System windows nemuže najít položku slidebar.exe

josefgratz · Příspěvek od **josefgratz** » stř 14. črc 2010, 18:45

Zdravím,při zapnutí pc a a najetí systému(win7 64) se mi objeví chybové hlášky:
Systém windows nemuže najít položku slidebar.exe.
a druhá hláška:
Systém windows nemuže najít položku c:/windows/system32/zip.exe
hlášky vykliknu a pc se chová normálně,jen se mi zdá že ted pri startu déle
najíždí .
Prosím o radu jak systém opravit aby se neobjevovali tyto hlášení dekuji.

Brázda.l · Příspěvek od **Brázda.l** » stř 14. črc 2010, 19:17

slidebar.exe? nebo sidebar.exe? Pokud sidebar nepoužíváš, mělo by stačit vymazat záznam z registru. Ale spíše bych pátral, kdo nebo co ti vymazalo sidebar.exe z Program Files.

A k tomu zip.exe, podívej se do msconfig co se spouští při startu PC, možná si ho nějaký program volá, ale rozhodně zip.exe není standardní součásti Windiws.

josefgratz · Příspěvek od **josefgratz** » stř 14. črc 2010, 20:22

jedná se o slidebar exe,a následuje standartní zjistěte zda je název zadán správně a opakujte akci,,
právě vubec nevím k čemu ten slidebar patří,,

jan.svoboda

Ahoj, dej sem log z RSITu - http://www.viry.cz/forum/viewtopic.php?f=24&t=81939

Je možné, že se jedná o havěť, a snad se dozvíme víc.

Příspěvek od **zombux** » pát 16. črc 2010, 21:43

slidebar.exe a zip.exe mi smrdí... pravděpodobnost virové nákazy tipuju na blížící se jistotě. mimochodem, docela by mě zajímalo co to je za havěť - 64bit systémy jsou proti běžným šmejdům docela odolné...

jan.svoboda

Souhlas, taky by mě to zajímalo, každopádně log z RSIT apod. bude určitě potřeba.

josefgratz · Příspěvek od **josefgratz** » sob 17. črc 2010, 01:49

Ahoj snad je to ono,nemám s tím zatím žádné zkušenosti,
a omlovám se za zpoždění měl jsem v práci 16 -ti hod.směnu
moc děkuji za pomoc,,

