Trojan Generic4_c.B FAA + zasílám log
Napsal: 03 říj 2011 11:35
Dd,
vezmu to pekne poporadku.
Na nejake webove strance jsem chytl trojana Trojan Generic4_c.B FAA, ktereho detekoval AVG free.
Po nabidnuti moznosti jsem jej chtel presunout do antiviroveho trezoru, ale toto nakonec zamrzlo, i kdyz jsem volil moznost pouziti sily pro odstraneni.Nakonec se deaktivovalo i AVG free, takze ani po restartu nejde AVG.
Pise to, ze nemam uplnou cestu (nebo neco v tom smyslu).
Po analyze jsem pomoci CCleaneru vymazal a restartoval, vytvoril log, ktery prikladam nize. Zahada je, ze se me to pri vytvareni logu ptalo i na "trend micro", ze nemam nejak opravneni nebo co ... nakonec to ale vygenerovalo prilozeny log.
Kazdopadne prvotni priznaky se projevili jiz rano, kdy jsem se nemohl pripojit pres FileZillu (ftp klienta) k adresari, ktery jsem chtel opravit - asi to bloku vzdaleny pristup mimojine.
Muzete se mi na to nekdo mrnout, dekuji mnohokrat.
*-*-*-*-
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jmeno Prijmeni at 2011-10-03 12:24:51
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 79 GB (51%) free of 156 GB
Total RAM: 2047 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:48:09, on 26.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jmeno Prijmeni\Plocha\RSIT.exe
C:\Program Files\trend micro\Jmeno Prijmeni.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: ieCom Class - {C6CEAC32-D45C-11D4-94AF-0050BABD5FD6} - C:\Program Files\URL Organizer\UrlOrgIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jmeno Prijmeni\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: ColorVisionStartup.lnk = C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9663442484
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F197DCB-A24E-4E1B-8E00-E01343FDCF9F}: NameServer = 10.0.0.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 9502 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Jmeno Prijmeni\Data aplikací\Mozilla\Firefox\Profiles\oolt324t.default
prefs.js - "browser.startup.homepage" - "http://www.dobrysluha.cz"
prefs.js - "extensions.enabledItems" - "{3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20110512W, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9, xmlfiller@software602.cz:3.1.6, firebug@software.joehewitt.com:1.7.3, bkmrksync@nokia.com:1.0.0.736, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/wpi,version=1.4]
"Description"=
"Path"=C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
xmlfiller@software602.cz
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIFillerPlugin.xpt
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npfiller.dll
npnul32.dll
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Jmeno Prijmeni\Data aplikací\Mozilla\Firefox\Profiles\oolt324t.default\extensions\
firebug@software.joehewitt.com
{20a82645-c095-46ed-80e3-08825760534b}
{3112ca9c-de6d-4884-a869-9855de68056c}
{c45c406e-ab73-11d8-be73-000a95be3b12}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6CEAC32-D45C-11D4-94AF-0050BABD5FD6}]
ieCom Class - C:\Program Files\URL Organizer\UrlOrgIE.dll [2001-01-04 16520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-30 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-08-30 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-18 13574144]
"nwiz"=nwiz.exe /install []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2011-05-09 611712]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2011-06-07 40376]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2010-09-22 640440]
"Adobe_ID0ENQBO"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-09-18 86016]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2011-09-07 2048352]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"HP CP1020 System Tray"=C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE [2010-05-12 2627384]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2009-08-22 5148672]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-12-21 1483264]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-06-15 15141768]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
ColorVisionStartup.lnk - C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Jmeno Prijmeni\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2011-08-30 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\Java\Java Update\jucheck.exe"="C:\Program Files\Common Files\Java\Java Update\jucheck.exe:*:Enabled:Java(TM) Update Checker"
