VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Trojský kůň PSW.Agent a Generic27.AKPW

https://forum.viry.cz:443/viewtopic.php?t=123823

Stránka 2 z 2

Re: Trojský kůň PSW.Agent a Generic27.AKPW

Napsal: 23 srp 2012 19:45
od Spid3r
Spuštěno z C:\ . Konzole nešla stáhnout.

ComboFix 12-08-22.03 - Ing. Karel Mikeš 23.08.2012 20:11:57.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1022.502 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
FILE ::
"c:\windows\system32\drivers\11147367.sys"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-23 do 2012-08-23 )))))))))))))))))))))))))))))))
.
.
2012-08-23 15:26 . 2012-08-23 15:26 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-23 12:49 . 2012-08-23 12:49 177496 ----a-w- c:\windows\system32\drivers\11147367.sys
2012-08-23 11:57 . 2012-08-23 11:58 -------- d-----w- c:\program files\trend micro
2012-08-23 11:57 . 2012-08-23 11:58 -------- d-----w- C:\rsit
2012-08-19 19:35 . 2012-08-19 19:35 -------- d-----w- c:\program files\TeamViewer
2012-08-19 17:51 . 2001-08-17 20:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2012-08-19 17:51 . 2001-08-17 20:02 9600 ----a-w- c:\windows\system32\dllcache\hidusb.sys
2012-08-17 23:13 . 2012-08-17 23:13 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-17 23:13 . 2012-08-17 23:13 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-17 21:10 . 2012-08-17 21:10 -------- d-----w- c:\program files\PANDORA.TV
2012-08-17 21:09 . 2012-08-17 21:13 -------- d-----w- c:\program files\The KMPlayer
2012-08-17 21:09 . 2012-08-17 21:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ask
2012-08-17 18:27 . 2012-08-17 18:28 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG Secure Search
2012-08-17 18:27 . 2012-08-17 18:27 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2012-08-17 18:27 . 2012-08-17 18:28 -------- d-----w- c:\program files\AVG Secure Search
2012-08-17 18:07 . 2012-08-23 11:44 -------- d-----w- c:\windows\system32\drivers\AVG
2012-08-17 18:07 . 2012-08-17 18:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG2012
2012-08-17 18:07 . 2012-08-17 18:07 -------- d-----w- C:\$AVG
2012-08-17 18:07 . 2012-08-17 18:07 -------- d-----w- c:\program files\AVG
2012-08-17 18:00 . 2012-08-23 11:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2012-08-17 18:00 . 2012-08-17 18:00 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2012-08-17 17:57 . 2012-08-17 17:57 -------- d-----w- c:\program files\7-Zip
2012-08-17 17:32 . 2012-08-17 17:34 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2012-08-17 17:32 . 2012-08-17 17:32 -------- d-----w- c:\program files\Autodesk
2012-08-17 16:55 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2012-08-17 16:55 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2012-08-17 16:55 . 2009-09-04 15:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2012-08-17 16:55 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2012-08-17 16:55 . 2012-08-17 17:32 -------- d-----w- c:\windows\Logs
2012-08-17 15:09 . 2012-08-17 17:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Autodesk
2012-08-17 15:07 . 2012-08-17 15:07 -------- d-----w- C:\Autodesk
2012-08-17 12:52 . 2012-08-17 12:53 -------- d-----w- C:\totalcmd
2012-08-17 12:52 . 2012-08-03 06:01 545 ----a-w- c:\windows\UC.PIF
2012-08-17 12:52 . 2012-08-03 06:01 545 ----a-w- c:\windows\RAR.PIF
2012-08-17 12:52 . 2012-08-03 06:01 545 ----a-w- c:\windows\PKZIP.PIF
2012-08-17 12:52 . 2012-08-03 06:01 545 ----a-w- c:\windows\PKUNZIP.PIF
2012-08-17 12:52 . 2012-08-03 06:01 545 ----a-w- c:\windows\LHA.PIF
2012-08-17 12:52 . 2012-08-03 06:01 545 ----a-w- c:\windows\ARJ.PIF
2012-08-17 12:49 . 2012-08-17 12:51 -------- d-----w- C:\Data
2012-08-15 21:13 . 2007-06-29 03:45 183056 ----a-w- c:\windows\UNINST32.EXE
2012-08-15 21:13 . 2006-01-20 21:42 17408 ----a-w- c:\windows\system32\drivers\DKbFltr.SYS
2012-08-15 21:13 . 2004-12-09 19:04 5120 ----a-w- c:\windows\system32\FILTRCOI.DLL
2012-08-15 21:11 . 2012-08-15 12:14 -------- d-----w- c:\windows\VGA
2012-08-15 12:57 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2012-08-15 12:57 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2012-08-15 12:49 . 2012-08-15 12:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ATI
2012-08-15 12:45 . 2012-08-15 12:46 -------- d-----w- c:\program files\Launch Manager
2012-08-15 12:45 . 2007-12-10 15:59 8704 ----a-w- c:\windows\system32\drivers\TVicPort64.sys
2012-08-15 12:45 . 2007-12-10 15:59 6144 ----a-w- c:\windows\system32\drivers\zntport64.sys
2012-08-15 12:45 . 2007-12-10 15:59 6080 ----a-w- c:\windows\system32\drivers\zntport.sys
2012-08-15 12:45 . 2007-12-10 15:59 14544 ----a-w- c:\windows\system32\drivers\TVicPort.sys
2012-08-15 12:45 . 2007-12-10 15:59 8704 ----a-w- c:\windows\system32\drivers\int15_64.sys
2012-08-15 12:45 . 2007-12-10 15:59 14120 ----a-w- c:\windows\system32\drivers\int15.sys
2012-08-15 12:44 . 2007-04-13 09:51 321024 ----a-w- c:\windows\system32\ERUpdateHidden.EXE
2012-08-15 12:44 . 2006-03-30 11:06 258048 ----a-w- c:\windows\system32\CheckD2DSystem.exe
2012-08-15 12:44 . 2006-03-23 10:02 258048 ----a-w- c:\windows\system32\Uninstall_eRecovery.exe
2012-08-15 12:44 . 2005-12-09 07:12 16384 ----a-w- c:\windows\system32\ClearEvent.exe
2012-08-15 12:44 . 2004-11-03 07:06 159744 ----a-w- c:\windows\system32\CloseProcessWindow.dll
2012-08-15 12:44 . 2005-11-02 12:32 32512 ----a-w- c:\windows\system32\drivers\npf.sys
2012-08-15 12:44 . 2012-08-15 12:44 21425 ----a-w- c:\windows\system32\drivers\AegisP.sys
2012-08-15 12:44 . 2012-08-15 12:44 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\Intel
2012-08-15 12:43 . 2012-08-15 12:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Intel
2012-08-15 12:43 . 2007-07-20 12:30 65536 ----a-w- c:\windows\system32\acerGina.dll
2012-08-15 12:43 . 2007-07-20 12:29 888832 ----a-w- c:\windows\system32\WirelessMgr.dll
2012-08-15 12:42 . 2012-08-15 12:42 -------- d-----w- c:\windows\Downloaded Installations
2012-08-15 12:41 . 2006-07-20 08:33 65536 ----a-w- c:\windows\system32\NATTraversal.dll
2012-08-15 12:41 . 2007-03-06 12:58 57344 ----a-w- c:\windows\system32\acpimof.dll
2012-08-15 12:41 . 2005-04-07 16:08 78208 ----a-w- c:\windows\system32\drivers\epm-shd.sys
2012-08-15 12:41 . 2004-07-19 11:10 4096 ----a-w- c:\windows\system32\drivers\epm-psd.sys
2012-08-15 12:41 . 2006-02-16 13:39 45056 ----a-w- c:\windows\system32\Epm-Po.dll
2012-08-15 12:40 . 2012-08-15 12:41 -------- d-----w- c:\program files\Mozilla Thunderbird
2012-08-15 12:39 . 2006-02-22 09:19 69632 ----a-w- c:\windows\system32\eRecUtil.dll
2012-08-15 12:39 . 2006-06-13 12:42 602112 ----a-w- c:\windows\system32\Acer.Empowering.Windows.Forms_v820.dll
2012-08-15 12:39 . 2007-07-12 07:30 618496 ----a-w- c:\windows\system32\Acer.Empowering.Windows.Forms.dll
2012-08-15 12:39 . 2007-07-12 07:30 53248 ----a-w- c:\windows\system32\Interop.Shell32.dll
2012-08-15 12:39 . 2006-05-25 16:18 331776 ----a-w- c:\windows\system32\ScrollBarLib.dll
2012-08-15 12:39 . 2006-04-18 17:54 49152 ----a-w- c:\windows\system32\SysMonitor.exe
2012-08-15 12:38 . 2012-08-15 12:39 -------- d-----w- C:\Acer
2012-08-15 12:38 . 2012-08-17 12:35 -------- d-----w- c:\program files\Yahoo!
2012-08-15 12:37 . 2007-09-07 18:56 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2012-08-15 12:37 . 2007-04-18 20:02 36909056 ----a-w- c:\windows\system32\acer.scr
2012-08-15 12:37 . 2007-05-16 14:52 8076468 ----a-w- c:\windows\system32\acer.exe
2012-08-15 12:37 . 2012-08-15 12:37 -------- d-----w- c:\windows\ACER
2012-08-15 12:35 . 2004-08-03 21:08 26496 ----a-w- c:\windows\system32\dllcache\usbstor.sys
2012-08-15 12:34 . 2012-08-15 12:34 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-08-15 12:34 . 2012-08-15 12:34 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-08-15 12:34 . 2003-11-10 16:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-08-15 12:34 . 2003-11-10 16:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-08-15 12:34 . 2003-11-10 16:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-08-15 12:34 . 2003-11-10 16:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-08-15 12:34 . 2003-11-10 16:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-08-15 12:34 . 2012-08-15 12:36 -------- d-----w- c:\program files\ATI Technologies
2012-08-15 12:34 . 2007-10-03 19:05 212992 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ILog.dll
2012-08-15 12:33 . 2012-08-15 12:33 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-08-15 12:33 . 2004-08-17 13:49 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-08-15 12:33 . 2004-08-17 13:49 21504 ----a-w- c:\windows\system32\dllcache\hidserv.dll
2012-08-15 12:32 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2012-08-15 12:32 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2012-08-15 12:27 . 2007-03-31 20:02 55352 ----a-w- c:\windows\system32\drivers\btwhid.sys
2012-08-15 12:27 . 2007-03-23 17:50 67960 ----a-w- c:\windows\system32\drivers\btwusb.sys
2012-08-15 12:27 . 2007-03-23 17:50 149123 ----a-w- c:\windows\system32\drivers\btwdndis.sys
2012-08-15 12:27 . 2007-03-23 17:50 106557 ----a-w- c:\windows\system32\btw_ci.dll
2012-08-15 12:27 . 2007-03-23 17:50 37424 ----a-w- c:\windows\system32\drivers\btport.sys
2012-08-15 12:27 . 2007-03-31 20:02 876384 ----a-w- c:\windows\system32\drivers\btkrnl.sys
2012-08-15 12:27 . 2007-03-23 17:49 539072 ----a-w- c:\windows\system32\drivers\btaudio.sys
2012-08-15 12:26 . 2012-08-15 12:26 -------- d-----w- c:\program files\WIDCOMM
2012-08-15 12:23 . 2012-08-23 18:16 -------- d-----w- c:\documents and settings\Ing. Karel Mikeš
2012-08-15 12:21 . 2012-08-15 21:04 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\InstallShield
2012-08-15 12:15 . 2012-08-15 12:15 0 ----a-w- c:\windows\ativpsrm.bin
2012-08-15 12:14 . 2012-08-15 12:14 -------- d-----w- c:\program files\CONEXANT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-14 00:15 . 2012-08-15 12:33 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-08-17 18:27 2069088 ----a-w- c:\program files\AVG Secure Search\11.0.0.10\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.0.0.10\AVG Secure Search_toolbar.dll" [2012-08-17 2069088]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-07 1015808]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-08-17 1118304]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2007-03-02 09:25 208896 ----a-w- c:\acer\Empowering Technology\ePresentation\ePresentation.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 16:43 69632 ----a-w- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2005-06-11 17:51 53248 ------w- c:\program files\Realtek\InstallShield\AzMixerSel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 20:12 579584 ----a-w- c:\acer\Empowering Technology\ePower\Boot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2007-05-28 13:56 342528 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2007-07-04 09:44 475136 ----a-w- c:\acer\Empowering Technology\ePower\ePower_DMC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
2007-07-11 12:07 421888 ----a-w- c:\acer\Empowering Technology\eRecovery\eRAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-03-21 11:00 174872 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-18 03:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-01-08 20:17 52256 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-10-17 17:59 858632 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2004-08-18 03:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-18 03:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-18 03:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
2007-07-05 10:35 94208 ----a-w- c:\windows\PLFSetL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\preload]
2007-04-21 00:56 20480 ----a-w- c:\windows\RunXMLPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-05-28 14:32 16132608 ----a-w- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2006-11-10 10:35 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2007-02-20 06:14 61440 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"vToolbarUpdater11.0.2"=2 (0x2)
"PanService"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19.4.2012 4:50 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [31.1.2012 4:46 31952]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [22.2.2012 5:25 235216]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [19.3.2012 5:17 301248]
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [13.6.2012 3:48 2321560]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [4.7.2012 17:25 5160568]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14.2.2012 4:53 193288]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12.1.2012 19:52 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23.12.2011 13:32 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23.12.2011 13:32 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23.12.2011 13:32 17232]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [18.8.2012 1:13 250056]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12.1.2012 19:52 30944]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [15.8.2012 14:33 113120]
S4 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [17.8.2012 23:10 625816]
S4 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [17.8.2012 20:27 934496]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-17 23:13]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 10.254.254.254
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\Ing. Karel Mikeš\Data aplikací\Mozilla\Firefox\Profiles\gm2i7nz4.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-23 20:18
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1348)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2312)
c:\windows\system32\AcSignIcon.dll
c:\windows\system32\btmmhook.dll
c:\program files\Common Files\Autodesk Shared\AcSignCore16.dll
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\AVG\AVG2012\avgemcx.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\AVG\AVG2012\avgrsx.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
.
**************************************************************************
.
Celkový čas: 2012-08-23 20:21:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-23 18:21
ComboFix2.txt 2012-08-23 17:35
ComboFix3.txt 2012-08-23 17:03
ComboFix4.txt 2012-08-23 16:12
.
Před spuštěním: Volných bajtů: 40 637 702 144
Po spuštění: Volných bajtů: 40 610 009 088
.
- - End Of File - - 1F12B185B29583DBAA0A0D9E9475C73B

Re: Trojský kůň PSW.Agent a Generic27.AKPW

Napsal: 23 srp 2012 19:51
od vyosek
:arrow: Stahnete Avenger http://forum.viry.cz//viewtopic.php?f=11&t=19832
  • Pokud pouzivate Win Vista ci W7, kliknete na Avenger pravym a dejte Run As Administrator ci Spustit jako spravce
  • Po spusteni Vas program upozorni, ze vse co delate, delate na vlastni riziko - Dejte OK
  • Po potvrzeni uz na Vas koukne hlavni okno, kam vlozite skript, ktery mate nize

  • Kód: Vybrat vše

    Files to delete:
c:\windows\system32\drivers\11147367.sys
  • Do ctverecku u Scan for rootkits a Automatically disable any rootkits found dejte fajecku
  • Nyni uz kliknete na Execute a potvrdte Yes v nasledujicim okne - timto potvrdite spusteni skriptu
  • Na otazku Reboot now odpovezte opet OK - timto se PC restartuje
  • Po restartu by se mel otevrit poznamkovy blok s logem a jeho obsah vlozte sem. Pokud se tak nestane, naleznete pozadovany dokument v C:\avenger.txt

Re: Trojský kůň PSW.Agent a Generic27.AKPW

Napsal: 23 srp 2012 20:23
od Spid3r
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

Aveger LOG:

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "c:\windows\system32\drivers\11147367.sys" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

Re: Trojský kůň PSW.Agent a Generic27.AKPW

Napsal: 23 srp 2012 20:41
od vyosek
Super, jak se chova nas pacient :???:

Re: Trojský kůň PSW.Agent a Generic27.AKPW

Napsal: 23 srp 2012 20:45
od Spid3r
Běží v pořádku. Nechám AVG, jestli ho ještě najde, nebo ne.

Říkáte, že by mělo být vyřešeno? V tom případě děkuji mnohokrát.

Re: Trojský kůň PSW.Agent a Generic27.AKPW

Napsal: 23 srp 2012 20:50
od vyosek
:arrow: AVG jeste nespoustejte, jinak najde havet v zalohach utilit, nejdrive uklidime :James008:

:arrow: Odinstalujte Combofix
  • Prejmenujte ComboFix na Uninstall
  • Spustte jej
  • Tohle smaze Combofix a jeho slozky
:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: Spustte test AVGeckem, pokud neco najde tak napiste

:arrow: Dejte novy log z RSIT a napiste pripadne problemy

Re: Trojský kůň PSW.Agent a Generic27.AKPW

Napsal: 23 srp 2012 21:12
od Spid3r
Bouhužel, Combofix dělá problémy. Přejmenovaný na uninstall.exe a spuštěný běží, zdá se, v nekonečném kruhu. Jeho běh se stále opakuje ve stále stejném scénáři. Ukazatel dojde až na konec a program se restartuje.

Re: Trojský kůň PSW.Agent a Generic27.AKPW

Napsal: 23 srp 2012 21:14
od vyosek
Tak jej zruste a pouzijte tohle http://download.bleepingcomputer.com/sUBs/CF_UNINST.EXE

Pak pokracujte dalsimi kroky

Re: Trojský kůň PSW.Agent a Generic27.AKPW

Napsal: 23 srp 2012 21:49
od Spid3r
Níže log z RIST, půjdu udělat to AVG. Doufám ale ve zdar, takže Vám děkuji za intenzivní pomoc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ing. Karel Mikeš at 2012-08-23 22:48:20
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 40 GB (55%) free of 73 GB
Total RAM: 1022 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:48:28, on 23.8.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\AVG\AVG2012\avgidsagent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Ing. Karel Mikeš\Plocha\RSIT.exe
C:\Program Files\trend micro\Ing. Karel Mikeš.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.10\AVG Secure Search_toolbar.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.10\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 8336 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\Mozilla\Firefox\Profiles\gm2i7nz4.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"=C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\
"avg@toolbar"=C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\11.0.0.10\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.271 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\Mozilla\Firefox\Profiles\gm2i7nz4.default\extensions\
avg@toolbar
toolbar@ask.com

C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\Mozilla\Firefox\Profiles\gm2i7nz4.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-06-13 937592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\11.0.0.10\AVG Secure Search_toolbar.dll [2012-08-17 2069088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2007-05-28 106496]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\11.0.0.10\AVG Secure Search_toolbar.dll [2012-08-17 2069088]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-09-07 1015808]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-07 102400]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-04-05 2587008]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-08-17 1118304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2007-03-02 208896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-11 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-05-28 342528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2007-07-04 475136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2007-07-11 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-03-21 174872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-10-17 858632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
C:\WINDOWS\PLFSetL.exe [2007-07-05 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\preload]
C:\Windows\RUNXMLPL.exe [2007-04-21 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-05-28 16132608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
C:\Acer\WR_PopUp\WarReg_PopUp.exe [2007-02-20 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acer Empowering Technology.lnk]
C:\Acer\EMPOWE~1\ACEREM~1.EXE [2007-07-12 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"vToolbarUpdater11.0.2"=2
"PanService"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-10-04 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-06-05 204800]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2012\avgemcx.exe"="C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-08-23 22:48:20 ----D---- C:\rsit
2012-08-23 22:44:42 ----D---- C:\Program Files\CCleaner
2012-08-23 22:41:21 ----SHD---- C:\RECYCLER
2012-08-23 22:08:32 ----SD---- C:\Uninstall
2012-08-23 20:16:32 ----D---- C:\WINDOWS\temp
2012-08-23 17:59:06 ----R---- C:\Uninstall.exe
2012-08-23 13:57:51 ----D---- C:\Program Files\trend micro
2012-08-23 09:06:14 ----D---- C:\WINDOWS\CSC
2012-08-19 21:35:37 ----D---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\TeamViewer
2012-08-19 21:35:28 ----D---- C:\Program Files\TeamViewer
2012-08-19 19:51:58 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2012-08-18 01:13:15 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-08-17 23:10:22 ----D---- C:\Program Files\PANDORA.TV
2012-08-17 23:09:55 ----D---- C:\Program Files\The KMPlayer
2012-08-17 23:09:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ask
2012-08-17 20:33:40 ----D---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\Adobe
2012-08-17 20:29:04 ----D---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\AVG2012
2012-08-17 20:28:18 ----D---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\AVG Secure Search
2012-08-17 20:27:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
2012-08-17 20:27:15 ----D---- C:\Program Files\Common Files\AVG Secure Search
2012-08-17 20:27:14 ----D---- C:\Program Files\AVG Secure Search
2012-08-17 20:07:44 ----D---- C:\WINDOWS\system32\drivers\AVG
2012-08-17 20:07:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2012
2012-08-17 20:07:44 ----D---- C:\$AVG
2012-08-17 20:07:16 ----D---- C:\Program Files\AVG
2012-08-17 20:00:25 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2012-08-17 20:00:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2012-08-17 19:57:18 ----D---- C:\Program Files\7-Zip
2012-08-17 19:32:56 ----D---- C:\Program Files\Common Files\Autodesk Shared
2012-08-17 19:32:56 ----D---- C:\Program Files\Autodesk
2012-08-17 19:03:45 ----D---- C:\WINDOWS\system32\en-US
2012-08-17 18:58:28 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2012-08-17 18:55:14 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2012-08-17 18:55:13 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2012-08-17 18:55:13 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2012-08-17 18:55:11 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2012-08-17 18:55:04 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2012-08-17 18:55:00 ----D---- C:\WINDOWS\Logs
2012-08-17 17:09:18 ----D---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\Autodesk
2012-08-17 17:09:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Autodesk
2012-08-17 17:08:46 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2012-08-17 17:08:31 ----N---- C:\WINDOWS\system32\spmsg.dll
2012-08-17 17:08:26 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2012-08-17 17:07:04 ----D---- C:\Autodesk
2012-08-17 14:52:47 ----D---- C:\totalcmd
2012-08-17 14:52:47 ----D---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\GHISLER
2012-08-17 14:52:47 ----A---- C:\WINDOWS\UC.PIF
2012-08-17 14:52:47 ----A---- C:\WINDOWS\RAR.PIF
2012-08-17 14:52:47 ----A---- C:\WINDOWS\PKZIP.PIF
2012-08-17 14:52:47 ----A---- C:\WINDOWS\PKUNZIP.PIF
2012-08-17 14:52:47 ----A---- C:\WINDOWS\LHA.PIF
2012-08-17 14:52:47 ----A---- C:\WINDOWS\ARJ.PIF
2012-08-17 14:49:22 ----D---- C:\Data
2012-08-17 14:17:22 ----D---- C:\WINDOWS\pss
2012-08-15 23:13:03 ----A---- C:\WINDOWS\UNINST32.EXE
2012-08-15 23:13:03 ----A---- C:\WINDOWS\system32\FILTRCOI.DLL
2012-08-15 23:13:03 ----A---- C:\WINDOWS\system32\drivers\DKbFltr.SYS
2012-08-15 23:12:19 ----A---- C:\WINDOWS\system32\NETw4r32.dll
2012-08-15 23:12:19 ----A---- C:\WINDOWS\system32\NETw4c32.dll
2012-08-15 23:12:19 ----A---- C:\WINDOWS\system32\drivers\NETw4x32.sys
2012-08-15 23:12:17 ----D---- C:\WINDOWS\modem
2012-08-15 23:12:17 ----A---- C:\WINDOWS\system32\UCI32M16.dll
2012-08-15 23:12:17 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2012-08-15 23:12:17 ----A---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2012-08-15 23:12:17 ----A---- C:\WINDOWS\system32\drivers\HSFHWAZL.sys
2012-08-15 23:12:17 ----A---- C:\WINDOWS\system32\drivers\HSF_DPV.sys
2012-08-15 23:12:17 ----A---- C:\WINDOWS\system32\drivers\HSF_CNXT.sys
2012-08-15 23:12:00 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2012-08-15 23:12:00 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2012-08-15 23:12:00 ----A---- C:\WINDOWS\system32\ativvaxx.dat
2012-08-15 23:12:00 ----A---- C:\WINDOWS\system32\ativva6x.dat
2012-08-15 23:12:00 ----A---- C:\WINDOWS\system32\ativva5x.dat
2012-08-15 23:12:00 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2012-08-15 23:12:00 ----A---- C:\WINDOWS\system32\atioglx2.dll
2012-08-15 23:12:00 ----A---- C:\WINDOWS\system32\atikvmag.dll
2012-08-15 23:12:00 ----A---- C:\WINDOWS\system32\atiicdxx.dat
2012-08-15 23:12:00 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2012-08-15 23:12:00 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2012-08-15 23:12:00 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2012-08-15 23:12:00 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2012-08-15 23:11:59 ----D---- C:\WINDOWS\VGA
2012-08-15 23:11:59 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2012-08-15 23:11:59 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2012-08-15 23:11:59 ----A---- C:\WINDOWS\system32\atitvo32.dll
2012-08-15 23:11:59 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2012-08-15 23:11:59 ----A---- C:\WINDOWS\system32\atioglxx.dll
2012-08-15 23:11:59 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2012-08-15 23:11:59 ----A---- C:\WINDOWS\system32\ati3duag.dll
2012-08-15 23:11:59 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2012-08-15 23:11:59 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2012-08-15 23:11:59 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2012-08-15 23:11:59 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2012-08-15 23:11:50 ----D---- C:\WINDOWS\Lan
2012-08-15 23:11:50 ----A---- C:\WINDOWS\PreLaunch.ini
2012-08-15 23:11:50 ----A---- C:\WINDOWS\PreLaunch.exe
2012-08-15 14:57:32 ----A---- C:\WINDOWS\system32\msonpmon.dll
2012-08-15 14:49:25 ----D---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\ATI
2012-08-15 14:49:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2012-08-15 14:45:55 ----D---- C:\Program Files\Launch Manager
2012-08-15 14:45:18 ----A---- C:\WINDOWS\system32\drivers\zntport64.sys
2012-08-15 14:45:18 ----A---- C:\WINDOWS\system32\drivers\zntport.sys
2012-08-15 14:45:18 ----A---- C:\WINDOWS\system32\drivers\TVicPort64.sys
2012-08-15 14:45:18 ----A---- C:\WINDOWS\system32\drivers\TVicPort.sys
2012-08-15 14:45:18 ----A---- C:\WINDOWS\system32\drivers\int15_64.sys
2012-08-15 14:45:18 ----A---- C:\WINDOWS\system32\drivers\int15.sys
2012-08-15 14:44:43 ----A---- C:\WINDOWS\system32\Uninstall_eRecovery.exe
2012-08-15 14:44:43 ----A---- C:\WINDOWS\system32\CheckD2DSystem.exe
2012-08-15 14:44:43 ----A---- C:\WINDOWS\system32\ERUpdateHidden.EXE
2012-08-15 14:44:43 ----A---- C:\WINDOWS\system32\CloseProcessWindow.dll
2012-08-15 14:44:43 ----A---- C:\WINDOWS\system32\ClearEvent.exe
2012-08-15 14:44:43 ----A---- C:\WINDOWS\system32\Acer EULA.txt
2012-08-15 14:44:29 ----A---- C:\WINDOWS\system32\drivers\npf.sys
2012-08-15 14:44:22 ----A---- C:\WINDOWS\system32\drivers\AegisP.sys
2012-08-15 14:43:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Intel
2012-08-15 14:43:37 ----A---- C:\WINDOWS\system32\WirelessMgr.dll
2012-08-15 14:43:37 ----A---- C:\WINDOWS\system32\acerGina.dll
2012-08-15 14:42:36 ----D---- C:\WINDOWS\Downloaded Installations
2012-08-15 14:41:56 ----A---- C:\WINDOWS\system32\NATTraversal.dll
2012-08-15 14:41:18 ----D---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\Thunderbird
2012-08-15 14:41:11 ----A---- C:\WINDOWS\system32\drivers\epm-shd.sys
2012-08-15 14:41:11 ----A---- C:\WINDOWS\system32\drivers\epm-psd.sys
2012-08-15 14:41:11 ----A---- C:\WINDOWS\system32\acpimof.dll
2012-08-15 14:41:10 ----A---- C:\WINDOWS\system32\Epm-Po.dll
2012-08-15 14:40:58 ----D---- C:\Program Files\Mozilla Thunderbird
2012-08-15 14:39:12 ----A---- C:\WINDOWS\system32\eRecUtil.dll
2012-08-15 14:39:10 ----A---- C:\WINDOWS\system32\Acer.Empowering.Windows.Forms_v820.dll
2012-08-15 14:39:06 ----A---- C:\WINDOWS\system32\SysMonitor.exe
2012-08-15 14:39:06 ----A---- C:\WINDOWS\system32\ScrollBarLib.dll
2012-08-15 14:39:06 ----A---- C:\WINDOWS\system32\Interop.Shell32.dll
2012-08-15 14:39:06 ----A---- C:\WINDOWS\system32\Acer.Empowering.Windows.Forms.dll
2012-08-15 14:38:48 ----D---- C:\Acer
2012-08-15 14:38:29 ----D---- C:\Program Files\Yahoo!
2012-08-15 14:37:57 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
2012-08-15 14:37:32 ----A---- C:\WINDOWS\system32\acer.scr
2012-08-15 14:37:29 ----A---- C:\WINDOWS\system32\acer.exe
2012-08-15 14:37:28 ----D---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\Macromedia
2012-08-15 14:37:27 ----D---- C:\WINDOWS\ACER
2012-08-15 14:36:55 ----D---- C:\WINDOWS\system32\drivers\x64
2012-08-15 14:36:55 ----D---- C:\WINDOWS\Acer Crystal Eye Webcam
2012-08-15 14:36:55 ----A---- C:\WINDOWS\system32\drivers\snp2uvc.sys
2012-08-15 14:36:55 ----A---- C:\WINDOWS\system32\drivers\sncduvc.sys
2012-08-15 14:36:55 ----A---- C:\WINDOWS\PLFSetL.exe
2012-08-15 14:36:53 ----D---- C:\WINDOWS\system32\x64
2012-08-15 14:36:53 ----A---- C:\WINDOWS\system32\vsnp2uvc.dll
2012-08-15 14:36:53 ----A---- C:\WINDOWS\system32\snp2uvc.sys
2012-08-15 14:36:53 ----A---- C:\WINDOWS\system32\sncduvc.sys
2012-08-15 14:36:53 ----A---- C:\WINDOWS\system32\rsnp2uvc.dll
2012-08-15 14:36:53 ----A---- C:\WINDOWS\system32\PLFSetL.exe
2012-08-15 14:36:53 ----A---- C:\WINDOWS\system32\PidList.ini
2012-08-15 14:36:53 ----A---- C:\WINDOWS\system32\csnp2uvc.dll
2012-08-15 14:36:53 ----A---- C:\WINDOWS\PidList.ini
2012-08-15 14:36:52 ----D---- C:\Program Files\Common Files\snp2uvc
2012-08-15 14:35:58 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2012-08-15 14:35:19 ----D---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\Mozilla
2012-08-15 14:34:28 ----D---- C:\Program Files\ATI Technologies
2012-08-15 14:33:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2012-08-15 14:33:41 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-15 14:33:37 ----D---- C:\Program Files\Mozilla Firefox
2012-08-15 14:33:21 ----A---- C:\WINDOWS\system32\hidserv.dll
2012-08-15 14:32:11 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2012-08-15 14:27:07 ----A---- C:\WINDOWS\system32\drivers\btwusb.sys
2012-08-15 14:27:07 ----A---- C:\WINDOWS\system32\drivers\btwhid.sys
2012-08-15 14:27:07 ----A---- C:\WINDOWS\system32\drivers\btwdndis.sys
2012-08-15 14:27:07 ----A---- C:\WINDOWS\system32\drivers\btport.sys
2012-08-15 14:27:07 ----A---- C:\WINDOWS\system32\btw_ci.dll
2012-08-15 14:27:06 ----A---- C:\WINDOWS\system32\drivers\btkrnl.sys
2012-08-15 14:27:06 ----A---- C:\WINDOWS\system32\drivers\btaudio.sys
2012-08-15 14:26:58 ----D---- C:\Program Files\WIDCOMM
2012-08-15 14:23:35 ----ASH---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\desktop.ini
2012-08-15 14:23:34 ----D---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\InstallShield
2012-08-15 14:23:34 ----D---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\Identities
2012-08-15 14:23:33 ----SD---- C:\Documents and Settings\Ing. Karel Mikeš\Data aplikací\Microsoft
2012-08-15 14:16:59 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2012-08-15 14:14:48 ----D---- C:\Program Files\CONEXANT
2012-08-15 14:13:44 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 month======

2012-08-23 22:48:28 ----D---- C:\WINDOWS\Prefetch
2012-08-23 22:45:19 ----D---- C:\WINDOWS\Debug
2012-08-23 22:45:19 ----D---- C:\WINDOWS
2012-08-23 22:44:42 ----D---- C:\Program Files
2012-08-23 22:43:23 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-23 22:43:14 ----D---- C:\WINDOWS\system32\drivers
2012-08-23 22:41:33 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-08-23 22:41:20 ----D---- C:\WINDOWS\system32
2012-08-23 22:39:31 ----SHD---- C:\System Volume Information
2012-08-23 22:39:31 ----D---- C:\WINDOWS\system32\Restore
2012-08-23 20:18:43 ----A---- C:\WINDOWS\system.ini
2012-08-23 20:18:11 ----D---- C:\WINDOWS\system32\drivers\etc
2012-08-23 20:14:36 ----D---- C:\WINDOWS\AppPatch
2012-08-23 20:14:33 ----D---- C:\Program Files\Common Files
2012-08-23 18:07:32 ----D---- C:\WINDOWS\system32\config
2012-08-20 07:13:05 ----RSHD---- C:\WINDOWS\system32\dllcache
2012-08-19 19:51:57 ----HD---- C:\WINDOWS\inf
2012-08-18 11:40:24 ----D---- C:\DOCS
2012-08-18 11:06:39 ----RASH---- C:\boot.ini
2012-08-18 11:06:39 ----A---- C:\WINDOWS\win.ini
2012-08-18 01:13:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2012-08-18 01:13:16 ----SD---- C:\WINDOWS\Tasks
2012-08-18 00:36:23 ----D---- C:\WINDOWS\security
2012-08-17 20:29:23 ----SHD---- C:\WINDOWS\Installer
2012-08-17 19:53:38 ----D---- C:\WINDOWS\Microsoft.NET
2012-08-17 19:53:37 ----RSD---- C:\WINDOWS\assembly
2012-08-17 19:34:24 ----RSD---- C:\WINDOWS\Fonts
2012-08-17 19:32:35 ----D---- C:\WINDOWS\system32\DirectX
2012-08-17 19:06:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-08-17 19:05:52 ----D---- C:\WINDOWS\system32\cs-CZ
2012-08-17 19:05:12 ----D---- C:\WINDOWS\WinSxS
2012-08-17 18:54:04 ----D---- C:\Program Files\Internet Explorer
2012-08-17 17:09:02 ----D---- C:\WINDOWS\system32\mui
2012-08-17 14:32:05 ----D---- C:\Program Files\Common Files\Symantec Shared
2012-08-17 14:31:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2012-08-17 14:15:15 ----D---- C:\ELEMENTS
2012-08-15 23:12:29 ----D---- C:\BOOK
2012-08-15 23:11:41 ----RD---- C:\WINDOWS\Web
2012-08-15 23:11:40 ----D---- C:\WINDOWS\tiinst
2012-08-15 23:11:01 ----D---- C:\WINDOWS\system32\wbem
2012-08-15 23:10:59 ----D---- C:\WINDOWS\system32\usmt
2012-08-15 23:10:59 ----D---- C:\WINDOWS\system32\spool
2012-08-15 23:10:59 ----D---- C:\WINDOWS\system32\Setup
2012-08-15 23:10:59 ----D---- C:\WINDOWS\system32\RTCOM
2012-08-15 23:10:58 ----D---- C:\WINDOWS\system32\ras
2012-08-15 23:10:58 ----D---- C:\WINDOWS\system32\oobe
2012-08-15 23:10:57 ----D---- C:\WINDOWS\system32\oem
2012-08-15 23:10:47 ----D---- C:\WINDOWS\system32\npp
2012-08-15 23:10:47 ----D---- C:\WINDOWS\system32\MsDtc
2012-08-15 23:10:47 ----D---- C:\WINDOWS\system32\Macromed
2012-08-15 23:10:46 ----D---- C:\WINDOWS\system32\IME
2012-08-15 23:10:46 ----D---- C:\WINDOWS\system32\icsxml
2012-08-15 23:10:46 ----D---- C:\WINDOWS\system32\ias
2012-08-15 23:10:45 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-08-15 23:09:58 ----D---- C:\WINDOWS\system32\CSY
2012-08-15 23:09:55 ----D---- C:\WINDOWS\system32\Com
2012-08-15 23:09:54 ----D---- C:\WINDOWS\system32\1033
2012-08-15 23:09:54 ----D---- C:\WINDOWS\system32\1029
2012-08-15 23:09:54 ----D---- C:\WINDOWS\system
2012-08-15 23:09:54 ----D---- C:\WINDOWS\srchasst
2012-08-15 23:09:52 ----D---- C:\WINDOWS\Resources
2012-08-15 23:09:51 ----D---- C:\WINDOWS\repair
2012-08-15 23:09:50 ----D---- C:\WINDOWS\PeerNet
2012-08-15 23:09:44 ----RD---- C:\WINDOWS\Offline Web Pages
2012-08-15 23:09:44 ----D---- C:\WINDOWS\pchealth
2012-08-15 23:09:44 ----D---- C:\WINDOWS\msapps
2012-08-15 23:09:44 ----D---- C:\WINDOWS\msagent
2012-08-15 23:09:31 ----D---- C:\WINDOWS\Media
2012-08-15 23:09:31 ----D---- C:\WINDOWS\java
2012-08-15 23:09:10 ----D---- C:\WINDOWS\ime
2012-08-15 23:09:01 ----D---- C:\WINDOWS\Help
2012-08-15 23:08:43 ----D---- C:\WINDOWS\ehome
2012-08-15 23:08:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-08-15 23:08:36 ----D---- C:\WINDOWS\Driver Cache
2012-08-15 23:08:36 ----D---- C:\WINDOWS\Cursors
2012-08-15 23:08:09 ----HDC---- C:\WINDOWS\$NtUninstallKB936357$
2012-08-15 23:08:09 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
2012-08-15 23:08:09 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
2012-08-15 23:08:09 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2012-08-15 23:08:09 ----HDC---- C:\WINDOWS\$NtUninstallKB933566$
2012-08-15 23:08:09 ----D---- C:\WINDOWS\addins
2012-08-15 23:08:07 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2012-08-15 23:08:07 ----HDC---- C:\WINDOWS\$NtUninstallKB931784$
2012-08-15 23:08:06 ----HDC---- C:\WINDOWS\$NtUninstallKB931768$
2012-08-15 23:08:05 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2012-08-15 23:08:05 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2012-08-15 23:08:05 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2012-08-15 23:08:05 ----HDC---- C:\WINDOWS\$NtUninstallKB929338$
2012-08-15 23:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2012-08-15 23:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2012-08-15 23:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2012-08-15 23:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2012-08-15 23:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB918005$
2012-08-15 23:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB914642$
2012-08-15 23:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB912945$
2012-08-15 23:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB909667$
2012-08-15 23:08:03 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
2012-08-15 23:08:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2012-08-15 23:08:03 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
2012-08-15 23:08:03 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2012-08-15 23:08:02 ----HD---- C:\WINDOWS\$hf_mig$
2012-08-15 23:07:59 ----D---- C:\VALUEADD
2012-08-15 23:07:58 ----D---- C:\TEM
2012-08-15 23:07:58 ----D---- C:\sysinfo
2012-08-15 23:07:57 ----D---- C:\SUPPORT
2012-08-15 23:07:57 ----D---- C:\Program Files\xerox
2012-08-15 23:07:57 ----D---- C:\Program Files\Windows NT
2012-08-15 23:07:56 ----D---- C:\Program Files\Windows Media Player
2012-08-15 23:07:54 ----D---- C:\Program Files\Synaptics
2012-08-15 23:07:48 ----D---- C:\Program Files\Realtek
2012-08-15 23:07:48 ----D---- C:\Program Files\Outlook Express
2012-08-15 23:07:48 ----D---- C:\Program Files\Online Services
2012-08-15 23:07:46 ----D---- C:\Program Files\NewTech Infosystems
2012-08-15 23:07:43 ----D---- C:\Program Files\NetMeeting
2012-08-15 23:07:43 ----D---- C:\Program Files\MSN Gaming Zone
2012-08-15 23:07:43 ----D---- C:\Program Files\Movie Maker
2012-08-15 23:07:42 ----D---- C:\Program Files\Microsoft.NET
2012-08-15 23:07:42 ----D---- C:\Program Files\Microsoft Works
2012-08-15 23:07:41 ----D---- C:\Program Files\Microsoft Visual Studio
2012-08-15 23:07:30 ----D---- C:\Program Files\Microsoft SQL Server
2012-08-15 23:07:27 ----D---- C:\Program Files\Microsoft Small Business
2012-08-15 23:07:24 ----D---- C:\Program Files\Microsoft Office
2012-08-15 23:06:43 ----D---- C:\Program Files\microsoft frontpage
2012-08-15 23:06:43 ----D---- C:\Program Files\Messenger
2012-08-15 23:06:17 ----D---- C:\Program Files\Common Files\System
2012-08-15 23:06:01 ----D---- C:\Program Files\Common Files\SpeechEngines
2012-08-15 23:06:01 ----D---- C:\Program Files\Common Files\Services
2012-08-15 23:06:01 ----D---- C:\Program Files\Common Files\ODBC
2012-08-15 23:06:01 ----D---- C:\Program Files\Common Files\NewTech Infosystems
2012-08-15 23:06:00 ----D---- C:\Program Files\Common Files\muvee Technologies
2012-08-15 23:06:00 ----D---- C:\Program Files\Common Files\MSSoap
2012-08-15 23:05:47 ----D---- C:\Program Files\Common Files\LightScribe
2012-08-15 23:05:47 ----D---- C:\Program Files\Common Files\InstallShield
2012-08-15 23:05:46 ----D---- C:\Program Files\Common Files\DESIGNER
2012-08-15 23:05:46 ----D---- C:\Program Files\Common Files\Adobe
2012-08-15 23:05:46 ----D---- C:\Program Files\Broadcom
2012-08-15 23:05:32 ----D---- C:\Program Files\Adobe
2012-08-15 23:05:32 ----D---- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
2012-08-15 23:04:56 ----RD---- C:\MSOCache
2012-08-15 23:04:56 ----D---- C:\I386
2012-08-15 23:04:09 ----D---- C:\DOTNETFX
2012-08-15 23:04:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2012-08-15 14:57:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-08-15 14:55:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-08-15 14:55:47 ----D---- C:\WINDOWS\SHELLNEW
2012-08-15 14:48:55 ----D---- C:\Program Files\Acer Inc
2012-08-15 14:46:06 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-08-15 14:45:17 ----HD---- C:\Program Files\InstallShield Installation Information
2012-08-15 14:43:55 ----D---- C:\Program Files\Intel
2012-08-15 14:39:54 ----D---- C:\Program Files\CyberLink
2012-08-15 14:36:55 ----D---- C:\WINDOWS\twain_32
2012-08-15 14:30:53 ----D---- C:\WINDOWS\SoftwareDistribution
2012-08-15 14:27:08 ----SD---- C:\WINDOWS\system32\Microsoft
2012-08-15 14:23:32 ----D---- C:\Documents and Settings
2012-08-15 14:17:18 ----D---- C:\WINDOWS\Registration
2012-08-15 14:16:50 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-08-15 14:16:46 ----D---- C:\WINDOWS\system32\CatRoot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-03 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-03 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-03 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-03 43008]
R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2004-08-03 46464]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2007-03-21 304920]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-18 61056]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-03 41088]
R0 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2006-08-28 13952]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 42240]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2012-02-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2012-03-19 301248]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2012-08-15 21425]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416]
R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys []
R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-10-04 2456576]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-03-23 539072]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-03-23 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-03-31 876384]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2006-01-20 17408]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-12-22 988800]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-12-22 209664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-30 4424192]
R3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-04-30 2206976]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-03 28672]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2007-08-14 6144]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-18 67584]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-09-07 215904]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-04-19 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-12-22 730112]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-03-23 149123]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-03-31 55352]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-03-23 67960]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-06-05 5761728]
S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-10-04 487424]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2012\avgfws.exe [2012-06-13 2321560]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-04-01 273256]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-03-01 24576]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-02-21 643072]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-03-21 355096]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-02-21 327680]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-08 171040]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-02-21 983040]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-18 268288]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-18 250056]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416]
S4 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [2012-08-17 934496]

-----------------EOF-----------------

Re: Trojský kůň PSW.Agent a Generic27.AKPW

Napsal: 23 srp 2012 21:51
od vyosek
OK, pockam na AVG a pak jeste nejake detaily poladime :wink:

Re: Trojský kůň PSW.Agent a Generic27.AKPW

Napsal: 23 srp 2012 22:32
od Spid3r
Test AVG dokončen, žádné hrozby nenalezeny.

Re: Trojský kůň PSW.Agent a Generic27.AKPW

Napsal: 24 srp 2012 03:55
od vyosek
Nainstalujte ServicePack 3 a dalsi aktualizace systemu

A melo by to byti vse :|
Všechny časy jsou v UTC+01:00
Stránka 2 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz