VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Virus ScrInject.B.Gen

https://forum.viry.cz:443/viewtopic.php?t=104346

Stránka 1 z 1

Virus ScrInject.B.Gen

Napsal: 03 zář 2010 09:33
od baryman
Dobrý den, asi to nevkládám úplně do psrávné sekce, ale na lepší jsem nenarazil. Určitě mi budete vědět pomoci.

Mám web www.mctex.cz, který funguje na wordpressu a byl napadem virem ScrInject.B.Gen virus. Jaké jsou možnosti odstranění?

Děkuji moc

Re: Virus ScrInject.B.Gen

Napsal: 03 zář 2010 17:14
od Rudy
Nejprve budeme muset zkontrolovat váš PC. Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 . Pak budete muset ručně odstranit z html kódu vaší stránky vše, co tam nepatří a a změnit heslo na FTP.

Re: Virus ScrInject.B.Gen

Napsal: 04 zář 2010 13:07
od radilek
Mám uplne stejny problém , s webem http://aoe.radil.org přidávám se k dotazu

Re: Virus ScrInject.B.Gen

Napsal: 04 zář 2010 13:17
od radilek

Kód: Vybrat vše

Logfile of random's system information tool 1.08 (written by random/random)
Run by radilek at 2010-09-04 14:08:29
Microsoft Windows 7 Ultimate  
System drive C: has 47 GB (16%) free of 305 GB
Total RAM: 2046 MB (7% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:09:22, on 4.9.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\KYE\LuxeMate525\LuxeMate525.exe
C:\Program Files\Process Lasso\ProcessLasso.exe
C:\Program Files\Process Lasso\ProcessGovernor.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\OSCAR X7H\OscarEditor.exe
C:\Program Files\Steam\Steam.exe
C:\Users\radilek\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\radilek\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Opera\opera.exe
C:\ProgramData\Skype\Plugins\Plugins\903CB56BA52F42478957BE8314837A86\PamelaPCR.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Java\jre6\launch4j-tmp\frd.exe
C:\Windows\explorer.exe
C:\Program Files\SuperMP3Download\SuperMP3Download.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\FileZilla FTP Client\filezilla.exe
C:\Program Files\Notepad++\notepad++.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\radilek\AppData\Local\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\radilek.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\radilek\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: (no name) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - (no file)
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: Hot MP3 Toolbar - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files\Hot_MP3\tbHot_.dll
R3 - URLSearchHook: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn0.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn0.dll
O2 - BHO: Hot MP3 Toolbar - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files\Hot_MP3\tbHot_.dll
O2 - BHO: SoftGate.DownloadManager.IE.DownloadManagerPlugin - {a1acb83b-3713-4784-b2b3-64c6d06565e9} - mscoree.dll (file missing)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\radilek\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: Hot MP3 Toolbar - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files\Hot_MP3\tbHot_.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn0.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [LuxeMate525] C:\Program Files\KYE\LuxeMate525\LuxeMate525.exe -AUTORUN
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [ProcessLassoManagementConsole] C:\Program Files\Process Lasso\processlasso.exe
O4 - HKLM\..\Run: [ProcessGovernor] C:\Program Files\Process Lasso\processgovernor.exe
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TNOD UP] "C:\Program Files\TNod User & Password Finder\TNODUP.exe" /i
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR X7H\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [googletalk] C:\Users\radilek\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP Infium\infium.exe" /isolated /autorun
