Dobrý den,
prosím o kontrolu logu, v PC nekontrolovaně vyskakují okna Mozilla s reklamou, travianem atp.
Děkuji Endru-x
Logfile of random's system information tool 1.10 (written by random/random)
Run by ATP13 at 2014-09-16 11:24:26
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (14%) free of 33 GB
Total RAM: 3032 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:24:46, on 16.9.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Data aplikací\WindowsMangerProtect\ProtectWindowsManager.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\WINDOWS\MHotkey.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe
C:\WINDOWS\ChiFuncExt.exe
C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
E:\Mozilla\Firefox\firefox.exe
E:\Mozilla\Firefox\plugin-container.exe
C:\Documents and Settings\ATP13\Plocha\RSIT.exe
C:\Program Files\trend micro\ATP13.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 5111651116
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 5111651116
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 5111651116
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 5111651116
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [CnwiDeviceAgent] C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Web TuneUp\vprot.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1004336348-842925246-1417001333-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: imagePROGRAF Status Monitor.lnk = C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\MICTOS~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\MICTOS~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B2C0B8A-CFE3-4669-8C31-1FF393F42309}: NameServer = 10.0.0.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Canon imagePROGRAF Status Monitor - CANON INC - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\Documents and Settings\All Users\Data aplikací\WindowsMangerProtect\ProtectWindowsManager.exe
--
End of file - 12923 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AmiUpdXp.job - C:\Documents and Settings\ATP13\Data aplikací\1516\a11303.exe
C:\WINDOWS\tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-1.job - C:\Program Files\HD-V1.9\HD-V1.9-codedownloader.exe /PlpeMWCEE /FkxzrMyJ=task /dFkFbKCI='HD-V1.9' /QFwZrYd=59568 /evCaG='001798' /BBrUR='0' /GbQGz='0' /cmkIlpDcc=FF798BBB73B744DFAA83C109A1A61618IE /gjZdfXq=1a5bbd786d7bd72b8efd52d3d0228cc0 /xHauBB=1_34_07_01 /DlnNjXHT=1.34.7.1 /jnwRBypy=1405894454 /qEuhpWI=http://stats.genstatsnet.com /nvsUGIk=http://errors.genstatsnet.com /BAYzoqHS=http://js.genstatsnet.com /FEospXgs=ff /JgQEIhPSE='HD-V1.9' /zOQrqnE=http://js.clientdemocloud.com /ZUvChAeq /VscSskak='{"asw":[32768, 260, 0]}' /ePKiElymG='http://update.genstatsnet.com/ie_code_a ... pdate.json' /FkxzrMyJ='task' /vHEhDoheA=''
C:\WINDOWS\tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-10.job - C:\Program Files\HD-V1.9\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-10.exe /dFkFbKCI='HD-V1.9' /QFwZrYd=59568 /evCaG='001798' /BBrUR='0' /GbQGz='0' /cmkIlpDcc=FF798BBB73B744DFAA83C109A1A61618IE /gjZdfXq=1a5bbd786d7bd72b8efd52d3d0228cc0 /xHauBB=1_34_07_01 /jnwRBypy=1405894454 /qEuhpWI=http://stats.genstatsnet.com /nvsUGIk=http://errors.genstatsnet.com /jKiLBFNf='HD-V1.9' /nUAwN=1000 /fTVblu=93-0,102-0,104-0,178-288,179-288,180-288,223-288 /kFgjoFVaq=http://logs.genstatsnet.com /FkxzrMyJ='task' /vHEhDoheA=''
C:\WINDOWS\tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-11.job - C:\Program Files\HD-V1.9\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-11.exe /HQiTe=u3k83Vw+1oCIP8UVhkLLrLByWoiBwi8Oou56o+rcKrEsXe41AvYjQ4gfmkk8skUsBm4H1CDTED9fNZ4Tf9uQ0Uuzroj3Ql0E39X/3wU4N43DH/RJhODbfik2AbtkVWt5Qkym+BerBcgCtAZKL1pAV09rUKn7HUuaYFRtI4FE3XOV6pEdSZJuFeD1sxWQ94tyLoPbOFycPpCSDFtzebIJXyVGS9XyQaRncv3mzW4UoZz8GATLSfsbjKkYpNVC31arWPIoWqxvCrejURHFdkwVWZGAUox8XgEvm8KLn7tDOlQvFpx4nSWmB/wI/GzEBukMXivt3XgRkjKac18ABgZLtLCNcAZxdJkvTGHOaWm4whX9l+e7DZTE+UTWp8AEG5SCIadGSb7lR2E25IAYTkegencG1r2vpdlWoXXFHE8dg0qeTFvBRDPpHN76XPyy7E32jurLUP2jraYJy4DXJYdnrzpikB9AaYUsRgGJbAzP3IdnB1+21SR8bJdGfaQDw7YJCCx3HiEiY0nRbUqD/7kTxdBQysNCw2mAzV7oBDUVVagjf7IO5Y163d3xsXBbJ/CjkaLF/0P+zzRF6aFUgDvpBb+1HZ3h5lAHimE8g3r5P31QFjRS9P6oULYvyfc1FfWw23Go+Rchug+yqDlaAU+BTD7p20UQA+vlg091RkdMk6wHWDqO8f01ZjU1zko+MhrFzJhq9DRhRQaqdGRtbUWbyf+2nZC8w31yevwG+VlXPCZ6j7W4qDWrsQN8017WSbF36Q4xrC87fPjF030CuBptGQkEshsxcuVWHEOV8uyF/6GfMnAwLMNNOY9qz1STo1kjRw6kjR56HpZWzIkybda5GZgh1u6CJEBvjp134igQUv4VBo9exB9g7Z2rRwUAn76s8WWqV93WnaQFTb2/aFeKAxEclM0MpR8a7TuOI1P31IU6b8AOLFbVM/6n7odF9d00EjOC2d60uL2mh/mfyrdTu4H5cGug1Dzw5qsLu+aDGalb0xK1KghZkGCXWz+jGRbxK+beyzgullBadeLNzp+t4sF2sg6UgZ+s9MBNKbLJvaxiC5JONZYUS7dVcUdxtpQuymE1ZQjUWxR9I1qTCCAkjl/XqZ6USUob3ZWejAzrNX+hpFGPrKUniZCU6r4AZ/rYsfRkko0WcEKxpOiGK5bckKpk/DOsnjtRmEn5IsKQr6m3wAcu6rizi7gZ+iADaTec7Dw0Kh9GocJ5ruQbnpsua7AB6DCYebK7bBbkksFIckhpLP+6Fdo8GLt+S0iLxlPrACNJo6BMlp1XNcEibKRBYnjV271/0aScmIEEEQYxT6K25AypQeSZohD38ae2bWTfRqJx729tf4lXOYmgYSHHSTGUs5M/GzUxUGQj/ALinrFfj5qa5n/XIEuaTR1Ik25V8QPC8+h1gCYCgX5kBFjO+rtdKjbjXhh6OVMaXuBkoR0PKGkZTavjqw/8cIewQuduyPiZOvW80GI/SjOqHI84RaNUfaEkbWH6B6fogJ01NJK6hA47iagkx4amtQ7NxRD9Hmj8uRbGQauqI5T9bXQq1CV67jcodcnuHr68TUPjE0EhgrAM+K7o8QL0yKKKwl1paGBVMDCRoX0WIPj7l9rpGD0B6R09dJTtUWww1FW+Fj8Wd139vamAGlYZIeTgJM0b5Wvjt2/jFrZytBzSYcmxDdM5PgvF5FuRHG/5iXWovFk=
C:\WINDOWS\tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-2.job - C:\Program Files\HD-V1.9\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-2.exe /YItpEGNa /dFkFbKCI='HD-V1.9' /QFwZrYd=59568 /evCaG='001798' /BBrUR='0' /GbQGz='0' /cmkIlpDcc=FF798BBB73B744DFAA83C109A1A61618IE /gjZdfXq=1a5bbd786d7bd72b8efd52d3d0228cc0 /xHauBB=1_34_07_01 /jnwRBypy=1405894454 /qEuhpWI=http://stats.genstatsnet.com /nvsUGIk=http://errors.genstatsnet.com /EhKPYh=11111111-1111-1111-1111-110511951168 /FEospXgs=ff /ArkPL /ZUvChAeq /ePKiElymG='http://update.genstatsnet.com/ie_enable ... pdate.json' /FkxzrMyJ='task' /vHEhDoheA=''
C:\WINDOWS\tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-3.job - C:\Program Files\HD-V1.9\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-3.exe /HQiTe=cUHcPp9rGfJLS764bTZKnrliabG5UcoOYfDHTFs5L39CVUVb4Klpy7h3pgumuaRG4/nXEIHwYpS5BzjIqhMH40OYdhzFLEp4dGa/xhAp85zdhyeymusUrGKMjhnM8Opv7kHi3j1IjlpdOM5NwHESmS2Ps7zW1KlstHpQmqmWQlkOf3ThTeXsuWwHjKV0rErwpTqgulDzwtlkN6rERfe1/tKfs5h3VET+pPD5TkkLQXcjUjqqNG4XDXCSVdD7pk/jnqG8RUP3UbMLHUOJOERz/vYRVDB4VIj31RvA3l77ki17bggsbCV0PsCJnqd/hzMpV+h1+3JIxT6qWqWh2+yH9lmf1s2gQsPS5YeckKf727/dQbqW9U7goEem9GfvPGEx0s8F4Gh/+OrjzZ36qnQKPVuVyCafwAFcI1BnCgwiuLR97gLVLkMSrnkVAlZFGI6kmzqWRCVxDVo0xfklvSgGszXLPAyvL2Ab0w3KLrpAznkYAIeLLc+NHc8CbA1vhMpSWZ+wP64YplbmCw0lxEHkXFiFsOy5hx9W/Ap9ZCLM0/9niieMQDNoXC1wS/ZyI259DtFy3Ao9nVKLQmz3OgfNtjLCXy7pSP81edZQAhruUkDq3Uf6u+nOjPBefUizrmQX4OQ+iFGPa9ScRoW6XsXRnHeo5jU8ym8NsqqNRniloGV3vyACTlSJ7aDL/MXcLsNJ8R3HwuuLCUFMbZyBMopZjv7Jvu8jDvnCgA9xr/A4Y55xdY/I2nQZ7DGX7vaPbEi8tobVci8ggGlIwoUuFy3kq4WiaWuLOPk9p0sH1HcaMocfyOBLHx/fbj09+NtidTJ4jtsrK3DDsUJ6C1lfGLG8Yne+J0qhRcmv3kAL/nXDyQ06nefL9tICuyOQA3pB/YI6asYX7x74ujo4mic7afLDtLWZIZWILSSkXgpm9sbgw/GazJbtJfecbw1JTy73Uc8czCnHTcIu7o2Aqoow/5N7i8A7S+t830CDD6y7AYvIAREPyGG81gvSD6JAXmM0QZfgD/Hkdo9jrn96CHFuDJdmauWdEcFhqZuhYfvP2lhSFoGxnyVvwXRtgTvryMzwX2OdQQ5mCpKSHkMm5csoolhm0WGhXCNFk+5LVEp9Xb6bnZqav/kHz+cpdmn0DoBE8TGLlzT3GMhmHsTGTrpd1PjqyDpnSkHwXZD3yq3Q6mDlZ20kUBcdXCow7MXW9yq1oLp9jyRDkGt3XIyr65OSIzLT2Sv4MVPtxzAQ1FEwjcjWUrvF+3T1CtFczQwg1eoPYmGKg6hFM8n81Zu4Qaz6oI8yy9LmdmitYaVpu3KGwubRhMeMWyH2aIXZn+J00y5Ly+W6nmHLVxrS/UUKdpEuyNaaEA==