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe:*:Enabled:Nokia Launch Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Program Files\FileZilla FTP Client\filezilla.exe"="C:\Program Files\FileZilla FTP Client\filezilla.exe:*:Enabled:FileZilla FTP Client"
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe"="C:\Program Files\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\WinSCP\WinSCP.exe"="C:\Program Files\WinSCP\WinSCP.exe:*:Enabled:SFTP, FTP and SCP client"
"C:\WINDOWS\system32\dwwin.exe"="C:\WINDOWS\system32\dwwin.exe:*:Enabled:Microsoft Application Error Reporting"
"C:\Documents and Settings\Jmeno Prijmeni\Dokumenty\Stažené soubory\RSIT.exe"="C:\Documents and Settings\Jmeno Prijmeni\Dokumenty\Stažené soubory\RSIT.exe:*:Enabled:RSIT"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======List of files/folders created in the last 1 month======
2011-09-15 09:45:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676$
2011-09-15 09:35:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2011-09-08 10:30:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$
2011-09-07 12:22:45 ----HD---- C:\$AVG8.VAULT$
2011-09-07 10:31:44 ----A---- C:\WINDOWS\system32\CNQ2414U.dll
2011-09-07 10:31:44 ----A---- C:\WINDOWS\system32\CNQ2414N.DAT
2011-09-07 10:31:44 ----A---- C:\WINDOWS\system32\CNQ2414L.dll
2011-09-07 10:31:44 ----A---- C:\WINDOWS\system32\CNQ2414I.dll
2011-09-07 10:31:44 ----A---- C:\WINDOWS\system32\CNQ2414C.dll
2011-09-07 10:31:44 ----A---- C:\WINDOWS\system32\CNHMCA.dll
2011-09-07 10:30:47 ----D---- C:\Program Files\Common Files\CANON
2011-09-07 10:30:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
2011-09-07 10:29:24 ----A---- C:\WINDOWS\system32\CNQ2414Y.dll
2011-09-07 10:29:21 ----A---- C:\WINDOWS\system32\CNQ2414O.dll
2011-09-07 10:00:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\HP
2011-09-07 09:58:47 ----RA---- C:\WINDOWS\system32\hppccompio.dll
2011-09-07 09:58:47 ----RA---- C:\WINDOWS\system32\HPCP1020LM.dll
2011-09-07 09:58:47 ----RA---- C:\WINDOWS\system32\hpbcoins64.dll
2011-09-07 09:58:47 ----RA---- C:\WINDOWS\system32\hpbcoins32.dll
2011-09-07 09:58:41 ----RA---- C:\WINDOWS\system32\hpmldm01.dll
2011-09-07 09:58:41 ----RA---- C:\WINDOWS\system32\drivers\hppcgenio.sys
2011-09-07 09:58:41 ----RA---- C:\WINDOWS\system32\drivers\hppcbulkio.sys
======List of files/folders modified in the last 1 month======
2011-10-03 12:24:51 ----D---- C:\Program Files\trend micro
2011-10-03 12:21:22 ----D---- C:\WINDOWS
2011-10-03 12:21:09 ----D---- C:\WINDOWS\Temp
2011-10-03 12:20:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-03 12:20:30 ----D---- C:\WINDOWS\system32
2011-10-03 12:20:22 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-03 12:20:17 ----D---- C:\Documents and Settings\Jmeno Prijmeni\Data aplikací\Skype
2011-10-03 12:17:21 ----SHD---- C:\WINDOWS\CSC
2011-10-03 12:17:00 ----D---- C:\WINDOWS\system32\drivers
2011-10-03 12:01:50 ----D---- C:\WINDOWS\Prefetch
2011-10-03 11:50:52 ----D---- C:\WINDOWS\Debug
2011-10-03 11:11:39 ----D---- C:\Program Files\Mozilla Thunderbird
2011-10-03 11:11:05 ----D---- C:\Documents and Settings\Jmeno Prijmeni\Data aplikací\FileZilla
2011-10-03 09:14:31 ----D---- C:\WINDOWS\system32\drivers\Avg
2011-09-30 13:36:06 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-09-30 11:58:48 ----D---- C:\Program Files\PC Connectivity Solution
2011-09-30 09:12:25 ----D---- C:\Program Files\Mozilla Firefox
2011-09-30 08:59:59 ----A---- C:\WINDOWS\system32\MRT.exe
2011-09-29 09:54:06 ----D---- C:\Program Files\URL Organizer
2011-09-26 15:58:32 ----HD---- C:\WINDOWS\inf
2011-09-23 10:14:33 ----D---- C:\_kancelar
2011-09-16 11:36:22 ----D---- C:\_work
2011-09-15 09:31:19 ----HD---- C:\WINDOWS\$hf_mig$
2011-09-15 09:30:45 ----SHD---- C:\WINDOWS\Installer
2011-09-15 09:30:44 ----D---- C:\Config.Msi
2011-09-09 14:33:51 ----D---- C:\Program Files\FileZilla FTP Client
2011-09-09 11:12:04 ----A---- C:\WINDOWS\system32\crypt32.dll
2011-09-08 10:25:39 ----D---- C:\WINDOWS\WinSxS
2011-09-07 14:28:23 ----D---- C:\Documents and Settings\Jmeno Prijmeni\Data aplikací\vlc
2011-09-07 10:35:47 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
2011-09-07 10:35:47 ----D---- C:\Documents and Settings\Jmeno Prijmeni\Data aplikací\Canon
2011-09-07 10:31:44 ----D---- C:\WINDOWS\twain_32
2011-09-07 10:30:47 ----D---- C:\Program Files\Common Files
2011-09-07 10:30:05 ----D---- C:\Program Files\Canon
2011-09-07 10:29:27 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2011-09-07 10:00:01 ----SD---- C:\WINDOWS\Tasks
2011-09-07 09:59:56 ----D---- C:\Program Files\HP
2011-09-07 09:59:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hewlett-Packard
2011-09-07 09:57:49 ----DC---- C:\WINDOWS\system32\DRVSTORE
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-01-25 132096]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2011-08-30 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2011-08-30 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2011-08-30 108552]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2010-01-05 223432]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2011-05-09 73312]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-05-12 401664]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-05-12 30363]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-12 1342602]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-05-12 148168]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-12 57320]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPFXBULKLEDM;HPFXBULKLEDM; C:\WINDOWS\system32\drivers\hppcbulkio.sys [2010-05-12 20792]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-18 6132576]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-01-29 54016]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-01-29 22016]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S1 MpKsl28f47b8e;MpKsl28f47b8e; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BEC21039-71C3-4AF6-8637-B0A77DF0E3BC}\MpKsl28f47b8e.sys []
S1 MpKsl2abb79e2;MpKsl2abb79e2; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C438D1F5-7669-4990-8E62-494867DFC555}\MpKsl2abb79e2.sys []
S1 MpKsl36d7f4b0;MpKsl36d7f4b0; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{403F1AEB-E716-453B-9312-49A9631A33EF}\MpKsl36d7f4b0.sys []
S1 MpKsl379eb399;MpKsl379eb399; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BEC21039-71C3-4AF6-8637-B0A77DF0E3BC}\MpKsl379eb399.sys []
S1 MpKsl4d5d5701;MpKsl4d5d5701; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EB5CBA9E-F53B-49F3-83C0-348CD956B4B4}\MpKsl4d5d5701.sys []
S1 MpKsl57125e51;MpKsl57125e51; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EB5CBA9E-F53B-49F3-83C0-348CD956B4B4}\MpKsl57125e51.sys []
S1 MpKslb9c4a084;MpKslb9c4a084; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{5C5CC901-7CAA-4A4C-984B-6BBACC2B94EC}\MpKslb9c4a084.sys []
S1 MpKslbac20b24;MpKslbac20b24; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D0AE045B-8F22-4292-BF07-9FE48DE1306F}\MpKslbac20b24.sys []
S1 MpKslce198258;MpKslce198258; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2FD89ED0-7F8C-4C00-BB1A-C4804447FA7D}\MpKslce198258.sys []
S1 MpKslcfc28278;MpKslcfc28278; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{25BC7CBE-1C19-4AE5-A128-71924200C9B7}\MpKslcfc28278.sys []
S1 MpKsld2da1b9f;MpKsld2da1b9f; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CBFDD3C2-E165-4A87-8808-98399D8ECD5F}\MpKsld2da1b9f.sys []
S1 MpKslecd6124d;MpKslecd6124d; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{AA958EC1-B600-49D3-AB92-B279A57ECCAF}\MpKslecd6124d.sys []
S3 cae38cb6;cae38cb6; C:\WINDOWS\3062686666:891056969.exe []
S3 catchme;catchme; \??\C:\DOCUME~1\PETRVC~1\LOCALS~1\Temp\catchme.sys []
S3 cvspydr2;ColorVision Spyder 2; C:\WINDOWS\system32\DRIVERS\cvspydr2.sys [2002-04-02 33024]
S3 FLASHSYS;FLASHSYS; \??\C:\Program Files\MSI\Live Update 4\LU4\FLASHSYS.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 RsFx0150;RsFx0150 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2011-09-07 297752]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-05-12 262144]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-08-30 153376]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2010-04-03 42884448]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-18 163908]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 97632]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 441856]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 630784]
S2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2011-08-30 908056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2010-04-12 143872]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-15 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 367456]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]
-----------------EOF-----------------
vezmu to pekne poporadku.
Na nejake webove strance jsem chytl trojana Trojan Generic4_c.B FAA, ktereho detekoval AVG free.
Po nabidnuti moznosti jsem jej chtel presunout do antiviroveho trezoru, ale toto nakonec zamrzlo, i kdyz jsem volil moznost pouziti sily pro odstraneni.Nakonec se deaktivovalo i AVG free, takze ani po restartu nejde AVG.
Pise to, ze nemam uplnou cestu (nebo neco v tom smyslu).
Po analyze jsem pomoci CCleaneru vymazal a restartoval, vytvoril log, ktery prikladam nize. Zahada je, ze se me to pri vytvareni logu ptalo i na "trend micro", ze nemam nejak opravneni nebo co ... nakonec to ale vygenerovalo prilozeny log.
Kazdopadne prvotni priznaky se projevili jiz rano, kdy jsem se nemohl pripojit pres FileZillu (ftp klienta) k adresari, ktery jsem chtel opravit - asi to bloku vzdaleny pristup mimojine.
Muzete se mi na to nekdo mrnout, dekuji mnohokrat.
*-*-*-*-
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jmeno Prijmeni at 2011-10-03 12:24:51
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 79 GB (51%) free of 156 GB
Total RAM: 2047 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:48:09, on 26.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jmeno Prijmeni\Plocha\RSIT.exe
C:\Program Files\trend micro\Jmeno Prijmeni.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: ieCom Class - {C6CEAC32-D45C-11D4-94AF-0050BABD5FD6} - C:\Program Files\URL Organizer\UrlOrgIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jmeno Prijmeni\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: ColorVisionStartup.lnk = C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9663442484
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F197DCB-A24E-4E1B-8E00-E01343FDCF9F}: NameServer = 10.0.0.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 9502 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Jmeno Prijmeni\Data aplikací\Mozilla\Firefox\Profiles\oolt324t.default
prefs.js - "browser.startup.homepage" - "http://www.dobrysluha.cz"
prefs.js - "extensions.enabledItems" - "{3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20110512W, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9, xmlfiller@software602.cz:3.1.6, firebug@software.joehewitt.com:1.7.3, bkmrksync@nokia.com:1.0.0.736, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/wpi,version=1.4]
"Description"=
"Path"=C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
xmlfiller@software602.cz
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIFillerPlugin.xpt
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npfiller.dll
npnul32.dll
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Jmeno Prijmeni\Data aplikací\Mozilla\Firefox\Profiles\oolt324t.default\extensions\
firebug@software.joehewitt.com
{20a82645-c095-46ed-80e3-08825760534b}
{3112ca9c-de6d-4884-a869-9855de68056c}
{c45c406e-ab73-11d8-be73-000a95be3b12}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6CEAC32-D45C-11D4-94AF-0050BABD5FD6}]
ieCom Class - C:\Program Files\URL Organizer\UrlOrgIE.dll [2001-01-04 16520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-30 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-08-30 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-18 13574144]
"nwiz"=nwiz.exe /install []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2011-05-09 611712]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2011-06-07 40376]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2010-09-22 640440]
"Adobe_ID0ENQBO"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-09-18 86016]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2011-09-07 2048352]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"HP CP1020 System Tray"=C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE [2010-05-12 2627384]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2009-08-22 5148672]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-12-21 1483264]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-06-15 15141768]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
ColorVisionStartup.lnk - C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Jmeno Prijmeni\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2011-08-30 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\Java\Java Update\jucheck.exe"="C:\Program Files\Common Files\Java\Java Update\jucheck.exe:*:Enabled:Java(TM) Update Checker"
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe:*:Enabled:Nokia Launch Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Program Files\FileZilla FTP Client\filezilla.exe"="C:\Program Files\FileZilla FTP Client\filezilla.exe:*:Enabled:FileZilla FTP Client"
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe"="C:\Program Files\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\WinSCP\WinSCP.exe"="C:\Program Files\WinSCP\WinSCP.exe:*:Enabled:SFTP, FTP and SCP client"
"C:\WINDOWS\system32\dwwin.exe"="C:\WINDOWS\system32\dwwin.exe:*:Enabled:Microsoft Application Error Reporting"
"C:\Documents and Settings\Jmeno Prijmeni\Dokumenty\Stažené soubory\RSIT.exe"="C:\Documents and Settings\Jmeno Prijmeni\Dokumenty\Stažené soubory\RSIT.exe:*:Enabled:RSIT"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======List of files/folders created in the last 1 month======
2011-09-15 09:45:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676$
2011-09-15 09:35:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2011-09-08 10:30:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$
2011-09-07 12:22:45 ----HD---- C:\$AVG8.VAULT$
2011-09-07 10:31:44 ----A---- C:\WINDOWS\system32\CNQ2414U.dll
2011-09-07 10:31:44 ----A---- C:\WINDOWS\system32\CNQ2414N.DAT
2011-09-07 10:31:44 ----A---- C:\WINDOWS\system32\CNQ2414L.dll
2011-09-07 10:31:44 ----A---- C:\WINDOWS\system32\CNQ2414I.dll
2011-09-07 10:31:44 ----A---- C:\WINDOWS\system32\CNQ2414C.dll
2011-09-07 10:31:44 ----A---- C:\WINDOWS\system32\CNHMCA.dll
2011-09-07 10:30:47 ----D---- C:\Program Files\Common Files\CANON
2011-09-07 10:30:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
2011-09-07 10:29:24 ----A---- C:\WINDOWS\system32\CNQ2414Y.dll
2011-09-07 10:29:21 ----A---- C:\WINDOWS\system32\CNQ2414O.dll
2011-09-07 10:00:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\HP
2011-09-07 09:58:47 ----RA---- C:\WINDOWS\system32\hppccompio.dll
2011-09-07 09:58:47 ----RA---- C:\WINDOWS\system32\HPCP1020LM.dll
2011-09-07 09:58:47 ----RA---- C:\WINDOWS\system32\hpbcoins64.dll
2011-09-07 09:58:47 ----RA---- C:\WINDOWS\system32\hpbcoins32.dll
2011-09-07 09:58:41 ----RA---- C:\WINDOWS\system32\hpmldm01.dll
2011-09-07 09:58:41 ----RA---- C:\WINDOWS\system32\drivers\hppcgenio.sys
2011-09-07 09:58:41 ----RA---- C:\WINDOWS\system32\drivers\hppcbulkio.sys
======List of files/folders modified in the last 1 month======
2011-10-03 12:24:51 ----D---- C:\Program Files\trend micro
2011-10-03 12:21:22 ----D---- C:\WINDOWS
2011-10-03 12:21:09 ----D---- C:\WINDOWS\Temp
2011-10-03 12:20:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-03 12:20:30 ----D---- C:\WINDOWS\system32
2011-10-03 12:20:22 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-03 12:20:17 ----D---- C:\Documents and Settings\Jmeno Prijmeni\Data aplikací\Skype
2011-10-03 12:17:21 ----SHD---- C:\WINDOWS\CSC
2011-10-03 12:17:00 ----D---- C:\WINDOWS\system32\drivers
2011-10-03 12:01:50 ----D---- C:\WINDOWS\Prefetch
2011-10-03 11:50:52 ----D---- C:\WINDOWS\Debug
2011-10-03 11:11:39 ----D---- C:\Program Files\Mozilla Thunderbird
2011-10-03 11:11:05 ----D---- C:\Documents and Settings\Jmeno Prijmeni\Data aplikací\FileZilla
2011-10-03 09:14:31 ----D---- C:\WINDOWS\system32\drivers\Avg
2011-09-30 13:36:06 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-09-30 11:58:48 ----D---- C:\Program Files\PC Connectivity Solution
2011-09-30 09:12:25 ----D---- C:\Program Files\Mozilla Firefox
2011-09-30 08:59:59 ----A---- C:\WINDOWS\system32\MRT.exe
2011-09-29 09:54:06 ----D---- C:\Program Files\URL Organizer
2011-09-26 15:58:32 ----HD---- C:\WINDOWS\inf
2011-09-23 10:14:33 ----D---- C:\_kancelar
2011-09-16 11:36:22 ----D---- C:\_work
2011-09-15 09:31:19 ----HD---- C:\WINDOWS\$hf_mig$
2011-09-15 09:30:45 ----SHD---- C:\WINDOWS\Installer
2011-09-15 09:30:44 ----D---- C:\Config.Msi
2011-09-09 14:33:51 ----D---- C:\Program Files\FileZilla FTP Client
2011-09-09 11:12:04 ----A---- C:\WINDOWS\system32\crypt32.dll
2011-09-08 10:25:39 ----D---- C:\WINDOWS\WinSxS
2011-09-07 14:28:23 ----D---- C:\Documents and Settings\Jmeno Prijmeni\Data aplikací\vlc
2011-09-07 10:35:47 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
2011-09-07 10:35:47 ----D---- C:\Documents and Settings\Jmeno Prijmeni\Data aplikací\Canon
2011-09-07 10:31:44 ----D---- C:\WINDOWS\twain_32
2011-09-07 10:30:47 ----D---- C:\Program Files\Common Files
2011-09-07 10:30:05 ----D---- C:\Program Files\Canon
2011-09-07 10:29:27 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2011-09-07 10:00:01 ----SD---- C:\WINDOWS\Tasks
2011-09-07 09:59:56 ----D---- C:\Program Files\HP
2011-09-07 09:59:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hewlett-Packard
2011-09-07 09:57:49 ----DC---- C:\WINDOWS\system32\DRVSTORE
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-01-25 132096]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2011-08-30 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2011-08-30 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2011-08-30 108552]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2010-01-05 223432]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2011-05-09 73312]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-05-12 401664]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-05-12 30363]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-12 1342602]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-05-12 148168]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-12 57320]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPFXBULKLEDM;HPFXBULKLEDM; C:\WINDOWS\system32\drivers\hppcbulkio.sys [2010-05-12 20792]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-18 6132576]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-01-29 54016]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-01-29 22016]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S1 MpKsl28f47b8e;MpKsl28f47b8e; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BEC21039-71C3-4AF6-8637-B0A77DF0E3BC}\MpKsl28f47b8e.sys []
S1 MpKsl2abb79e2;MpKsl2abb79e2; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C438D1F5-7669-4990-8E62-494867DFC555}\MpKsl2abb79e2.sys []
S1 MpKsl36d7f4b0;MpKsl36d7f4b0; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{403F1AEB-E716-453B-9312-49A9631A33EF}\MpKsl36d7f4b0.sys []
S1 MpKsl379eb399;MpKsl379eb399; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BEC21039-71C3-4AF6-8637-B0A77DF0E3BC}\MpKsl379eb399.sys []
S1 MpKsl4d5d5701;MpKsl4d5d5701; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EB5CBA9E-F53B-49F3-83C0-348CD956B4B4}\MpKsl4d5d5701.sys []
S1 MpKsl57125e51;MpKsl57125e51; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EB5CBA9E-F53B-49F3-83C0-348CD956B4B4}\MpKsl57125e51.sys []
S1 MpKslb9c4a084;MpKslb9c4a084; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{5C5CC901-7CAA-4A4C-984B-6BBACC2B94EC}\MpKslb9c4a084.sys []
S1 MpKslbac20b24;MpKslbac20b24; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D0AE045B-8F22-4292-BF07-9FE48DE1306F}\MpKslbac20b24.sys []
S1 MpKslce198258;MpKslce198258; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2FD89ED0-7F8C-4C00-BB1A-C4804447FA7D}\MpKslce198258.sys []
S1 MpKslcfc28278;MpKslcfc28278; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{25BC7CBE-1C19-4AE5-A128-71924200C9B7}\MpKslcfc28278.sys []
S1 MpKsld2da1b9f;MpKsld2da1b9f; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CBFDD3C2-E165-4A87-8808-98399D8ECD5F}\MpKsld2da1b9f.sys []
S1 MpKslecd6124d;MpKslecd6124d; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{AA958EC1-B600-49D3-AB92-B279A57ECCAF}\MpKslecd6124d.sys []
S3 cae38cb6;cae38cb6; C:\WINDOWS\3062686666:891056969.exe []
S3 catchme;catchme; \??\C:\DOCUME~1\PETRVC~1\LOCALS~1\Temp\catchme.sys []
S3 cvspydr2;ColorVision Spyder 2; C:\WINDOWS\system32\DRIVERS\cvspydr2.sys [2002-04-02 33024]
S3 FLASHSYS;FLASHSYS; \??\C:\Program Files\MSI\Live Update 4\LU4\FLASHSYS.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 RsFx0150;RsFx0150 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2011-09-07 297752]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-05-12 262144]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-08-30 153376]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2010-04-03 42884448]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-18 163908]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 97632]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 441856]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 630784]
S2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2011-08-30 908056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2010-04-12 143872]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-15 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 367456]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]
-----------------EOF-----------------
Stahnete RKill 