
[BlogThisToolbarButton Class]
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} <C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll, (Signed) Microsoft Corporation>
[Handler Class]
{572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} <C:\PROGRA~1\EUROTR~1\e2003i.dll, >
[Skype add-on for Internet Explorer (toolbar button)]
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} <C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll, (Signed) Skype Technologies S.A.>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[]
{0A6112F2-F9D1-4FBF-A6EC-B67B22915873} <, >
[Windows Live Safety Center Base Module]
{5ED80217-570B-4DA9-BF44-BE107C0EC166} <C:\WINDOWS\Downloaded Program Files\wlscBase.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_20]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_20]
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_20]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_20.dll, (Signed) Sun Microsystems, Inc.>
[Podpora odkazu pro Adobe PDF Reader]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
{09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} <, >
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <, >
[]
{201F27D4-3704-41D6-89C1-AA35E39143ED} <, >
[]
{219C3416-8CB2-491A-A3C7-D9FCDDC9D600} <, >
[]
{22BF413B-C6D2-4D91-82A9-A0F997BA588C} <, >
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <, >
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[]
{25D596E9-BD03-4D4A-8310-5DF3B31E8D26} <, >
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[]
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} <, >
[]
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} <, >
[]
{3041D03E-FD4B-44E0-B742-2D9B88305F98} <, >
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <, >
[Windows Desktop Search Combo Control]
{4E430174-1673-4FF3-BF28-A3B37F6573E7} <C:\Program Files\Windows Desktop Search\wdsShell.dll, (Signed) Microsoft Corporation>
[Microsoft Terminal Services Client Control (redist)]
{4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
{5067A26B-1337-4436-8AFE-EE169C2DA79F} <, >
[]
{53707962-6F74-2D53-2644-206D7942484F} <, >
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[]
{572BF76C-9EFF-4E1E-93DE-72EF1E91B3DF} <, >
[]
{5C255C8A-E604-49B4-9D64-90988571CECB} <, >
[Windows Live Safety Center Base Module]
{5ED80217-570B-4DA9-BF44-BE107C0EC166} <C:\WINDOWS\Downloaded Program Files\wlscBase.dll, (Signed) Microsoft Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[]
{6F282C89-3BD3-4387-92D9-C76428B07E07} <, >
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
{7530BFB8-7293-4D34-9923-61A11451AFC5} <, >
[Microsoft Terminal Services Client Control (redist)]
{7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <, >
[]
{77BF5300-1474-4EC7-9980-D32B190E9B07} <, >
[]
{77D7E795-33C5-4323-974D-A2A49AB75517} <, >
[]
{7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 6.0]
{88D96A06-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XSL Template 6.0]
{88D96A08-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XML HTTP 6.0]
{88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[Skype add-on for Internet Explorer (toolbar button)]
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} <C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll, (Signed) Skype Technologies S.A.>
[DEGetBlockFmtNamesParam Class]
{8D91090E-B955-11D1-ADC5-006008A5848C} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[Windows Live Safety Center Control Module]
{8E5C8BEE-1887-414C-8AC9-7C3951F28476} <C:\Program Files\Windows Live Safety Center\wlscCtrl.dll, (Signed) Microsoft Corporation>
[Pomocník pro přihlášení ke službě Windows Live]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[Microsoft Terminal Services Client Control (redist)]
{9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[CHelper Class]
{99A7C4DD-B2E6-4CA0-BB6E-737A61364155} <C:\PROGRA~1\EUROTR~1\e2003i.dll, >
[]
{A4CC8907-3EA6-49EE-8B74-D09660120910} <, >
[]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <, >
[]
{ADD57508-1A52-4FAA-A7B3-A3ADE8FAEFEC} <, >
[Skype add-on for Internet Explorer]
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} <C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll, (Signed) Skype Technologies S.A.>
[]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <, >
[]
{BDF3E430-B101-42AD-A544-FADC6B084872} <, >
[Google Gears Factory]
{C93A7319-17B3-4504-87CD-03EFC6103E6E} <C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll, Google Inc.>
[Adobe PDF Reader]
{CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll, (Signed) Adobe Systems, Inc.>
[Java Plug-in 1.5.0]
{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_03]
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_05]
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_07]
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_11]
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_20]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_20.dll, (Signed) Sun Microsystems, Inc.>
[Microsoft Url Search Hook]
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, (Signed) RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx, (Signed) Adobe Systems, Inc.>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[QuickTimeCheck Class]
{DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx, (Signed) Apple Inc.>
[]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} <, >
[Microsoft Silverlight]
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} <C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll, Microsoft Corporation>
[Google Gears Helper]
{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} <C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll, Google Inc.>
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, (Signed) Sun Microsystems, Inc.>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
{F6ACF75C-C32C-447B-9BEF-46B766368D29} <, >
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[Google Update Plugin]
{FF4E22ED-17D0-4D43-AD6F-E53D11FA3C61} <C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Update\1.2.183.23\npGoogleOneClick8.dll, (Signed) Google Inc.>
[E&xport to Microsoft Excel]
<res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000, N/A>
==================================
Running Processes
[PID: 372 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 620 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4112]
[PID: 692 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[PID: 704 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 892 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4112]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2496]
[PID: 908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1024 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1120 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[c:\windows\system32\uxtuneup.dll] [TuneUp Software GmbH, 2.0.0.8]
[PID: 1244 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1312 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1424 / SYSTEM][C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe] [Lavasoft, 8, 2, 2, 0]
[C:\Program Files\Lavasoft\Ad-Aware\sbap.dll] [Sunbelt Software, 3.1.2849]
[C:\Program Files\Lavasoft\Ad-Aware\SBTE.dll] [Sunbelt Software, 3.1.2849]
[C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll] [N/A, ]
[C:\Program Files\Lavasoft\Ad-Aware\Resources.dll] [Lavasoft, 8, 2, 2, 0]
[C:\Program Files\Lavasoft\Ad-Aware\lavalicense.dll] [Lavasoft, 8, 2, 2, 0]
[C:\Program Files\Lavasoft\Ad-Aware\ceapi.dll] [Lavasoft, 8, 2, 2, 0]
[PID: 1512 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\system32\HP1006LM.DLL] [Software 2000 Limited, 2.6]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\HP1006S.DLL] [Hewlett-Packard , 1.0.2]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MT.DLL] [Software 2000 Limited, 4.0.0.47]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MP.DLL] [Software 2000 Limited, 4.0.0.47]
[PID: 1608 / Ondra][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4112]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2496]
[PID: 1692 / Ondra][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\BROWSEUI.dll] [Společnost Microsoft, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll] [Microsoft Corporation, 7.00.6001.18260 (vistasp1_gdr_oobsvc.090524-1500)]
[C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll] [OpenOffice.org, 3.02.9483]
[C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll] [STLport Consulting, Inc., 4.5.2003.0120]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 9.3.2.163]
[C:\Program Files\WinRAR\rarext.dll] [, ]
[C:\Program Files\Avira\AntiVir Desktop\shlext.dll] [Avira GmbH, 10.00.00.03]
[C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll] [Malwarebytes Corporation, 1.45]
[C:\WINDOWS\system32\ShellExt\Cryptext.dll] [, 3.4]
[C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll] [TuneUp Software GmbH, 2.0.0.4]
[PID: 1744 / SYSTEM][C:\Program Files\Avira\AntiVir Desktop\sched.exe] [Avira GmbH, 10.00.00.17]
[C:\Program Files\Avira\AntiVir Desktop\schedr.dll] [Avira GmbH, 10.00.04.00]
[C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll] [Avira GmbH, 10.00.00.08]
[C:\Program Files\Avira\AntiVir Desktop\cfglib.dll] [Avira GmbH, 10.00.13.00]
[C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll] [, 3.06.19.00]
[PID: 1812 / SYSTEM][C:\Program Files\Avira\AntiVir Desktop\avguard.exe] [Avira GmbH, 10.00.01.44]
[C:\Program Files\Avira\AntiVir Desktop\libdb44.dll] [Sleepycat Software, 4.4.20]
[C:\Program Files\Avira\AntiVir Desktop\AVEvtLog.dll] [Avira GmbH, 10.00.00.08]
[C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll] [Avira GmbH, 10.00.07.00]
[C:\Program Files\Avira\AntiVir Desktop\cfglib.dll] [Avira GmbH, 10.00.13.00]
[C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll] [, 3.06.19.00]
[C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL] [Avira GmbH, 10.00.00.00]
[C:\Program Files\Avira\AntiVir Desktop\avsmtp.dll] [Avira GmbH, 10.00.00.17]
[C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL] [Avira GmbH, 10.00.01.01]
[C:\Program Files\Avira\AntiVir Desktop\aecore.dll] [Avira GmbH, 8.1.15.3]
[C:\Program Files\Avira\AntiVir Desktop\aevdf.dll] [Avira GmbH, 8.1.2.0]
[C:\Program Files\Avira\AntiVir Desktop\aescript.dll] [Avira GmbH, 8.1.3.29]
[C:\Program Files\Avira\AntiVir Desktop\aescn.dll] [Avira GmbH, 8.1.6.1]
[C:\Program Files\Avira\AntiVir Desktop\aesbx.dll] [Avira GmbH, 8.1.3.1]
[C:\Program Files\Avira\AntiVir Desktop\aerdl.dll] [Avira GmbH, 8.1.4.6]
[C:\Program Files\Avira\AntiVir Desktop\aepack.dll] [Avira GmbH, 8.2.1.1]
[C:\Program Files\Avira\AntiVir Desktop\unacev2.dll] [ACE Compression Software, 2.6.0.2]
[C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll] [Avira GmbH, 8.1.1.0]
[C:\Program Files\Avira\AntiVir Desktop\aeheur.dll] [Avira GmbH, 8.1.1.27]
[C:\Program Files\Avira\AntiVir Desktop\aehelp.dll] [Avira GmbH, 8.1.11.3]
[C:\Program Files\Avira\AntiVir Desktop\aegen.dll] [Avira GmbH, 8.1.3.9]
[C:\Program Files\Avira\AntiVir Desktop\aeemu.dll] [Avira GmbH, 8.1.2.0]
[C:\Program Files\Avira\AntiVir Desktop\aebb.dll] [Avira GmbH, 8.1.1.0]
[C:\Program Files\Avira\AntiVir Desktop\avipc.dll] [Avira GmbH, 1.2.0.24]
[PID: 1976 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 168 / SYSTEM][C:\Program Files\Avira\AntiVir Desktop\avshadow.exe] [Avira GmbH, 1.0.0.6]
[C:\Program Files\Avira\AntiVir Desktop\avipc.dll] [Avira GmbH, 1.2.0.24]
[PID: 656 / SYSTEM][C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE] [Software 2000 Limited, 4.0.0.47]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MP.DLL] [Software 2000 Limited, 4.0.0.47]
[PID: 1076 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple, Inc., 1, 14, 0, 0]
[PID: 1176 / SYSTEM][C:\Program Files\Java\jre6\bin\jqs.exe] [Sun Microsystems, Inc., 6.0.200.2]
[C:\Program Files\Java\jre6\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\netfxperf.dll] [Microsoft Corporation, 1.1.4322.573]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll] [Microsoft Corporation, 1.1.4322.2443]
[PID: 1240 / SYSTEM][C:\Program Files\Google\Update\GoogleUpdate.exe] [Google Inc., 1.2.131.7]
[C:\Program Files\Google\Update\1.2.183.23\goopdate.dll] [Google Inc., 1.2.183.23]
[PID: 1276 / SYSTEM][C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe] [Google Inc., 1.2.183.23]
[C:\Program Files\Google\Update\1.2.183.23\goopdate.dll] [Google Inc., 1.2.183.23]
[PID: 1300 / SYSTEM][C:\Program Files\Common Files\LightScribe\LSSrvc.exe] [Hewlett-Packard Company, 1.18.1.1]
[C:\Program Files\Common Files\LightScribe\LSSProxy.dll] [Hewlett-Packard Company, 1.18.1.1]
[C:\Program Files\Common Files\LightScribe\LSLog.dll] [Hewlett-Packard Company, 1.18.1.1]
[PID: 1576 / SYSTEM][C:\Program Files\CDBurnerXP\NMSAccessU.exe] [N/A, ]
[PID: 1636 / SYSTEM][C:\Program Files\CyberLink\Shared Files\RichVideo.exe] [, 2.0.0425 ]
[PID: 1896 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 144 / SYSTEM][C:\WINDOWS\system32\SearchIndexer.exe] [Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)]
[PID: 428 / Ondra][C:\Program Files\Avira\AntiVir Desktop\avgnt.exe] [Avira GmbH, 10.00.13.17]
[C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll] [Avira GmbH, 10.00.00.17]
[c:\program files\avira\antivir desktop\cfglib.dll] [Avira GmbH, 10.00.13.00]
[c:\program files\avira\antivir desktop\ccgen.dll] [Avira GmbH, 10.00.33.00]
[c:\program files\avira\antivir desktop\ccgenrc.dll] [Avira GmbH, 10.00.33.00]
[c:\program files\avira\antivir desktop\ccguard.dll] [Avira GmbH, 10.00.28.12]
[c:\program files\avira\antivir desktop\ccgrdrc.dll] [Avira GmbH, 10.00.29.00]
[c:\program files\avira\antivir desktop\ccgrdw.dll] [Avira GmbH, 10.00.09.25]
[C:\Program Files\Avira\AntiVir Desktop\avipc.dll] [Avira GmbH, 1.2.0.24]
[c:\program files\avira\antivir desktop\ccupdate.dll] [Avira GmbH, 10.00.29.09]
[c:\program files\avira\antivir desktop\ccupdrc.dll] [Avira GmbH, 10.00.29.01]
[c:\program files\avira\antivir desktop\cclic.dll] [Avira GmbH, 10.00.09.22]
[c:\program files\avira\antivir desktop\cclicrc.dll] [Avira GmbH, 10.00.09.00]
[c:\program files\avira\antivir desktop\ccmsg.dll] [Avira GmbH, 10.00.09.34]
[c:\program files\avira\antivir desktop\ccmsgrc.dll] [Avira GmbH, 10.00.09.00]
[C:\Program Files\Avira\AntiVir Desktop\rcimage.dll] [Avira GmbH, 10.00.00.26]
[c:\program files\avira\antivir desktop\ccmainrc.dll] [Avira GmbH, 10.00.11.00]
[PID: 1316 / SYSTEM][C:\Program Files\Canon\CAL\CALMAIN.exe] [Canon Inc., 8, 4, 0, 1]
[PID: 1800 / Ondra][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 2208 / Ondra][C:\Program Files\SpeedFan\speedfan.exe] [Almico Software (http://www.almico.com), 4.40.0.265]
[C:\DOCUME~1\Ondra\LOCALS~1\Temp\sfareca00001.dll] [N/A, ]
[C:\DOCUME~1\Ondra\LOCALS~1\Temp\sfamcc00001.dll] [N/A, ]
[PID: 2344 / SYSTEM][C:\WINDOWS\system32\wbem\unsecapp.exe] [(Verified) Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2628 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 2652 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[PID: 2232 / Ondra][C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\chrome.dll] [Google Inc., 4.1.249.1064]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\icudt42.dll] [IBM Corporation and others, 4, 2, 1, 0]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\locales\cs.dll] [N/A, ]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\gears.dll] [Google Inc., 0.5.33.0]
[C:\WINDOWS\system32\browseui.dll] [Společnost Microsoft, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll] [Microsoft Corporation, 7.00.6001.18260 (vistasp1_gdr_oobsvc.090524-1500)]
[PID: 3300 / Ondra][C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\chrome.dll] [Google Inc., 4.1.249.1064]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\icudt42.dll] [IBM Corporation and others, 4, 2, 1, 0]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\locales\cs.dll] [N/A, ]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\gears.dll] [Google Inc., 0.5.33.0]
[PID: 3780 / Ondra][C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\chrome.dll] [Google Inc., 4.1.249.1064]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\icudt42.dll] [IBM Corporation and others, 4, 2, 1, 0]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\locales\cs.dll] [N/A, ]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\avcodec-52.dll] [N/A, ]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\avutil-50.dll] [N/A, ]
[C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\4.1.249.1064\avformat-52.dll] [N/A, ]
[PID: 3752 / SYSTEM][C:\WINDOWS\system32\wbem\wmiapsrv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
[PID: 2388 / Ondra][C:\Documents and Settings\Ondra\Plocha\System Repair Engineer\SREngLdr.EXE] [Smallfrogs Studio, 2.8.2.1321]
[PID: 3560 / Ondra][C:\Documents and Settings\Ondra\Plocha\System Repair Engineer\SRE1c98ec0d.EXE] [Smallfrogs Studio, 2.8.2.1321]
[C:\Documents and Settings\Ondra\Plocha\System Repair Engineer\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["%SYSTEMROOT%\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock Provider
N/A
==================================
Autorun.Inf
N/A
==================================
HOSTS File
127.0.0.1 localhost
==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1076, C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE]
==================================
Scheduled Tasks
[Enabled] User_Feed_Synchronization-{587E890E-4E85-46C0-AA8C-7270A63E678D}.job
C:\WINDOWS\system32\msfeedssync.exe
==================================
Windows Security Update Check
N/A
==================================
API HOOK
N/A
==================================
Hidden Process
N/A
==================================
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - SYSTEM 99%
Potřebuji ten log z OTL.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 117 hostů