C:\WINDOWS\tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-4.job - C:\Program Files\HD-V1.9\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-4.exe /CYREI /dFkFbKCI='HD-V1.9' /ktnjhAYJO='C:\Program Files\HD-V1.9\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd.xpi' /QFwZrYd=59568 /evCaG='001798' /BBrUR='0' /GbQGz='0' /cmkIlpDcc=FF798BBB73B744DFAA83C109A1A61618IE /gjZdfXq=1a5bbd786d7bd72b8efd52d3d0228cc0 /xHauBB=1_34_07_01 /DlnNjXHT=1.34.7.1 /jnwRBypy=1405894454 /qEuhpWI=http://stats.genstatsnet.com /nvsUGIk=http://errors.genstatsnet.com /meSeWxEqB=300 /Zidko=f80af4ec-42b9-429d-99b0-4078ec7cf864@44882d20-8865-4b13-b79e-ae8470d9a955.com /PCNovayR=0.95 /rCSWaU=af80af4ec42b9429d99b04078ec7cf86444882d2088654b13b79eae8470d9a955com59568 /kbWGRo=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /59568.rdf /jKiLBFNf='HD-V1.9' /KpIvxY='Turn YouTube videos to High Definition by default' /flgtlukfL='InfoHD-V1.8' /FEospXgs=ff /VscSskak='{"asw":[32768, 260, 0]}' /ZUvChAeq /gYMfqzLw /teKKsC /ePKiElymG='http://update.genstatsnet.com/ff_agent_ ... pdate.json' /FkxzrMyJ='task' /vHEhDoheA=''
C:\WINDOWS\tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-5.job - C:\Program Files\HD-V1.9\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-5.exe /nNYeWCp /dFkFbKCI='HD-V1.9' /QFwZrYd=59568 /evCaG='001798' /BBrUR='0' /GbQGz='0' /cmkIlpDcc=FF798BBB73B744DFAA83C109A1A61618IE /gjZdfXq=1a5bbd786d7bd72b8efd52d3d0228cc0 /xHauBB=1_34_07_01 /jnwRBypy=1405894454 /qEuhpWI=http://stats.genstatsnet.com /nvsUGIk=http://errors.genstatsnet.com /jqUJp=http://ipgeoapi.com/ /iNUxrWvvG=http://update.genstatsnet.com /sysHMidBy=2 /kFgjoFVaq=http://logs.genstatsnet.com /ePKiElymG='http://update.genstatsnet.com/updater_a ... pdate.json' /FkxzrMyJ='task' /vHEhDoheA=''
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\User_Feed_Synchronization-{2EA5DFD5-E485-4540-B5F4-CEEC9C31E6E5}.job - C:\WINDOWS\system32\msfeedssync.exe sync
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default
prefs.js - "browser.startup.homepage" - "https://mysearch.avg.com?cid={5A0302BA- ... 2014-09-04 09:59:50&v=3.2.0.15&pid=wtu&sg=&sap=hp"
prefs.js - "extensions.enabledItems" - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, web2pdfextension@web2pdf.adobedotcom:1.0, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - ""
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"web2pdfextension@web2pdf.adobedotcom"=E:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37]
"Description"=
"Path"=C:\WINDOWS\system32\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=E:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
E:\Mozilla\Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
E:\Mozilla\Firefox\plugins\
nppdf32.CZE
nppdf32.dll
nppdf32.HRV
nppdf32.HUN
nppdf32.POL
nppdf32.SKY
nppdf32.SLV
C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\extensions\
avg@toolbar
EOPN29927080@OCIFAPD100469180.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\searchplugins\
askcom.xml
avg-secure-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-12-05 329712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2011-03-21 2137152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-12-18 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-12-05 59376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-12-05 79856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-12-18 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-12-18 343424]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2011-03-21 2137152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-03-11 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-03-11 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-03-11 142872]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-03 18085888]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"LchDrvKey"=C:\WINDOWS\LchDrvKey.exe [2007-03-28 36864]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"JobHisInit"=C:\Program Files\RDS\RMClient\JobHisInit.exe [2005-11-01 151552]
"MplSetUp"=C:\Program Files\RDS\RMClient\MplSetUp.exe [2005-06-01 40960]
"CnwiDeviceAgent"=C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe [2009-10-09 64272]
"Adobe Acrobat Speed Launcher"=E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2013-12-18 41336]
"Acrobat Assistant 8.0"=E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2013-12-18 840568]
"ADSK DLMSession"=C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2012-05-15 1632216]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 383424]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]
"DWQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2013-03-06 520424]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-08-25 5188112]
"vProt"=C:\Program Files\AVG Web TuneUp\vprot.exe [2014-09-04 2680344]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Akamai NetSession Interface"=C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe [2014-04-17 4672920]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
imagePROGRAF Status Monitor.lnk - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-03-05 206848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE"="E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE"="E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe"="C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe:*:Enabled:SysTrayUI Module"
"C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe"="C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe:*:Disabled:Akamai NetSession Client"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-09-16 11:24:27 ----D---- C:\Program Files\trend micro
2014-09-16 11:24:26 ----D---- C:\rsit
2014-09-16 11:08:54 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-09-04 09:59:56 ----D---- C:\Documents and Settings\ATP13\Data aplikací\AVG Web TuneUp
2014-09-04 09:59:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
2014-09-04 09:59:52 ----D---- C:\Program Files\Mozilla Firefox
2014-09-04 09:59:47 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys
2014-09-04 09:59:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
2014-09-04 09:59:42 ----D---- C:\Program Files\Common Files\AVG Secure Search
2014-09-04 09:59:38 ----D---- C:\Program Files\AVG Web TuneUp
2014-09-04 09:59:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
======List of files/folders modified in the last 1 month======
2014-09-16 11:24:33 ----D---- C:\WINDOWS\Prefetch
2014-09-16 11:24:31 ----D---- C:\WINDOWS\system32\CatRoot2
2014-09-16 11:24:27 ----RD---- C:\Program Files
2014-09-16 11:22:30 ----D---- C:\WINDOWS\Temp
2014-09-16 11:21:27 ----D---- C:\WINDOWS\system32
2014-09-16 11:12:55 ----D---- C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz
2014-09-16 11:08:54 ----D---- C:\WINDOWS\system32\drivers
2014-09-16 11:06:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-09-16 11:02:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-09-16 10:56:27 ----A---- C:\WINDOWS\hpbafd.ini
2014-09-16 09:11:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-09-11 14:41:37 ----SHD---- C:\WINDOWS\Installer
2014-09-11 14:41:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-09-11 14:41:18 ----D---- C:\WINDOWS\system32\MRT
2014-09-11 14:34:27 ----A---- C:\WINDOWS\system32\MRT.exe
2014-09-11 12:13:17 ----D---- C:\WINDOWS
2014-09-11 08:49:56 ----HD---- C:\WINDOWS\inf
2014-09-10 11:10:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-04 10:00:54 ----SD---- C:\WINDOWS\Tasks
2014-09-04 09:59:42 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-08-06 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-07-21 191256]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 nethfdrv;nethfdrv; \??\C:\WINDOWS\system32\drivers\nethfdrv.sys []