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: GameRanger.lnk = radilek\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: ESET Smart Security.lnk = C:\Program Files\ESET\ESET Smart Security\egui.exe
O4 - Global Startup: Skype.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res:///105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {bb7f932c-881f-4b88-837d-cf84adff062b} - mscoree.dll (file missing)
O9 - Extra 'Tools' menuitem: Nova Stahovák - {bb7f932c-881f-4b88-837d-cf84adff062b} - mscoree.dll (file missing)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.36.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 16431 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1185716545-2026886028-2616983844-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1185716545-2026886028-2616983844-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-10 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
Zynga Toolbar - C:\Program Files\Zynga\tbZyn0.dll [2010-06-13 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}]
Hot MP3 Toolbar - C:\Program Files\Hot_MP3\tbHot_.dll [2010-02-22 2353176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1acb83b-3713-4784-b2b3-64c6d06565e9}]
SoftGate.DownloadManager.IE.DownloadManagerPlugin - C:\Windows\system32\mscoree.dll [2009-11-25 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\radilek\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-05-28 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-10 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA57003-0068-4ed2-9D32-4D1EC707D94D}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19 61360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]
{D5D47440-0750-463D-BAEF-A47D02414806}
{9384bd4c-dd14-4be9-80f7-f6277511e4f5} - Hot MP3 Toolbar - C:\Program Files\Hot_MP3\tbHot_.dll [2010-02-22 2353176]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
{7b13ec3e-999a-4b70-b9cb-2617b8323822} - Zynga Toolbar - C:\Program Files\Zynga\tbZyn0.dll [2010-06-13 2734688]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files\Cyberlink\Shared files\brs.exe [2010-03-13 75048]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
""= []
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2010-06-19 640440]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"LuxeMate525"=C:\Program Files\KYE\LuxeMate525\LuxeMate525.exe [2007-08-17 13357122]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"ProcessLassoManagementConsole"=C:\Program Files\Process Lasso\processlasso.exe [2010-05-30 408080]
"ProcessGovernor"=C:\Program Files\Process Lasso\processgovernor.exe [2010-05-30 232464]
"DigidesignMMERefresh"=C:\Program Files\Digidesign\Drivers\MMERefresh.exe [2010-05-04 77824]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-06-28 74752]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-07-02 2202704]
"TNOD UP"=C:\Program Files\TNod User & Password Finder\TNODUP.exe [2010-04-02 1811968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"MusicMp3Downloaderunstall"= []
"SpeedMP3Downloaderunstall"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]
"OscarEditor"=C:\Program Files\OSCAR X7H\OscarEditor.exe [2009-11-24 2642432]
"Steam"=c:\program files\steam\steam.exe [2010-08-26 1242448]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"googletalk"=C:\Users\radilek\AppData\Roaming\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"Infium"=C:\Program Files\QIP Infium\infium.exe [2010-02-18 5711312]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-11-20 434176]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-08-22 133432]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-09-01 14709640]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ESET Smart Security.lnk - C:\Program Files\ESET\ESET Smart Security\egui.exe
Skype.lnk - C:\Windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe

C:\Users\radilek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
GameRanger.lnk - C:\Users\radilek\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe","%1"

======List of files/folders created in the last 1 months======

2010-12-17 14:49:01 ----A---- C:\Windows\system32\drivers\hamachi.sys
2010-09-04 14:08:30 ----D---- C:\Program Files\trend micro
2010-09-04 14:08:29 ----D---- C:\rsit
2010-09-03 23:06:19 ----D---- C:\Program Files\Common Files\Skype
2010-09-03 17:21:43 ----D---- C:\Program Files\CCleaner
2010-09-02 06:03:07 ----D---- C:\Users\radilek\AppData\Roaming\MusicMP3Downloader
2010-09-02 06:03:07 ----D---- C:\ProgramData\MusicMP3Downloader
2010-08-31 18:39:14 ----D---- C:\Program Files\SuperMP3Download
2010-08-31 18:08:34 ----D---- C:\Program Files\MyWay
2010-08-31 17:59:38 ----D---- C:\Users\radilek\AppData\Roaming\SpeedMP3Downloader
2010-08-31 17:59:38 ----D---- C:\ProgramData\SpeedMP3Downloader
2010-08-31 17:07:48 ----D---- C:\Users\radilek\AppData\Roaming\esmska
2010-08-31 01:33:47 ----D---- C:\Program Files\TNod User & Password Finder
2010-08-31 01:08:29 ----A---- C:\Windows\system32\drivers\netio.sys
2010-08-30 10:57:56 ----D---- C:\Program Files\SpacialAudio
2010-08-30 10:43:51 ----D---- C:\Program Files\XAMPP
2010-08-29 09:37:11 ----D---- C:\Program Files\Winamp Detect
2010-08-29 09:37:03 ----D---- C:\ProgramData\Winamp Toolbar
2010-08-29 09:37:03 ----D---- C:\Program Files\Winamp Toolbar
2010-08-29 09:36:11 ----D---- C:\Users\radilek\AppData\Roaming\Winamp
2010-08-29 09:36:11 ----D---- C:\Program Files\Winamp
2010-08-29 09:30:17 ----D---- C:\Program Files\edcast
2010-08-28 19:38:59 ----D---- C:\Program Files\AGrcon
2010-08-28 12:57:11 ----D---- C:\Program Files\Zynga
2010-08-28 12:55:32 ----D---- C:\Users\radilek\AppData\Roaming\SoftGate
2010-08-27 15:36:39 ----D---- C:\Program Files\2K Games
2010-08-27 09:37:44 ----D---- C:\Program Files\NVIDIA Corporation
2010-08-26 14:03:13 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-19 10:18:59 ----A---- C:\Windows\system32\wbhelp2.dll
2010-08-19 10:18:59 ----A---- C:\Windows\system32\W95INF32.DLL
2010-08-19 10:18:59 ----A---- C:\Windows\system32\W95INF16.DLL
2010-08-19 10:18:59 ----A---- C:\Windows\system32\unicows.dll
2010-08-19 10:18:59 ----A---- C:\Windows\system32\gdiplus.dll
2010-08-19 10:18:59 ----A---- C:\Windows\system32\anim.dll
2010-08-19 10:18:57 ----D---- C:\Program Files\WinUtilities
2010-08-17 00:49:23 ----D---- C:\Users\radilek\AppData\Roaming\EasyMp3Downloader
2010-08-17 00:49:23 ----D---- C:\ProgramData\EasyMp3Downloader
2010-08-17 00:49:18 ----D---- C:\Program Files\EasyMP3Downloader
2010-08-16 01:52:27 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-16 01:52:25 ----A---- C:\Windows\system32\msxml3.dll
2010-08-16 01:51:59 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-16 01:51:58 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-16 01:51:58 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-16 01:51:55 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-16 01:51:55 ----A---- C:\Windows\system32\iccvid.dll
2010-08-16 01:51:49 ----A---- C:\Windows\system32\rtutils.dll
2010-08-16 01:51:40 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-16 01:51:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-16 01:51:32 ----A---- C:\Windows\system32\mshtml.dll
2010-08-16 01:51:29 ----A---- C:\Windows\system32\ieframe.dll
2010-08-16 01:51:28 ----A---- C:\Windows\system32\wininet.dll
2010-08-16 01:51:28 ----A---- C:\Windows\system32\urlmon.dll
2010-08-16 01:51:27 ----A---- C:\Windows\system32\mstime.dll
2010-08-16 01:51:27 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-16 01:51:27 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-16 01:51:27 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-16 01:51:27 ----A---- C:\Windows\system32\ieui.dll
2010-08-16 01:51:27 ----A---- C:\Windows\system32\iepeers.dll
2010-08-16 01:51:27 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-16 01:51:20 ----A---- C:\Windows\system32\win32k.sys
2010-08-16 01:51:20 ----A---- C:\Windows\system32\schannel.dll
2010-08-16 00:34:48 ----D---- C:\Users\radilek\AppData\Roaming\VSO
2010-08-16 00:34:23 ----D---- C:\Program Files\VSO
2010-08-15 21:51:12 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 3

