Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

SecurityCentral - problém

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
petrsvetr
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 29 pro 2009 18:51

Re: SecurityCentral - problém

#16 Příspěvek od petrsvetr »

Omlouvám se, že jsem byl delší čas mimo.

1) SPTD jsem stáhl a provedl uninstall.

2)GMER mi po spuštění zřejmě vytíží CPU na 100% a jakákoliv následující práce je vyloučena. Zkoušel jsem to několikrát, ale vždycky jsem musel notebook natvrdo vypnout, nešlo vůbec nic dělat. Povedlo se mi uložit ten první log, ale myslím, že je to jen část.

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-01-03 18:07:50
Windows 6.0.6000
Running: gmer.exe; Driver: C:\Users\PELECH~1\AppData\Local\Temp\fxddipow.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Nevím, možná mám slabé železo. (Turion 64 X2 na 2GHz, 2GB paměti).

2)Log z MBR

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll acpi.sys ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
kernel: MBR read successfully
user & kernel MBR OK
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: SecurityCentral - problém

#17 Příspěvek od motji »

Můžete prosím spustit znovu combofix? :)
Jak to vypadá s počítačem?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
petrsvetr
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 29 pro 2009 18:51

Re: SecurityCentral - problém

#18 Příspěvek od petrsvetr »

Spustil jsem ComboFix, tady je log. Počítač se mi jeví v pořádku, žádné problémy nepozoruju.

ComboFix 09-12-30.01 - Pelech Petr 03.01.2010 21:17:28.3.2 - x86
Spuštěný z: c:\users\Pelech Petr\Desktop\ComboFix.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-12-03 do 2010-01-03 )))))))))))))))))))))))))))))))
.