R2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\WINDOWS\system32\DRIVERS\e1k5132.sys [2008-10-24 149600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2008-10-20 40832]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-03-05 6312928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-03 5030912]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 Canon imagePROGRAF Status Monitor;Canon imagePROGRAF Status Monitor; C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe [2009-10-09 688912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-12-05 153584]
R2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [2014-09-04 1843736]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\Documents and Settings\All Users\Data aplikací\WindowsMangerProtect\ProtectWindowsManager.exe [2014-07-21 535936]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-21 68608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-12-05 1044816]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-21 68608]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-23 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu RSIT
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119546
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu RSIT
# AdwCleaner v3.310 - Report created 17/09/2014 at 07:51:39
# Updated 12/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : ATP13 - ATP13
# Running from : C:\Documents and Settings\ATP13\Plocha\adwcleaner_3.310.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : nethfdrv
Service Deleted : WindowsMangerProtect
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\IePluginServices
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\WindowsMangerProtect
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\SupTab
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Documents and Settings\ATP13\Local Settings\Data aplikací\globalUpdate
Folder Deleted : C:\DOCUME~1\ATP13\LOCALS~1\Temp\HulaToo
Folder Deleted : C:\Documents and Settings\ATP13\Data aplikací\webssearches
Folder Deleted : C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\Extensions\Avg@toolbar
File Deleted : C:\WINDOWS\system32\drivers\nethfdrv.sys
File Deleted : C:\WINDOWS\system32\hfpapi.dll
File Deleted : C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\.autoreg
File Deleted : C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\searchplugins\Askcom.xml
File Deleted : C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\searchplugins\avg-secure-search.xml
***** [ Scheduled Tasks ] *****
Task Deleted : AmiUpdXp
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-1
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-10
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-11
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-2
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-3
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-4
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-5
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\and
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059568.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059568.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059568.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059568.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952268}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955568}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956668}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544954468}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WindowsMangerProtect
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
-\\ Mozilla Firefox v30.0 (cs)
[ File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a3hody0q.default\prefs.js ]
[ File : C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\prefs.js ]
Line Deleted : user_pref("browser.newtab.url", "hxxp://istart.webssearches.com/newtab/?type=nt&ts=1405894705&from=amt&uid=WDCXWD5000AAKS-00V0A0_WD-WCAWFA95111651116");
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Deleted : user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22anth[...]
Line Deleted : user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%[...]
Line Deleted : user_pref("extensions.af80af4ec42b9429d99b04078ec7cf86444882d2088654b13b79eae8470d9a955com59568.59568.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.c[...]
Line Deleted : user_pref("extensions.af80af4ec42b9429d99b04078ec7cf86444882d2088654b13b79eae8470d9a955com59568.59568.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.crossrider.bic", "14755d81b4726cb8103fe4495bf0c023");
-\\ Google Chrome v
[ File : C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [15252 octets] - [17/09/2014 07:47:29]
AdwCleaner[S0].txt - [14369 octets] - [17/09/2014 07:51:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14430 octets] ##########
# Updated 12/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : ATP13 - ATP13
# Running from : C:\Documents and Settings\ATP13\Plocha\adwcleaner_3.310.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : nethfdrv
Service Deleted : WindowsMangerProtect
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\IePluginServices
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\WindowsMangerProtect
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\SupTab
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Documents and Settings\ATP13\Local Settings\Data aplikací\globalUpdate
Folder Deleted : C:\DOCUME~1\ATP13\LOCALS~1\Temp\HulaToo
Folder Deleted : C:\Documents and Settings\ATP13\Data aplikací\webssearches
Folder Deleted : C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\Extensions\Avg@toolbar
File Deleted : C:\WINDOWS\system32\drivers\nethfdrv.sys
File Deleted : C:\WINDOWS\system32\hfpapi.dll
File Deleted : C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\.autoreg
File Deleted : C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\searchplugins\Askcom.xml
File Deleted : C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\searchplugins\avg-secure-search.xml
***** [ Scheduled Tasks ] *****
Task Deleted : AmiUpdXp
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-1
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-10
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-11
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-2
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-3
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-4
Task Deleted : dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-5
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\and
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059568.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059568.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059568.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059568.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952268}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955568}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956668}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544954468}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WindowsMangerProtect
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
-\\ Mozilla Firefox v30.0 (cs)
[ File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a3hody0q.default\prefs.js ]
[ File : C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\prefs.js ]
Line Deleted : user_pref("browser.newtab.url", "hxxp://istart.webssearches.com/newtab/?type=nt&ts=1405894705&from=amt&uid=WDCXWD5000AAKS-00V0A0_WD-WCAWFA95111651116");
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Deleted : user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22anth[...]
Line Deleted : user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%[...]
Line Deleted : user_pref("extensions.af80af4ec42b9429d99b04078ec7cf86444882d2088654b13b79eae8470d9a955com59568.59568.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.c[...]
Line Deleted : user_pref("extensions.af80af4ec42b9429d99b04078ec7cf86444882d2088654b13b79eae8470d9a955com59568.59568.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.crossrider.bic", "14755d81b4726cb8103fe4495bf0c023");
-\\ Google Chrome v
[ File : C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [15252 octets] - [17/09/2014 07:47:29]
AdwCleaner[S0].txt - [14369 octets] - [17/09/2014 07:51:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14430 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119546
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu RSIT
Zde je log, omlouvám se z časových důvodů se sem na fórum vrátím až v pondělí. Zatím mnohokrát díky za pomoc.
Logfile of random's system information tool 1.10 (written by random/random)
Run by ATP13 at 2014-09-18 08:26:06
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (13%) free of 33 GB
Total RAM: 3032 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:26:09, on 18.9.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe
C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe
C:\WINDOWS\MHotkey.exe
C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe
C:\WINDOWS\ChiFuncExt.exe
C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\szndesktop.exe
E:\Mozilla\Firefox\firefox.exe
E:\Mozilla\Firefox\plugin-container.exe
C:\Documents and Settings\ATP13\Plocha\RSIT.exe
C:\Program Files\trend micro\ATP13.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [CnwiDeviceAgent] C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: imagePROGRAF Status Monitor.lnk = C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\MICTOS~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\MICTOS~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B2C0B8A-CFE3-4669-8C31-1FF393F42309}: NameServer = 10.0.0.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Canon imagePROGRAF Status Monitor - CANON INC - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe (file missing)
--
End of file - 10209 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\User_Feed_Synchronization-{2EA5DFD5-E485-4540-B5F4-CEEC9C31E6E5}.job - C:\WINDOWS\system32\msfeedssync.exe sync
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, web2pdfextension@web2pdf.adobedotcom:1.0, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - ""
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"web2pdfextension@web2pdf.adobedotcom"=E:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=E:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
E:\Mozilla\Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
E:\Mozilla\Firefox\plugins\
nppdf32.CZE
nppdf32.dll
nppdf32.HRV
nppdf32.HUN
nppdf32.POL
nppdf32.SKY
nppdf32.SLV
C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\extensions\
EOPN29927080@OCIFAPD100469180.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-17 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2011-03-21 2137152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-17 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2011-03-21 2137152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-03-11 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-03-11 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-03-11 142872]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-03 18085888]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"LchDrvKey"=C:\WINDOWS\LchDrvKey.exe [2007-03-28 36864]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"JobHisInit"=C:\Program Files\RDS\RMClient\JobHisInit.exe [2005-11-01 151552]
"MplSetUp"=C:\Program Files\RDS\RMClient\MplSetUp.exe [2005-06-01 40960]
"CnwiDeviceAgent"=C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe [2009-10-09 64272]
"Adobe Acrobat Speed Launcher"=E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2014-05-08 41336]
"Acrobat Assistant 8.0"=E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2014-05-08 840568]
"ADSK DLMSession"=C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2012-05-15 1632216]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 383424]
"DWQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2013-03-06 520424]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-08-25 5188112]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Akamai NetSession Interface"=C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe [2014-04-17 4672920]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
imagePROGRAF Status Monitor.lnk - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-03-05 206848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE"="E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE"="E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe"="C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe:*:Enabled:SysTrayUI Module"
"C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe"="C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe:*:Disabled:Akamai NetSession Client"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-09-17 08:01:53 ----D---- C:\Program Files\Common Files\Java
2014-09-17 08:01:47 ----A---- C:\WINDOWS\system32\javaws.exe
2014-09-17 08:01:40 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-09-17 08:01:39 ----A---- C:\WINDOWS\system32\javaw.exe
2014-09-17 08:01:39 ----A---- C:\WINDOWS\system32\java.exe
2014-09-17 08:01:29 ----D---- C:\Program Files\Java
2014-09-17 07:47:59 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-09-17 07:47:27 ----D---- C:\AdwCleaner
2014-09-16 11:24:27 ----D---- C:\Program Files\trend micro
2014-09-16 11:24:26 ----D---- C:\rsit
2014-09-16 11:08:54 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-09-04 09:59:56 ----D---- C:\Documents and Settings\ATP13\Data aplikací\AVG Web TuneUp
2014-09-04 09:59:52 ----D---- C:\Program Files\Mozilla Firefox
2014-09-04 09:59:47 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys
2014-09-04 09:59:38 ----D---- C:\Program Files\AVG Web TuneUp
2014-09-04 09:59:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
======List of files/folders modified in the last 1 month======
2014-09-18 08:26:07 ----D---- C:\WINDOWS\system32\CatRoot2
2014-09-18 08:25:24 ----D---- C:\WINDOWS\Prefetch
2014-09-18 08:23:25 ----D---- C:\WINDOWS\Temp
2014-09-17 22:52:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-09-17 22:17:08 ----D---- C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz
2014-09-17 22:14:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-09-17 22:12:28 ----D---- C:\WINDOWS
2014-09-17 10:58:45 ----A---- C:\WINDOWS\hpbafd.ini
2014-09-17 08:04:46 ----SHD---- C:\WINDOWS\Installer
2014-09-17 08:04:23 ----D---- C:\WINDOWS\system32
2014-09-17 08:01:53 ----D---- C:\Program Files\Common Files
2014-09-17 08:01:29 ----RD---- C:\Program Files
2014-09-17 07:51:58 ----D---- C:\WINDOWS\system32\drivers
2014-09-17 07:51:47 ----SD---- C:\WINDOWS\Tasks
2014-09-16 11:02:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-09-11 14:41:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-09-11 14:41:18 ----D---- C:\WINDOWS\system32\MRT
2014-09-11 14:34:27 ----A---- C:\WINDOWS\system32\MRT.exe
2014-09-11 08:49:56 ----HD---- C:\WINDOWS\inf
2014-09-10 11:10:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-08-06 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-07-21 191256]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\WINDOWS\system32\DRIVERS\e1k5132.sys [2008-10-24 149600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2008-10-20 40832]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-03-05 6312928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-03 5030912]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 Canon imagePROGRAF Status Monitor;Canon imagePROGRAF Status Monitor; C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe [2009-10-09 688912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-09-17 182696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-12-05 1044816]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-23 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by ATP13 at 2014-09-18 08:26:06
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (13%) free of 33 GB
Total RAM: 3032 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:26:09, on 18.9.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe
C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe
C:\WINDOWS\MHotkey.exe
C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe
C:\WINDOWS\ChiFuncExt.exe
C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\szndesktop.exe
E:\Mozilla\Firefox\firefox.exe
E:\Mozilla\Firefox\plugin-container.exe
C:\Documents and Settings\ATP13\Plocha\RSIT.exe
C:\Program Files\trend micro\ATP13.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [CnwiDeviceAgent] C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: imagePROGRAF Status Monitor.lnk = C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\MICTOS~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\MICTOS~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B2C0B8A-CFE3-4669-8C31-1FF393F42309}: NameServer = 10.0.0.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Canon imagePROGRAF Status Monitor - CANON INC - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe (file missing)
--
End of file - 10209 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\User_Feed_Synchronization-{2EA5DFD5-E485-4540-B5F4-CEEC9C31E6E5}.job - C:\WINDOWS\system32\msfeedssync.exe sync
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, web2pdfextension@web2pdf.adobedotcom:1.0, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - ""
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"web2pdfextension@web2pdf.adobedotcom"=E:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=E:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
E:\Mozilla\Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
E:\Mozilla\Firefox\plugins\
nppdf32.CZE
nppdf32.dll
nppdf32.HRV
nppdf32.HUN
nppdf32.POL
nppdf32.SKY
nppdf32.SLV
C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\extensions\
EOPN29927080@OCIFAPD100469180.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-17 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2011-03-21 2137152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-17 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2011-03-21 2137152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-03-11 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-03-11 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-03-11 142872]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-03 18085888]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"LchDrvKey"=C:\WINDOWS\LchDrvKey.exe [2007-03-28 36864]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"JobHisInit"=C:\Program Files\RDS\RMClient\JobHisInit.exe [2005-11-01 151552]
"MplSetUp"=C:\Program Files\RDS\RMClient\MplSetUp.exe [2005-06-01 40960]
"CnwiDeviceAgent"=C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe [2009-10-09 64272]
"Adobe Acrobat Speed Launcher"=E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2014-05-08 41336]
"Acrobat Assistant 8.0"=E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2014-05-08 840568]
"ADSK DLMSession"=C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2012-05-15 1632216]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 383424]
"DWQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2013-03-06 520424]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-08-25 5188112]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Akamai NetSession Interface"=C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe [2014-04-17 4672920]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
imagePROGRAF Status Monitor.lnk - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-03-05 206848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE"="E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE"="E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe"="C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe:*:Enabled:SysTrayUI Module"
"C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe"="C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe:*:Disabled:Akamai NetSession Client"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-09-17 08:01:53 ----D---- C:\Program Files\Common Files\Java
2014-09-17 08:01:47 ----A---- C:\WINDOWS\system32\javaws.exe
2014-09-17 08:01:40 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-09-17 08:01:39 ----A---- C:\WINDOWS\system32\javaw.exe
2014-09-17 08:01:39 ----A---- C:\WINDOWS\system32\java.exe
2014-09-17 08:01:29 ----D---- C:\Program Files\Java
2014-09-17 07:47:59 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-09-17 07:47:27 ----D---- C:\AdwCleaner
2014-09-16 11:24:27 ----D---- C:\Program Files\trend micro
2014-09-16 11:24:26 ----D---- C:\rsit
2014-09-16 11:08:54 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-09-04 09:59:56 ----D---- C:\Documents and Settings\ATP13\Data aplikací\AVG Web TuneUp
2014-09-04 09:59:52 ----D---- C:\Program Files\Mozilla Firefox
2014-09-04 09:59:47 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys
2014-09-04 09:59:38 ----D---- C:\Program Files\AVG Web TuneUp
2014-09-04 09:59:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
======List of files/folders modified in the last 1 month======
2014-09-18 08:26:07 ----D---- C:\WINDOWS\system32\CatRoot2
2014-09-18 08:25:24 ----D---- C:\WINDOWS\Prefetch
2014-09-18 08:23:25 ----D---- C:\WINDOWS\Temp
2014-09-17 22:52:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-09-17 22:17:08 ----D---- C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz
2014-09-17 22:14:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-09-17 22:12:28 ----D---- C:\WINDOWS
2014-09-17 10:58:45 ----A---- C:\WINDOWS\hpbafd.ini
2014-09-17 08:04:46 ----SHD---- C:\WINDOWS\Installer
2014-09-17 08:04:23 ----D---- C:\WINDOWS\system32
2014-09-17 08:01:53 ----D---- C:\Program Files\Common Files
2014-09-17 08:01:29 ----RD---- C:\Program Files
2014-09-17 07:51:58 ----D---- C:\WINDOWS\system32\drivers
2014-09-17 07:51:47 ----SD---- C:\WINDOWS\Tasks
2014-09-16 11:02:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-09-11 14:41:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-09-11 14:41:18 ----D---- C:\WINDOWS\system32\MRT
2014-09-11 14:34:27 ----A---- C:\WINDOWS\system32\MRT.exe
2014-09-11 08:49:56 ----HD---- C:\WINDOWS\inf
2014-09-10 11:10:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-08-06 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-07-21 191256]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\WINDOWS\system32\DRIVERS\e1k5132.sys [2008-10-24 149600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2008-10-20 40832]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-03-05 6312928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-03 5030912]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 Canon imagePROGRAF Status Monitor;Canon imagePROGRAF Status Monitor; C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe [2009-10-09 688912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-09-17 182696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-12-05 1044816]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-23 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119546
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Program Files\Skype\Toolbars
C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu RSIT
Provedeno
Log -
Logfile of random's system information tool 1.10 (written by random/random)
Run by ATP13 at 2014-09-22 09:25:10
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 10 GB (30%) free of 33 GB
Total RAM: 3032 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:25:42, on 22.9.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe
C:\WINDOWS\MHotkey.exe
C:\WINDOWS\ChiFuncExt.exe
C:\WINDOWS\system32\dwwin.exe
C:\Documents and Settings\ATP13\Plocha\RSIT.exe
E:\Mozilla\Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\trend micro\ATP13.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [CnwiDeviceAgent] C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: imagePROGRAF Status Monitor.lnk = C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\MICTOS~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\MICTOS~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B2C0B8A-CFE3-4669-8C31-1FF393F42309}: NameServer = 10.0.0.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Canon imagePROGRAF Status Monitor - CANON INC - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe (file missing)
--
End of file - 9639 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\User_Feed_Synchronization-{2EA5DFD5-E485-4540-B5F4-CEEC9C31E6E5}.job - C:\WINDOWS\system32\msfeedssync.exe sync
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, web2pdfextension@web2pdf.adobedotcom:1.0, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - ""
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"web2pdfextension@web2pdf.adobedotcom"=E:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=E:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
E:\Mozilla\Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
E:\Mozilla\Firefox\plugins\
nppdf32.CZE
nppdf32.dll
nppdf32.HRV
nppdf32.HUN
nppdf32.POL
nppdf32.SKY
nppdf32.SLV
C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\extensions\
EOPN29927080@OCIFAPD100469180.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-17 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-17 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2011-03-21 2137152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-03-11 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-03-11 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-03-11 142872]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-03 18085888]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"LchDrvKey"=C:\WINDOWS\LchDrvKey.exe [2007-03-28 36864]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"JobHisInit"=C:\Program Files\RDS\RMClient\JobHisInit.exe [2005-11-01 151552]
"MplSetUp"=C:\Program Files\RDS\RMClient\MplSetUp.exe [2005-06-01 40960]
"CnwiDeviceAgent"=C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe [2009-10-09 64272]
"Adobe Acrobat Speed Launcher"=E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2014-05-08 41336]
"Acrobat Assistant 8.0"=E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2014-05-08 840568]
"ADSK DLMSession"=C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2012-05-15 1632216]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 383424]
"DWQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2013-03-06 520424]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-08-25 5188112]
""= []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
imagePROGRAF Status Monitor.lnk - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-03-05 206848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE"="E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE"="E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe"="C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe:*:Enabled:SysTrayUI Module"
"C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe"="C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe:*:Disabled:Akamai NetSession Client"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-09-22 09:19:55 ----D---- C:\_OTM
2014-09-17 08:01:53 ----D---- C:\Program Files\Common Files\Java
2014-09-17 08:01:47 ----A---- C:\WINDOWS\system32\javaws.exe
2014-09-17 08:01:40 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-09-17 08:01:39 ----A---- C:\WINDOWS\system32\javaw.exe
2014-09-17 08:01:39 ----A---- C:\WINDOWS\system32\java.exe
2014-09-17 08:01:29 ----D---- C:\Program Files\Java
2014-09-17 07:47:59 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-09-17 07:47:27 ----D---- C:\AdwCleaner
2014-09-16 11:24:27 ----D---- C:\Program Files\trend micro
2014-09-16 11:24:26 ----D---- C:\rsit
2014-09-16 11:08:54 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-09-04 09:59:56 ----D---- C:\Documents and Settings\ATP13\Data aplikací\AVG Web TuneUp
2014-09-04 09:59:52 ----D---- C:\Program Files\Mozilla Firefox
2014-09-04 09:59:47 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys
2014-09-04 09:59:38 ----D---- C:\Program Files\AVG Web TuneUp
2014-09-04 09:59:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
======List of files/folders modified in the last 1 month======
2014-09-22 09:25:41 ----D---- C:\WINDOWS\system32\CatRoot2
2014-09-22 09:25:40 ----D---- C:\WINDOWS\Prefetch
2014-09-22 09:25:37 ----D---- C:\WINDOWS\Temp
2014-09-22 09:24:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2014
2014-09-22 09:23:50 ----SHD---- C:\WINDOWS\CSC
2014-09-22 09:23:49 ----D---- C:\WINDOWS\Minidump
2014-09-22 09:23:49 ----D---- C:\WINDOWS
2014-09-22 09:21:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-09-22 09:21:25 ----D---- C:\WINDOWS\system32
2014-09-22 09:19:57 ----RD---- C:\Program Files\Skype
2014-09-22 09:18:26 ----D---- C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz
2014-09-22 09:18:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-09-22 09:16:30 ----SHD---- C:\WINDOWS\Installer
2014-09-17 10:58:45 ----A---- C:\WINDOWS\hpbafd.ini
2014-09-17 08:01:53 ----D---- C:\Program Files\Common Files
2014-09-17 08:01:29 ----RD---- C:\Program Files
2014-09-17 07:51:58 ----D---- C:\WINDOWS\system32\drivers
2014-09-17 07:51:47 ----SD---- C:\WINDOWS\Tasks
2014-09-16 11:02:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-09-11 14:41:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-09-11 14:41:18 ----D---- C:\WINDOWS\system32\MRT
2014-09-11 14:34:27 ----A---- C:\WINDOWS\system32\MRT.exe
2014-09-11 08:49:56 ----HD---- C:\WINDOWS\inf
2014-09-10 11:10:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-08-06 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-07-21 191256]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\WINDOWS\system32\DRIVERS\e1k5132.sys [2008-10-24 149600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2008-10-20 40832]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-03-05 6312928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-03 5030912]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 Canon imagePROGRAF Status Monitor;Canon imagePROGRAF Status Monitor; C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe [2009-10-09 688912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-09-17 182696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-12-05 1044816]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-22 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Log -
Logfile of random's system information tool 1.10 (written by random/random)
Run by ATP13 at 2014-09-22 09:25:10
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 10 GB (30%) free of 33 GB
Total RAM: 3032 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:25:42, on 22.9.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe
C:\WINDOWS\MHotkey.exe
C:\WINDOWS\ChiFuncExt.exe
C:\WINDOWS\system32\dwwin.exe
C:\Documents and Settings\ATP13\Plocha\RSIT.exe
E:\Mozilla\Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\trend micro\ATP13.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [CnwiDeviceAgent] C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: imagePROGRAF Status Monitor.lnk = C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\MICTOS~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\MICTOS~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B2C0B8A-CFE3-4669-8C31-1FF393F42309}: NameServer = 10.0.0.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Canon imagePROGRAF Status Monitor - CANON INC - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe (file missing)
--
End of file - 9639 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\User_Feed_Synchronization-{2EA5DFD5-E485-4540-B5F4-CEEC9C31E6E5}.job - C:\WINDOWS\system32\msfeedssync.exe sync
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, web2pdfextension@web2pdf.adobedotcom:1.0, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - ""
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"web2pdfextension@web2pdf.adobedotcom"=E:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=E:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
E:\Mozilla\Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
E:\Mozilla\Firefox\plugins\
nppdf32.CZE
nppdf32.dll
nppdf32.HRV
nppdf32.HUN
nppdf32.POL
nppdf32.SKY
nppdf32.SLV
C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\extensions\
EOPN29927080@OCIFAPD100469180.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-17 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-17 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2011-03-21 2137152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-03-11 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-03-11 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-03-11 142872]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-03 18085888]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"LchDrvKey"=C:\WINDOWS\LchDrvKey.exe [2007-03-28 36864]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"JobHisInit"=C:\Program Files\RDS\RMClient\JobHisInit.exe [2005-11-01 151552]
"MplSetUp"=C:\Program Files\RDS\RMClient\MplSetUp.exe [2005-06-01 40960]
"CnwiDeviceAgent"=C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe [2009-10-09 64272]
"Adobe Acrobat Speed Launcher"=E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2014-05-08 41336]
"Acrobat Assistant 8.0"=E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2014-05-08 840568]
"ADSK DLMSession"=C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2012-05-15 1632216]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 383424]
"DWQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2013-03-06 520424]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-08-25 5188112]
""= []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
imagePROGRAF Status Monitor.lnk - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-03-05 206848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE"="E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE"="E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe"="C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe:*:Enabled:SysTrayUI Module"
"C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe"="C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe:*:Disabled:Akamai NetSession Client"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-09-22 09:19:55 ----D---- C:\_OTM
2014-09-17 08:01:53 ----D---- C:\Program Files\Common Files\Java
2014-09-17 08:01:47 ----A---- C:\WINDOWS\system32\javaws.exe
2014-09-17 08:01:40 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-09-17 08:01:39 ----A---- C:\WINDOWS\system32\javaw.exe
2014-09-17 08:01:39 ----A---- C:\WINDOWS\system32\java.exe
2014-09-17 08:01:29 ----D---- C:\Program Files\Java
2014-09-17 07:47:59 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-09-17 07:47:27 ----D---- C:\AdwCleaner
2014-09-16 11:24:27 ----D---- C:\Program Files\trend micro
2014-09-16 11:24:26 ----D---- C:\rsit
2014-09-16 11:08:54 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-09-04 09:59:56 ----D---- C:\Documents and Settings\ATP13\Data aplikací\AVG Web TuneUp
2014-09-04 09:59:52 ----D---- C:\Program Files\Mozilla Firefox
2014-09-04 09:59:47 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys
2014-09-04 09:59:38 ----D---- C:\Program Files\AVG Web TuneUp
2014-09-04 09:59:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
======List of files/folders modified in the last 1 month======
2014-09-22 09:25:41 ----D---- C:\WINDOWS\system32\CatRoot2
2014-09-22 09:25:40 ----D---- C:\WINDOWS\Prefetch
2014-09-22 09:25:37 ----D---- C:\WINDOWS\Temp
2014-09-22 09:24:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2014
2014-09-22 09:23:50 ----SHD---- C:\WINDOWS\CSC
2014-09-22 09:23:49 ----D---- C:\WINDOWS\Minidump
2014-09-22 09:23:49 ----D---- C:\WINDOWS
2014-09-22 09:21:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-09-22 09:21:25 ----D---- C:\WINDOWS\system32
2014-09-22 09:19:57 ----RD---- C:\Program Files\Skype
2014-09-22 09:18:26 ----D---- C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz
2014-09-22 09:18:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-09-22 09:16:30 ----SHD---- C:\WINDOWS\Installer
2014-09-17 10:58:45 ----A---- C:\WINDOWS\hpbafd.ini
2014-09-17 08:01:53 ----D---- C:\Program Files\Common Files
2014-09-17 08:01:29 ----RD---- C:\Program Files
2014-09-17 07:51:58 ----D---- C:\WINDOWS\system32\drivers
2014-09-17 07:51:47 ----SD---- C:\WINDOWS\Tasks
2014-09-16 11:02:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-09-11 14:41:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-09-11 14:41:18 ----D---- C:\WINDOWS\system32\MRT
2014-09-11 14:34:27 ----A---- C:\WINDOWS\system32\MRT.exe
2014-09-11 08:49:56 ----HD---- C:\WINDOWS\inf
2014-09-10 11:10:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-08-06 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-07-21 191256]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\WINDOWS\system32\DRIVERS\e1k5132.sys [2008-10-24 149600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2008-10-20 40832]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-03-05 6312928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-03 5030912]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 Canon imagePROGRAF Status Monitor;Canon imagePROGRAF Status Monitor; C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe [2009-10-09 688912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-09-17 182696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-12-05 1044816]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-22 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119546
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT
Dvouklikem na soubor C:\Program Files\trend micro\ATP13.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu RSIT
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
jsem v seznamu nenalezl
log z hijackthis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:25:42, on 22.9.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe
C:\WINDOWS\MHotkey.exe
C:\WINDOWS\ChiFuncExt.exe
C:\WINDOWS\system32\dwwin.exe
C:\Documents and Settings\ATP13\Plocha\RSIT.exe
E:\Mozilla\Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\trend micro\ATP13.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [CnwiDeviceAgent] C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: imagePROGRAF Status Monitor.lnk = C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\MICTOS~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\MICTOS~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B2C0B8A-CFE3-4669-8C31-1FF393F42309}: NameServer = 10.0.0.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Canon imagePROGRAF Status Monitor - CANON INC - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe (file missing)
--
End of file - 9639 bytes
zde log z OTM
All processes killed
========== FILES ==========
File/Folder C:\Program Files\Skype\Toolbars not found.
File/Folder C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: ATP13
->Temp folder emptied: 651846 bytes
->Temporary Internet Files folder emptied: 119428 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 21296669 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2009 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16955 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 21,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: ATP13
->Flash cache emptied: 0 bytes
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 09232014_122304
Files moved on Reboot...
Registry entries deleted on Reboot...
jsem v seznamu nenalezl
log z hijackthis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:25:42, on 22.9.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe
C:\WINDOWS\MHotkey.exe
C:\WINDOWS\ChiFuncExt.exe
C:\WINDOWS\system32\dwwin.exe
C:\Documents and Settings\ATP13\Plocha\RSIT.exe
E:\Mozilla\Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\trend micro\ATP13.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [CnwiDeviceAgent] C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: imagePROGRAF Status Monitor.lnk = C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\MICTOS~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\MICTOS~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B2C0B8A-CFE3-4669-8C31-1FF393F42309}: NameServer = 10.0.0.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Canon imagePROGRAF Status Monitor - CANON INC - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe (file missing)
--
End of file - 9639 bytes
zde log z OTM
All processes killed
========== FILES ==========
File/Folder C:\Program Files\Skype\Toolbars not found.
File/Folder C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: ATP13
->Temp folder emptied: 651846 bytes
->Temporary Internet Files folder emptied: 119428 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 21296669 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2009 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16955 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 21,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: ATP13
->Flash cache emptied: 0 bytes
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 09232014_122304
Files moved on Reboot...
Registry entries deleted on Reboot...
Re: Prosím o kontrolu logu RSIT
Ještě log z RSIT
Logfile of random's system information tool 1.10 (written by random/random)
Run by ATP13 at 2014-09-23 12:33:21
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (32%) free of 33 GB
Total RAM: 3032 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:33:24, on 23.9.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\WINDOWS\MHotkey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ChiFuncExt.exe
E:\Mozilla\Firefox\firefox.exe
E:\Mozilla\Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\ATP13\Plocha\RSIT.exe
C:\Program Files\trend micro\ATP13.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [CnwiDeviceAgent] C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - Global Startup: imagePROGRAF Status Monitor.lnk = C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\MICTOS~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\MICTOS~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B2C0B8A-CFE3-4669-8C31-1FF393F42309}: NameServer = 10.0.0.1
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Canon imagePROGRAF Status Monitor - CANON INC - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe (file missing)
--
End of file - 8355 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\User_Feed_Synchronization-{2EA5DFD5-E485-4540-B5F4-CEEC9C31E6E5}.job - C:\WINDOWS\system32\msfeedssync.exe sync
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, web2pdfextension@web2pdf.adobedotcom:1.0, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - ""
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"web2pdfextension@web2pdf.adobedotcom"=E:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=E:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
E:\Mozilla\Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
E:\Mozilla\Firefox\plugins\
nppdf32.CZE
nppdf32.dll
nppdf32.HRV
nppdf32.HUN
nppdf32.POL
nppdf32.SKY
nppdf32.SLV
C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\extensions\
EOPN29927080@OCIFAPD100469180.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-17 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-17 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-03-11 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-03-11 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-03-11 142872]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-03 18085888]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"LchDrvKey"=C:\WINDOWS\LchDrvKey.exe [2007-03-28 36864]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"JobHisInit"=C:\Program Files\RDS\RMClient\JobHisInit.exe [2005-11-01 151552]
"MplSetUp"=C:\Program Files\RDS\RMClient\MplSetUp.exe [2005-06-01 40960]
"CnwiDeviceAgent"=C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe [2009-10-09 64272]
"Adobe Acrobat Speed Launcher"=E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2014-05-08 41336]
"Acrobat Assistant 8.0"=E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2014-05-08 840568]
"ADSK DLMSession"=C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2012-05-15 1632216]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 383424]
"DWQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2013-03-06 520424]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-08-25 5188112]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
imagePROGRAF Status Monitor.lnk - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-03-05 206848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE"="E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE"="E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe"="C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe:*:Enabled:SysTrayUI Module"
"C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe"="C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe:*:Disabled:Akamai NetSession Client"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-09-22 09:19:55 ----D---- C:\_OTM
2014-09-17 08:01:53 ----D---- C:\Program Files\Common Files\Java
2014-09-17 08:01:47 ----A---- C:\WINDOWS\system32\javaws.exe
2014-09-17 08:01:40 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-09-17 08:01:39 ----A---- C:\WINDOWS\system32\javaw.exe
2014-09-17 08:01:39 ----A---- C:\WINDOWS\system32\java.exe
2014-09-17 08:01:29 ----D---- C:\Program Files\Java
2014-09-17 07:47:59 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-09-17 07:47:27 ----D---- C:\AdwCleaner
2014-09-16 11:24:27 ----D---- C:\Program Files\trend micro
2014-09-16 11:24:26 ----D---- C:\rsit
2014-09-16 11:08:54 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-09-04 09:59:56 ----D---- C:\Documents and Settings\ATP13\Data aplikací\AVG Web TuneUp
2014-09-04 09:59:52 ----D---- C:\Program Files\Mozilla Firefox
2014-09-04 09:59:47 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys
2014-09-04 09:59:38 ----D---- C:\Program Files\AVG Web TuneUp
2014-09-04 09:59:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
======List of files/folders modified in the last 1 month======
2014-09-23 12:33:22 ----D---- C:\WINDOWS\system32\CatRoot2
2014-09-23 12:29:39 ----D---- C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz
2014-09-23 12:29:01 ----D---- C:\WINDOWS\Prefetch
2014-09-23 12:25:45 ----D---- C:\WINDOWS\Temp
2014-09-23 12:23:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-09-23 12:20:49 ----SD---- C:\Documents and Settings\ATP13\Data aplikací\Microsoft
2014-09-23 10:28:50 ----A---- C:\WINDOWS\hpbafd.ini
2014-09-23 09:32:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-09-23 08:33:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-09-22 09:24:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2014
2014-09-22 09:23:50 ----SHD---- C:\WINDOWS\CSC
2014-09-22 09:23:49 ----D---- C:\WINDOWS\Minidump
2014-09-22 09:23:49 ----D---- C:\WINDOWS
2014-09-22 09:21:25 ----D---- C:\WINDOWS\system32
2014-09-22 09:19:57 ----RD---- C:\Program Files\Skype
2014-09-22 09:16:30 ----SHD---- C:\WINDOWS\Installer
2014-09-17 08:01:53 ----D---- C:\Program Files\Common Files
2014-09-17 08:01:29 ----RD---- C:\Program Files
2014-09-17 07:51:58 ----D---- C:\WINDOWS\system32\drivers
2014-09-17 07:51:47 ----SD---- C:\WINDOWS\Tasks
2014-09-16 11:02:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-09-11 14:41:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-09-11 14:41:18 ----D---- C:\WINDOWS\system32\MRT
2014-09-11 14:34:27 ----A---- C:\WINDOWS\system32\MRT.exe