======List of files/folders modified in the last 1 months======

2010-09-04 14:09:20 ----D---- C:\Windows\Temp
2010-09-04 14:09:09 ----D---- C:\Windows\Prefetch
2010-09-04 14:08:30 ----RD---- C:\Program Files
2010-09-04 13:53:51 ----D---- C:\Users\radilek\AppData\Roaming\Skype
2010-09-04 13:39:34 ----D---- C:\Users\radilek\AppData\Roaming\FileZilla
2010-09-04 11:19:15 ----D---- C:\ProgramData\Xfire
2010-09-04 10:43:39 ----D---- C:\Windows\system32\LogFiles
2010-09-04 10:39:30 ----D---- C:\Windows\system32\config
2010-09-04 10:28:23 ----SHD---- C:\System Volume Information
2010-09-04 10:25:07 ----D---- C:\Users\radilek\AppData\Roaming\skypePM
2010-09-04 10:23:44 ----D---- C:\Program Files\Steam
2010-09-04 10:23:07 ----D---- C:\Windows
2010-09-04 00:50:35 ----D---- C:\Users\radilek\AppData\Roaming\Hamachi
2010-09-03 23:09:17 ----SHD---- C:\Windows\Installer
2010-09-03 23:06:26 ----D---- C:\Windows\system32\Tasks
2010-09-03 23:06:19 ----RD---- C:\Program Files\Skype
2010-09-03 23:06:19 ----D---- C:\Program Files\Common Files
2010-09-03 23:06:05 ----D---- C:\ProgramData\Skype
2010-09-03 22:18:21 ----A---- C:\Windows\system32\PnkBstrB.exe
2010-09-03 17:41:46 ----D---- C:\Users\radilek\AppData\Roaming\Media Player Classic
2010-09-03 17:40:48 ----D---- C:\Windows\Minidump
2010-09-03 17:40:48 ----D---- C:\Windows\debug
2010-09-03 06:09:53 ----SD---- C:\Users\radilek\AppData\Roaming\Microsoft
2010-09-02 20:41:51 ----D---- C:\Users\radilek\AppData\Roaming\Xfire
2010-09-02 06:03:07 ----HD---- C:\ProgramData
2010-09-02 06:00:41 ----D---- C:\Program Files\Hot_MP3
2010-09-02 06:00:40 ----D---- C:\Windows\System32
2010-08-31 22:18:27 ----D---- C:\Program Files\Clickster
2010-08-31 18:22:47 ----D---- C:\ProgramData\Microsoft Help
2010-08-31 18:22:42 ----RSD---- C:\Windows\assembly
2010-08-31 18:20:01 ----A---- C:\Windows\win.ini
2010-08-31 18:19:48 ----D---- C:\Windows\ShellNew
2010-08-31 18:18:56 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-08-31 18:18:51 ----D---- C:\Program Files\Common Files\microsoft shared
2010-08-31 08:14:33 ----D---- C:\Program Files\Common Files\Steam
2010-08-31 08:10:45 ----D---- C:\Windows\winsxs
2010-08-31 02:03:36 ----D---- C:\Windows\system32\drivers
2010-08-31 01:08:35 ----D---- C:\Windows\system32\catroot
2010-08-31 01:03:31 ----D---- C:\Windows\inf
2010-08-31 01:03:27 ----D---- C:\Windows\system32\DriverStore
2010-08-31 01:02:45 ----D---- C:\Program Files\ESET
2010-08-29 12:59:17 ----D---- C:\Windows\system32\drivers\etc
2010-08-29 09:36:14 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-08-28 19:04:11 ----D---- C:\Windows\system32\catroot2
2010-08-28 11:34:30 ----D---- C:\Windows\Microsoft.NET
2010-08-27 09:20:19 ----D---- C:\Program Files\ICQ7.0
2010-08-27 02:34:49 ----D---- C:\Windows\AppPatch
2010-08-16 22:36:15 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-16 22:34:14 ----A---- C:\Windows\game.ini
2010-08-16 22:32:40 ----D---- C:\Program Files\Activision
2010-08-16 11:12:14 ----D---- C:\Windows\system32\migration
2010-08-16 11:12:14 ----D---- C:\Program Files\Internet Explorer
2010-08-15 21:07:52 ----D---- C:\Program Files\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-02-04 64288]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-10 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-28 114984]
R1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [2010-04-06 95024]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-06-24 136120]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-04-28 134488]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-04-28 41312]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 104976]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-04 5079040]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-04-28 32584]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-12-17 25280]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-11-03 2790048]
R3 rt61x86;Ralink RT61 Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr61.sys [2006-08-25 274432]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-14 43008]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2005-04-12 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2005-04-12 45504]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\radilek\AppData\Local\Temp\SWGDB90.tmp []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-02-10 16608]
S3 Loader;Loader; \??\C:\Windows\system32\Loader.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-06-18 147168]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 VSPerfDrv100;Performance Tools Driver 10.0; \??\C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2005-04-12 22240]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2005-04-12 5600]
S4 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys []
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-11-04 172032]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DigiRefresh;Digidesign MME Refresh Service; C:\Program Files\Digidesign\Drivers\MMERefresh.exe [2010-05-04 77824]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-07-02 810144]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-05-09 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-09-03 219128]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TeamViewer4;TeamViewer 4; C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [2009-06-16 185640]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-07-02 33584]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-11 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-04-30 1285864]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-01-19 3595660]
S3 ose;Office  Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-08-31 407336]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-05-29 435016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-02 1343400]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