Run by Jakub at 2010-07-17 01:41:49
Microsoft Windows 7 Ultimate
System drive C: has 62 GB (9%) free of 715 GB
Total RAM: 6134 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:42:06, on 17.7.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\ASUS\Ai Suite\CpuLevelUpHookLaunch.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\FlashGet Network\FlashGet 3\Flashget3.exe
C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe
C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
C:\Program Files (x86)\ASUS\T Probe\TProbe.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\ASUS\Ai Suite\CpuLevelUpHook32.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\IObitBar\toolbar\1.bin\i0brmon.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Jakub.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.flashget.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7757CBCC-0975-4b79-A519-90B142CA3A23} - C:\Program Files (x86)\IObitBar\toolbar\1.bin\i0SrcAs.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Jakub\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Toolbar BHO - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - C:\Program Files (x86)\IObitBar\toolbar\1.bin\i0bar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: IObit Toolbar - {EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} - C:\Program Files (x86)\IObitBar\toolbar\1.bin\i0bar.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe"
O4 - HKLM\..\Run: [T Probe] "C:\Program Files (x86)\ASUS\T Probe\TProbe.exe" -b
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IObitBar Browser Plugin Loader] C:\PROGRA~2\IObitBar\toolbar\1.bin\i0brmon.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [User.exe] C:\Users\Jakub\Documents\user.exe
O4 - HKCU\..\Run: [FlashGet 3] "C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" -minimize
O4 - HKCU\..\Run: [ErrorRepairPro] C:\Program Files (x86)\Error Repair Professional\autostart.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: zip.exe.lnk = C:\Windows\SysWOW64\zip.exe
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Jakub\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Jakub\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe
O23 - Service: DriveXpert - Unknown owner - C:\Program Files (x86)\DriveXpert\XSrvSetup.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IObit Toolbar Service (IObitBarService) - IObit - C:\PROGRA~2\IObitBar\toolbar\1.bin\i0barsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11333 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Alwil Software\Avast5\afwServ.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
"C:\Program Files (x86)\DriveXpert\XSrvSetup.exe"
"C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe"
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" /onboot
"C:\ASUS.SYS\config\DVMExportService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files (x86)\DriveXpert\DriveXpertSetup.exe" min
taskeng.exe {4F8A3E3B-339F-4374-8AF6-1CA8C0595842}
"C:\Program Files\ASUS\Ai Suite\CpuLevelUpHookLaunch.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Users\Jakub\Documents\user.exe"
C:\PROGRA~2\IObitBar\toolbar\1.bin\i0barsvc.exe
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\Flashget3.exe" -minimize
"C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe"
"C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
"C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe"
"C:\Program Files (x86)\ASUS\T Probe\TProbe.exe" -b
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files\ASUS\Six Engine\SixEngine.exe" -b
"C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe" /startup
"C:\Program Files\ASUS\Ai Suite\CpuLevelUpHook32"
"C:\Program Files\ASUS\Ai Suite\CpuLevelUpHook64"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
{88FEA6A1-EFB7-44C1-8529-7C706B1A5422}
{DD8760A0-B5ED-4991-87C5-A34E6266D46E}
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe"
"C:\Program Files (x86)\IObitBar\toolbar\1.bin\i0brmon.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"taskhost.exe"
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe" /TUStart /pid:3456
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
C:\Windows\system32\AUDIODG.EXE 0x2d8
"C:\Users\Jakub\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\AWC AutoSweep.job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\AWC Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05 132448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2009-09-09 173488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Users\Jakub\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll [2010-05-11 144944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE}]
Toolbar BHO - C:\Program Files (x86)\IObitBar\toolbar\1.bin\i0bar.dll [2010-07-06 638976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} - IObit Toolbar - C:\Program Files (x86)\IObitBar\toolbar\1.bin\i0bar.dll [2010-07-06 638976]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-11-11 2320752]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-11 2345848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2010-03-20 3118512]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"User.exe"=C:\Users\Jakub\Documents\user.exe [2010-06-26 10752]
"FlashGet 3"=C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe [2010-05-11 2385456]
"ErrorRepairPro"=C:\Program Files (x86)\Error Repair Professional\autostart.exe [2008-05-26 559104]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-16 2245120]
"TurboV EVO"=C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe [2009-07-15 7238144]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"QFan Help"=C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe [2009-07-01 601088]
"Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
"T Probe"=C:\Program Files (x86)\ASUS\T Probe\TProbe.exe [2009-07-24 3016192]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-06-28 2837864]
"IObitBar Browser Plugin Loader"=C:\PROGRA~2\IObitBar\toolbar\1.bin\i0brmon.exe [2010-07-06 20480]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]