2014-09-11 08:49:56 ----HD---- C:\WINDOWS\inf
2014-09-10 11:10:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-08-06 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-07-21 191256]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\WINDOWS\system32\DRIVERS\e1k5132.sys [2008-10-24 149600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2008-10-20 40832]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-03-05 6312928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-03 5030912]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 Canon imagePROGRAF Status Monitor;Canon imagePROGRAF Status Monitor; C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe [2009-10-09 688912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-09-17 182696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-12-05 1044816]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-22 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by ATP13 at 2014-09-23 12:33:21
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (32%) free of 33 GB
Total RAM: 3032 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:33:24, on 23.9.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\WINDOWS\MHotkey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ChiFuncExt.exe
E:\Mozilla\Firefox\firefox.exe
E:\Mozilla\Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\ATP13\Plocha\RSIT.exe
C:\Program Files\trend micro\ATP13.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [CnwiDeviceAgent] C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - Global Startup: imagePROGRAF Status Monitor.lnk = C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\MICTOS~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\MICTOS~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Mictosoft\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B2C0B8A-CFE3-4669-8C31-1FF393F42309}: NameServer = 10.0.0.1
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Canon imagePROGRAF Status Monitor - CANON INC - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe (file missing)
--
End of file - 8355 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\User_Feed_Synchronization-{2EA5DFD5-E485-4540-B5F4-CEEC9C31E6E5}.job - C:\WINDOWS\system32\msfeedssync.exe sync
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, web2pdfextension@web2pdf.adobedotcom:1.0, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - ""
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"web2pdfextension@web2pdf.adobedotcom"=E:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\MICTOS~1\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=E:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
E:\Mozilla\Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
E:\Mozilla\Firefox\plugins\
nppdf32.CZE
nppdf32.dll
nppdf32.HRV
nppdf32.HUN
nppdf32.POL
nppdf32.SKY
nppdf32.SLV
C:\Documents and Settings\ATP13\Data aplikací\Mozilla\Firefox\Profiles\yigveg2h.default\extensions\
EOPN29927080@OCIFAPD100469180.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-17 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\MICTOS~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-17 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-03-11 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-03-11 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-03-11 142872]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-03 18085888]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"LchDrvKey"=C:\WINDOWS\LchDrvKey.exe [2007-03-28 36864]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"JobHisInit"=C:\Program Files\RDS\RMClient\JobHisInit.exe [2005-11-01 151552]
"MplSetUp"=C:\Program Files\RDS\RMClient\MplSetUp.exe [2005-06-01 40960]
"CnwiDeviceAgent"=C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe [2009-10-09 64272]
"Adobe Acrobat Speed Launcher"=E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2014-05-08 41336]
"Acrobat Assistant 8.0"=E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2014-05-08 840568]
"ADSK DLMSession"=C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2012-05-15 1632216]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 383424]
"DWQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2013-03-06 520424]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-08-25 5188112]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
imagePROGRAF Status Monitor.lnk - C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-03-05 206848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE"="E:\Mictosoft\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE"="E:\Mictosoft\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe"="C:\Program Files\xerox\NetworkScan\NSCSysUI_XEROX.exe:*:Enabled:SysTrayUI Module"
"C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe"="C:\Documents and Settings\ATP13\Local Settings\Data aplikací\Akamai\netsession_win.exe:*:Disabled:Akamai NetSession Client"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-09-22 09:19:55 ----D---- C:\_OTM
2014-09-17 08:01:53 ----D---- C:\Program Files\Common Files\Java
2014-09-17 08:01:47 ----A---- C:\WINDOWS\system32\javaws.exe
2014-09-17 08:01:40 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-09-17 08:01:39 ----A---- C:\WINDOWS\system32\javaw.exe
2014-09-17 08:01:39 ----A---- C:\WINDOWS\system32\java.exe
2014-09-17 08:01:29 ----D---- C:\Program Files\Java
2014-09-17 07:47:59 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-09-17 07:47:27 ----D---- C:\AdwCleaner
2014-09-16 11:24:27 ----D---- C:\Program Files\trend micro
2014-09-16 11:24:26 ----D---- C:\rsit
2014-09-16 11:08:54 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-09-16 11:08:54 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-09-04 09:59:56 ----D---- C:\Documents and Settings\ATP13\Data aplikací\AVG Web TuneUp
2014-09-04 09:59:52 ----D---- C:\Program Files\Mozilla Firefox
2014-09-04 09:59:47 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys
2014-09-04 09:59:38 ----D---- C:\Program Files\AVG Web TuneUp
2014-09-04 09:59:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
======List of files/folders modified in the last 1 month======
2014-09-23 12:33:22 ----D---- C:\WINDOWS\system32\CatRoot2
2014-09-23 12:29:39 ----D---- C:\Documents and Settings\ATP13\Data aplikací\Seznam.cz
2014-09-23 12:29:01 ----D---- C:\WINDOWS\Prefetch
2014-09-23 12:25:45 ----D---- C:\WINDOWS\Temp
2014-09-23 12:23:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-09-23 12:20:49 ----SD---- C:\Documents and Settings\ATP13\Data aplikací\Microsoft
2014-09-23 10:28:50 ----A---- C:\WINDOWS\hpbafd.ini
2014-09-23 09:32:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-09-23 08:33:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-09-22 09:24:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2014
2014-09-22 09:23:50 ----SHD---- C:\WINDOWS\CSC
2014-09-22 09:23:49 ----D---- C:\WINDOWS\Minidump
2014-09-22 09:23:49 ----D---- C:\WINDOWS
2014-09-22 09:21:25 ----D---- C:\WINDOWS\system32
2014-09-22 09:19:57 ----RD---- C:\Program Files\Skype
2014-09-22 09:16:30 ----SHD---- C:\WINDOWS\Installer
2014-09-17 08:01:53 ----D---- C:\Program Files\Common Files
2014-09-17 08:01:29 ----RD---- C:\Program Files
2014-09-17 07:51:58 ----D---- C:\WINDOWS\system32\drivers
2014-09-17 07:51:47 ----SD---- C:\WINDOWS\Tasks
2014-09-16 11:02:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-09-11 14:41:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-09-11 14:41:18 ----D---- C:\WINDOWS\system32\MRT
2014-09-11 14:34:27 ----A---- C:\WINDOWS\system32\MRT.exe
2014-09-11 08:49:56 ----HD---- C:\WINDOWS\inf
2014-09-10 11:10:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-08-06 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-07-21 191256]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\WINDOWS\system32\DRIVERS\e1k5132.sys [2008-10-24 149600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2008-10-20 40832]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-03-05 6312928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-03 5030912]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 Canon imagePROGRAF Status Monitor;Canon imagePROGRAF Status Monitor; C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe [2009-10-09 688912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-09-17 182696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-12-05 1044816]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-22 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119546
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT
Je to pryč. Log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu RSIT
Děkuji mnohokrát za pomoc a Váš čas.
-
Rudy
- Site Admin
- Příspěvky: 119546
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?