Re: Virus ScrInject.B.Gen

Napsal: 04 zář 2010 14:35
od Rudy
2radilek: Založte si, prosím, vlastní topic. Děkujeme.

Re: Virus ScrInject.B.Gen

Napsal: 05 zář 2010 12:04
od baryman
Posílám ten log, heslo na ftp jsem už změnil, ale bylo složité (taková ta klasika ruzna pismena, cisla, ...).


Logfile of random's system information tool 1.08 (written by random/random)
Run by Jirka at 2010-09-05 12:58:29
Microsoft Windows 7 Home Premium
System drive C: has 105 GB (36%) free of 291 GB
Total RAM: 3950 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:02:38, on 5.9.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Doit.im\Doit.im.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Jirka\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Yaho's Miranda IM\miranda32.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\FileZilla_3.3.2.1_win32\FileZilla-3.3.2.1\filezilla.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.mojebanka.cz/InternetBanking/?L=CS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Doit.lnk = C:\Program Files (x86)\Doit.im\Doit.im.exe
O4 - Startup: Dropbox.lnk = Jirka\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Intel(R) Sample Collector (SampleCollector) - Intel Corporation - C:\Program Files\Sony\VAIO Care\collsvc.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15873 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {4096DCDC-7131-495A-989C-E2C581BB75F0}
"taskhost.exe"
"C:\Program Files\Sony\VAIO Care\VAIOCareService.exe"
taskeng.exe {F6CEEBFF-2DBC-48DB-A652-37AEA0011961}
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
/Device:000000a0
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files\Java\jre6\bin\jusched.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
"C:\Program Files (x86)\Doit.im\Doit.im.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Users\Jirka\AppData\Roaming\Dropbox\bin\Dropbox.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5872fc1a-4568-41f4-abc2-dae4f858a29a -SystemEventPortName:HostProcess-c3719288-d836-4c59-a21f-1809022064ad -IoCancelEventPortName:HostProcess-ebdfc660-9788-4a98-8383-6537afcf6db3 -NonStateChangingEventPortName:HostProcess-49ddf3c7-dd4a-4b6c-846c-1bf3d2ac3825 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1f9107b3-5e52-49da-b57e-a9fa825f88f3
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe"
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
"C:\Program Files\Apoint\Apvfb.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Sony\VAIO Care\VCsystray.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files (x86)\Yaho's Miranda IM\miranda32.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\FileZilla_3.3.2.1_win32\FileZilla-3.3.2.1\filezilla.exe"
"C:\Users\Jirka\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-06 132448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-07-14 371888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll [2010-06-03 322104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-18 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-06-03 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-05-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-07-14 371888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-16 9636896]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2009-11-04 208384]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-18 171520]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-04-07 2839840]
"TNOD UP"=C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe [2010-04-02 1811968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-01-18 39408]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2010-04-08 306088]
"AdobeBridge"= []
"Steam"=c:\program files (x86)\steam\steam.exe [2010-08-24 1242448]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-11-21 284696]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2009-08-26 320880]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-15 98304]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-06-17 538472]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2009-10-24 597792]
"MarketingTools"=C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [2010-01-18 26624]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Doit.lnk - C:\Program Files (x86)\Doit.im\Doit.im.exe
Dropbox.lnk - C:\Users\Jirka\AppData\Roaming\Dropbox\bin\Dropbox.exe
OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-12-16 268800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-05 12:58:29 ----D---- C:\rsit
2010-09-05 12:58:29 ----D---- C:\Program Files\trend micro
2010-08-31 15:50:18 ----D---- C:\Program Files (x86)\RapidSolution
2010-08-25 10:21:35 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-08-25 10:21:35 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-18 12:42:40 ----D---- C:\Program Files (x86)\New Star Soccer 2010
2010-08-18 12:29:33 ----D---- C:\seo projects
2010-08-18 12:28:46 ----D---- C:\Users\Jirka\AppData\Roaming\SeoAdministrator
2010-08-18 12:27:20 ----D---- C:\ProgramData\SeoAdministrator
2010-08-18 12:27:20 ----A---- C:\Windows\SYSWOW64\arcdll.dll
2010-08-18 12:27:10 ----A---- C:\Windows\SYSWOW64\ssleay32.dll
2010-08-18 12:27:10 ----A---- C:\Windows\SYSWOW64\semtempl.dll
2010-08-18 12:27:10 ----A---- C:\Windows\SYSWOW64\libeay32.dll
2010-08-18 12:27:10 ----A---- C:\Windows\SYSWOW64\hashfunc.dll
2010-08-18 12:27:10 ----A---- C:\Windows\SYSWOW64\cg32.dll
2010-08-18 12:27:10 ----A---- C:\Windows\SYSWOW64\cc3250mt.dll
2010-08-18 12:27:10 ----A---- C:\Windows\SYSWOW64\BORLNDMM.DLL
2010-08-18 12:27:09 ----D---- C:\Program Files (x86)\seoadministrator
2010-08-11 12:50:51 ----D---- C:\AMD