C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
zip.exe.lnk - C:\Windows\SysWOW64\zip.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2009-07-14 115200]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-07-17 01:41:49 ----D---- C:\rsit
2010-07-17 01:41:49 ----D---- C:\Program Files\trend micro
2010-07-14 17:44:48 ----A---- C:\Windows\system32\cdd.dll
2010-07-12 17:49:24 ----D---- C:\Users\Jakub\AppData\Roaming\DivX
2010-07-12 17:48:55 ----D---- C:\Program Files\DivX
2010-07-12 17:47:17 ----D---- C:\Program Files (x86)\Google
2010-07-12 17:47:12 ----D---- C:\Program Files (x86)\DivX
2010-07-12 17:46:51 ----D---- C:\ProgramData\DivX
2010-07-12 17:03:05 ----D---- C:\Program Files (x86)\Matroska Pack
2010-07-06 11:52:07 ----D---- C:\Program Files (x86)\IObitBar
2010-07-05 18:47:10 ----D---- C:\Program Files (x86)\Error Repair Professional
2010-06-28 21:33:49 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-06-28 21:33:48 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-06-28 21:33:46 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2010-06-28 21:33:44 ----A---- C:\Windows\system32\drivers\aswFW.sys
2010-06-28 21:33:14 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2010-06-28 21:33:13 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-06-28 21:33:11 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-06-28 21:33:05 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-06-28 21:32:38 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2010-06-28 21:32:37 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2010-06-27 22:49:36 ----D---- C:\ProgramData\Alwil Software
2010-06-27 22:49:36 ----D---- C:\Program Files\Alwil Software
2010-06-27 21:58:07 ----D---- C:\Program Files (x86)\Windows Doctor
2010-06-26 23:49:10 ----D---- C:\Program Files (x86)\City Interactive
2010-06-26 12:49:25 ----A---- C:\Users\Jakub\AppData\Roaming\xcgl8824XC.exe
2010-06-26 12:49:10 ----A---- C:\Users\Jakub\AppData\Roaming\kmfe4539KM.exe
2010-06-26 06:54:33 ----A---- C:\Users\Jakub\AppData\Roaming\7Loader Release 5.exe
2010-06-26 06:50:08 ----A---- C:\Users\Jakub\AppData\Roaming\vxdt8317VX.exe
2010-06-26 06:46:53 ----A---- C:\Windows\system32\systemcpl.dll
2010-06-26 06:25:29 ----D---- C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
2010-06-26 05:46:45 ----A---- C:\Users\Jakub\AppData\Roaming\hdxq3446HD.exe
2010-06-26 05:43:14 ----A---- C:\Users\Jakub\AppData\Roaming\nnhr5662NN.exe
2010-06-26 05:42:44 ----A---- C:\Users\Jakub\AppData\Roaming\tmmo1772CE.exe
2010-06-23 19:38:03 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2010-06-23 19:38:03 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2010-06-23 19:38:03 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2010-06-23 19:38:03 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2010-06-23 19:38:02 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2010-06-23 19:38:02 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-23 19:38:02 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-23 19:38:02 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-23 19:38:02 ----A---- C:\Windows\system32\mscoree.dll
2010-06-23 19:38:02 ----A---- C:\Windows\system32\dfshim.dll
2010-06-23 18:30:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2010-06-23 18:30:59 ----A---- C:\Windows\system32\ntdll.dll
2010-06-23 18:30:51 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-06-23 18:30:51 ----A---- C:\Windows\system32\CPFilters.dll
2010-06-23 18:30:50 ----A---- C:\Windows\system32\msdri.dll
2010-06-22 19:39:22 ----D---- C:\Windows\SYSWOW64\Wat
2010-06-22 19:39:20 ----D---- C:\Windows\system32\Wat
2010-06-21 08:55:56 ----D---- C:\ProgramData\POPWWPROFILES
2010-06-18 22:00:11 ----D---- C:\Users\Jakub\AppData\Roaming\gtk-2.0
2010-06-18 21:55:41 ----D---- C:\Program Files (x86)\GIMP-2.0

======List of files/folders modified in the last 1 months======

2010-07-17 01:42:04 ----D---- C:\Windows\Prefetch
2010-07-17 01:41:57 ----D---- C:\Windows\Temp
2010-07-17 01:41:49 ----RD---- C:\Program Files
2010-07-17 01:17:05 ----D---- C:\Windows\system32\config
2010-07-17 01:14:08 ----D---- C:\ProgramData\NVIDIA
2010-07-17 01:13:49 ----D---- C:\Users\Jakub\AppData\Roaming\BITS
2010-07-17 01:13:39 ----D---- C:\Users\Jakub\AppData\Roaming\DMCache
2010-07-15 21:22:17 ----SHD---- C:\System Volume Information
2010-07-14 20:14:45 ----D---- C:\Windows\winsxs
2010-07-14 20:14:07 ----D---- C:\Windows
2010-07-14 20:12:57 ----D---- C:\Windows\System32
2010-07-14 19:44:44 ----D---- C:\Windows\debug
2010-07-14 17:44:17 ----D---- C:\Windows\system32\catroot
2010-07-14 17:40:50 ----D---- C:\Windows\system32\catroot2
2010-07-12 17:49:00 ----D---- C:\Program Files (x86)\Common Files
2010-07-12 17:48:48 ----D---- C:\Windows\SysWOW64
2010-07-12 17:48:47 ----SHD---- C:\Windows\Installer
2010-07-12 17:47:22 ----D---- C:\Windows\Tasks
2010-07-12 17:47:22 ----D---- C:\Windows\system32\Tasks
2010-07-12 17:47:17 ----RD---- C:\Program Files (x86)
2010-07-12 17:46:51 ----HD---- C:\ProgramData
2010-07-12 15:42:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-07-12 07:18:45 ----D---- C:\Program Files (x86)\Ubisoft
2010-07-12 07:07:37 ----SHD---- C:\$Recycle.Bin
2010-07-11 18:42:14 ----D---- C:\Downloads
2010-07-11 14:56:02 ----D---- C:\Users\Jakub\AppData\Roaming\IDM
2010-07-02 22:18:43 ----A---- C:\Windows\system32\MRT.exe
2010-07-02 21:37:13 ----D---- C:\Windows\system32\NDF
2010-06-28 21:33:49 ----D---- C:\Windows\system32\drivers
2010-06-28 21:33:36 ----D---- C:\Windows\inf
2010-06-28 21:33:33 ----D---- C:\Windows\system32\DriverStore
2010-06-28 21:21:23 ----AD---- C:\ProgramData\TEMP
2010-06-27 21:11:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-06-27 18:59:29 ----RSD---- C:\Windows\assembly
2010-06-26 13:26:49 ----D---- C:\Windows\system32\oobe
2010-06-26 06:52:21 ----D---- C:\Program Files\Microsoft Security Essentials
2010-06-26 06:52:21 ----D---- C:\Program Files (x86)\Microsoft Antimalware
2010-06-26 06:48:20 ----D---- C:\Windows\rescache
2010-06-26 06:47:00 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-06-26 06:47:00 ----D---- C:\Windows\system32\cs-CZ
2010-06-26 06:46:53 ----A---- C:\Windows\SYSWOW64\slwga.dll
2010-06-26 06:46:53 ----A---- C:\Windows\system32\slwga.dll
2010-06-26 06:15:29 ----D---- C:\Program Files (x86)\Activision
2010-06-25 13:15:50 ----D---- C:\Windows\SoftwareDistribution
2010-06-24 18:36:33 ----D---- C:\Windows\Microsoft.NET
2010-06-23 20:38:53 ----D---- C:\Windows\AppPatch
2010-06-23 19:37:47 ----D---- C:\Windows\ehome
2010-06-18 22:51:06 ----D---- C:\Program Files (x86)\Disney Interactive Studios

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2010-03-19 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2010-06-28 250448]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2009-07-18 109480]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-11 834544]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-04-06 13368]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2010-06-28 124496]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-06-28 28752]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2010-06-28 432720]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-06-28 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-06-28 51280]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-18 34472]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-06-28 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-06-28 61008]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-02-21 43168]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2007-12-11 26624]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 36352]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-10 1222144]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-02-21 312480]
S3 anjssvb4;anjssvb4; C:\Windows\system32\drivers\anjssvb4.sys []
S3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2009-11-11 27504]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 61280]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2009-10-06 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2009-10-06 18944]
S3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2009-11-11 15752]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys [2009-11-11 34160]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2008-10-24 43008]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 24064]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2008-10-24 43008]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2009-10-06 8704]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-07-14 32768]
S3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.0); C:\Windows\system32\DRIVERS\RtVLAN60.sys [2007-12-03 24064]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2010-06-28 119200]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DriveXpert;DriveXpert; C:\Program Files (x86)\DriveXpert\XSrvSetup.exe [2009-07-03 69632]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:\ASUS.SYS\config\DVMExportService.exe [2009-07-17 319488]
R2 IObitBarService;IObit Toolbar Service; C:\PROGRA~2\IObitBar\toolbar\1.bin\i0barsvc.exe [2010-07-06 28766]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-06-18 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 159336]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-05-22 75064]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-04-03 240232]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-04-19 1401672]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-12 135664]
S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe [2009-08-24 544768]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-05-01 607048]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

josefgratz · Příspěvek od **josefgratz** » ned 18. črc 2010, 10:35

tak zip.exe jsem vymazal jeden zastupce byl v sys wow64 a druhy v start menu, a už se nic neobjevuje,ani o tom slidebaru,ten jsem dal hledat a patří to k internet download manageru,,,jestě kdyby se někdo podíval na to logo rsitu,
jestli je tam ještě nějaky problém ,,díky

jan.svoboda · Příspěvek od **jan.svoboda** » ned 18. črc 2010, 12:25

Ano, log je správný. Protože jsi již odstranil zip.exe, bylo by vhodné tuto položku odstranit i v registrech. Spusť proto samotný HijackThis (C:\Program Files\trend micro\Jakub.exe) a zvol Do a system scan only, tam najdi položku:
O4 - Startup: zip.exe.lnk = C:\Windows\SysWOW64\zip.exe a fixni jí (oznaš čtvereček vlevo od položky a dole klikni na Fix it.

No a pro jistotu bych byl pro, aby jsi sem vložil ještě log z MBAMu.

Aplikace ke stažení:

http://www.download.com/Malwarebytes-An ... tag=button

Postup:
- Stáhněte, nainstalujte a spusťte
- Zvolte Rychlý sken a klikněte na tlačítko Skenovat
- Po dokončení potvrďte hlášku OK a klikněte na Zobrazit výsledky
- Dejte Uložit protokol a ten sem zkopírujte
- Pokud bude MBAM požadovat restart PC, povolte mu jej

josefgratz · Příspěvek od **josefgratz** » ned 18. črc 2010, 14:45

ten zip exe je odstraněný a tady je ten log,
zatím moc děkuji a prosím ještě o názor k tomu logu
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4323

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

18.7.2010 14:31:24
mbam-log-2010-07-18 (14-31-24).txt

Typ skenu: Rychlý sken
Skenované objekty: 127341
Uplynulý čas: 7 minuta(y), 0 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 4
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 4
Infikované soubory: 10

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CURRENT_USER\Software\ErrorRepairPro (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\QNB2EB90WX (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RZDVL2F27W (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Error Repair Professional_is1 (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\errorrepairpro (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
C:\Program Files (x86)\Error Repair Professional (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Error Repair Professional\Backups (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Error Repair Professional\startbug (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Error Repair Professional (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

Infikované soubory:
C:\$Recycle.Bin\S-1-5-21-278943228-2836928824-937610942-1001\$R5VA5KR.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Error Repair Professional\autostart.exe (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Error Repair Professional\ErrorRepairProfessional.exe (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Error Repair Professional\unins000.dat (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Error Repair Professional\unins000.exe (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Error Repair Professional\Backups\Backup_18-51-8_5-7-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Error Repair Professional\Backups\Backup_22-0-32_5-7-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Error Repair Professional\Error Repair Professional.lnk (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Error Repair Professional\Uninstall Error Repair Professional.lnk (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
C:\Users\Jakub\AppData\Roaming\chrtmp (Malware.Trace) -> Quarantined and deleted successfully.

jan.svoboda · Příspěvek od **jan.svoboda** » ned 18. črc 2010, 14:48

Tady to už vypadá dobře, MBAM smazal vlastně jenom Error Repair Professional. Chybová hláška stále neskáče?

josefgratz · Příspěvek od **josefgratz** » ned 18. črc 2010, 16:50

po restartu nic neskočilo,napíši ještě zítra,zatím moc děkuji za pomoc.

jan.svoboda · Příspěvek od **jan.svoboda** » ned 18. črc 2010, 16:51

Ok, nemáš za co

josefgratz · Příspěvek od **josefgratz** » úte 20. črc 2010, 21:50

Tak moc děkuji,chybové hlášky už neskáčou ,ani jedna,,
ještě jednou děkuji za ochotu a pomoc,,josef

jan.svoboda

Není vůbec za co, kdyby něco, tak se ozvi.

Rune737 · Příspěvek od **Rune737** » čtv 24. led 2019, 12:09

Pánové, děkuji Vám mnohokrát, musím se přiznat že ještě nikdy jsem neměl takový problém. Hlavně problém s malwarem. Nevím úplně o co se vlastně jednalo, viděl jsem napadený klíč registru nějakým PUP programem, ten jsem přesunul do virového trezoru. Ještě jednou děkuji velice

!!

System windows nemuže najít položku slidebar.exe

System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe

Re: System windows nemuže najít položku slidebar.exe