2010-01-03 20:23 . 2010-01-03 20:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-01-03 20:23 . 2010-01-03 20:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-02 20:25 . 2010-01-02 20:25 -------- d-----w- c:\programdata\Meridian93
2010-01-02 20:24 . 2010-01-02 20:24 -------- d-----w- c:\users\Pelech Petr\AppData\Roaming\Meridian93
2010-01-02 20:02 . 2010-01-02 20:02 -------- d-----w- c:\program files\MyPlayCity.com
2009-12-31 09:17 . 2010-01-03 20:23 -------- d-----w- c:\users\Pelech Petr\AppData\Local\temp
2009-12-31 05:05 . 2009-12-31 05:05 268800 ----a-w- c:\windows\system32\es.dll
2009-12-30 21:34 . 2009-12-30 21:34 -------- d-----w- C:\Games
2009-12-30 16:29 . 2009-12-30 17:00 -------- d-----w- c:\program files\Brany Skeldalu
2009-12-30 07:19 . 2009-12-30 07:19 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-12-30 07:19 . 2009-12-30 07:19 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-12-30 07:19 . 2009-12-30 07:19 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-12-30 07:19 . 2009-12-30 07:19 272896 ----a-w- c:\windows\system32\polstore.dll
2009-12-30 07:17 . 2009-12-30 07:17 95232 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-12-30 07:17 . 2009-12-30 07:17 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-12-30 07:17 . 2009-12-30 07:17 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-12-30 07:16 . 2009-12-30 07:16 87040 ----a-w- c:\windows\system32\msoert2.dll
2009-12-30 07:16 . 2009-12-30 07:16 39424 ----a-w- c:\windows\system32\ACCTRES.dll
2009-12-30 07:16 . 2009-12-30 07:16 205824 ----a-w- c:\windows\system32\msoeacct.dll
2009-12-30 07:12 . 2009-12-30 07:12 704000 ----a-w- c:\windows\system32\PhotoScreensaver.scr
2009-12-30 07:12 . 2009-12-30 07:12 356352 ----a-w- c:\windows\system32\wbem\wbemcomn.dll
2009-12-30 07:12 . 2009-12-30 07:12 24064 ----a-w- c:\windows\system32\wtsapi32.dll
2009-12-30 07:12 . 2009-12-30 07:12 258232 ----a-w- c:\windows\system32\drivers\acpi.sys
2009-12-30 07:12 . 2009-12-30 07:12 20920 ----a-w- c:\windows\system32\drivers\compbatt.sys
2009-12-30 07:12 . 2009-12-30 07:12 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys
2009-12-30 07:12 . 2009-12-30 07:12 28344 ----a-w- c:\windows\system32\drivers\battc.sys
2009-12-30 07:12 . 2009-12-30 07:12 14208 ----a-w- c:\windows\system32\drivers\CmBatt.sys
2009-12-30 07:12 . 2009-12-30 07:12 542720 ----a-w- c:\windows\system32\sysmain.dll
2009-12-30 07:11 . 2009-12-30 07:11 194560 ----a-w- c:\windows\system32\WebClnt.dll
2009-12-30 07:11 . 2009-12-30 07:11 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-12-30 07:10 . 2009-12-30 07:10 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2009-12-30 07:10 . 2009-12-30 07:10 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2009-12-30 07:10 . 2009-12-30 07:10 502272 ----a-w- c:\windows\system32\wlansvc.dll
2009-12-30 07:10 . 2009-12-30 07:10 47104 ----a-w- c:\windows\system32\wlanapi.dll
2009-12-30 07:10 . 2009-12-30 07:10 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2009-12-30 07:10 . 2009-12-30 07:10 297984 ----a-w- c:\windows\system32\wlansec.dll
2009-12-30 07:09 . 2009-12-30 07:09 1260032 ----a-w- c:\windows\system32\msxml3.dll
2009-12-30 07:09 . 2009-12-30 07:09 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-12-30 07:09 . 2009-12-30 07:09 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-12-30 07:09 . 2009-12-30 07:09 1406464 ----a-w- c:\windows\system32\msxml6.dll
2009-12-30 07:06 . 2009-12-30 07:06 156160 ----a-w- c:\windows\system32\t2embed.dll
2009-12-30 07:06 . 2009-12-30 07:06 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-12-30 07:06 . 2009-12-30 07:06 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-12-30 07:06 . 2009-12-30 07:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-12-30 07:06 . 2009-12-30 07:06 24064 ----a-w- c:\windows\system32\lpk.dll
2009-12-30 07:06 . 2009-12-30 07:06 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-12-30 07:05 . 2009-12-30 07:05 7680 ----a-w- c:\windows\system32\lsass.exe
2009-12-30 07:05 . 2009-12-30 07:05 72704 ----a-w- c:\windows\system32\secur32.dll
2009-12-30 07:05 . 2009-12-30 07:05 408136 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-12-30 07:05 . 2009-12-30 07:05 216576 ----a-w- c:\windows\system32\msv1_0.dll
2009-12-30 07:05 . 2009-12-30 07:05 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-12-30 07:05 . 2009-12-30 07:05 1233920 ----a-w- c:\windows\system32\lsasrv.dll
2009-12-30 07:04 . 2009-12-30 07:04 2855424 ----a-w- c:\windows\system32\mf.dll
2009-12-30 07:04 . 2009-12-30 07:04 98816 ----a-w- c:\windows\system32\mfps.dll
2009-12-30 07:04 . 2009-12-30 07:04 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2009-12-30 07:04 . 2009-12-30 07:04 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-12-30 07:04 . 2009-12-30 07:04 2048 ----a-w- c:\windows\system32\mferror.dll
2009-12-30 07:02 . 2009-12-30 07:02 2048 ----a-w- c:\windows\system32\tzres.dll
2009-12-30 06:59 . 2009-12-30 06:59 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-12-30 06:58 . 2009-12-30 06:58 71680 ----a-w- c:\windows\system32\atl.dll
2009-12-30 06:56 . 2009-12-30 06:56 297472 ----a-w- c:\windows\system32\gdi32.dll
2009-12-30 06:55 . 2009-12-30 06:55 1060920 ----a-w- c:\windows\system32\drivers\ntfs.sys
2009-12-30 06:55 . 2009-12-30 06:55 41984 ----a-w- c:\windows\system32\drivers\monitor.sys
2009-12-30 06:54 . 2009-12-30 06:54 3502152 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-30 06:54 . 2009-12-30 06:54 3467864 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-30 06:50 . 2009-12-30 06:50 211456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-12-30 06:50 . 2009-12-30 06:50 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2009-12-30 06:50 . 2009-12-30 06:50 30208 ----a-w- c:\windows\system32\xolehlp.dll
2009-12-30 06:49 . 2009-12-30 06:49 156160 ----a-w- c:\windows\system32\wkssvc.dll
2009-12-30 06:48 . 2009-12-30 06:48 36352 ----a-w- c:\windows\system32\tsgqec.dll
2009-12-30 06:48 . 2009-12-30 06:48 116736 ----a-w- c:\windows\system32\aaclient.dll
2009-12-30 06:48 . 2009-12-30 06:48 1871872 ----a-w- c:\windows\system32\mstscax.dll
2009-12-30 06:47 . 2009-12-30 06:47 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-12-30 06:44 . 2009-12-30 06:44 356864 ----a-w- c:\windows\system32\MediaMetadataHandler.dll
2009-12-30 06:44 . 2009-12-30 06:44 86016 ----a-w- c:\windows\system32\icfupgd.dll
2009-12-30 06:44 . 2009-12-30 06:44 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2009-12-30 06:44 . 2009-12-30 06:44 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2009-12-30 06:44 . 2009-12-30 06:44 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2009-12-30 06:44 . 2009-12-30 06:44 61952 ----a-w- c:\windows\system32\cmifw.dll
2009-12-30 06:44 . 2009-12-30 06:44 23040 ----a-w- c:\windows\system32\drivers\tunnel.sys
2009-12-30 06:44 . 2009-12-30 06:44 178688 ----a-w- c:\windows\system32\iphlpsvc.dll
2009-12-30 06:44 . 2009-12-30 06:44 16896 ----a-w- c:\windows\system32\wfapigp.dll
2009-12-30 06:44 . 2009-12-30 06:44 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2009-12-30 06:40 . 2009-12-30 06:40 696832 ----a-w- c:\windows\system32\localspl.dll
2009-12-30 06:39 . 2009-12-30 06:39 88576 ----a-w- c:\windows\system32\avifil32.dll
2009-12-30 06:39 . 2009-12-30 06:39 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-30 06:39 . 2009-12-30 06:39 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-12-30 06:39 . 2009-12-30 06:39 31232 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-30 06:39 . 2009-12-30 06:39 12800 ----a-w- c:\windows\system32\msrle32.dll
2009-12-30 06:39 . 2009-12-30 06:39 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-30 06:37 . 2009-12-30 06:37 45112 ----a-w- c:\windows\system32\drivers\pciidex.sys
2009-12-30 06:37 . 2009-12-30 06:37 21560 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-12-30 06:37 . 2009-12-30 06:37 15928 ----a-w- c:\windows\system32\drivers\pciide.sys
2009-12-30 06:37 . 2009-12-30 06:37 109624 ----a-w- c:\windows\system32\drivers\ataport.sys
2009-12-30 06:37 . 2009-12-30 06:37 211000 ----a-w- c:\windows\system32\drivers\volsnap.sys
2009-12-30 06:37 . 2009-12-30 06:37 154624 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-12-30 06:37 . 2009-12-30 06:37 2923520 ----a-w- c:\windows\explorer.exe
2009-12-30 06:36 . 2009-12-30 06:36 8704 ----a-w- c:\windows\system32\hcrstco.dll
2009-12-30 06:36 . 2009-12-30 06:36 8704 ----a-w- c:\windows\system32\hccoin.dll
2009-12-30 06:36 . 2009-12-30 06:36 38400 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-12-30 06:36 . 2009-12-30 06:36 224768 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-12-30 06:36 . 2009-12-30 06:36 19456 ----a-w- c:\windows\system32\drivers\usbohci.sys
2009-12-30 06:36 . 2009-12-30 06:36 193536 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-12-30 06:36 . 2009-12-30 06:36 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-12-30 06:36 . 2009-12-30 06:36 24064 ----a-w- c:\windows\system32\netcfg.exe
2009-12-30 06:34 . 2009-12-30 06:34 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll
2009-12-30 06:30 . 2009-12-30 06:30 29184 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2009-12-30 06:30 . 2009-12-30 06:30 220160 ----a-w- c:\windows\system32\drivers\bthport.sys
2009-12-30 06:30 . 2009-12-30 06:30 19456 ----a-w- c:\windows\system32\drivers\bthenum.sys
2009-12-30 06:30 . 2009-12-30 06:30 181760 ----a-w- c:\windows\system32\fsquirt.exe
2009-12-30 06:28 . 2009-12-30 06:28 1585664 ----a-w- c:\windows\system32\setupapi.dll
2009-12-30 06:23 . 2009-12-30 06:23 9728 ----a-w- c:\windows\system32\LAPRXY.DLL
2009-12-30 06:23 . 2009-12-30 06:23 223232 ----a-w- c:\windows\system32\WMASF.DLL
2009-12-30 06:23 . 2009-12-30 06:23 2048 ----a-w- c:\windows\system32\asferror.dll
2009-12-30 06:23 . 2009-12-30 06:23 25600 ----a-w- c:\windows\system32\amxread.dll
2009-12-30 06:23 . 2009-12-30 06:23 14848 ----a-w- c:\windows\system32\apilogen.dll
2009-12-30 06:22 . 2009-12-30 06:22 268288 ----a-w- c:\windows\system32\mcbuilder.exe
2009-12-30 06:22 . 2009-12-30 06:22 223232 ----a-w- c:\windows\system32\SLC.dll
2009-12-30 06:22 . 2009-12-30 06:22 33280 ----a-w- c:\windows\system32\slwmi.dll
2009-12-30 06:22 . 2009-12-30 06:22 566784 ----a-w- c:\windows\system32\SLCommDlg.dll
2009-12-30 06:22 . 2009-12-30 06:22 57856 ----a-w- c:\windows\system32\SLUINotify.dll
2009-12-30 06:22 . 2009-12-30 06:22 351232 ----a-w- c:\windows\system32\SLUI.exe
2009-12-30 06:22 . 2009-12-30 06:22 186368 ----a-w- c:\windows\system32\SLLUA.exe
2009-12-30 06:22 . 2009-12-30 06:22 2605568 ----a-w- c:\windows\system32\SLsvc.exe
2009-12-30 06:22 . 2009-12-30 06:22 39936 ----a-w- c:\windows\system32\slcinst.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-03 16:37 . 2007-02-12 11:00 12 ----a-w- c:\windows\bthservsdp.dat
2009-12-31 11:41 . 2007-01-08 21:12 531872 ----a-w- c:\windows\system32\perfh005.dat
2009-12-31 11:41 . 2007-01-08 21:12 104706 ----a-w- c:\windows\system32\perfc005.dat
2009-12-30 15:41 . 2008-07-06 13:08 -------- d-----w- c:\program files\sdc202
2009-12-30 11:19 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-30 11:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-12-30 11:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-30 11:11 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-12-30 11:01 . 2008-07-13 16:14 -------- d-----w- c:\program files\Radmin
2009-12-30 07:14 . 2009-12-30 07:14 15360 ----a-w- c:\windows\system32\netevent.dll
2009-12-30 07:14 . 2009-12-30 07:14 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-12-30 07:14 . 2009-12-30 07:14 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-12-30 07:14 . 2009-12-30 07:14 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-12-30 07:14 . 2009-12-30 07:14 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-12-30 07:14 . 2009-12-30 07:14 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-12-30 07:14 . 2009-12-30 07:14 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-12-30 07:14 . 2009-12-30 07:14 103936 ----a-w- c:\windows\system32\netiohlp.dll
2009-12-30 07:14 . 2009-12-30 07:14 10240 ----a-w- c:\windows\system32\finger.exe
2009-12-30 07:14 . 2009-12-30 07:14 22016 ----a-w- c:\windows\system32\netiougc.exe
2009-12-30 07:14 . 2009-12-30 07:14 213592 ----a-w- c:\windows\system32\drivers\netio.sys
2009-12-30 07:14 . 2009-12-30 07:14 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2009-12-30 07:14 . 2009-12-30 07:14 813568 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-30 06:52 . 2009-12-30 06:52 72704 ----a-w- c:\windows\system32\admparse.dll
2009-12-30 06:52 . 2009-12-30 06:52 832512 ----a-w- c:\windows\system32\wininet.dll
2009-12-30 06:52 . 2009-12-30 06:52 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll
2009-12-30 06:52 . 2009-12-30 06:52 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-12-30 06:52 . 2009-12-30 06:52 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-12-30 06:52 . 2009-12-30 06:52 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-30 06:52 . 2009-12-30 06:52 56320 ----a-w- c:\windows\system32\iesetup.dll
2009-12-30 06:34 . 2009-12-30 06:34 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
2009-12-30 06:27 . 2009-12-30 06:27 40960 ----a-w- c:\windows\system32\srclient.dll
2009-12-30 06:23 . 2009-12-30 06:23 40960 ----a-w- c:\windows\AppPatch\apihex86.dll
2009-12-30 05:06 . 2009-12-30 05:06 2560 ----a-w- c:\windows\AppPatch\AcRes.dll
2009-12-30 05:06 . 2009-12-30 05:06 2143744 ----a-w- c:\windows\AppPatch\AcGenral.dll
2009-12-30 05:06 . 2009-12-30 05:06 537600 ----a-w- c:\windows\AppPatch\AcLayers.dll
2009-12-30 05:06 . 2009-12-30 05:06 449024 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2009-12-30 05:06 . 2009-12-30 05:06 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2009-11-23 06:12 . 2007-07-13 04:21 -------- d-----w- c:\programdata\Microsoft Help
2000-01-01 13:10 . 2009-03-06 11:10 16896 --sha-w- c:\windows\repair\setup.dat
2008-07-02 16:58 . 2008-07-02 16:58 22 --sha-w- c:\windows\SMINST\HPCD.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-12-30 1232896]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
"PMCRemote"="c:\program files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2007-07-04 253000]
"PMCLoader"="c:\program files\Pinnacle\TVCenter Pro\PMCLoader.exe" [2007-07-26 105544]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-13 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-07-13 1006264]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-15 1097728]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 177456]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2006-11-21 35328]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ST Recovery Launcher"="c:\windows\SMINST\launcher.exe" [2007-03-09 44168]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-7-2 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4141191543-1993807128-1142382555-1006]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001

R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [2.11.2006 9:35 22016]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [2.11.2006 9:35 22016]
R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [5.1.2007 2:00 18944]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [13.7.2007 5:29 540448]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [13.7.2007 4:18 179712]
S3 Ltn_stk7070P;PCTV based TV tuner device;c:\windows\System32\drivers\Ltn_stk7070P.sys [19.2.2009 11:49 466048]
S3 Ltn_stkrc;PCTV Infrared Receiver;c:\windows\System32\drivers\Ltn_stkrc.sys [19.2.2009 11:49 13440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-01-03 c:\windows\Tasks\User_Feed_Synchronization-{FF435F1B-041A-4604-95D8-6E70EC552E4F}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.hp.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Pelech Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i5bhw8l4.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-03 21:23
Windows 6.0.6000 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(4728)
c:\windows\system32\APSHook.dll
.
Celkový čas: 2010-01-03 21:27:25
ComboFix-quarantined-files.txt 2010-01-03 20:27
ComboFix2.txt 2010-01-03 20:12
ComboFix3.txt 2009-12-31 09:33

Před spuštěním: Volných bajtů: 39 369 773 056
Po spuštění: Volných bajtů: 39 329 210 368

- - End Of File - - 0B549073B7483EF1FCE046A92DCFF79B
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: SecurityCentral - problém

#19 Příspěvek od motji »

:arrow: Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.



:arrow: Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir


:arrow: Stahněte TFC a použijte
TFC (http://oldtimer.geekstogo.com/TFC.exe)


:arrow: Stáhněte Ccleaner,viz můj podpis
-nainstalujte a vyčištěte dočasné soubory, i registry

:arrow: Vložte nový log ze RSIT a řekněte co počítač,jak se chová,už je vše v pořádku?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
petrsvetr
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 29 pro 2009 18:51

Re: SecurityCentral - problém

#20 Příspěvek od petrsvetr »

Vše provedeno, počítač je dle mého názoru uzdraven :) Tady je log z RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Pelech Petr at 2010-01-03 22:19:59
Microsoft® Windows Vista™ Business
System drive C: has 38 GB (27%) free of 143 GB
Total RAM: 1919 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:20:07, on 3.1.2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SMINST\scheduler.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Pelech Petr\Desktop\RSIT.exe
C:\Program Files\trend micro\Pelech Petr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [ST Recovery Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = pilsfree.czf
O17 - HKLM\Software\..\Telephony: DomainName = pilsfree.czf
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = pilsfree.czf
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = pilsfree.czf
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 10633 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{FF435F1B-041A-4604-95D8-6E70EC552E4F}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-14 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-23 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-14 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2006-11-21 71192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-14 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-07-13 1006264]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-15 1097728]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2007-05-08 331552]
"PTHOSTTR"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2007-01-09 145184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-12 827392]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-11-06 177456]
"CognizanceTS"=C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2003-12-22 17920]
"HP Software Update"=c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2006-11-21 35328]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2007-05-23 192512]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ST Recovery Launcher"=C:\Windows\SMINST\launcher.exe [2007-03-09 44168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-12-30 1232896]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-04-19 484904]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136]
"ISUSPM"=C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-07-12 226904]
"PMCRemote"=C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe [2007-07-04 253000]
"PMCLoader"=C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe [2007-07-26 105544]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-14 39408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-26 2210608]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-01-03 22:19:59 ----D---- C:\rsit
2010-01-03 22:19:59 ----D---- C:\Program Files\trend micro
2010-01-03 22:12:38 ----D---- C:\Program Files\CCleaner
2010-01-03 21:27:27 ----D---- C:\Windows\temp
2010-01-03 21:25:40 ----SHD---- C:\$RECYCLE.BIN
2010-01-02 21:25:27 ----D---- C:\ProgramData\Meridian93
2010-01-02 21:24:56 ----D---- C:\Users\Pelech Petr\AppData\Roaming\Meridian93
2010-01-02 21:02:47 ----D---- C:\Program Files\MyPlayCity.com
2009-12-31 06:05:24 ----A---- C:\Windows\system32\es.dll
2009-12-30 22:34:32 ----D---- C:\Games
2009-12-30 17:29:15 ----D---- C:\Program Files\Brany Skeldalu
2009-12-30 08:19:19 ----A---- C:\Windows\system32\winipsec.dll
2009-12-30 08:19:19 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-12-30 08:19:19 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-12-30 08:19:18 ----A---- C:\Windows\system32\polstore.dll
2009-12-30 08:18:15 ----A---- C:\Windows\system32\riched32.dll
2009-12-30 08:18:15 ----A---- C:\Windows\system32\riched20.dll
2009-12-30 08:18:12 ----A---- C:\Windows\system32\rasser.dll
2009-12-30 08:18:12 ----A---- C:\Windows\system32\rascfg.dll
2009-12-30 08:18:11 ----A---- C:\Windows\system32\rasmxs.dll
2009-12-30 08:18:11 ----A---- C:\Windows\system32\rasdiag.dll
2009-12-30 08:18:10 ----A---- C:\Windows\system32\netcfgx.dll
2009-12-30 08:18:10 ----A---- C:\Windows\system32\msftedit.dll
2009-12-30 08:18:09 ----A---- C:\Windows\system32\ipnathlp.dll
2009-12-30 08:18:09 ----A---- C:\Windows\system32\icsunattend.exe
2009-12-30 08:18:08 ----A---- C:\Windows\system32\wshqos.dll
2009-12-30 08:18:08 ----A---- C:\Windows\system32\traffic.dll
2009-12-30 08:18:08 ----A---- C:\Windows\system32\pacerprf.dll
2009-12-30 08:18:07 ----A---- C:\Windows\system32\dps.dll
2009-12-30 08:18:07 ----A---- C:\Windows\system32\cdd.dll
2009-12-30 08:17:06 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-12-30 08:17:06 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-12-30 08:17:06 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-12-30 08:16:02 ----A---- C:\Windows\system32\msoert2.dll
2009-12-30 08:16:02 ----A---- C:\Windows\system32\msoeacct.dll
2009-12-30 08:16:02 ----A---- C:\Windows\system32\ACCTRES.dll
2009-12-30 08:14:22 ----A---- C:\Windows\system32\netevent.dll
2009-12-30 08:14:21 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-12-30 08:14:21 ----A---- C:\Windows\system32\ROUTE.EXE
2009-12-30 08:14:21 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-12-30 08:14:21 ----A---- C:\Windows\system32\netiohlp.dll
2009-12-30 08:14:21 ----A---- C:\Windows\system32\MRINFO.EXE
2009-12-30 08:14:21 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-12-30 08:14:21 ----A---- C:\Windows\system32\finger.exe
2009-12-30 08:14:21 ----A---- C:\Windows\system32\ARP.EXE
2009-12-30 08:14:19 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-12-30 08:14:19 ----A---- C:\Windows\system32\netiougc.exe
2009-12-30 08:12:32 ----A---- C:\Windows\system32\wtsapi32.dll
2009-12-30 08:12:26 ----A---- C:\Windows\system32\sysmain.dll
2009-12-30 08:11:27 ----A---- C:\Windows\system32\WebClnt.dll
2009-12-30 08:10:28 ----A---- C:\Windows\system32\L2SecHC.dll
2009-12-30 08:10:27 ----A---- C:\Windows\system32\wlansvc.dll
2009-12-30 08:10:27 ----A---- C:\Windows\system32\wlanmsm.dll
2009-12-30 08:10:27 ----A---- C:\Windows\system32\wlanhlp.dll
2009-12-30 08:10:27 ----A---- C:\Windows\system32\wlanapi.dll
2009-12-30 08:10:26 ----A---- C:\Windows\system32\wlansec.dll
2009-12-30 08:09:09 ----A---- C:\Windows\system32\msxml3r.dll
2009-12-30 08:09:09 ----A---- C:\Windows\system32\msxml3.dll
2009-12-30 08:09:08 ----A---- C:\Windows\system32\msxml6r.dll
2009-12-30 08:09:08 ----A---- C:\Windows\system32\msxml6.dll
2009-12-30 08:06:44 ----A---- C:\Windows\system32\t2embed.dll
2009-12-30 08:06:43 ----A---- C:\Windows\system32\lpk.dll
2009-12-30 08:06:43 ----A---- C:\Windows\system32\fontsub.dll
2009-12-30 08:06:43 ----A---- C:\Windows\system32\dciman32.dll
2009-12-30 08:06:43 ----A---- C:\Windows\system32\atmlib.dll
2009-12-30 08:06:43 ----A---- C:\Windows\system32\atmfd.dll
2009-12-30 08:05:31 ----A---- C:\Windows\system32\wdigest.dll
2009-12-30 08:05:31 ----A---- C:\Windows\system32\secur32.dll
2009-12-30 08:05:31 ----A---- C:\Windows\system32\msv1_0.dll
2009-12-30 08:05:31 ----A---- C:\Windows\system32\lsass.exe
2009-12-30 08:05:30 ----A---- C:\Windows\system32\lsasrv.dll
2009-12-30 08:04:15 ----A---- C:\Windows\system32\rrinstaller.exe
2009-12-30 08:04:15 ----A---- C:\Windows\system32\mfps.dll
2009-12-30 08:04:15 ----A---- C:\Windows\system32\mfpmp.exe
2009-12-30 08:04:15 ----A---- C:\Windows\system32\mferror.dll
2009-12-30 08:04:15 ----A---- C:\Windows\system32\mf.dll
2009-12-30 08:04:14 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-12-30 08:02:47 ----A---- C:\Windows\system32\tzres.dll
2009-12-30 07:59:27 ----A---- C:\Windows\system32\winhttp.dll
2009-12-30 07:58:29 ----A---- C:\Windows\system32\atl.dll
2009-12-30 07:56:37 ----A---- C:\Windows\system32\gdi32.dll
2009-12-30 07:54:45 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-12-30 07:54:43 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-12-30 07:52:58 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-30 07:52:58 ----A---- C:\Windows\system32\ieakui.dll
2009-12-30 07:52:58 ----A---- C:\Windows\system32\ieaksie.dll
2009-12-30 07:52:58 ----A---- C:\Windows\system32\advpack.dll
2009-12-30 07:52:58 ----A---- C:\Windows\system32\admparse.dll
2009-12-30 07:52:57 ----A---- C:\Windows\system32\ieapfltr.dll
2009-12-30 07:52:56 ----A---- C:\Windows\system32\wininet.dll
2009-12-30 07:52:55 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-30 07:52:55 ----A---- C:\Windows\system32\dxtrans.dll
2009-12-30 07:52:55 ----A---- C:\Windows\system32\dxtmsft.dll
2009-12-30 07:52:54 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-30 07:52:53 ----A---- C:\Windows\system32\ieui.dll
2009-12-30 07:52:52 ----A---- C:\Windows\system32\ieframe.dll
2009-12-30 07:52:49 ----A---- C:\Windows\system32\mshtmler.dll
2009-12-30 07:52:49 ----A---- C:\Windows\system32\mshtmled.dll
2009-12-30 07:52:49 ----A---- C:\Windows\system32\ieencode.dll
2009-12-30 07:52:48 ----A---- C:\Windows\system32\mshtml.dll
2009-12-30 07:52:44 ----A---- C:\Windows\system32\mstime.dll
2009-12-30 07:52:44 ----A---- C:\Windows\system32\icardie.dll
2009-12-30 07:52:41 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-30 07:52:40 ----A---- C:\Windows\system32\urlmon.dll
2009-12-30 07:52:40 ----A---- C:\Windows\system32\occache.dll
2009-12-30 07:52:39 ----A---- C:\Windows\system32\pngfilt.dll
2009-12-30 07:52:39 ----A---- C:\Windows\system32\iertutil.dll
2009-12-30 07:52:38 ----A---- C:\Windows\system32\iesetup.dll
2009-12-30 07:52:38 ----A---- C:\Windows\system32\iernonce.dll
2009-12-30 07:52:38 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-30 07:50:06 ----A---- C:\Windows\system32\xolehlp.dll
2009-12-30 07:50:06 ----A---- C:\Windows\system32\msdtcprx.dll
2009-12-30 07:49:20 ----A---- C:\Windows\system32\wkssvc.dll
2009-12-30 07:48:11 ----A---- C:\Windows\system32\tsgqec.dll
2009-12-30 07:48:11 ----A---- C:\Windows\system32\aaclient.dll
2009-12-30 07:48:10 ----A---- C:\Windows\system32\mstscax.dll
2009-12-30 07:47:16 ----A---- C:\Windows\system32\wmpeffects.dll
2009-12-30 07:44:45 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-12-30 07:44:03 ----A---- C:\Windows\system32\MPSSVC.dll
2009-12-30 07:44:03 ----A---- C:\Windows\system32\icfupgd.dll
2009-12-30 07:44:03 ----A---- C:\Windows\system32\FirewallAPI.dll
2009-12-30 07:44:02 ----A---- C:\Windows\system32\wfapigp.dll
2009-12-30 07:44:02 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-12-30 07:44:02 ----A---- C:\Windows\system32\cmifw.dll
2009-12-30 07:43:23 ----A---- C:\Windows\system32\netapi32.dll
2009-12-30 07:41:09 ----A---- C:\Windows\system32\shell32.dll
2009-12-30 07:40:10 ----A---- C:\Windows\system32\localspl.dll
2009-12-30 07:39:25 ----A---- C:\Windows\system32\msvidc32.dll
2009-12-30 07:39:25 ----A---- C:\Windows\system32\msvfw32.dll
2009-12-30 07:39:25 ----A---- C:\Windows\system32\msrle32.dll
2009-12-30 07:39:25 ----A---- C:\Windows\system32\mciavi32.dll
2009-12-30 07:39:25 ----A---- C:\Windows\system32\avifil32.dll
2009-12-30 07:39:25 ----A---- C:\Windows\system32\avicap32.dll
2009-12-30 07:37:08 ----A---- C:\Windows\explorer.exe
2009-12-30 07:36:32 ----A---- C:\Windows\system32\hcrstco.dll
2009-12-30 07:36:32 ----A---- C:\Windows\system32\hccoin.dll
2009-12-30 07:36:07 ----A---- C:\Windows\system32\netcfg.exe
2009-12-30 07:35:31 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2009-12-30 07:35:30 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2009-12-30 07:35:29 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2009-12-30 07:35:29 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2009-12-30 07:35:29 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2009-12-30 07:35:28 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2009-12-30 07:35:27 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2009-12-30 07:35:25 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2009-12-30 07:35:24 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2009-12-30 07:35:23 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2009-12-30 07:35:22 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2009-12-30 07:35:21 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2009-12-30 07:35:20 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2009-12-30 07:35:18 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2009-12-30 07:35:17 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2009-12-30 07:35:15 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2009-12-30 07:35:12 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2009-12-30 07:35:11 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2009-12-30 07:35:11 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2009-12-30 07:35:06 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-12-30 07:35:05 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-12-30 07:35:04 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2009-12-30 07:35:04 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2009-12-30 07:35:04 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2009-12-30 07:35:03 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2009-12-30 07:35:02 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2009-12-30 07:35:02 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2009-12-30 07:35:01 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2009-12-30 07:34:58 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2009-12-30 07:34:56 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2009-12-30 07:34:55 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2009-12-30 07:34:53 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2009-12-30 07:34:53 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2009-12-30 07:34:52 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2009-12-30 07:34:52 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2009-12-30 07:34:51 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2009-12-30 07:34:50 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2009-12-30 07:34:49 ----A---- C:\Windows\system32\NlsModels0011.dll
2009-12-30 07:34:49 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2009-12-30 07:34:49 ----A---- C:\Windows\system32\NlsData0045.dll
2009-12-30 07:34:48 ----A---- C:\Windows\system32\NlsData0046.dll
2009-12-30 07:34:47 ----A---- C:\Windows\system32\NlsData0049.dll
2009-12-30 07:34:47 ----A---- C:\Windows\system32\NlsData0047.dll
2009-12-30 07:34:47 ----A---- C:\Windows\system32\NlsData0039.dll
2009-12-30 07:34:46 ----A---- C:\Windows\system32\NlsData0022.dll
2009-12-30 07:34:46 ----A---- C:\Windows\system32\NlsData0021.dll
2009-12-30 07:34:46 ----A---- C:\Windows\system32\NlsData0020.dll
2009-12-30 07:34:45 ----A---- C:\Windows\system32\NlsData0027.dll
2009-12-30 07:34:45 ----A---- C:\Windows\system32\NlsData0026.dll
2009-12-30 07:34:45 ----A---- C:\Windows\system32\NlsData0024.dll
2009-12-30 07:34:44 ----A---- C:\Windows\system32\NlsData0010.dll
2009-12-30 07:34:43 ----A---- C:\Windows\system32\NlsData0011.dll
2009-12-30 07:34:42 ----A---- C:\Windows\system32\NlsData0013.dll
2009-12-30 07:34:41 ----A---- C:\Windows\system32\NlsData0018.dll
2009-12-30 07:34:41 ----A---- C:\Windows\system32\NlsData0000.dll
2009-12-30 07:34:40 ----A---- C:\Windows\system32\NlsData0019.dll
2009-12-30 07:34:40 ----A---- C:\Windows\system32\NlsData0001.dll
2009-12-30 07:34:39 ----A---- C:\Windows\system32\NlsData0003.dll
2009-12-30 07:34:39 ----A---- C:\Windows\system32\NlsData0002.dll
2009-12-30 07:34:38 ----A---- C:\Windows\system32\NlsData0007.dll
2009-12-30 07:34:35 ----A---- C:\Windows\system32\NlsData0009.dll
2009-12-30 07:34:34 ----A---- C:\Windows\system32\NlsData004a.dll
2009-12-30 07:34:33 ----A---- C:\Windows\system32\NlsData004b.dll
2009-12-30 07:34:32 ----A---- C:\Windows\system32\NlsData004c.dll
2009-12-30 07:34:30 ----A---- C:\Windows\system32\NlsData004e.dll
2009-12-30 07:34:29 ----A---- C:\Windows\system32\NlsData003e.dll
2009-12-30 07:34:29 ----A---- C:\Windows\system32\NlsData002a.dll
2009-12-30 07:34:28 ----A---- C:\Windows\system32\NlsData001a.dll
2009-12-30 07:34:27 ----A---- C:\Windows\system32\NlsData001b.dll
2009-12-30 07:34:26 ----A---- C:\Windows\system32\NlsData001d.dll
2009-12-30 07:34:23 ----A---- C:\Windows\system32\NlsData000c.dll
2009-12-30 07:34:23 ----A---- C:\Windows\system32\NlsData000a.dll
2009-12-30 07:34:22 ----A---- C:\Windows\system32\NlsData000d.dll
2009-12-30 07:34:21 ----A---- C:\Windows\system32\NlsData000f.dll
2009-12-30 07:34:19 ----A---- C:\Windows\system32\NlsData0416.dll
2009-12-30 07:34:19 ----A---- C:\Windows\system32\NlsData0414.dll
2009-12-30 07:34:19 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-12-30 07:34:18 ----A---- C:\Windows\system32\NlsData0816.dll
2009-12-30 07:34:17 ----A---- C:\Windows\system32\NlsData081a.dll
2009-12-30 07:34:16 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2009-12-30 07:34:16 ----A---- C:\Windows\system32\NlsData0c1a.dll
2009-12-30 07:30:40 ----A---- C:\Windows\system32\fsquirt.exe
2009-12-30 07:28:43 ----A---- C:\Windows\system32\setupapi.dll
2009-12-30 07:27:53 ----A---- C:\Windows\system32\srclient.dll
2009-12-30 07:27:53 ----A---- C:\Windows\system32\rstrui.exe
2009-12-30 07:27:52 ----A---- C:\Windows\system32\wpd_ci.dll
2009-12-30 07:27:52 ----A---- C:\Windows\system32\srdelayed.exe
2009-12-30 07:27:52 ----A---- C:\Windows\system32\srcore.dll
2009-12-30 07:27:51 ----A---- C:\Windows\system32\winresume.exe
2009-12-30 07:27:51 ----A---- C:\Windows\system32\winload.exe
2009-12-30 07:27:51 ----A---- C:\Windows\system32\kd1394.dll
2009-12-30 07:27:50 ----A---- C:\Windows\system32\ci.dll
2009-12-30 07:27:49 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-12-30 07:27:49 ----A---- C:\Windows\system32\drvinst.exe
2009-12-30 07:27:49 ----A---- C:\Windows\system32\cfgmgr32.dll
2009-12-30 07:27:48 ----A---- C:\Windows\system32\oleaut32.dll
2009-12-30 07:27:48 ----A---- C:\Windows\system32\kbd106n.dll
2009-12-30 07:27:48 ----A---- C:\Windows\system32\dpx.dll
2009-12-30 07:27:47 ----A---- C:\Windows\system32\unlodctr.exe
2009-12-30 07:27:47 ----A---- C:\Windows\system32\prflbmsg.dll
2009-12-30 07:27:47 ----A---- C:\Windows\system32\lodctr.exe
2009-12-30 07:27:47 ----A---- C:\Windows\system32\loadperf.dll
2009-12-30 07:27:45 ----A---- C:\Windows\system32\schedsvc.dll
2009-12-30 07:27:44 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-12-30 07:27:44 ----A---- C:\Windows\system32\batt.dll
2009-12-30 07:27:43 ----A---- C:\Windows\system32\dispci.dll
2009-12-30 07:25:20 ----A---- C:\Windows\system32\jscript.dll
2009-12-30 07:23:43 ----A---- C:\Windows\system32\WMASF.DLL
2009-12-30 07:23:43 ----A---- C:\Windows\system32\LAPRXY.DLL
2009-12-30 07:23:43 ----A---- C:\Windows\system32\asferror.dll
2009-12-30 07:23:07 ----A---- C:\Windows\system32\kernel32.dll
2009-12-30 07:23:05 ----A---- C:\Windows\system32\apilogen.dll
2009-12-30 07:23:05 ----A---- C:\Windows\system32\amxread.dll
2009-12-30 07:22:14 ----A---- C:\Windows\system32\SLC.dll
2009-12-30 07:22:14 ----A---- C:\Windows\system32\mcbuilder.exe
2009-12-30 07:22:13 ----A---- C:\Windows\system32\slwmi.dll
2009-12-30 07:22:12 ----A---- C:\Windows\system32\SLUINotify.dll
2009-12-30 07:22:12 ----A---- C:\Windows\system32\SLUI.exe
2009-12-30 07:22:12 ----A---- C:\Windows\system32\SLLUA.exe
2009-12-30 07:22:12 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-12-30 07:22:10 ----A---- C:\Windows\system32\SLsvc.exe
2009-12-30 07:22:10 ----A---- C:\Windows\system32\slcinst.dll
2009-12-30 07:21:18 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-12-30 07:21:18 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-12-30 07:21:17 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-12-30 07:20:04 ----A---- C:\Windows\system32\httpapi.dll
2009-12-30 07:20:03 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-30 07:16:24 ----A---- C:\Windows\system32\CscMig.dll
2009-12-30 07:16:15 ----A---- C:\Windows\system32\ntprint.exe
2009-12-30 07:16:15 ----A---- C:\Windows\system32\ntprint.dll
2009-12-30 07:16:11 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-12-30 07:16:11 ----A---- C:\Windows\system32\dhcpcmonitor.dll
2009-12-30 07:16:10 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-12-30 07:16:09 ----A---- C:\Windows\system32\authui.dll
2009-12-30 07:16:07 ----A---- C:\Windows\system32\sendmail.dll
2009-12-30 07:15:25 ----A---- C:\Windows\system32\printcom.dll
2009-12-30 07:15:24 ----A---- C:\Windows\system32\win32spl.dll
2009-12-30 07:14:21 ----A---- C:\Windows\system32\wshrm.dll
2009-12-30 07:13:35 ----A---- C:\Windows\system32\wmpdxm.dll
2009-12-30 07:12:38 ----A---- C:\Windows\system32\sbunattend.exe
2009-12-30 07:11:43 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-12-30 07:11:43 ----A---- C:\Windows\system32\dnscacheugc.exe
2009-12-30 07:11:43 ----A---- C:\Windows\system32\dnsapi.dll
2009-12-30 07:10:53 ----A---- C:\Windows\system32\schannel.dll
2009-12-30 07:05:30 ----D---- C:\Users\Pelech Petr\AppData\Roaming\Malwarebytes
2009-12-30 07:05:18 ----D---- C:\ProgramData\Malwarebytes
2009-12-30 07:05:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-30 06:06:05 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-12-30 06:06:02 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-12-30 06:06:02 ----A---- C:\Windows\system32\gameux.dll
2009-12-30 06:05:07 ----A---- C:\Windows\system32\connect.dll
2009-12-30 06:03:12 ----A---- C:\Windows\system32\wmploc.DLL
2009-12-30 06:03:12 ----A---- C:\Windows\system32\wmp.dll
2009-12-30 06:03:11 ----A---- C:\Windows\system32\spwmp.dll
2009-12-30 06:03:10 ----A---- C:\Windows\system32\dxmasf.dll
2009-12-30 06:03:05 ----A---- C:\Windows\system32\unregmp2.exe
2009-12-29 21:09:14 ----N---- C:\Windows\system32\MpSigStub.exe
2009-12-29 19:31:01 ----A---- C:\Windows\system32\dfshim.dll
2009-12-29 19:31:00 ----A---- C:\Windows\system32\netfxperf.dll
2009-12-29 19:30:58 ----A---- C:\Windows\system32\mscoree.dll
2009-12-29 19:30:57 ----A---- C:\Windows\system32\mscories.dll
2009-12-29 19:30:57 ----A---- C:\Windows\system32\mscorier.dll
2009-12-29 19:11:59 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-12-29 19:11:59 ----A---- C:\Windows\system32\logagent.exe
2009-12-29 19:11:09 ----A---- C:\Windows\system32\INETRES.dll
2009-12-29 19:11:09 ----A---- C:\Windows\system32\inetcomm.dll
2009-12-29 19:10:44 ----A---- C:\Windows\system32\msasn1.dll
2009-12-29 19:10:23 ----A---- C:\Windows\system32\wmi.dll
2009-12-29 19:10:23 ----A---- C:\Windows\system32\imagehlp.dll
2009-12-29 19:09:29 ----A---- C:\Windows\system32\rpcrt4.dll
2009-12-29 19:09:06 ----A---- C:\Windows\system32\quartz.dll
2009-12-29 19:07:58 ----A---- C:\Windows\system32\raschap.dll
2009-12-29 19:07:57 ----A---- C:\Windows\system32\rastls.dll
2009-12-29 19:07:31 ----A---- C:\Windows\system32\WSDApi.dll
2009-12-29 19:07:15 ----A---- C:\Windows\system32\poqexec.exe
2009-12-29 19:06:08 ----A---- C:\Windows\system32\qmgr.dll
2009-12-29 19:05:44 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-12-29 16:31:37 ----D---- C:\Program Files\Ultimate Process Manager
2009-12-27 13:58:22 ----A---- C:\help.txt
2009-12-25 14:45:48 ----A---- C:\Windows\system32\wups2.dll
2009-12-25 14:45:48 ----A---- C:\Windows\system32\wucltux.dll
2009-12-25 14:45:48 ----A---- C:\Windows\system32\wuaueng.dll
2009-12-25 14:45:48 ----A---- C:\Windows\system32\wuauclt.exe
2009-12-25 14:44:53 ----A---- C:\Windows\system32\wups.dll
2009-12-25 14:44:53 ----A---- C:\Windows\system32\wudriver.dll
2009-12-25 14:44:53 ----A---- C:\Windows\system32\wuapi.dll
2009-12-25 14:44:13 ----A---- C:\Windows\system32\wuwebv.dll
2009-12-25 14:44:13 ----A---- C:\Windows\system32\wuapp.exe
2009-12-23 23:06:38 ----D---- C:\Users\Pelech Petr\AppData\Roaming\Download Manager
2009-12-18 22:25:42 ----D---- C:\POROD
2009-12-17 22:24:28 ----D---- C:\img
2009-12-17 22:23:34 ----D---- C:\Program Files\Ghostgum
2009-12-17 22:20:12 ----D---- C:\Program Files\gs
2009-12-17 22:08:50 ----D---- C:\temp
2009-12-17 10:17:22 ----D---- C:\Windows\fig2vect
2009-12-17 10:17:21 ----D---- C:\Windows\yanolc
2009-12-17 10:17:10 ----D---- C:\Program Files\Krause
2009-12-16 21:28:40 ----D---- C:\Users\Pelech Petr\AppData\Roaming\MiKTeX
2009-12-16 21:27:40 ----D---- C:\latex
2009-12-16 21:19:52 ----D---- C:\ProgramData\MiKTeX
2009-12-16 21:16:15 ----D---- C:\Program Files\MiKTeX 2.8
2009-12-16 21:14:39 ----A---- C:\Windows\system32\msxml4a.dll
2009-12-16 21:14:38 ----D---- C:\Program Files\TeXnicCenter
2009-12-16 17:17:12 ----D---- C:\_html

======List of files/folders modified in the last 1 months======

2010-01-03 22:20:07 ----D---- C:\Windows\Prefetch
2010-01-03 22:19:59 ----RD---- C:\Program Files
2010-01-03 22:19:17 ----D---- C:\Program Files\Mozilla Firefox
2010-01-03 22:13:40 ----D---- C:\Windows\Debug
2010-01-03 22:13:40 ----D---- C:\Windows
2010-01-03 22:11:27 ----D---- C:\Windows\SMINST
2010-01-03 22:04:53 ----D---- C:\Windows\Minidump
2010-01-03 21:23:42 ----A---- C:\Windows\system.ini
2010-01-03 21:20:39 ----D---- C:\Windows\system32\drivers
2010-01-03 21:20:39 ----D---- C:\Windows\System32
2010-01-03 21:20:39 ----D---- C:\Windows\AppPatch
2010-01-03 21:20:38 ----D---- C:\Program Files\Common Files
2010-01-03 21:11:30 ----SHD---- C:\System Volume Information
2010-01-03 18:50:43 ----D---- C:\HUdba
2010-01-03 17:43:05 ----D---- C:\Download
2010-01-02 21:25:27 ----D---- C:\ProgramData
2010-01-02 21:17:40 ----A---- C:\Windows\NeroDigital.ini
2010-01-01 17:13:21 ----D---- C:\Osobni
2009-12-31 12:41:42 ----D---- C:\Windows\inf
2009-12-31 12:41:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-31 10:18:16 ----D---- C:\Windows\system32\config
2009-12-31 10:18:16 ----D---- C:\boot
2009-12-31 09:28:58 ----D---- C:\Windows\Microsoft.NET
2009-12-31 09:28:51 ----RSD---- C:\Windows\assembly
2009-12-31 06:06:56 ----D---- C:\Windows\winsxs
2009-12-31 06:06:45 ----D---- C:\Windows\system32\catroot2
2009-12-31 06:06:44 ----D---- C:\Windows\system32\catroot
2009-12-30 16:41:50 ----D---- C:\Program Files\sdc202
2009-12-30 12:16:39 ----ASH---- C:\Program Files\desktop.ini
2009-12-30 12:16:16 ----D---- C:\Windows\rescache
2009-12-30 12:12:03 ----D---- C:\Windows\system32\ras
2009-12-30 12:12:03 ----D---- C:\Windows\system32\icsxml
2009-12-30 12:12:03 ----D---- C:\Program Files\Windows Calendar
2009-12-30 12:12:01 ----D---- C:\Windows\system32\migration
2009-12-30 12:12:01 ----D---- C:\Windows\system32\cs-CZ
2009-12-30 12:12:01 ----D---- C:\Program Files\Windows Mail
2009-12-30 12:12:01 ----D---- C:\Program Files\Common Files\System
2009-12-30 12:12:00 ----D---- C:\Windows\system32\wbem
2009-12-30 12:11:57 ----D---- C:\Windows\servicing
2009-12-30 12:11:55 ----D---- C:\Program Files\Internet Explorer
2009-12-30 12:11:43 ----D---- C:\Windows\system32\SLUI
2009-12-30 12:11:43 ----D---- C:\Windows\system32\manifeststore
2009-12-30 12:11:39 ----D---- C:\Program Files\Windows Sidebar
2009-12-30 12:11:22 ----D---- C:\Windows\PLA
2009-12-30 12:03:33 ----D---- C:\Windows\repair
2009-12-30 12:01:32 ----D---- C:\Program Files\Radmin
2009-12-30 08:08:24 ----SHD---- C:\Windows\Installer
2009-12-30 06:03:26 ----D---- C:\Program Files\Windows Media Player
2009-12-29 19:06:23 ----D---- C:\Windows\SoftwareDistribution
2009-12-29 18:00:44 ----SD---- C:\Users\Pelech Petr\AppData\Roaming\Microsoft
2009-12-29 17:58:07 ----HD---- C:\Windows\system32\GroupPolicy
2009-12-27 17:14:49 ----AD---- C:\RQMONEY_1_3
2009-12-27 13:41:16 ----D---- C:\Fotky
2009-12-25 14:46:46 ----D---- C:\Windows\PolicyDefinitions
2009-12-16 20:42:44 ----D---- C:\Utils
2009-12-15 12:40:25 ----D---- C:\HTML
2009-12-09 08:18:49 ----D---- C:\Prace

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-12-30 320000]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-07-28 685056]
R2 Haspnt;Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys [2008-07-10 47616]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2004-05-14 76288]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2007-01-05 27136]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-03-09 309248]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2007-04-16 1161152]
R3 ATSWPDRV;(****DEBUG****) AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-04-10 140808]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-26 179712]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-12-30 14208]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 2385920]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-01-12 181432]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-12-30 11264]
S3 akshasp;Aladdin HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2005-07-20 327808]
S3 aksusb;Aladdin USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2005-07-20 100096]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-13 534016]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-13 534016]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-12-30 19456]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-12-30 220160]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-12-30 29184]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-05-11 79664]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-05-11 81200]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-05-11 16432]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-03-28 101504]
S3 Ltn_stk7070P;PCTV based TV tuner device; C:\Windows\system32\DRIVERS\Ltn_stk7070P.sys [2007-06-14 466048]
S3 Ltn_stkrc;PCTV Infrared Receiver; C:\Windows\system32\DRIVERS\Ltn_stkrc.sys [2007-06-13 13440]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-02 128104]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-04-16 9216]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2007-12-05 144688]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2007-01-05 18944]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2007-05-08 540448]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2006-11-02 22016]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2006-11-02 521216]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-14 137200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-06 887544]
S3 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 73728]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2006-11-02 562176]
S4 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-02-02 565248]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: SecurityCentral - problém

#21 Příspěvek od motji »

:arrow: Tohle znáte?
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = pilsfree.czf

Pokud nejsou problémy, je to vše :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
petrsvetr
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 29 pro 2009 18:51

Re: SecurityCentral - problém

#22 Příspěvek od petrsvetr »

No, pilsfree.czf je přípona kterou užíváme tady v síti PilsFree (síť ve které jsem). Takže to je asi v pořádku.

Moc děkuji za pomoc, jsem fakt rád, že existujou takový hodní lidé. Pošlu Vám nějaký drobný příspěvek přes terminál sazky.

Díky.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: SecurityCentral - problém

#23 Příspěvek od motji »

Není zač :)
Za příspěvěk děkujeme :)
Kdyby byli problémy, ozvěte se :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“