2010-08-11 10:29:04 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-11 10:29:03 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-08-11 10:29:03 ----A---- C:\Windows\system32\schannel.dll
2010-08-11 10:29:03 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-11 10:29:03 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-11 10:28:54 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-11 10:28:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 10:28:50 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-08-11 10:28:50 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-08-11 10:28:43 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 10:28:43 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 10:28:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-08-11 10:28:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-08-11 10:28:37 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 10:28:37 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 10:28:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-08-11 10:28:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-08-11 10:28:36 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-08-11 10:28:36 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 10:28:35 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-08-11 10:28:35 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-08-11 10:28:35 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-08-11 10:28:35 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-08-11 10:28:35 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-08-11 10:28:35 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-08-11 10:28:35 ----A---- C:\Windows\system32\mstime.dll
2010-08-11 10:28:35 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-11 10:28:35 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-11 10:28:35 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-11 10:28:35 ----A---- C:\Windows\system32\ieui.dll
2010-08-11 10:28:35 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-11 10:28:32 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-08-11 10:28:32 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-08-11 10:28:32 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 10:28:31 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 10:28:30 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 10:28:29 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-08-10 12:08:24 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-08-10 12:07:52 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2010-08-10 12:07:52 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2010-08-10 12:07:52 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2010-08-10 12:07:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2010-08-10 12:07:52 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-08-10 12:07:52 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-08-10 12:07:52 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-08-10 12:07:52 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-08-10 12:07:51 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2010-08-10 12:07:51 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2010-08-10 12:07:51 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2010-08-10 12:07:51 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-08-10 12:07:51 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-08-10 12:07:51 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-08-10 12:07:50 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2010-08-10 12:07:50 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2010-08-10 12:07:50 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2010-08-10 12:07:50 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2010-08-10 12:07:50 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2010-08-10 12:07:50 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-08-10 12:07:50 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-08-10 12:07:50 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-08-10 12:07:50 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-08-10 12:07:50 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-08-10 12:07:49 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2010-08-10 12:07:49 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2010-08-10 12:07:49 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-08-10 12:07:49 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-08-10 12:07:48 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2010-08-10 12:07:48 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2010-08-10 12:07:48 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-08-10 12:07:48 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-08-10 12:07:47 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2010-08-10 12:07:47 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-08-10 12:07:47 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-08-10 12:07:46 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-08-10 12:07:43 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2010-08-10 12:07:43 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-08-10 12:07:37 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2010-08-10 12:07:37 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2010-08-10 12:07:37 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2010-08-10 12:07:37 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-08-10 12:07:37 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-08-10 12:07:37 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-08-10 11:38:04 ----D---- C:\Program Files (x86)\Steam

