Prosím o kontrolu logu - problém s Firefoxem

Lunaris · Příspěvekod **Lunaris** » 19 čer 2010 21:28

Dobrý den,

dnes jsem si potřeboval něco stáhnout ze serveru http://sharecash.org/, kde je povinné vypňovat nějaké stránky. Vůbec jsem tomu nepřišel na kloub, tak jsem různě postahoval nedůvěryhodné downloadery, které by měly zajistit bezproblémové přesměrování na daný mirror. Tak se však nestalo, nýbrž mi to nějak podělalo firefox - i po jeho vypnutí proces firefox.exe nezmizí a i po manuálním vypnutí se znovu obnoví - děje se tak i po restartování systému.

přikládám log z HJT:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:27:12, on 19.6.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
D:\Windows\system32\taskhost.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Windows\system32\taskeng.exe
D:\Program Files\ASUS\AI Suite\EnergySaving\PwSave.exe
D:\Program Files\ASUS\AASP\1.01.02\aaCenter.exe
D:\Program Files\ESET\ESET Smart Security\egui.exe
D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
D:\Program Files\Microsoft IntelliPoint\ipoint.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\Microsoft IntelliType Pro\itype.exe
D:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
D:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\DU Meter\DUMeter.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
D:\Users\Petr\AppData\Local\Seznam.cz\postak.exe
D:\Users\Petr\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - D:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - D:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - D:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [IntelliPoint] "D:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [itype] "D:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [Ai Nap] "D:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] "D:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DU Meter] D:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [ccleaner] "D:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [Seznam Postak] "D:\Users\Petr\AppData\Local\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [Google Update] "D:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Policies\Explorer\Run: [Policies] D:\Program Files\Winlogon\svhost.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] D:\Program Files\Winlogon\svhost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE775C82-D1AE-49AF-A404-C663E9EFCD88}: NameServer = 217.117.216.72,217.117.216.7
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AMD External Events Utility - AMD - D:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - D:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - D:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: svhost - Apple - D:\ProgramData\Microsoft\Windows\Start Menu\Programs\winlogon\svchost.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - D:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @D:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - D:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 7091 bytes

Prosím o radu či řešení. Předem díky, Lunaris.

Reklama

bledulka · Příspěvekod **bledulka** » 19 čer 2010 21:34

Ahoj,

Odinstaluj daemon toolbar

**********************

Stahni Rsit http://images.malwareremoval.com/random/RSIT.exe
-spusť, klikni na tlačítko Continue
-po skenu na tebe vyběhne log.txt,obsah vlož zde

*********************

Stahni Mbam http://download.cnet.com/3001-8022_4-10 ... l-10804572
-nainstaluj, aktualizuj
-udělej uplný sken a vlož sem log

Lunaris · Příspěvekod **Lunaris** » 19 čer 2010 22:23

po spuštění Rsit se vyskytl problém:

Příspěvekod **jaro3** » 19 čer 2010 22:47

Zkus spustit RSIT jako správce , pokud nepůjde vyber pravým odstranit potíže s kompatibilitou.

Proveď , co píše bledulka
+

Stáhni si GooredFix

a ulož si ho na plochu.Poklepej na něj .
Objeví se hláška ,dej YES
Otevře se log , zkopíruj sem celý jeho obsah ( jinak ho najdeš na své ploše pod názvem Goored.txt).

bledulka · Příspěvekod **bledulka** » 19 čer 2010 22:58

Jen doplním jara3 - Zkus režim kompatibility

Jak spustit i starší aplikace ve Windows 7
Jestliže používáte či potřebujete spustit nějakou aplikaci napsanou pro starší verzi Windows (až do verze 95), pak je ve Windows 7 k dispozici tzv. kompatibilní mód. Klikněte na soubor (s koncovkou EXE), kterým program spouštíte, pravým tlačítkem myši.

Z kontextového menu vyberte Vlastnosti a přepněte se na kartu Kompatibilita. V části Režim kompatibility zatrhněte box Tento program spustit v režimu kompatibility pro a z roletkového menu vyberte verzi operačního systému a klikněte na tlačítko OK.

Lunaris · Příspěvekod **Lunaris** » 19 čer 2010 23:01

S tím Goorefix to bude horší ... hlásí mi to spuštěný firefox proces, ale to je vlastně ten hlavní problém xD.

Rsit log:

info.txt logfile of random's system information tool 1.06 2010-06-19 22:52:11

======Uninstall list======

-->D:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-M6A5-MZ2L-9A8P-1P7H-124X-EMPZ-0M0M"
-->D:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
32 Bit HP CIO Components Installer-->MsiExec.exe /I{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}
Adobe AIR-->d:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{B7B3E9B3-FB14-4927-894B-E9124509AF5A}
Adobe Flash Player 10 Plugin-->D:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->D:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Reader 9.3.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
AI Suite-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\setup.exe" -l0x9
AirLive WT-2000PCI-->D:\Program Files\InstallShield Installation Information\{FAB1F336-1B7C-4057-A7BC-2922CD82A781}\setup.exe -runfromtemp -l0x0009 -removeonly
AMD DnD V1.0.19-->MsiExec.exe /I{87BB78C4-F36D-4D93-A7C7-F80F18219848}
Any Video Converter Professional 3.0.2-->"D:\Program Files\AnvSoft\Any Video Converter Professional\unins000.exe"
Apple Application Support-->MsiExec.exe /I{B2D328BE-45AD-4D92-96F9-2151490A203E}
Apple Mobile Device Support-->MsiExec.exe /I{85991ED2-010C-4930-96FA-52F43C2CE98A}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
ATI AVIVO Codecs-->MsiExec.exe /I{E27ABEAB-2A23-737E-D290-FC42D45FCDA8}
ATI Catalyst Install Manager-->msiexec /q/x{44180AF6-7A2A-B2C6-CBC9-AF2547AFD8E6} REBOOT=ReallySuppress
Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8}
Canon iP4200-->"D:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4200\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4200 /L0x0009
Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA}
CCleaner-->"D:\Program Files\CCleaner\uninst.exe"
Command & Conquer™ Red Alert™ 3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
DAEMON Tools Toolbar-->D:\Program Files\DAEMON Tools Toolbar\uninst.exe
Defraggler-->"D:\Program Files\Defraggler\uninst.exe"
DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
DU Meter-->"D:\Program Files\DU Meter\unins000.exe"
ESET Antivirus License Finder (MiNODLogin)-->"D:\Program Files\ESET\MiNODLogin\MiNODLoginUninst.exe"
HijackThis 2.0.2-->"D:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Participation Program 13.0-->D:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Imaging Device Functions 13.0-->D:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart All-In-One Driver Software 13.0 Rel. 2-->D:\Program Files\HP\Digital Imaging\{988329F4-A1A1-4D51-803C-EF2725A97627}\setup\hpzscr01.exe -datfile hposcr21.dat -onestop -forcereboot
HP Smart Web Printing 4.51-->D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 13.0-->D:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
Imagenomic Portraiture 2.1 Plug-in (build 2105)-->D:\Program Files\Imagenomic\Portraiture 2 Plug-in\uninst.exe
iTunes-->MsiExec.exe /I{7AB3A249-FB81-416B-917A-A2A10E74C503}
Java(TM) 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018FF}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Logitech Webcam Software Driver Package-->"D:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\12.10.1110\LgDrvInst.exe" -remove -instdir"D:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=200 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_12.10" /clone_wait /hide_progress
Logitech Webcam Software-->MsiExec.exe /I{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}
Marvell Miniport Driver-->D:\Program Files\Marvell\Miniport Driver\Uninst.exe
Mega Manager-->"D:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe" -runfromtemp -l0x0409 -removeonly
Menu Templates - Starter Kit-->MsiExec.exe /X{B78120A0-CF84-4366-A393-4D0A59BC546C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"D:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Movie Templates - Starter Kit-->MsiExec.exe /X{E498385E-1C51-459A-B45F-1721E37AA1A0}
Mozilla Firefox (3.6.3)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 9-->D:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-01A5-0WA4-5TAA-KA2P-8WZ5-CLA7-6122"
Nero BurnRights-->MsiExec.exe /X{7829DB6F-A066-4E40-8912-CB07887C20BB}
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero CoverDesigner-->MsiExec.exe /X{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}
Nero Disc Copy Gadget-->MsiExec.exe /X{F1861F30-3419-44DB-B2A1-C274825698B3}
Nero DiscSpeed-->MsiExec.exe /X{869200DB-287A-4DC0-B02B-2B6787FBCD4C}
Nero DriveSpeed-->MsiExec.exe /X{33CF58F5-48D8-4575-83D6-96F574E4D83A}
Nero InfoTool-->MsiExec.exe /X{FBCDFD61-7DCF-4E71-9226-873BA0053139}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero PhotoSnap-->MsiExec.exe /X{9E82B934-9A25-445B-B8DF-8012808074AC}
Nero Recode-->MsiExec.exe /X{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}
Nero Rescue Agent-->MsiExec.exe /X{368BA326-73AD-4351-84ED-3C0A7A52CC53}
Nero ShowTime-->MsiExec.exe /X{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
Nero Vision-->MsiExec.exe /X{43E39830-1826-415D-8BAE-86845787B54B}
Nero WaveEditor-->MsiExec.exe /X{A209525B-3377-43F4-B886-32F6B6E7356F}
NeroBurningROM-->MsiExec.exe /X{D025A639-B9C9-417D-8531-208859000AF8}
NeroExpress-->MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nuclear Coffee - VideoGet-->"D:\Program Files\Nuclear Coffee\VideoGet\unins000.exe"
OCR Software by I.R.I.S. 13.0-->D:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Plug-in Suite 5.0.1-->"D:\Program Files\InstallShield Installation Information\{59679381-3F22-4A40-A7AD-890242D74DF4}\setup.exe" -runfromtemp -l0x0009 -uninst -removeonly
PowerISO-->"D:\Program Files\PowerISO\uninstall.exe"
Prometheus Sbírka úloh z fyziky pro SŠ 1.0-->"D:\Program Files\Prometheus\Sbírka úloh z fyziky pro SŠ 1.0\unins000.exe"
PunkBuster Services-->D:\Windows\system32\pbsvc_heroes.exe -u
QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
Rappelz-->"D:\Program Files\GALA-NET\Rappelz\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Recuva-->"D:\Program Files\Recuva\uninst.exe"
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB982135)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0112C750-A06F-4F92-9C40-E5C1EA9A70EB}
Shop for HP Supplies-->D:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoundTrax-->MsiExec.exe /X{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
TeamViewer 5-->D:\Program Files\TeamViewer\Version5\uninstall.exe
The KMPlayer (remove only)-->"D:\Program Files\The KMPlayer\uninstall.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
TuneUp Utilities-->D:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Outlook 2007 Junk Email Filter (kb983486)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {913DFE19-32EC-4099-89AC-27FC493A7A2E}
Windows 7 Manager-->MsiExec.exe /I{81C16423-7DB4-4838-8390-587F40F6F5ED}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->D:\Program Files\WinRAR\uninstall.exe
Wondershare PDF to Word (Build 2.0.0)-->"D:\Program Files\Wondershare\PDFtoWord\unins000.exe"

======System event log======

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Distributed Link Tracking Client byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Security Center byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Desktop Window Manager Session Manager byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Diagnostic Policy Service byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Microsoft Software Shadow Copy Provider byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247D28-05
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDriverNotFound
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: x86
P2: ACPI\ATK0110
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
D:\Windows\Temp\DMI73E7.tmp.log.xml

Tyto soubory mohou být k dispozici zde:
D:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_93856eefc23cb6f60c4f9525ca72dec1a9d7155_cab_07f27454

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: cd72ce91-311c-11df-8df0-cd2279a8f44f
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20100316165603.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20100316165448.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20100316165445.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.

Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100316165441.812137-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247D28-05
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20100316165441.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247D28-05
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100316165412.764886-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100316165412.749286-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x25c8c
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100316165412.250085-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100316165410.128481-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100316165410.050481-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;D:\Program Files\ATI Technologies\ATI.ACE\Core-Static;D:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"asl.log"=Destination=file;OnFirstLog=command,environment
"CLASSPATH"=.;D:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=D:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Lunaris · Příspěvekod **Lunaris** » 19 čer 2010 23:03

zkusil jsem rychlovku

. Vypnout proces a potvrdit scan, tak nevím:

GooredFix by jpshortstuff (08.01.10.1)
Log created at 23:02 on 19/06/2010 (Petr)
Firefox version 3.6.3 (cs)

========== GooredScan ==========

========== GooredLog ==========

D:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [17:11 16/03/2010]
{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [14:05 17/03/2010]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="D:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [20:43 23/03/2010]

---------- Old Logs ----------
GooredFix[20.58.29_19-06-2010].txt

-=E.O.F=-

bledulka · Příspěvekod **bledulka** » 19 čer 2010 23:59

Ze Rsitu bych potřebovala ten druhý log s názvem log.txt

Lunaris · Příspěvekod **Lunaris** » 20 čer 2010 12:15

zde:

Logfile of random's system information tool 1.07 (written by random/random)
Run by Petr at 2010-06-20 12:15:25
Microsoft Windows 7 Ultimate Service Pack 3
System drive D: has 83 GB (40%) free of 205 GB
Total RAM: 2047 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:15:27, on 20.6.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
D:\Windows\system32\taskhost.exe
D:\Windows\Explorer.EXE
D:\Windows\system32\taskeng.exe
D:\Windows\system32\Dwm.exe
D:\Program Files\ASUS\AI Suite\EnergySaving\PwSave.exe
D:\Program Files\ASUS\AASP\1.01.02\aaCenter.exe
D:\Program Files\ESET\ESET Smart Security\egui.exe
D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
D:\Program Files\Microsoft IntelliPoint\ipoint.exe
D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
D:\Program Files\Microsoft IntelliType Pro\itype.exe
D:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\DU Meter\DUMeter.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
D:\Users\Petr\AppData\Local\Seznam.cz\postak.exe
D:\Users\Petr\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
D:\Program Files\QIP Infium\infium.exe
D:\Users\Petr\AppData\Local\Temp\client3.exe
D:\Users\Petr\AppData\Local\Temp\client3.exe
D:\Windows\system32\SearchFilterHost.exe
D:\Windows\eHome\EhTray.exe
D:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
D:\Users\Petr\Downloads\RSIT.exe
D:\Program Files\trend micro\Petr.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - D:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - D:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - D:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [IntelliPoint] "D:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [itype] "D:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [Ai Nap] "D:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] "D:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [winlogon] D:\Users\Petr\AppData\Roaming\winlogon.exe
O4 - HKCU\..\Run: [DU Meter] D:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [ccleaner] "D:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [Seznam Postak] "D:\Users\Petr\AppData\Local\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [Google Update] "D:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [winlogon] D:\Users\Petr\AppData\Roaming\winlogon.exe
O4 - HKLM\..\Policies\Explorer\Run: [Policies] D:\Program Files\Winlogon\svhost.exe
O4 - HKLM\..\Policies\Explorer\Run: [winlogon] D:\Users\Petr\AppData\Roaming\winlogon.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] D:\Program Files\Winlogon\svhost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE775C82-D1AE-49AF-A404-C663E9EFCD88}: NameServer = 217.117.216.72,217.117.216.7
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AMD External Events Utility - AMD - D:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - D:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - D:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: svhost - Apple - D:\ProgramData\Microsoft\Windows\Start Menu\Programs\winlogon\svchost.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - D:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @D:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - D:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 7448 bytes

======Scheduled tasks folder======

D:\Windows\tasks\Defraggler Volume D Task.job
D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-426473828-1720530656-3782696912-1000Core.job
D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-426473828-1720530656-3782696912-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - D:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - D:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2009-12-01 108544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=D:\Program Files\ESET\ESET Smart Security\egui.exe [2010-02-22 2140880]
"IntelliPoint"=D:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-11-11 1468256]
"StartCCC"=D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-03 98304]
"RtHDVCpl"=D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-05-23 7514656]
"itype"=D:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-06-01 1501064]
"Ai Nap"=D:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2009-12-28 1437312]
"Cpu Level Up help"=D:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2009-12-28 887936]
"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2010-06-15 141624]
"winlogon"=D:\Users\Petr\AppData\Roaming\anyname.exe [2010-06-20 934921]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=D:\Program Files\Winlogon\svhost.exe [2010-06-19 868873]
"winlogon"=D:\Users\Petr\AppData\Roaming\anyname.exe [2010-06-20 934921]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"=D:\Program Files\DU Meter\DUMeter.exe [2010-03-29 2749984]
"ccleaner"=D:\Program Files\CCleaner\ccleaner.exe [2010-05-25 1694520]
"Seznam Postak"=D:\Users\Petr\AppData\Local\Seznam.cz\postak.exe [2010-03-24 462104]
"Google Update"=D:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-16 135664]
"winlogon"=D:\Users\Petr\AppData\Roaming\anyname.exe [2010-06-20 934921]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=D:\Program Files\Winlogon\svhost.exe [2010-06-19 868873]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
D:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPU Power Monitor]
D:\Program Files\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe [2009-12-28 633984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
D:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-16 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Program Files\iTunes\iTunesHelper.exe [2010-06-15 141624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
D:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
D:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
D:\Users\Petr\AppData\Roaming\QipGuard\QipGuard.exe [2010-04-12 184272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
D:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AirLive 802.11G Wireless Utility.lnk]
D:\PROGRA~1\Ovislink\Common\AIRLIV~1.EXE [2009-09-09 1769472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
D:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
D:\PROGRA~1\Logitech\LOGITE~1\eReg.exe [2009-10-14 517384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Users\Petr\AppData\Local\Temp\client3.exe"="D:\Users\Petr\AppData\Local\Temp\client3.exe:*:Enabled:Windows Messanger"
"D:\Users\Petr\AppData\Roaming\anyname.exe"="D:\Users\Petr\AppData\Roaming\anyname.exe:*:Enabled:Windows Messanger"
"D:\Users\Petr\AppData\Roaming\winlogon.exe"="D:\Users\Petr\AppData\Roaming\winlogon.exe:*:Enabled:Windows Messanger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a2fd9fce-602f-11df-9e13-001fc6e986b0}]
shell\AutoRun\command - G:\Autorun.exe

======File associations======

.js - edit - D:\Windows\System32\Notepad.exe %1
.js - open - D:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-06-20 12:09:59 ----H---- D:\Users\Petr\AppData\Roaming\winlogon.exe
2010-06-20 11:56:10 ----H---- D:\Users\Petr\AppData\Roaming\anyname.exe
2010-06-19 22:20:19 ----D---- D:\rsit
2010-06-19 20:07:36 ----A---- D:\Users\Petr\AppData\Roaming\SQLite3.dll
2010-06-19 20:07:29 ----RSHD---- D:\Program Files\Winlogon
2010-06-19 18:30:08 ----D---- D:\Program Files\iPod
2010-06-19 18:30:07 ----D---- D:\Program Files\iTunes
2010-06-19 18:26:28 ----D---- D:\Program Files\Bonjour
2010-06-09 20:36:23 ----A---- D:\Windows\system32\asycfilt.dll
2010-06-09 20:36:11 ----A---- D:\Windows\system32\mshtml.dll
2010-06-09 20:36:08 ----A---- D:\Windows\system32\ieframe.dll
2010-06-09 20:36:07 ----A---- D:\Windows\system32\mstime.dll
2010-06-09 20:36:06 ----A---- D:\Windows\system32\urlmon.dll
2010-06-09 20:36:05 ----A---- D:\Windows\system32\iedkcs32.dll
2010-06-09 20:36:04 ----A---- D:\Windows\system32\wininet.dll
2010-06-09 20:36:04 ----A---- D:\Windows\system32\msfeedsbs.dll
2010-06-09 20:36:03 ----A---- D:\Windows\system32\jsproxy.dll
2010-06-09 20:36:01 ----A---- D:\Windows\system32\atmfd.dll
2010-06-09 20:36:00 ----A---- D:\Windows\system32\atmlib.dll
2010-05-29 14:04:25 ----D---- D:\Program Files\Nuclear Coffee
2010-05-27 16:29:30 ----A---- D:\Windows\system32\RaCoInst.dll
2010-05-27 16:29:27 ----D---- D:\Program Files\Ovislink
2010-05-27 16:28:57 ----D---- D:\Users\Petr\AppData\Roaming\InstallShield
2010-05-26 20:55:54 ----D---- D:\Users\Petr\AppData\Roaming\Megaupload
2010-05-26 20:55:12 ----D---- D:\Program Files\Megaupload
2010-05-26 15:09:23 ----A---- D:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 months======

2010-06-20 12:15:26 ----D---- D:\Windows\Temp
2010-06-20 12:15:26 ----D---- D:\Program Files\Trend Micro
2010-06-20 12:14:50 ----D---- D:\Windows\Prefetch
2010-06-20 11:28:35 ----D---- D:\Windows\system32\config
2010-06-20 11:10:19 ----AD---- D:\Windows
2010-06-19 22:52:00 ----D---- D:\Windows\system32\Tasks
2010-06-19 20:16:23 ----HD---- D:\Config.Msi
2010-06-19 20:15:35 ----D---- D:\Windows\system32\catroot
2010-06-19 20:07:29 ----RD---- D:\Program Files
2010-06-19 18:31:33 ----SHD---- D:\Windows\Installer
2010-06-19 18:30:08 ----D---- D:\Program Files\Common Files\Apple
2010-06-19 18:27:08 ----D---- D:\Windows\system32\DriverStore
2010-06-19 18:27:08 ----D---- D:\Windows\inf
2010-06-19 18:26:28 ----D---- D:\Windows\System32
2010-06-18 19:16:43 ----SHD---- D:\System Volume Information
2010-06-13 22:10:01 ----D---- D:\Program Files\Mozilla Firefox
2010-06-12 09:53:16 ----D---- D:\Windows\system32\LogFiles
2010-06-11 23:15:12 ----D---- D:\Users\Petr\AppData\Roaming\skypePM
2010-06-11 21:57:37 ----D---- D:\Users\Petr\AppData\Roaming\Skype
2010-06-11 13:35:04 ----D---- D:\Windows\system32\catroot2
2010-06-10 20:40:54 ----D---- D:\Windows\Microsoft.NET
2010-06-10 20:40:43 ----RSD---- D:\Windows\assembly
2010-06-10 15:21:25 ----D---- D:\Windows\debug
2010-06-10 15:20:22 ----D---- D:\Windows\winsxs
2010-06-10 15:19:41 ----D---- D:\Windows\system32\migration
2010-06-10 15:19:41 ----D---- D:\Program Files\Internet Explorer
2010-06-09 22:46:52 ----D---- D:\ProgramData\Microsoft Help
2010-06-08 18:29:02 ----D---- D:\Program Files\Wondershare
2010-06-07 21:50:21 ----A---- D:\Windows\system32\PerfStringBackup.INI
2010-05-31 19:04:21 ----D---- D:\Windows\rescache
2010-05-31 18:06:28 ----D---- D:\Windows\system32\NDF
2010-05-28 21:37:34 ----A---- D:\Windows\system32\MRT.exe
2010-05-28 19:51:22 ----D---- D:\Windows\system32\drivers
2010-05-28 16:41:14 ----D---- D:\Windows\pss
2010-05-27 17:37:28 ----D---- D:\ProgramData\HP
2010-05-27 17:01:39 ----SD---- D:\ProgramData\Microsoft
2010-05-27 16:29:25 ----HD---- D:\Program Files\InstallShield Installation Information
2010-05-26 22:23:19 ----D---- D:\Program Files\CCleaner
2010-05-26 19:37:53 ----D---- D:\Users\Petr\AppData\Roaming\Adobe
2010-05-26 15:31:40 ----D---- D:\Windows\system32\cs-CZ
2010-05-21 14:14:28 ----N---- D:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; D:\Windows\system32\drivers\AsIO.sys [2009-08-04 11296]
R1 blbdrive;blbdrive; D:\Windows\system32\DRIVERS\blbdrive.sys [2009-07-14 35328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; D:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; D:\Windows\System32\Drivers\dfsc.sys [2009-07-14 78336]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; D:\Windows\System32\drivers\discache.sys [2009-07-14 32256]
R1 ehdrv;ehdrv; D:\Windows\system32\DRIVERS\ehdrv.sys [2010-02-22 114984]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; D:\Windows\system32\drivers\nsiproxy.sys [2009-07-14 16896]
R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; D:\Windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; D:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
R1 SCDEmu;SCDEmu; D:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; D:\Windows\system32\DRIVERS\tdx.sys [2009-07-14 74240]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; D:\Windows\system32\DRIVERS\wanarp.sys [2009-07-14 63488]
R1 WfpLwf;WFP Lightweight Filter; D:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728]
R2 adfs;adfs; D:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 eamonm;eamonm; D:\Windows\system32\DRIVERS\eamonm.sys [2010-02-22 133512]
R2 epfw;epfw; D:\Windows\system32\DRIVERS\epfw.sys [2010-02-22 134488]
R2 epfwwfp;epfwwfp; D:\Windows\system32\DRIVERS\epfwwfp.sys [2010-02-22 41312]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; D:\Windows\system32\DRIVERS\lltdio.sys [2009-07-14 48128]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; D:\Windows\system32\drivers\luafv.sys [2009-07-14 86528]
R2 PEAUTH;PEAUTH; D:\Windows\system32\drivers\peauth.sys [2009-07-14 586752]
R2 rspndr;Link-Layer Topology Discovery Responder; D:\Windows\system32\DRIVERS\rspndr.sys [2009-07-14 60928]
R2 tcpipreg;TCP/IP Registry Compatibility; D:\Windows\System32\drivers\tcpipreg.sys [2009-07-14 34816]
R3 1394ohci;Hostitelský řadič pro rozhraní OHCI standardu 1394; D:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328]
R3 amdkmdag;amdkmdag; D:\Windows\system32\DRIVERS\atipmdag.sys [2010-02-03 5313536]
R3 amdkmdap;amdkmdap; D:\Windows\system32\DRIVERS\atikmpag.sys [2010-02-03 150016]
R3 bowser;@%systemroot%\system32\browser.dll,-102; D:\Windows\system32\DRIVERS\bowser.sys [2009-07-14 69632]
R3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice; D:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232]
R3 dc3d;MS Hardware Device Detection Driver (USB); D:\Windows\system32\DRIVERS\dc3d.sys [2009-11-11 22384]
R3 Dot4;MS IEEE-1284.4 Driver; D:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
R3 Dot4Print;Print Class Driver for IEEE-1284.4; D:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; D:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
R3 DXGKrnl;LDDM Graphics Subsystem; D:\Windows\System32\drivers\dxgkrnl.sys [2009-10-02 728648]
R3 Epfwndis;Eset Personal Firewall; D:\Windows\system32\DRIVERS\Epfwndis.sys [2010-02-22 32584]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; D:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; D:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128]
R3 HDAudBus;Ovladač sběrnice Microsoft UAA pro zvuk High Definition Audio; D:\Windows\system32\DRIVERS\HDAudBus.sys [2009-07-14 108544]
R3 HidUsb;Ovladač třídy standardu HID Microsoft; D:\Windows\system32\DRIVERS\hidusb.sys [2009-07-14 24064]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\Windows\system32\drivers\RTKVHDA.sys [2009-05-23 2361952]
R3 intelppm;Ovladač procesoru Intel; D:\Windows\system32\DRIVERS\intelppm.sys [2009-07-14 53760]
R3 kbdhid;Ovladač klávesnice standardu HID; D:\Windows\system32\DRIVERS\kbdhid.sys [2009-07-14 28160]
R3 LVRS;Logitech RightSound Filter Driver; D:\Windows\system32\DRIVERS\lvrs.sys [2009-10-07 266008]
R3 LVUVC;Logitech QuickCam Pro 9000(UVC); D:\Windows\system32\DRIVERS\lvuvc.sys [2009-10-07 6756632]
R3 monitor;Služba ovladače funkce třídy monitorů Microsoft; D:\Windows\system32\DRIVERS\monitor.sys [2009-07-14 23552]
R3 mouhid;Ovladač myši standardu HID; D:\Windows\system32\DRIVERS\mouhid.sys [2009-07-14 26112]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; D:\Windows\System32\drivers\mpsdrv.sys [2009-07-14 60416]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; D:\Windows\system32\DRIVERS\mrxsmb10.sys [2010-02-27 221696]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; D:\Windows\system32\DRIVERS\mrxsmb20.sys [2010-02-27 95744]
R3 MTsensor;ATK0110 ACPI UTILITY; D:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 NativeWifiP;NativeWiFi Filter; D:\Windows\system32\DRIVERS\nwifi.sys [2009-07-14 267264]
R3 Point32;Microsoft IntelliPoint Filter Driver; D:\Windows\system32\DRIVERS\point32k.sys [2009-11-11 30576]
R3 RasAgileVpn;WAN Miniport (IKEv2); D:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; D:\Windows\system32\DRIVERS\rassstp.sys [2009-07-14 75264]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; D:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; D:\Windows\System32\DRIVERS\srv2.sys [2009-07-14 306688]
R3 srvnet;srvnet; D:\Windows\System32\DRIVERS\srvnet.sys [2009-12-08 113664]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver; D:\Windows\system32\DRIVERS\tunnel.sys [2009-07-14 108544]
R3 umbus;Ovladač sběrnice UMBus Enumerator; D:\Windows\system32\DRIVERS\umbus.sys [2009-07-14 39936]
R3 usbaudio;Ovladač zvuků USB (WDM); D:\Windows\system32\drivers\usbaudio.sys [2009-07-14 80640]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\Windows\system32\DRIVERS\usbccgp.sys [2009-07-14 75264]
R3 usbehci;Ovladač miniportu vylepšeného hostitelského řadiče Microsoft USB 2.0; D:\Windows\system32\DRIVERS\usbehci.sys [2009-07-14 41472]
R3 usbhub;Ovladač standardního rozbočovače USB; D:\Windows\system32\DRIVERS\usbhub.sys [2009-07-14 258560]
R3 usbprint;Třída USB Printer; D:\Windows\system32\DRIVERS\usbprint.sys [2009-07-14 19968]
R3 usbscan;Ovladač skeneru USB; D:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\Windows\system32\DRIVERS\USBSTOR.SYS [2009-07-14 74752]
R3 usbuhci;Ovladač miniportu univerzálního hostitelského řadiče Microsoft USB; D:\Windows\system32\DRIVERS\usbuhci.sys [2009-07-14 24064]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; D:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 WUDFRd;WUDFRd; D:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller; D:\Windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
S2 ASInsHelp;ASInsHelp; \??\D:\Windows\system32\drivers\AsInsHelp32.sys []
S3 AcpiPmi;ACPI Power Meter Driver; D:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728]
S3 adp94xx;adp94xx; D:\Windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]
S3 adpahci;adpahci; D:\Windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]
S3 adpu320;adpu320; D:\Windows\system32\DRIVERS\adpu320.sys [2009-07-14 146512]
S3 agp440;Intel AGP Bus Filter; D:\Windows\system32\DRIVERS\agp440.sys [2009-07-14 53312]
S3 ahswjc86;ahswjc86; D:\Windows\system32\drivers\ahswjc86.sys []
S3 amdagp;AMD AGP Bus Filter Driver; D:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 amdide;amdide; D:\Windows\system32\DRIVERS\amdide.sys [2009-07-14 14912]
S3 AmdK8;AMD K8 Processor Driver; D:\Windows\system32\DRIVERS\amdk8.sys [2009-07-14 55296]
S3 AmdPPM;AMD Processor Driver; D:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736]
S3 amdsata;amdsata; D:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952]
S3 amdsbs;amdsbs; D:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; D:\Windows\system32\drivers\appid.sys [2009-07-14 50176]
S3 arc;arc; D:\Windows\system32\DRIVERS\arc.sys [2009-07-14 76368]
S3 arcsas;arcsas; D:\Windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]
S3 atikmdag;atikmdag; D:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-03 5313536]
S3 b06bdrv;Broadcom NetXtreme II VBD; D:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-14 430080]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; D:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; D:\Windows\system32\DRIVERS\BrFiltLo.sys [2009-07-14 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; D:\Windows\system32\DRIVERS\BrFiltUp.sys [2009-07-14 5248]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); D:\Windows\System32\Drivers\Brserid.sys [2009-07-14 272128]
S3 BrSerWdm;Brother WDM Serial driver; D:\Windows\System32\Drivers\BrSerWdm.sys [2009-07-14 62336]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; D:\Windows\System32\Drivers\BrUsbMdm.sys [2009-07-14 12160]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; D:\Windows\System32\Drivers\BrUsbSer.sys [2009-07-14 11904]
S3 BTHMODEM;Bluetooth Serial Communications Driver; D:\Windows\system32\DRIVERS\bthmodem.sys [2009-07-14 56320]
S3 circlass;Consumer IR Devices; D:\Windows\system32\DRIVERS\circlass.sys [2009-07-14 37888]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; D:\Windows\system32\DRIVERS\CmBatt.sys [2009-07-14 14080]
S3 Compbatt;Compbatt; D:\Windows\system32\DRIVERS\compbatt.sys [2009-07-14 19024]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; D:\Windows\system32\DRIVERS\evbdx.sys [2009-07-14 3100160]
S3 elxstor;elxstor; D:\Windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]
S3 ErrDev;Microsoft Hardware Error Device Driver; D:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168]
S3 exfat;exFAT File System Driver; D:\Windows\system32\drivers\exfat.sys [2009-07-14 142336]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; D:\Windows\system32\drivers\filetrace.sys [2009-07-14 28160]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; D:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; D:\Windows\system32\DRIVERS\gagp30kx.sys [2009-07-14 57936]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; D:\Windows\system32\drivers\hcw85cir.sys [2009-07-14 26624]
S3 HidBatt;HID UPS Battery Driver; D:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504]
S3 HidBth;Microsoft Bluetooth HID Miniport; D:\Windows\system32\DRIVERS\hidbth.sys [2009-07-14 91136]
S3 HidIr;Microsoft Infrared HID Driver; D:\Windows\system32\DRIVERS\hidir.sys [2009-07-14 37888]
S3 HpSAMD;HpSAMD; D:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152]
S3 iaStorV;iaStorV; D:\Windows\system32\DRIVERS\iaStorV.sys [2009-07-14 332352]
S3 iirsp;iirsp; D:\Windows\system32\DRIVERS\iirsp.sys [2009-07-14 41040]
S3 intelide;intelide; D:\Windows\system32\DRIVERS\intelide.sys [2009-07-14 15424]
S3 IPMIDRV;IPMIDRV; D:\Windows\system32\DRIVERS\IPMIDrv.sys [2009-07-14 65536]
S3 isapnp;isapnp; D:\Windows\system32\DRIVERS\isapnp.sys [2009-07-14 46656]
S3 iScsiPrt;iScsiPort Driver; D:\Windows\system32\DRIVERS\msiscsi.sys [2009-07-14 186960]
S3 LSI_FC;LSI_FC; D:\Windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]
S3 LSI_SAS;LSI_SAS; D:\Windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]
S3 LSI_SAS2;LSI_SAS2; D:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
S3 LSI_SCSI;LSI_SCSI; D:\Windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]
S3 LVPr2Mon;Logitech LVPr2Mon Driver; D:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
S3 megasas;megasas; D:\Windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]
S3 MegaSR;MegaSR; D:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]
S3 mpio;mpio; D:\Windows\system32\DRIVERS\mpio.sys [2009-07-14 130624]
S3 msahci;msahci; D:\Windows\system32\DRIVERS\msahci.sys [2009-07-14 27712]
S3 msdsm;msdsm; D:\Windows\system32\DRIVERS\msdsm.sys [2009-07-14 115792]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; D:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096]
S3 MsRPC;MsRPC; D:\Windows\system32\drivers\MsRPC.sys [2009-07-14 162896]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; D:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144]
S3 MTConfig;Microsoft Input Configuration Driver; D:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288]
S3 NdisCap;NDIS Capture LightWeight Filter; D:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136]
S3 nfrd960;nfrd960; D:\Windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; D:\Windows\system32\DRIVERS\nv_agp.sys [2009-07-14 105024]
S3 nvraid;nvraid; D:\Windows\system32\DRIVERS\nvraid.sys [2009-07-14 117312]
S3 nvstor;nvstor; D:\Windows\system32\DRIVERS\nvstor.sys [2009-07-14 142416]
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); D:\Windows\system32\DRIVERS\ohci1394.sys [2009-07-14 62464]
S3 ql2300;ql2300; D:\Windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]
S3 ql40xx;ql40xx; D:\Windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; D:\Windows\system32\drivers\qwavedrv.sys [2009-07-14 31744]
S3 rt61x86;Ovislink WT-2000PCI Driver for Windows Vista; D:\Windows\system32\DRIVERS\netr61.sys [2009-09-07 337408]
S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; D:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-14 43008]
S3 s3cap;s3cap; D:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sbp2port;sbp2port; D:\Windows\system32\DRIVERS\sbp2port.sys [2009-07-14 85568]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; D:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624]
S3 sermouse;Serial Mouse Driver; D:\Windows\system32\DRIVERS\sermouse.sys [2009-07-14 19968]
S3 sffdisk;SFF Storage Class Driver; D:\Windows\system32\DRIVERS\sffdisk.sys [2009-07-14 11264]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; D:\Windows\system32\DRIVERS\sffp_mmc.sys [2009-07-14 12288]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; D:\Windows\system32\DRIVERS\sffp_sd.sys [2009-07-14 12800]
S3 sisagp;SIS AGP Bus Filter; D:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SiSRaid2;SiSRaid2; D:\Windows\system32\DRIVERS\SiSRaid2.sys [2009-07-14 40016]
S3 SiSRaid4;SiSRaid4; D:\Windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]
S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; D:\Windows\system32\DRIVERS\smb.sys [2009-07-14 71168]
S3 stexstor;stexstor; D:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
S3 storvsc;storvsc; D:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TCPIP6;Microsoft IPv6 Protocol Driver; D:\Windows\system32\DRIVERS\tcpip.sys [2009-07-14 1285712]
S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; D:\Windows\System32\DRIVERS\tssecsrv.sys [2009-07-14 30208]
S3 uagp35;Microsoft AGPv3.5 Filter; D:\Windows\system32\DRIVERS\uagp35.sys [2009-07-14 55888]
S3 uliagpkx;Uli AGP Bus Filter; D:\Windows\system32\DRIVERS\uliagpkx.sys [2009-07-14 57424]
S3 UmPass;Microsoft UMPass Driver; D:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192]
S3 USBAAPL;Apple Mobile USB Driver; D:\Windows\System32\Drivers\usbaapl.sys [2009-10-16 41472]
S3 usbcir;eHome Infrared Receiver (USBCIR); D:\Windows\system32\DRIVERS\usbcir.sys [2009-07-14 86016]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; D:\Windows\system32\DRIVERS\usbohci.sys [2009-07-14 20480]
S3 usbvideo;Zobrazovací zařízení USB (WDM); D:\Windows\System32\Drivers\usbvideo.sys [2009-07-14 146176]
S3 vga;vga; D:\Windows\system32\DRIVERS\vgapnp.sys [2009-07-14 26112]
S3 vhdmp;vhdmp; D:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824]
S3 viaagp;VIA AGP Bus Filter; D:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; D:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; D:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; D:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 vsmraid;vsmraid; D:\Windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; D:\Windows\System32\drivers\vwifibus.sys [2009-07-14 19968]
S3 WacomPen;Wacom Serial Pen HID Driver; D:\Windows\system32\DRIVERS\wacompen.sys [2009-07-14 21632]
S3 Wd;Wd; D:\Windows\system32\DRIVERS\wd.sys [2009-07-14 19024]
S3 WIMMount;WIMMount; D:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S3 WinUsb;WinUsb; D:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; D:\Windows\system32\DRIVERS\wmiacpi.sys [2009-07-14 11264]
S4 crcdisk;Crcdisk Filter Driver; D:\Windows\system32\DRIVERS\crcdisk.sys [2009-07-14 22096]
S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; D:\Windows\system32\drivers\ws2ifsl.sys [2009-07-14 16384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; D:\Windows\system32\atiesrxx.exe [2010-02-03 172032]
R2 Apple Mobile Device;Apple Mobile Device; D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Bonjour Service;Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DPS;@%systemroot%\system32\dps.dll,-500; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DUMeterSvc;DU Meter Service; D:\Program Files\DU Meter\DUMeterSvc.exe [2009-09-04 1391136]
R2 ekrn;ESET Service; D:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-02-22 810120]
R2 gpsvc;@gpapi.dll,-112; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 TeamViewer5;TeamViewer 5; D:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; D:\Program Files\Windows Media Player\wmpnetwk.exe [2009-07-14 1121280]
R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; D:\Windows\system32\SearchIndexer.exe [2009-07-14 428032]
R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; D:\Windows\ehome\ehRecvr.exe [2009-07-14 557056]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 hpqcxs08;hpqcxs08; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 iPod Service;iPod Service; D:\Program Files\iPod\bin\iPodService.exe [2010-06-15 540472]
R3 KeyIso;@keyiso.dll,-100; D:\Windows\system32\lsass.exe [2009-07-14 22528]
R3 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; D:\Windows\system32\UI0Detect.exe [2009-07-14 35840]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; D:\Windows\system32\sppsvc.exe [2009-07-14 3179520]
S2 svhost;svhost; D:\ProgramData\Microsoft\Windows\Start Menu\Programs\winlogon\svchost.exe [2010-06-19 869897]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; D:\Windows\System32\lsass.exe [2009-07-14 22528]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; D:\Windows\ehome\ehsched.exe [2009-07-14 94720]
S3 EhttpSrv;ESET HTTP Server; D:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-02-22 33560]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; D:\Windows\system32\fxssvc.exe [2009-07-14 522752]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; D:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2009-06-10 42856]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; D:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-06-10 878416]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 KtmRm;@comres.dll,-2946; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 npggsvc;nProtect GameGuard Service; D:\Windows\system32\GameMon.des [2009-12-16 3453712]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; D:\Windows\System32\snmptrap.exe [2009-07-14 12800]
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; D:\Windows\servicing\TrustedInstaller.exe [2009-07-14 204800]
S3 TuneUp.Defrag;@D:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; D:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-04-18 435016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; D:\Windows\system32\lsass.exe [2009-07-14 22528]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; D:\Windows\System32\vds.exe [2009-07-14 452608]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; D:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1343400]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; D:\Windows\system32\wbengine.exe [2009-07-14 1202688]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 astcc;AST Service; D:\Windows\system32\astsrv.exe [2009-11-20 57344]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-31 655624]
S4 LVPrcSrv;Process Monitor; D:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; D:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 PnkBstrA;PnkBstrA; D:\Windows\system32\PnkBstrA.exe [2010-04-01 75064]
S4 RalinkRegistryWriter;Ralink Registry Writer; D:\Program Files\Ovislink\Common\RalinkRegistryWriter.exe [2008-07-10 69632]

-----------------EOF-----------------

Příspěvekod **jaro3** » 20 čer 2010 12:36

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Lunaris · Příspěvekod **Lunaris** » 20 čer 2010 13:38

ComboFix 10-06-19.03 - Petr 20.06.2010 13:27:43.1.2 - x86 NETWORK
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2047.1203 [GMT 2:00]
Spuštěný z: d:\users\Petr\Downloads\ComboFix.exe
.
ADS - Windows: deleted 0 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\users\Petr\AppData\Roaming\cglogs.dat
d:\users\Petr\AppData\Roaming\data.dat
d:\users\Petr\AppData\Roaming\Microsoft\Internet Explorer\qiPSearchbar.dll
d:\users\Petr\AppData\Roaming\Microsoft\Windows\Recent\desktop_11376766.ico
d:\users\Petr\AppData\Roaming\SQLite3.dll
d:\users\Petr\AppData\Roaming\winlogon.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-20 do 2010-06-20 )))))))))))))))))))))))))))))))
.

2010-06-20 11:32 . 2010-06-20 11:32 -------- d-----w- d:\users\Petr\AppData\Local\temp
2010-06-20 11:32 . 2010-06-20 11:32 -------- d-----w- d:\users\Default\AppData\Local\temp
2010-06-20 09:56 . 2010-06-20 09:56 934921 ---h--w- d:\users\Petr\AppData\Roaming\anyname.exe
2010-06-19 20:20 . 2010-06-19 20:52 -------- d-----w- D:\rsit
2010-06-19 18:07 . 2010-06-19 18:07 -------- d-sh--r- d:\program files\Winlogon
2010-06-19 18:07 . 2010-06-19 08:28 869897 --sh--r- d:\programdata\Microsoft\Windows\Start Menu\Programs\winlogon\svchost.exe
2010-06-19 16:30 . 2010-06-19 16:30 -------- d-----w- d:\program files\iPod
2010-06-19 16:30 . 2010-06-19 16:30 -------- d-----w- d:\program files\iTunes
2010-06-19 16:26 . 2010-06-19 16:26 -------- d-----w- d:\program files\Bonjour
2010-06-19 16:24 . 2010-06-19 16:24 72504 ----a-w- d:\programdata\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-09 18:36 . 2010-05-01 14:49 2326528 ----a-w- d:\windows\system32\win32k.sys
2010-06-09 18:36 . 2010-03-05 07:42 67584 ----a-w- d:\windows\system32\asycfilt.dll
2010-06-09 18:36 . 2010-05-21 05:18 977920 ----a-w- d:\windows\system32\wininet.dll
2010-06-09 18:36 . 2010-05-27 03:49 293888 ----a-w- d:\windows\system32\atmfd.dll
2010-06-09 18:36 . 2010-05-27 07:24 34304 ----a-w- d:\windows\system32\atmlib.dll
2010-05-29 12:04 . 2010-05-29 12:04 -------- d-----w- d:\program files\Nuclear Coffee
2010-05-27 15:31 . 2010-06-20 10:15 48648 ----a-w- d:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-05-27 15:31 . 2010-05-27 15:31 484160 ----a-w- d:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-05-27 14:29 . 2009-06-22 11:25 221184 ----a-w- d:\windows\system32\RaCoInst.dll
2010-05-27 14:29 . 2009-09-07 20:20 337408 ----a-w- d:\windows\system32\drivers\netr61.sys
2010-05-27 14:29 . 2010-05-27 14:30 -------- d-----w- d:\program files\Ovislink
2010-05-27 14:28 . 2010-05-27 14:28 -------- d-----w- d:\users\Petr\AppData\Roaming\InstallShield
2010-05-26 18:55 . 2010-05-26 18:55 -------- d-----w- d:\users\Petr\AppData\Roaming\Megaupload
2010-05-26 18:55 . 2010-05-26 18:55 -------- d-----w- d:\program files\Megaupload
2010-05-26 13:09 . 2010-04-23 07:13 2048 ----a-w- d:\windows\system32\tzres.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-20 11:18 . 2010-03-17 21:09 0 ----a-w- d:\windows\system32\drivers\lvuvc.hs
2010-06-20 10:15 . 2010-04-16 16:02 -------- d-----w- d:\program files\Trend Micro
2010-06-20 10:14 . 2010-04-17 20:22 484160 ----a-w- d:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-06-19 16:30 . 2010-04-17 15:19 -------- d-----w- d:\program files\Common Files\Apple
2010-06-11 21:15 . 2010-03-16 18:03 -------- d-----w- d:\users\Petr\AppData\Roaming\skypePM
2010-06-11 19:57 . 2010-03-16 18:02 -------- d-----w- d:\users\Petr\AppData\Roaming\Skype
2010-06-09 20:46 . 2010-03-16 17:21 -------- d-----w- d:\programdata\Microsoft Help
2010-06-08 16:29 . 2010-04-19 17:22 -------- d-----w- d:\program files\Wondershare
2010-06-07 19:50 . 2009-07-14 08:44 625676 ----a-w- d:\windows\system32\perfh005.dat
2010-06-07 19:50 . 2009-07-14 08:44 119794 ----a-w- d:\windows\system32\perfc005.dat
2010-06-01 11:43 . 2010-04-17 20:22 48648 ----a-w- d:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-05-27 15:37 . 2010-03-23 20:39 -------- d-----w- d:\programdata\HP
2010-05-27 14:29 . 2010-03-17 21:05 -------- d--h--w- d:\program files\InstallShield Installation Information
2010-05-26 20:23 . 2010-03-16 17:28 -------- d-----w- d:\program files\CCleaner
2010-05-21 12:14 . 2010-03-16 17:19 221568 ------w- d:\windows\system32\MpSigStub.exe
2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- d:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- d:\windows\system32\dns-sd.exe
2010-05-15 15:03 . 2010-05-15 14:59 -------- d-----w- d:\users\Petr\AppData\Roaming\Red Alert 3
2010-05-15 14:47 . 2010-05-15 14:47 -------- d-----w- d:\program files\Electronic Arts
2010-05-15 14:41 . 2010-05-15 14:30 -------- d-----w- d:\users\Petr\AppData\Roaming\DAEMON Tools Lite
2010-05-15 14:33 . 2010-05-15 14:33 -------- d-----w- d:\program files\DAEMON Tools Toolbar
2010-05-15 14:33 . 2010-05-15 14:31 -------- d-----w- d:\program files\DAEMON Tools Lite
2010-05-15 14:32 . 2010-05-15 14:32 691696 ----a-w- d:\windows\system32\drivers\sptd.sys
2010-05-15 14:31 . 2010-05-15 14:30 -------- d-----w- d:\programdata\DAEMON Tools Lite
2010-05-15 10:38 . 2010-04-17 15:22 -------- d-----w- d:\users\Petr\AppData\Roaming\Apple Computer
2010-05-15 10:37 . 2010-05-15 10:37 0 ---ha-w- d:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2010-05-13 18:54 . 2010-05-13 17:07 -------- d-----w- d:\program files\The KMPlayer
2010-05-12 12:05 . 2009-07-14 02:37 -------- d-----w- d:\program files\Windows Mail
2010-05-06 18:39 . 2010-03-16 17:27 -------- d-----w- d:\program files\Recuva
2010-05-01 19:45 . 2010-03-31 10:16 -------- d-----w- d:\users\Petr\AppData\Roaming\onOne Software
2010-04-30 14:16 . 2010-04-30 14:13 -------- d-----w- d:\program files\ASUS
2010-04-27 16:09 . 2010-04-27 16:09 -------- d-----w- d:\users\Petr\AppData\Roaming\Imagenomic
2010-04-27 16:08 . 2010-04-01 20:51 -------- d-----w- d:\program files\Imagenomic
2010-04-24 21:33 . 2010-04-17 15:19 -------- d-----w- d:\programdata\Apple
2010-04-22 19:32 . 2010-04-19 19:28 -------- d-----w- d:\programdata\xml_param
2010-04-18 20:18 . 2010-04-18 20:18 11526144 ----a-w- d:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\CoffeeBeans.tls.dll
2010-04-12 16:33 . 2010-04-16 12:01 280440 ----a-w- d:\users\Petr\AppData\Roaming\QipGuard\sqlite3.dll
2010-04-12 16:33 . 2010-04-16 12:01 184272 ----a-w- d:\users\Petr\AppData\Roaming\QipGuard\QipGuard.exe
2010-04-12 16:33 . 2010-04-16 12:01 20944 ----a-w- d:\users\Petr\AppData\Roaming\QipGuard\chrome.dll
2010-04-06 19:01 . 2010-04-06 19:01 38784 ----a-w- d:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-04-01 20:34 . 2010-03-19 19:36 75064 ----a-w- d:\windows\system32\PnkBstrA.exe
2010-03-31 10:04 . 2010-03-16 17:08 109600 ----a-w- d:\users\Petr\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-23 20:45 . 2010-03-23 20:39 231824 ----a-w- d:\windows\hpoins21.dat
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- d:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- d:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"="d:\program files\DU Meter\DUMeter.exe" [2010-03-29 2749984]
"ccleaner"="d:\program files\CCleaner\ccleaner.exe" [2010-05-25 1694520]
"Seznam Postak"="d:\users\Petr\AppData\Local\Seznam.cz\postak.exe" [2010-03-24 462104]
"Google Update"="d:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-03-16 135664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="d:\program files\ESET\ESET Smart Security\egui.exe" [2010-02-22 2140880]
"IntelliPoint"="d:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-11 1468256]
"StartCCC"="d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-02 98304]
"RtHDVCpl"="d:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-05-22 7514656]
"itype"="d:\program files\Microsoft IntelliType Pro\itype.exe" [2009-06-01 1501064]
"Ai Nap"="d:\program files\ASUS\AI Suite\AiNap\AiNap.exe" [2009-12-28 1437312]
"Cpu Level Up help"="d:\program files\ASUS\AI Suite\CpuLevelUpHelp.exe" [2009-12-28 887936]
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

[HKLM\~\startupfolder\D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AirLive 802.11G Wireless Utility.lnk]
path=d:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AirLive 802.11G Wireless Utility.lnk
backup=d:\windows\pss\AirLive 802.11G Wireless Utility.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=d:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=d:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\D:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
path=d:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Registrace produktu.lnk
backup=d:\windows\pss\Logitech . Registrace produktu.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-03-24 18:17 952768 ----a-w- d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- d:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 05:58 611712 ----a-w- d:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPU Power Monitor]
2009-12-28 19:19 633984 ----a-w- d:\program files\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- d:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-16 17:08 135664 ----atw- d:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- d:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 15:24 54840 ----a-w- d:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-06-15 14:33 141624 ----a-w- d:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2009-10-14 12:36 2793304 ----a-w- d:\program files\Logitech\Logitech WebCam Software\LWS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2009-03-15 10:15 180224 ----a-w- d:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
2010-04-12 16:33 184272 ----a-w- d:\users\Petr\AppData\Roaming\QipGuard\QipGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- d:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 10:43 248040 ----a-w- d:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="d:\program files\QuickTime\QTTask.exe" -atboottime

R0 sptd;sptd;d:\windows\System32\Drivers\sptd.sys [2010-05-15 691696]
R1 ehdrv;ehdrv;d:\windows\system32\DRIVERS\ehdrv.sys [2010-02-22 114984]
R2 AMD External Events Utility;AMD External Events Utility;d:\windows\system32\atiesrxx.exe [2010-02-03 172032]
R2 DUMeterSvc;DU Meter Service;d:\program files\DU Meter\DUMeterSvc.exe [2009-09-04 1391136]
R2 eamonm;eamonm;d:\windows\system32\DRIVERS\eamonm.sys [2010-02-22 133512]
R2 ekrn;ESET Service;d:\program files\ESET\ESET Smart Security\ekrn.exe [2010-02-22 810120]
R2 epfwwfp;epfwwfp;d:\windows\system32\DRIVERS\epfwwfp.sys [2010-02-22 41312]
R2 svhost;svhost;d:\programdata\Microsoft\Windows\Start Menu\Programs\winlogon\svchost.exe [2010-06-19 869897]
R2 TeamViewer5;TeamViewer 5;d:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R3 amdkmdag;amdkmdag;d:\windows\system32\DRIVERS\atipmdag.sys [2010-02-03 5313536]
R3 amdkmdap;amdkmdap;d:\windows\system32\DRIVERS\atikmpag.sys [2010-02-03 150016]
R3 npggsvc;nProtect GameGuard Service;d:\windows\system32\GameMon.des [2009-12-16 3453712]
R3 rt61x86;Ovislink WT-2000PCI Driver for Windows Vista;d:\windows\system32\DRIVERS\netr61.sys [2009-09-07 337408]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 WatAdminSvc;Služba Technologie aktivace Windows;d:\windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1343400]
S3 dc3d;MS Hardware Device Detection Driver (USB);d:\windows\system32\DRIVERS\dc3d.sys [2009-11-11 22384]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;d:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{48E9C7DB-BE8A-CECC-8064-8ACAFF7CBDDD}]
2010-06-20 09:56 934921 ---h--w- d:\users\Petr\AppData\Roaming\anyname.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5JKQA-FJKLNLK-7A3CM-VWYRLQ-HA38ZA75G}]
2010-06-19 08:28 869897 --sh--r- d:\programdata\Microsoft\Windows\Start Menu\Programs\winlogon\svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{OYFPO357-XV3I-J121-K400-78I4LF7RH585}]
2010-06-19 08:29 868873 --sh--r- d:\program files\Winlogon\svhost.exe

[HKEY_CURRENT_USER\software\microsoft\active setup\installed components\{48E9C7DB-BE8A-CECC-8064-8ACAFF7CBDDD}]
2010-06-20 09:56 934921 ---h--w- d:\users\Petr\AppData\Roaming\anyname.exe
[HKEY_CURRENT_USER\software\microsoft\active setup\installed components\{D1FD0EAE-B0CA-BB21-4C4B-F48B9F2BAD1D}]
d:\users\Petr\AppData\Roaming\winlogon.exe [BU]
.
Obsah adresáře 'Naplánované úlohy'

2010-06-17 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2010-02-12 14:39]

2010-06-18 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-426473828-1720530656-3782696912-1000Core.job
- d:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-16 17:08]

2010-06-20 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-426473828-1720530656-3782696912-1000UA.job
- d:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-16 17:08]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {DE775C82-D1AE-49AF-A404-C663E9EFCD88} = 217.117.216.72,217.117.216.7
FF - ProfilePath - d:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\F861DC2F.default\
FF - component: d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - plugin: d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\users\Petr\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll

---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-RunOnce-<NO NAME> - (no file)
HKLM-Explorer_Run-winlogon - d:\users\Petr\AppData\Roaming\winlogon.exe
MSConfigStartUp-hpqSRMon - d:\program files\HP\Digital Imaging\bin\hpqSRMon.exe
ActiveSetup-{D1FD0EAE-B0CA-BB21-4C4B-F48B9F2BAD1D} - d:\users\Petr\AppData\Roaming\winlogon.exe

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DUMeterSvc]
"ImagePath"="d:\program files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="d:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-06-20 13:33:35
ComboFix-quarantined-files.txt 2010-06-20 11:33

Před spuštěním: Volných bajtů: 85 909 291 008
Po spuštění: Volných bajtů: 85 715 382 272

- - End Of File - - 6128C7F8ABBD034E113CF9F8453A32FD

Lunaris · Příspěvekod **Lunaris** » 20 čer 2010 16:17

zde je adresář umístění souboru, který zřejmě proces spouští:

D:\Users\Petr\AppData\Local\Temp\firefox.DMP

vymazal jsem celou temp složku a vypl proces firefox.exe, ale opětovně se obnovil :(

Prosím o kontrolu logu - problém s Firefoxem

Prosím o kontrolu logu - problém s Firefoxem

Re: Prosím o kontrolu logu - problém s Firefoxem

Re: Prosím o kontrolu logu - problém s Firefoxem

Re: Prosím o kontrolu logu - problém s Firefoxem

Re: Prosím o kontrolu logu - problém s Firefoxem

Re: Prosím o kontrolu logu - problém s Firefoxem

Re: Prosím o kontrolu logu - problém s Firefoxem

Re: Prosím o kontrolu logu - problém s Firefoxem

Re: Prosím o kontrolu logu - problém s Firefoxem

Re: Prosím o kontrolu logu - problém s Firefoxem

Re: Prosím o kontrolu logu - problém s Firefoxem

Re: Prosím o kontrolu logu - problém s Firefoxem

Kdo je online