services.exe - Chyba aplikace

Problematika virů a antivirů, zabezpečení PC - firewall, spyware, atd.
Odpovědět
Kysis
Nováček
Nováček
Registrován: 26. dub 2011

services.exe - Chyba aplikace

Příspěvek od Kysis »

Dobrý den prosím o radu, při startu systému se mi zobrazí hláška

services.exe - chyba aplikace
Instrukce na adrese 0x00f44a51 odkazovala na adresu paměti 0x000e31c0. S pamětí nelze provést operaci: read.

Klepntutím na tlačítko OK ukončíte program.
Chcete-li programladit, klepněte na tlačítko Storno



Moc prosím o radu díky.
jan.svoboda
Středně pokročilý
Středně pokročilý
Registrován: 25. pro 2009
Bydliště: Chrudim

Re: services.exe - Chyba aplikace

Příspěvek od jan.svoboda »

Ahoj, dle návodu v mém podpisu sem vlož log z ComboFixu a pro jistotu můžeš ještě udělat test paměti např. MemTest 86+, ale spíš to bude softwarový problém (vir).
Zde na foru již nejsem aktivní, vyskytuji se na Google+ (http://gplus.to/JanSvoboda), kde aktivně píšu nejen o IT.
Kysis
Nováček
Nováček
Registrován: 26. dub 2011

Re: services.exe - Chyba aplikace

Příspěvek od Kysis »

Udělal sem to tím combofixem ale na c: tam je pouze combofix a když ho otevřu tak se zobrazí jakoby tento počítač, žádnej log tam není
jan.svoboda
Středně pokročilý
Středně pokročilý
Registrován: 25. pro 2009
Bydliště: Chrudim

Re: services.exe - Chyba aplikace

Příspěvek od jan.svoboda »

Log musel vyskočit po dokončneí, pokud jsi postupoval podle návodu. Jinak v té složce by i přesto měl být, nyní si nejsem jist kde, tak mrkni i do vnořených složek. Jinak zkus udělat sken znovu dle návodu a log musí být.
Zde na foru již nejsem aktivní, vyskytuji se na Google+ (http://gplus.to/JanSvoboda), kde aktivně píšu nejen o IT.
Kysis
Nováček
Nováček
Registrován: 26. dub 2011

Re: services.exe - Chyba aplikace

Příspěvek od Kysis »

mě to právě skočilo tím že se mi restartoval pc
Kysis
Nováček
Nováček
Registrován: 26. dub 2011

Re: services.exe - Chyba aplikace

Příspěvek od Kysis »

nepomohl by log HijackThis ?
jan.svoboda
Středně pokročilý
Středně pokročilý
Registrován: 25. pro 2009
Bydliště: Chrudim

Re: services.exe - Chyba aplikace

Příspěvek od jan.svoboda »

Tak sem zkus dle návodu v mém podpise vložit log z RSIT - obsahuje log z HijackThis, ale také výpis změněných / nově vytvořených souborů / složek v PC apod. - jako ComboFix, jen nemaže.
Zde na foru již nejsem aktivní, vyskytuji se na Google+ (http://gplus.to/JanSvoboda), kde aktivně píšu nejen o IT.
Kysis
Nováček
Nováček
Registrován: 26. dub 2011

Re: services.exe - Chyba aplikace

Příspěvek od Kysis »

Logfile of random's system information tool 1.08 (written by random/random)
Run by Marťa_2 at 2011-05-01 13:36:35
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 25 GB (13%) free of 191 GB
Total RAM: 1535 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:36:52, on 1.5.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\Twain_32\iCam Tracer CCD\SnapTrap.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Panasonic\VideoCamSuite\VideoCamSuiteAutoStart.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\V-Gear BEE\VBService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Marťa_2\Plocha\RSIT.exe
C:\Program Files\trend micro\Marťa_2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (file missing)
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [STICAP] C:\WINDOWS\Twain_32\iCam Tracer CCD\SnapTrap.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle LE\RAM_XP.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [bgsmsnd.exe] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Windows Firewall] C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\lsass.exe
O4 - HKCU\..\Run: [ticugub] C:\Documents and Settings\Marťa_2\Data aplikací\Microsoft\puvooz.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe
O4 - HKCU\..\Run: [MSConfig] C:\Documents and Settings\Marťa_2\rip.exe \u
O4 - HKCU\..\Run: [JP595IR86O] C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\Or1.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet Ultra Accelerator] "C:\Program Files\Bitcomet Ultra Accelerator\BitComet Ultra Accelerator.exe" -tray
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: BEE Service.lnk = C:\Program Files\V-Gear BEE\VBService.exe
O4 - Global Startup: Aktualizovat ESET licenci.lnk = C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
O4 - Global Startup: Auto run of VideoCam Suite 1.0.lnk = ?
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Add all items to the auction list - res://C:\Program Files\RKD\AuctionNavigator\BidCtxtClick.dll/202
O8 - Extra context menu item: Add this item to the auction list - res://C:\Program Files\RKD\AuctionNavigator\BidCtxtClick.dll/201
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... 0.0.15.cab
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... b?3,14,8,0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9841270640
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://arcade.icq.com/carlo/zuma/popcaploader_v5.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CS2\Services\Tcpip\..\{3D7B4577-22ED-4D66-9F21-57F97DF61B79}: NameServer = 213.191.99.6
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} - (no file)
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: SigmaTel Audio Service (afeji2ueeyf) - Unknown owner - C:\Documents and Settings\Marťa_2\Data aplikací\Microsoft\gequofouj.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 13485 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll []
{D5D47440-0750-463D-BAEF-A47D02414806} - Lišta Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"STICAP"=C:\WINDOWS\Twain_32\iCam Tracer CCD\SnapTrap.exe [2005-04-27 155648]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-07-22 81920]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe []
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"RAM Idle Professional"=C:\Program Files\RAM Idle LE\RAM_XP.exe []
"nwiz"=nwiz.exe /install []
"NWEReboot"= []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-06-10 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
"NPSStartup"= []
"NeroFilterCheck"=C:\WINDOWS\System32\NeroCheck.exe [2001-07-09 155648]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]
"bgsmsnd.exe"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe [2006-06-02 106496]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040]
"Anti-Blaxx Manager"=C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Firewall"=C:\DOCUME~1\MAR [2010-04-12 1538]
"ticugub"=C:\Documents and Settings\Mar [2010-04-12 1538]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-01-26 15026056]
"POEngine5"= []
"OEXPRESS"= []
"NVIDIA driver monitor"=C:\WINDOWS\nvsvc32.exe []
"MSConfig"=C:\Documents and Settings\Mar [2010-04-12 1538]
"JP595IR86O"=C:\DOCUME~1\MAR [2010-04-12 1538]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe silent loginmode=4 []
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BitComet Ultra Accelerator"=C:\Program Files\Bitcomet Ultra Accelerator\BitComet Ultra Accelerator.exe -tray []
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Aktualizovat ESET licenci.lnk - C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
Auto run of VideoCam Suite 1.0.lnk - C:\Program Files\Panasonic\VideoCamSuite\VideoCamSuiteAutoStart.exe
Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe

C:\Documents and Settings\Marťa_2\Nabídka Start\Programy\Po spuštění
BEE Service.lnk - C:\Program Files\V-Gear BEE\VBService.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fcmnofjb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\fcmnofjb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.0"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Disabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe"="C:\Program Files\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe:*:Enabled:Nero MediaHome"
"C:\Program Files\BitSpirit\BitSpirit.exe"="C:\Program Files\BitSpirit\BitSpirit.exe:*:Enabled:The powerful and easy-to-use BitTorrent Client"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe:*:Disabled:Football Manager 2009"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Holdem Indicator\HoldemIndicator.exe"="C:\Program Files\Holdem Indicator\HoldemIndicator.exe:*:Enabled:Holdem Indicator"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Documents and Settings\Marťa_2\Plocha\utorrent.exe"="C:\Documents and Settings\Marťa_2\Plocha\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Marťa_2\Local Settings\Temp\Rar$EX00.422\utorrent.exe"="C:\Documents and Settings\Marťa_2\Local Settings\Temp\Rar$EX00.422\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Marťa_2\Plocha\P17535732.JPG-www.facebook.exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\1515303.exe"="C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\1515303.exe:*:Enabled:Microsoft Office"
"C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\67899.exe"="C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\67899.exe:*:Enabled:Microsoft Office"
"C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\89963.exe"="C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\89963.exe:*:Enabled:Microsoft Office"
"C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\261.exe"="C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\261.exe:*:Enabled:Microsoft Office"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2011-05-01 13:36:35 ----D---- C:\rsit
2011-05-01 13:36:35 ----D---- C:\Program Files\trend micro
2011-04-28 17:59:26 ----SD---- C:\ComboFix
2011-04-27 19:16:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-27 19:16:49 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-04-27 19:16:44 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-04-27 19:16:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-04-27 19:16:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-27 19:16:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2497640$
2011-04-27 19:16:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-04-27 19:16:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-04-27 19:16:04 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-04-27 19:15:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-04-27 19:15:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-04-27 19:15:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-27 19:15:37 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-04-27 19:15:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-27 19:10:05 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2011-04-27 19:09:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-27 19:08:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2011-04-27 19:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-04-27 19:08:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-04-27 19:08:06 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-04-27 19:08:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-04-27 19:07:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-04-27 19:07:45 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-04-27 19:07:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-04-27 19:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-04-27 19:07:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-04-27 19:02:53 ----SHD---- C:\Config.Msi
2011-04-27 19:02:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-04-27 19:00:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-04-27 18:59:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-27 18:59:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-04-27 18:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-04-27 18:59:35 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-04-27 18:59:30 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-04-27 18:59:24 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-04-27 18:59:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-04-27 18:58:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-04-26 20:22:52 ----A---- C:\Boot.bak
2011-04-26 20:22:49 ----RASHD---- C:\cmdcons
2011-04-26 19:56:18 ----A---- C:\WINDOWS\zip.exe
2011-04-26 19:56:18 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-04-26 19:56:18 ----A---- C:\WINDOWS\SWSC.exe
2011-04-26 19:56:18 ----A---- C:\WINDOWS\SWREG.exe
2011-04-26 19:56:18 ----A---- C:\WINDOWS\sed.exe
2011-04-26 19:56:18 ----A---- C:\WINDOWS\PEV.exe
2011-04-26 19:56:18 ----A---- C:\WINDOWS\NIRCMD.exe
2011-04-26 19:56:18 ----A---- C:\WINDOWS\MBR.exe
2011-04-26 19:56:18 ----A---- C:\WINDOWS\grep.exe
2011-04-26 19:21:49 ----D---- C:\WINDOWS\ERDNT
2011-04-26 19:21:43 ----D---- C:\Qoobox
2011-04-26 12:06:17 ----D---- C:\WINDOWS\pss
2011-04-25 20:01:58 ----D---- C:\WINDOWS\Prefetch
2011-04-25 19:27:12 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-04-25 19:27:12 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-04-25 19:27:09 ----N---- C:\WINDOWS\system32\aaclient.dll
2011-04-25 19:27:08 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2011-04-25 19:27:08 ----N---- C:\WINDOWS\system32\azroles.dll
2011-04-25 19:27:07 ----N---- C:\WINDOWS\system32\credssp.dll
2011-04-25 19:27:06 ----N---- C:\WINDOWS\system32\dot3api.dll
2011-04-25 19:27:06 ----N---- C:\WINDOWS\system32\dimsroam.dll
2011-04-25 19:27:06 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2011-04-25 19:27:06 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\eapsvc.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\eapqec.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\eappprxy.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\eapphost.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\eappgnui.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\eappcfg.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\eapolqec.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\dot3ui.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\dot3svc.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\dot3msm.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2011-04-25 19:27:05 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2011-04-25 19:27:04 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2011-04-25 19:27:04 ----N---- C:\WINDOWS\system32\kmsvc.dll
2011-04-25 19:27:04 ----N---- C:\WINDOWS\system32\kbdpash.dll
2011-04-25 19:27:04 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2011-04-25 19:27:04 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2011-04-25 19:27:04 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2011-04-25 19:27:03 ----N---- C:\WINDOWS\system32\onex.dll
2011-04-25 19:27:03 ----N---- C:\WINDOWS\system32\napstat.exe
2011-04-25 19:27:03 ----N---- C:\WINDOWS\system32\napmontr.dll
2011-04-25 19:27:03 ----N---- C:\WINDOWS\system32\napipsec.dll
2011-04-25 19:27:03 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2011-04-25 19:27:03 ----N---- C:\WINDOWS\system32\mssha.dll
2011-04-25 19:27:03 ----N---- C:\WINDOWS\system32\mmcperf.exe
2011-04-25 19:27:03 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-04-25 19:27:03 ----N---- C:\WINDOWS\system32\mmcex.dll
2011-04-25 19:27:03 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-04-25 19:27:02 ----N---- C:\WINDOWS\system32\setupn.exe
2011-04-25 19:27:02 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2011-04-25 19:27:02 ----N---- C:\WINDOWS\system32\rasqec.dll
2011-04-25 19:27:02 ----N---- C:\WINDOWS\system32\qutil.dll
2011-04-25 19:27:02 ----N---- C:\WINDOWS\system32\qcliprov.dll
2011-04-25 19:27:02 ----N---- C:\WINDOWS\system32\qagentrt.dll
2011-04-25 19:27:02 ----N---- C:\WINDOWS\system32\qagent.dll
2011-04-25 19:27:00 ----N---- C:\WINDOWS\system32\tspkg.dll
2011-04-25 19:27:00 ----N---- C:\WINDOWS\system32\tsgqec.dll
2011-04-25 19:26:59 ----N---- C:\WINDOWS\system32\wlanapi.dll
2011-04-25 19:26:57 ----D---- C:\WINDOWS\system32\cs
2011-04-25 19:26:57 ----D---- C:\WINDOWS\l2schemas
2011-04-25 19:24:12 ----N---- C:\WINDOWS\system32\browserchoice.exe
2011-04-25 19:22:38 ----D---- C:\WINDOWS\network diagnostic
2011-04-25 19:22:35 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2011-04-25 19:22:34 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2011-04-25 19:20:59 ----A---- C:\WINDOWS\005983_.tmp
2011-04-25 19:02:32 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2011-04-25 19:02:23 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2011-04-25 19:02:23 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2011-04-25 19:02:23 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2011-04-23 12:46:17 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp
2011-04-16 11:33:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\BigFishGamesCache
2011-04-15 21:18:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
2011-04-15 21:18:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
2011-04-15 21:17:54 ----D---- C:\Program Files\Alawar
2011-04-09 19:13:28 ----D---- C:\Program Files\SopCast

======List of files/folders modified in the last 1 months======

2011-05-01 13:36:35 ----AD---- C:\WINDOWS\Temp
2011-05-01 13:36:35 ----AD---- C:\Program Files
2011-05-01 13:36:08 ----D---- C:\Program Files\Mozilla Firefox
2011-05-01 13:29:31 ----D---- C:\Documents and Settings\Marťa_2\Data aplikací\skypePM
2011-05-01 13:29:27 ----D---- C:\Documents and Settings\Marťa_2\Data aplikací\Skype
2011-05-01 13:24:58 ----D---- C:\WINDOWS\system32
2011-05-01 13:24:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-05-01 13:21:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google Updater
2011-05-01 13:20:58 ----SD---- C:\WINDOWS\Tasks
2011-04-28 17:57:17 ----D---- C:\WINDOWS\system32\drivers
2011-04-28 17:54:21 ----D---- C:\WINDOWS
2011-04-28 17:42:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-28 16:49:09 ----HD---- C:\WINDOWS\inf
2011-04-28 16:48:59 ----HD---- C:\WINDOWS\$hf_mig$
2011-04-28 16:45:40 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-27 19:57:02 ----D---- C:\WINDOWS\AppPatch
2011-04-27 19:57:01 ----D---- C:\Program Files\Common Files
2011-04-27 19:29:14 ----D---- C:\WINDOWS\Microsoft.NET
2011-04-27 19:29:11 ----RSD---- C:\WINDOWS\assembly
2011-04-27 19:21:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-04-27 19:18:15 ----SHD---- C:\WINDOWS\Installer
2011-04-27 19:16:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-27 19:16:52 ----A---- C:\WINDOWS\imsins.BAK
2011-04-27 19:14:11 ----D---- C:\Program Files\Microsoft Works
2011-04-27 19:08:13 ----D---- C:\Program Files\Outlook Express
2011-04-27 19:07:47 ----D---- C:\Program Files\Movie Maker
2011-04-27 19:05:06 ----D---- C:\WINDOWS\WinSxS
2011-04-26 20:22:52 ----RASH---- C:\boot.ini
2011-04-26 18:27:50 ----SHD---- C:\System Volume Information
2011-04-26 18:23:13 ----A---- C:\WINDOWS\win.ini
2011-04-26 18:23:13 ----A---- C:\WINDOWS\system.ini
2011-04-25 20:04:14 ----A---- C:\WINDOWS\OEWABLog.txt
2011-04-25 20:03:08 ----A---- C:\WINDOWS\setuplog.txt
2011-04-25 20:01:30 ----D---- C:\WINDOWS\system32\Setup
2011-04-25 20:01:29 ----RSD---- C:\WINDOWS\Fonts
2011-04-25 20:01:29 ----D---- C:\WINDOWS\system32\wbem
2011-04-25 19:32:46 ----D---- C:\WINDOWS\security
2011-04-25 19:32:37 ----D---- C:\WINDOWS\system32\CatRoot
2011-04-25 19:27:18 ----D---- C:\Program Files\Messenger
2011-04-25 19:27:15 ----D---- C:\WINDOWS\ServicePackFiles
2011-04-25 19:27:14 ----D---- C:\WINDOWS\EHome
2011-04-25 19:27:12 ----D---- C:\WINDOWS\system32\inetsrv
2011-04-25 19:27:12 ----D---- C:\WINDOWS\ime
2011-04-25 19:27:11 ----D---- C:\WINDOWS\Help
2011-04-25 19:26:58 ----D---- C:\WINDOWS\system32\usmt
2011-04-25 19:26:58 ----D---- C:\WINDOWS\system32\cs-CZ
2011-04-25 19:26:57 ----D---- C:\WINDOWS\system32\bits
2011-04-25 19:26:57 ----D---- C:\WINDOWS\peernet
2011-04-25 19:26:57 ----D---- C:\Program Files\Internet Explorer
2011-04-25 19:24:12 ----D---- C:\WINDOWS\system32\Restore
2011-04-25 19:24:12 ----D---- C:\WINDOWS\system32\npp
2011-04-25 19:24:11 ----D---- C:\WINDOWS\msagent
2011-04-25 19:24:10 ----D---- C:\WINDOWS\srchasst
2011-04-25 19:24:09 ----D---- C:\Program Files\NetMeeting
2011-04-25 19:24:08 ----D---- C:\WINDOWS\system32\Com
2011-04-25 19:24:06 ----D---- C:\Program Files\Windows Media Player
2011-04-25 19:24:05 ----D---- C:\Program Files\Windows NT
2011-04-25 19:24:02 ----D---- C:\Program Files\Common Files\System
2011-04-25 19:23:48 ----D---- C:\WINDOWS\system32\oobe
2011-04-25 19:23:46 ----D---- C:\WINDOWS\system
2011-04-25 19:20:42 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-04-23 13:34:00 ----SD---- C:\Documents and Settings\Marťa_2\Data aplikací\Microsoft
2011-04-23 12:46:19 ----D---- C:\Program Files\BS_Player
2011-04-23 12:46:17 ----D---- C:\Program Files\ConduitEngine
2011-04-22 19:37:00 ----D---- C:\Program Files\PokerStars
2011-04-09 19:16:34 ----A---- C:\WINDOWS\NeroDigital.ini
2011-04-07 22:56:29 ----D---- C:\Program Files\utorrent
2011-04-04 21:52:07 ----D---- C:\Documents and Settings\Marťa_2\Data aplikací\ICQ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 imagedrv;imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [2005-08-15 5888]
R0 imagesrv;imagesrv; C:\WINDOWS\System32\DRIVERS\imagesrv.sys [2005-08-15 127488]
R0 nvata;nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [2005-05-17 92800]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-07-23 43528]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-09-20 685816]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-12-03 13566]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2003-10-24 90416]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-08-08 5632]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-01-02 9728]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 PPCLASS;PPCLASS; C:\WINDOWS\system32\drivers\PPCLASS.sys [1997-04-09 85868]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-07-26 3644032]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-01-02 3968]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-24 171520]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2009-06-10 8087712]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
S1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys []
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 fcmnofjb;fcmnofjb; C:\WINDOWS\system32\drivers\fcmnofjb.sys [2010-11-17 82944]
S2 PPSCAN;PPSCAN; C:\WINDOWS\system32\drivers\PPSCAN.sys [1999-02-10 120544]
S2 UMAXPCLS;Ovladač skeneru na portu tiskárny; C:\WINDOWS\System32\DRIVERS\umaxpcls.sys [2001-08-17 22912]
S3 catchme;catchme; \??\C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-06-13 25280]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 imqznlni;imqznlni; \??\C:\WINDOWS\System32\Drivers\imqznlni.sys []
S3 jbmdprpd;jbmdprpd; \??\C:\WINDOWS\System32\Drivers\jbmdprpd.sys []
S3 jxzseizl;jxzseizl; \??\C:\WINDOWS\System32\Drivers\jxzseizl.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSICPL;MSICPL; \??\E:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2006-11-12 47360]
S3 pfdkicnm;pfdkicnm; \??\C:\WINDOWS\System32\Drivers\pfdkicnm.sys []
S3 ryjcozqt;ryjcozqt; \??\C:\WINDOWS\System32\Drivers\ryjcozqt.sys []
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\screamingbdriver.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 slabbus;USB Cable DCU-11 driver (WDM); C:\WINDOWS\System32\DRIVERS\slabbus.sys [2004-08-09 51040]
S3 slabser;USB Cable DCU-11 Drivers; C:\WINDOWS\System32\DRIVERS\slabser.sys [2004-08-09 82768]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SQTECH930B;iCam Tracer CCD; C:\WINDOWS\System32\Drivers\Capt930b.sys [2005-11-24 305053]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 StMp3Rec;Player Recovery Device Control Driver; C:\WINDOWS\System32\Drivers\StMp3Rec.sys [2006-08-07 71368]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 ubgooxrp;ubgooxrp; \??\C:\WINDOWS\System32\Drivers\ubgooxrp.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 vnoleagm;vnoleagm; \??\C:\WINDOWS\System32\Drivers\vnoleagm.sys []
S3 W700bus;Sony Ericsson W700 Driver driver (WDM); C:\WINDOWS\System32\DRIVERS\W700bus.sys [2006-02-19 61536]
S3 W700mdfl;Sony Ericsson W700 USB WMC Modem Filter; C:\WINDOWS\System32\DRIVERS\W700mdfl.sys [2006-12-24 9264]
S3 W700mdm;Sony Ericsson W700 USB WMC Modem Driver; C:\WINDOWS\System32\DRIVERS\W700mdm.sys [2006-12-24 97056]
S3 W700mgmt;Sony Ericsson W700 USB WMC Device Management Drivers (WDM); C:\WINDOWS\System32\DRIVERS\W700mgmt.sys [2006-02-19 88560]
S3 W700obex;Sony Ericsson W700 USB WMC OBEX Interface; C:\WINDOWS\System32\DRIVERS\W700obex.sys [2006-02-19 86368]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\System32\DRIVERS\w810bus.sys []
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\System32\DRIVERS\w810mdfl.sys []
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\System32\DRIVERS\w810mdm.sys []
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2004-04-14 14432]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 wqexcgmp;wqexcgmp; \??\C:\WINDOWS\System32\Drivers\wqexcgmp.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-10 116040]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2007-06-15 145504]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\System32\DVDRAMSV.exe [2003-05-23 106496]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-06-10 168004]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-30 75064]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
S2 afeji2ueeyf;SigmaTel Audio Service; C:\Documents and Settings\Mar [2010-04-12 1538]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-04 135664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-13 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-07-05 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
jan.svoboda
Středně pokročilý
Středně pokročilý
Registrován: 25. pro 2009
Bydliště: Chrudim

Re: services.exe - Chyba aplikace

Příspěvek od jan.svoboda »

V HijackThis fixni (označ čtvereček vlevo od položky a klikni na Fix it)

Kód: Vybrat vše

R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Windows Firewall] C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\lsass.exe
O4 - HKCU\..\Run: [JP595IR86O] C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\Or1.exe
O4 - Global Startup: Aktualizovat ESET licenci.lnk = C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
Pak sem dej log z MBAMu (návod v mém podpise) a uvidíme dále :)
Zde na foru již nejsem aktivní, vyskytuji se na Google+ (http://gplus.to/JanSvoboda), kde aktivně píšu nejen o IT.
Kysis
Nováček
Nováček
Registrován: 26. dub 2011

Re: services.exe - Chyba aplikace

Příspěvek od Kysis »

Tak sem to udělal a tady dávám log z MBAMu
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6701

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

28.5.2011 18:25:31
mbam-log-2011-05-28 (18-25-26).txt

Typ kontroly: Rychlý test
Testované objekty: 194113
Uplynulý čas: 22 minut, 57 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 115
Infikované hodnoty v registru: 4
Infikované datové položky v registru: 2
Infikované složky: 17
Infikované soubory: 48

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CLASSES_ROOT\AppID\{127DF9B4-D75D-44A6-AF78-8C3A8CEB03DB} (Adware.WhenU) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{035C1836-0D78-DABC-F4A7-D5D0517EE1F9} (Rogue.MalwareWiped) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.DataControl.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.DataControl (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2EFF3CF7-99C1-4c29-BC2B-68E057E22340} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{621FEACD-8857-43a6-AE26-451D670D5370} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2763E333-B168-41A0-A112-D35F96F410C0} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.ShellViewControl.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.ShellViewControl (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.2 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.1 (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD} (Adware.WhenU) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095} (Adware.WhenU) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086} (Adware.WhenU) -> No action taken.
HKEY_CLASSES_ROOT\ACM.ACMFactory.1 (Adware.WhenU) -> No action taken.
HKEY_CLASSES_ROOT\ACM.ACMFactory (Adware.WhenU) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\VideoAXObject.Chl (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\AppID\ACM.DLL (Adware.WhenU) -> No action taken.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Z30KYPG3WS (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Alert Popup (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Object (Trojan.Zlob) -> No action taken.

Infikované hodnoty v registru:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\MSConfig (Trojan.Agent) -> Value: MSConfig -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run\NVIDIA driver monitor (Backdoor.Agent) -> Value: NVIDIA driver monitor -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Value: FunWebProducts -> No action taken.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
c:\program files\funwebproducts (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\screensaver (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Shared (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Shared\Cache (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Game (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\SrchAstt (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\SrchAstt\1.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\video activex object (Trojan.Zlob) -> No action taken.
c:\documents and settings\Marťa_2\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
c:\documents and settings\Marťa_2\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\Data (Adware.DoubleD) -> No action taken.

Infikované soubory:
c:\program files\mywebsearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> No action taken.
c:\documents and settings\Terka\local settings\Temp\54929.exe (Spyware.Passwords.XGen) -> No action taken.
c:\documents and settings\Terka\local settings\Temp\849.exe (Spyware.Passwords.XGen) -> No action taken.
c:\documents and settings\Terka\local settings\Temp\9049336.exe (Spyware.Passwords.XGen) -> No action taken.
c:\documents and settings\all users\data aplikací\common.data (Malware.Trace) -> No action taken.
c:\documents and settings\Marťa_2\data aplikací\wiaserva.log (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\secupdat.dat (Backdoor.Bot) -> No action taken.
c:\documents and settings\Marťa_2\secupdat.dat (Worm.Autorun) -> No action taken.
c:\program files\funwebproducts\screensaver\Images\00ED76F4.urr (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Shared\Cache\cursormaniabtn.html (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Shared\Cache\mailstampbtn.htmlx (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Shared\Cache\myfuncardsimbtn.html (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Shared\Cache\mystationerybtn.html (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Shared\Cache\smileycentralbtn.html (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\1.bin\m3ffxtbr.manifest (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\1.bin\m3ntstbr.manifest (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\0000C515 (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\00ED2BF1 (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\00ED349C.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\00ED3E31.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\00ED57C4.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\00ED5F94.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\00FBF16F.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\00FBF6AF.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\00FBF884.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\0182D58A.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\0182D76E.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\0182DAAB.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\0182DC7F (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\History\search2 (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
c:\documents and settings\Marťa_2\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\bg.jpg (Adware.DoubleD) -> No action taken.
c:\documents and settings\Marťa_2\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\currentversion.xml (Adware.DoubleD) -> No action taken.
c:\documents and settings\Marťa_2\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\icon.ico (Adware.DoubleD) -> No action taken.
c:\documents and settings\Marťa_2\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\tdf.dat (Adware.DoubleD) -> No action taken.
c:\documents and settings\Marťa_2\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\Data\productinfo.mx (Adware.DoubleD) -> No action taken.
jan.svoboda
Středně pokročilý
Středně pokročilý
Registrován: 25. pro 2009
Bydliště: Chrudim

Re: services.exe - Chyba aplikace

Příspěvek od jan.svoboda »

Ok, smaž v MBAMu vše, co našel, a vlož nový log z RSITu.
Zde na foru již nejsem aktivní, vyskytuji se na Google+ (http://gplus.to/JanSvoboda), kde aktivně píšu nejen o IT.
Kysis
Nováček
Nováček
Registrován: 26. dub 2011

Re: services.exe - Chyba aplikace

Příspěvek od Kysis »

Logfile of random's system information tool 1.08 (written by random/random)
Run by Marťa_2 at 2011-05-28 23:03:44
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 22 GB (12%) free of 191 GB
Total RAM: 1535 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:03:50, on 28.5.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\WINDOWS\Twain_32\iCam Tracer CCD\SnapTrap.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Panasonic\VideoCamSuite\VideoCamSuiteAutoStart.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\V-Gear BEE\VBService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Data aplikací\aE26400JjGaE26400\aE26400JjGaE26400.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Marťa_2\Plocha\RSIT.exe
C:\Program Files\trend micro\Marťa_2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (file missing)
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [STICAP] C:\WINDOWS\Twain_32\iCam Tracer CCD\SnapTrap.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle LE\RAM_XP.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [bgsmsnd.exe] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ticugub] C:\Documents and Settings\Marťa_2\Data aplikací\Microsoft\puvooz.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet Ultra Accelerator] "C:\Program Files\Bitcomet Ultra Accelerator\BitComet Ultra Accelerator.exe" -tray
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\RunOnce: [aE26400JjGaE26400] C:\Documents and Settings\All Users\Data aplikací\aE26400JjGaE26400\aE26400JjGaE26400.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: BEE Service.lnk = C:\Program Files\V-Gear BEE\VBService.exe
O4 - Global Startup: Auto run of VideoCam Suite 1.0.lnk = ?
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Add all items to the auction list - res://C:\Program Files\RKD\AuctionNavigator\BidCtxtClick.dll/202
O8 - Extra context menu item: Add this item to the auction list - res://C:\Program Files\RKD\AuctionNavigator\BidCtxtClick.dll/201
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... b?3,14,8,0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9841270640
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://arcade.icq.com/carlo/zuma/popcaploader_v5.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CS2\Services\Tcpip\..\{3D7B4577-22ED-4D66-9F21-57F97DF61B79}: NameServer = 213.191.99.6
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} - (no file)
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: SigmaTel Audio Service (afeji2ueeyf) - Unknown owner - C:\Documents and Settings\Marťa_2\Data aplikací\Microsoft\gequofouj.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 12956 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806} - Lišta Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"STICAP"=C:\WINDOWS\Twain_32\iCam Tracer CCD\SnapTrap.exe [2005-04-27 155648]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-07-22 81920]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe []
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"RAM Idle Professional"=C:\Program Files\RAM Idle LE\RAM_XP.exe []
"nwiz"=nwiz.exe /install []
"NWEReboot"= []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-06-10 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
"NPSStartup"= []
"NeroFilterCheck"=C:\WINDOWS\System32\NeroCheck.exe [2001-07-09 155648]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]
"bgsmsnd.exe"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe [2006-06-02 106496]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040]
"Anti-Blaxx Manager"=C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ticugub"=C:\Documents and Settings\Mar [2010-04-12 1538]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-01-26 15026056]
"POEngine5"= []
"OEXPRESS"= []
"NVIDIA driver monitor"=C:\WINDOWS\nvsvc32.exe []
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe silent loginmode=4 []
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BitComet Ultra Accelerator"=C:\Program Files\Bitcomet Ultra Accelerator\BitComet Ultra Accelerator.exe -tray []
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"aE26400JjGaE26400"=C:\Documents and Settings\All Users\Data aplikací\aE26400JjGaE26400\aE26400JjGaE26400 [2011-05-28 192]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Auto run of VideoCam Suite 1.0.lnk - C:\Program Files\Panasonic\VideoCamSuite\VideoCamSuiteAutoStart.exe
Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe

C:\Documents and Settings\Marťa_2\Nabídka Start\Programy\Po spuštění
BEE Service.lnk - C:\Program Files\V-Gear BEE\VBService.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fcmnofjb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\fcmnofjb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.0"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Disabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe"="C:\Program Files\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe:*:Enabled:Nero MediaHome"
"C:\Program Files\BitSpirit\BitSpirit.exe"="C:\Program Files\BitSpirit\BitSpirit.exe:*:Enabled:The powerful and easy-to-use BitTorrent Client"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe:*:Disabled:Football Manager 2009"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Holdem Indicator\HoldemIndicator.exe"="C:\Program Files\Holdem Indicator\HoldemIndicator.exe:*:Enabled:Holdem Indicator"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Documents and Settings\Marťa_2\Plocha\utorrent.exe"="C:\Documents and Settings\Marťa_2\Plocha\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Marťa_2\Local Settings\Temp\Rar$EX00.422\utorrent.exe"="C:\Documents and Settings\Marťa_2\Local Settings\Temp\Rar$EX00.422\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Marťa_2\Plocha\P17535732.JPG-www.facebook.exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\1515303.exe"="C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\1515303.exe:*:Enabled:Microsoft Office"
"C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\67899.exe"="C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\67899.exe:*:Enabled:Microsoft Office"
"C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\89963.exe"="C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\89963.exe:*:Enabled:Microsoft Office"
"C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\261.exe"="C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\261.exe:*:Enabled:Microsoft Office"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2011-05-28 23:02:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\aE26400JjGaE26400
2011-05-28 17:59:37 ----D---- C:\Documents and Settings\Marťa_2\Data aplikací\Malwarebytes
2011-05-28 17:59:31 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-05-28 17:59:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-05-28 17:59:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-05-28 17:59:24 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-05-28 14:18:43 ----D---- C:\Documents and Settings\Marťa_2\Data aplikací\go
2011-05-28 14:18:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-05-15 20:12:33 ----D---- C:\Program Files\MSECache
2011-05-01 13:36:35 ----D---- C:\rsit
2011-05-01 13:36:35 ----D---- C:\Program Files\trend micro

======List of files/folders modified in the last 1 months======

2011-05-28 23:03:44 ----AD---- C:\WINDOWS\Temp
2011-05-28 23:02:39 ----D---- C:\WINDOWS\Prefetch
2011-05-28 23:02:34 ----D---- C:\WINDOWS
2011-05-28 23:01:26 ----D---- C:\Documents and Settings\Marťa_2\Data aplikací\Skype
2011-05-28 23:00:34 ----SD---- C:\WINDOWS\Tasks
2011-05-28 22:59:46 ----D---- C:\WINDOWS\system32\drivers
2011-05-28 22:57:21 ----AD---- C:\Program Files
2011-05-28 22:57:20 ----D---- C:\WINDOWS\system32
2011-05-28 18:50:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-05-28 18:47:36 ----D---- C:\Documents and Settings\Marťa_2\Data aplikací\skypePM
2011-05-28 17:52:33 ----SHD---- C:\WINDOWS\Installer
2011-05-28 16:10:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google Updater
2011-05-27 23:24:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-27 19:29:50 ----D---- C:\Program Files\PokerStars
2011-05-25 21:49:05 ----D---- C:\WINDOWS\system32\CatRoot2
2011-05-20 20:19:25 ----D---- C:\Program Files\Mozilla Firefox
2011-05-13 23:25:16 ----A---- C:\WINDOWS\NeroDigital.ini
2011-05-07 14:22:29 ----D---- C:\Program Files\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 imagedrv;imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [2005-08-15 5888]
R0 imagesrv;imagesrv; C:\WINDOWS\System32\DRIVERS\imagesrv.sys [2005-08-15 127488]
R0 nvata;nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [2005-05-17 92800]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-07-23 43528]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-09-20 685816]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-12-03 13566]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2003-10-24 90416]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-08-08 5632]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-01-02 9728]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 PPCLASS;PPCLASS; C:\WINDOWS\system32\drivers\PPCLASS.sys [1997-04-09 85868]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-07-26 3644032]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-01-02 3968]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-24 171520]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2009-06-10 8087712]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
S1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys []
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 fcmnofjb;fcmnofjb; C:\WINDOWS\system32\drivers\fcmnofjb.sys [2010-11-17 82944]
S2 PPSCAN;PPSCAN; C:\WINDOWS\system32\drivers\PPSCAN.sys [1999-02-10 120544]
S2 UMAXPCLS;Ovladač skeneru na portu tiskárny; C:\WINDOWS\System32\DRIVERS\umaxpcls.sys [2001-08-17 22912]
S3 catchme;catchme; \??\C:\DOCUME~1\MARA_2~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-06-13 25280]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 imqznlni;imqznlni; \??\C:\WINDOWS\System32\Drivers\imqznlni.sys []
S3 jbmdprpd;jbmdprpd; \??\C:\WINDOWS\System32\Drivers\jbmdprpd.sys []
S3 jxzseizl;jxzseizl; \??\C:\WINDOWS\System32\Drivers\jxzseizl.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSICPL;MSICPL; \??\E:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2006-11-12 47360]
S3 pfdkicnm;pfdkicnm; \??\C:\WINDOWS\System32\Drivers\pfdkicnm.sys []
S3 ryjcozqt;ryjcozqt; \??\C:\WINDOWS\System32\Drivers\ryjcozqt.sys []
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\screamingbdriver.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 slabbus;USB Cable DCU-11 driver (WDM); C:\WINDOWS\System32\DRIVERS\slabbus.sys [2004-08-09 51040]
S3 slabser;USB Cable DCU-11 Drivers; C:\WINDOWS\System32\DRIVERS\slabser.sys [2004-08-09 82768]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SQTECH930B;iCam Tracer CCD; C:\WINDOWS\System32\Drivers\Capt930b.sys [2005-11-24 305053]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 StMp3Rec;Player Recovery Device Control Driver; C:\WINDOWS\System32\Drivers\StMp3Rec.sys [2006-08-07 71368]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 ubgooxrp;ubgooxrp; \??\C:\WINDOWS\System32\Drivers\ubgooxrp.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 vnoleagm;vnoleagm; \??\C:\WINDOWS\System32\Drivers\vnoleagm.sys []
S3 W700bus;Sony Ericsson W700 Driver driver (WDM); C:\WINDOWS\System32\DRIVERS\W700bus.sys [2006-02-19 61536]
S3 W700mdfl;Sony Ericsson W700 USB WMC Modem Filter; C:\WINDOWS\System32\DRIVERS\W700mdfl.sys [2006-12-24 9264]
S3 W700mdm;Sony Ericsson W700 USB WMC Modem Driver; C:\WINDOWS\System32\DRIVERS\W700mdm.sys [2006-12-24 97056]
S3 W700mgmt;Sony Ericsson W700 USB WMC Device Management Drivers (WDM); C:\WINDOWS\System32\DRIVERS\W700mgmt.sys [2006-02-19 88560]
S3 W700obex;Sony Ericsson W700 USB WMC OBEX Interface; C:\WINDOWS\System32\DRIVERS\W700obex.sys [2006-02-19 86368]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\System32\DRIVERS\w810bus.sys []
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\System32\DRIVERS\w810mdfl.sys []
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\System32\DRIVERS\w810mdm.sys []
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2004-04-14 14432]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 wqexcgmp;wqexcgmp; \??\C:\WINDOWS\System32\Drivers\wqexcgmp.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-10 116040]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2007-06-15 145504]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\System32\DVDRAMSV.exe [2003-05-23 106496]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-06-10 168004]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-30 75064]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
S2 afeji2ueeyf;SigmaTel Audio Service; C:\Documents and Settings\Mar [2010-04-12 1538]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-04 135664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-13 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-07-05 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-04 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
jan.svoboda
Středně pokročilý
Středně pokročilý
Registrován: 25. pro 2009
Bydliště: Chrudim

Re: services.exe - Chyba aplikace

Příspěvek od jan.svoboda »

Pořád se mi to moc nelíbí, k potížím s hláškou dochází stále?

Soubory:
C:\Documents and Settings\Marťa_2\Data aplikací\Microsoft\puvooz.exe
C:\Documents and Settings\All Users\Data aplikací\aE26400JjGaE26400\aE26400JjGaE26400.exe

Oetstuj na VirusTotal a vlož sem odkazy na analýzy souborů.
Zde na foru již nejsem aktivní, vyskytuji se na Google+ (http://gplus.to/JanSvoboda), kde aktivně píšu nejen o IT.
Kysis
Nováček
Nováček
Registrován: 26. dub 2011

Re: services.exe - Chyba aplikace

Příspěvek od Kysis »

Hlášku to už nehází, mám tyto 2 soubory smazat?
jan.svoboda
Středně pokročilý
Středně pokročilý
Registrován: 25. pro 2009
Bydliště: Chrudim

Re: services.exe - Chyba aplikace

Příspěvek od jan.svoboda »

Tak super s tou hláškou, nene, raději je nemaž, ale jen otestuj - nejsem si jist, zda se jedná o škodlivé soubory nebo ne :)
Zde na foru již nejsem aktivní, vyskytuji se na Google+ (http://gplus.to/JanSvoboda), kde aktivně píšu nejen o IT.
Kysis
Nováček
Nováček
Registrován: 26. dub 2011

Re: services.exe - Chyba aplikace

Příspěvek od Kysis »

http://www.virustotal.com/file-scan/rep ... 1307191550

Ten druhej nemůžu najít, ve složce není, přitom v testu vidět je
Odpovědět

Zpět na „Viry, antiviry a bezpečnost“