======List of files/folders modified in the last 1 months======

2010-09-05 13:02:32 ----D---- C:\Windows\Temp
2010-09-05 12:58:29 ----RD---- C:\Program Files
2010-09-05 12:57:04 ----D---- C:\Users\Jirka\AppData\Roaming\FileZilla
2010-09-05 11:44:55 ----D---- C:\Users\Jirka\AppData\Roaming\Dropbox
2010-09-05 11:44:44 ----D---- C:\Windows\system32\config
2010-09-05 11:44:05 ----A---- C:\Windows\SYSWOW64\log.txt
2010-09-03 07:38:47 ----SHD---- C:\System Volume Information
2010-08-31 15:50:22 ----SHD---- C:\Windows\Installer
2010-08-31 15:50:18 ----RD---- C:\Program Files (x86)
2010-08-31 15:47:53 ----D---- C:\Windows\Prefetch
2010-08-30 13:52:47 ----D---- C:\Windows\System32
2010-08-30 13:52:47 ----D---- C:\Windows\inf
2010-08-30 13:52:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-30 13:44:11 ----D---- C:\Program Files (x86)\Full Tilt Poker
2010-08-26 07:09:55 ----D---- C:\Windows\winsxs
2010-08-26 07:09:20 ----D---- C:\Windows\SysWOW64
2010-08-26 00:57:30 ----D---- C:\Windows\AppPatch
2010-08-25 10:21:30 ----D---- C:\Windows\system32\catroot2
2010-08-25 10:21:30 ----D---- C:\Windows\system32\catroot
2010-08-22 11:35:08 ----D---- C:\Program Files (x86)\Opera
2010-08-18 12:27:20 ----HD---- C:\ProgramData
2010-08-13 20:03:07 ----D---- C:\Windows\Microsoft.NET
2010-08-13 20:02:32 ----RSD---- C:\Windows\assembly
2010-08-11 19:40:31 ----D---- C:\Windows\system32\drivers
2010-08-11 19:40:28 ----D---- C:\Windows\SYSWOW64\migration
2010-08-11 19:40:28 ----D---- C:\Program Files\Internet Explorer
2010-08-11 19:40:28 ----D---- C:\Program Files (x86)\Internet Explorer
2010-08-11 19:40:27 ----D---- C:\Windows\system32\migration
2010-08-10 12:08:30 ----D---- C:\Windows
2010-08-10 11:38:05 ----D---- C:\Program Files (x86)\Common Files
2010-08-08 13:03:59 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2009-11-21 537112]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-05 834544]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-07 139704]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-04-07 163888]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-04-07 124760]
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys [2009-11-06 93696]
R2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [2009-09-15 75776]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\drivers\Apfiltr.sys [2009-11-04 253488]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-12 1542656]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-24 6106624]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-12-14 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-16 2212640]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-16 213280]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2009-08-19 11392]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-11-18 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2009-11-18 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\drivers\btwrchid.sys [2009-11-18 21160]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-06 61280]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-09-26 115328]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-12-16 7778176]
S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2009-11-13 151936]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-24 202752]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-04-07 810120]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-21 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-14 268824]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-07-18 75064]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe [2009-12-02 204648]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2009-11-25 821760]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-09-14 206336]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-09-01 407336]
R3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-18 133104]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-04-07 42336]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-06 704864]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-18 182768]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2010-05-12 68096]
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
S3 SampleCollector;Intel(R) Sample Collector; C:\Program Files\Sony\VAIO Care\collsvc.exe [2009-09-17 167424]
S3 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]
S3 SOHDBSvr;VAIO Media plus Database Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]
S3 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]
S3 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]
S3 SOHPlMgr;VAIO Media plus Playlist Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2009-09-14 69632]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-09-16 480624]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-09-08 110960]
S3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2009-10-30 1165680]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: Virus ScrInject.B.Gen

Napsal: 05 zář 2010 12:11
od Narfyk
vopred sa ospravedlnujem za vstup
daj odtial ten cracknuty nod. cracknuty antivir je antivir na ho**o a este k tomu porujes aj autorske prava !
myslim tento crack: "TNOD UP"=C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe
takze bud si kup licenciu alebo si tam daj nejake free riesenie.
su dve dobre free riesenia. konkretne Avast! Free alebo AVIRA Antivir Personal (odporucam Avast! Free)
a este aj nejaky dobry firewall, najlepsie su asi Kerio a ZoneAlarm (odporucam ZoneAlarm)
zvysok prenechavam Rudy-mu

Re: Virus ScrInject.B.Gen

Napsal: 05 zář 2010 12:15
od baryman
Narfyk píše:vopred sa ospravedlnujem za vstup
daj odtial ten cracknuty nod. cracknuty antivir je antivir na ho**o a este k tomu porujes aj autorske prava !
myslim tento crack: "TNOD UP"=C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe
takze bud si kup licenciu alebo si tam daj nejake free riesenie.
su dve dobre free riesenia. konkretne Avast! Free alebo AVIRA Antivir Personal (odporucam Avast! Free)
a este aj nejaky dobry firewall, najlepsie su asi Kerio a ZoneAlarm (odporucam ZoneAlarm)
zvysok prenechavam Rudy-mu
mam objednanou licenci od znameho, notas mam mesic, predtim sem ho nemel ja, tak tam tohle bylo.

Re: Virus ScrInject.B.Gen

Napsal: 05 zář 2010 12:18
od Narfyk
aha, tak prepac ze som na teba tak vybehol.
tak teda cakaj na Rudyho

Re: Virus ScrInject.B.Gen

Napsal: 05 zář 2010 18:01
od Rudy
2 baryman: Log vypadá OK. Pro jistotu proveďte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: Virus ScrInject.B.Gen

Napsal: 06 zář 2010 11:17
od baryman
hotovo, našlo to pár infikovaných souborů, ale většinou trainery na hry nebo setup k pokerovemu klientu. co ted s tím webem?

Re: Virus ScrInject.B.Gen

Napsal: 06 zář 2010 16:55
od Rudy
Pak budete muset ručně odstranit z html kódu vaší stránky vše, co tam nepatří a a změnit heslo na FTP.
Viz má 1. odpověď.

Re: Virus ScrInject.B.Gen

Napsal: 06 zář 2010 17:23
od baryman
heslo jsme zmenil, jak zjistit, co tam nepatří? je to poměrně složitý systém (wordpress), tak to najít nebude sranda.

edit : už možná mám, diky za pomoc :)

Re: Virus ScrInject.B.Gen

Napsal: 06 zář 2010 17:34
od Rudy
Je nutné buď rozmět HTML kódu (což já neumím), nebo mít někde zálohu a překopírovat.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz