Dobrý den,
mám takový problém. Mám stránky na webuzdarma.cz a když se chci do svého účtu připojit přes FTP v Total Commanderu vyskočí hláška: 530 Login incorrect. Podle stránek webzdarma.cz mám zablokovanou IP adresu a jako jeden z možných důvodů proč tomu tak je, je vir v PC.
Díval jsem se na internetu na blacklisty a tam naše IP je, ale jen někdy. Aniž bych cokoliv udělal tak se většinou sama z blacklistu vymaže. A třeba druhý den je tam znova.
Máme doma PC a 2 notebooky se stejnou IP adresou. Mám dát log ze všech tří?
PC jsem projel různými programy včetně antiviru AVG, ale nic nenašly.
Jenom bych chtěl vědět co mám dělat dál?
Předem moc děkuji za jakoukoliv odpověď.
Martin
Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2013-10-29 15:35:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 146 GB (21%) free of 707 GB
Total RAM: 3326 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:35:57, on 29.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Martin\Desktop\RSIT.exe
C:\Program Files\trend micro\Martin.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MCEBuddy Service (MCEBuddy) - Unknown owner - C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
--
End of file - 7297 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\rfv57ax2.default-1376389945516
prefs.js - "browser.startup.homepage" - "http://atlas.centrum.cz/"
"avg@toolbar"=C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsjsrealplayerplugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
babylon.xml
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-05-28 386264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll [2013-09-26 3122864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll [2013-08-30 1423520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-18 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll [2013-09-26 3122864]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll [2013-08-30 1423520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-09-03 9726568]
"NeroCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-04-03 1234216]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2013-10-03 2404376]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-10-07 4908592]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-10-23 17:55:32 ----D---- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2013-10-23 17:21:44 ----D---- C:\Program Files\Enigma Software Group
2013-10-23 17:21:08 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-10-23 17:03:20 ----SHD---- C:\$RECYCLE.BIN
2013-10-23 16:25:51 ----D---- C:\ProgramData\Norton
2013-10-18 14:16:23 ----D---- C:\ProgramData\Oracle
2013-10-18 14:16:19 ----D---- C:\Program Files\Common Files\Java
2013-10-18 14:15:46 ----A---- C:\Windows\system32\javaws.exe
2013-10-18 14:15:37 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-10-11 16:40:37 ----A---- C:\Windows\system32\jscript.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\jscript9.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\iesetup.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\urlmon.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 16:40:35 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\ieui.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\iernonce.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-11 16:40:34 ----A---- C:\Windows\system32\iertutil.dll
2013-10-11 16:40:33 ----A---- C:\Windows\system32\wininet.dll
2013-10-11 16:40:33 ----A---- C:\Windows\system32\ieframe.dll
2013-10-11 16:40:31 ----A---- C:\Windows\system32\mshtml.dll
2013-10-11 12:07:43 ----A---- C:\Windows\system32\comctl32.dll
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-11 12:07:40 ----A---- C:\Windows\system32\mswsock.dll
2013-10-11 12:07:40 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-11 12:07:39 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-11 12:07:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-11 12:07:36 ----A---- C:\Windows\system32\dciman32.dll
2013-10-11 12:07:36 ----A---- C:\Windows\system32\atmfd.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\lpk.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\fontsub.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\atmlib.dll
2013-10-11 12:07:34 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 12:07:24 ----A---- C:\Windows\system32\tdh.dll
2013-10-11 12:07:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-11 12:07:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-10-11 12:07:23 ----A---- C:\Windows\system32\ntdll.dll
2013-10-11 12:07:23 ----A---- C:\Windows\system32\advapi32.dll
2013-10-11 12:07:16 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-11 12:07:14 ----A---- C:\Windows\system32\win32k.sys
2013-10-11 12:07:10 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-11 12:07:10 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-11 12:07:10 ----A---- C:\Windows\system32\davclnt.dll
2013-10-11 12:07:05 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-11 12:07:02 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-08 12:53:23 ----A---- C:\Windows\zip.exe
2013-10-08 12:53:23 ----A---- C:\Windows\SWSC.exe
2013-10-08 12:53:23 ----A---- C:\Windows\SWREG.exe
2013-10-08 12:53:23 ----A---- C:\Windows\sed.exe
2013-10-08 12:53:23 ----A---- C:\Windows\PEV.exe
2013-10-08 12:53:23 ----A---- C:\Windows\NIRCMD.exe
2013-10-08 12:53:23 ----A---- C:\Windows\MBR.exe
2013-10-08 12:53:23 ----A---- C:\Windows\grep.exe
2013-10-07 19:48:28 ----D---- C:\Qoobox
2013-10-07 19:48:15 ----D---- C:\Windows\erdnt
2013-10-07 16:05:45 ----D---- C:\rsit
2013-10-07 16:05:45 ----D---- C:\Program Files\trend micro
2013-10-07 14:36:49 ----D---- C:\Program Files\GRISOFT
2013-10-07 14:36:49 ----A---- C:\Windows\system32\drivers\AvgArCln.sys
2013-10-07 14:10:26 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2013-10-07 12:48:26 ----D---- C:\Program Files\Sophos
2013-10-01 11:45:48 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2013-10-29 15:35:42 ----D---- C:\Windows\Prefetch
2013-10-29 15:29:13 ----D---- C:\Windows\Temp
2013-10-29 15:29:13 ----D---- C:\Windows\inf
2013-10-29 15:29:13 ----D---- C:\Windows
2013-10-29 14:58:26 ----A---- C:\Windows\win.ini
2013-10-29 14:58:20 ----SHD---- C:\System Volume Information
2013-10-29 13:55:08 ----D---- C:\Windows\system32\config
2013-10-29 13:46:59 ----D---- C:\Windows\System32
2013-10-29 13:46:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-29 13:46:41 ----D---- C:\ProgramData\MFAData
2013-10-25 16:51:03 ----D---- C:\Users\Martin\AppData\Roaming\SoftGrid Client
2013-10-25 11:18:10 ----RD---- C:\Program Files
2013-10-24 17:50:46 ----SHD---- C:\Windows\Installer
2013-10-24 17:50:46 ----D---- C:\Config.Msi
2013-10-24 13:31:05 ----D---- C:\Windows\system32\drivers
2013-10-24 12:57:41 ----D---- C:\Windows\ehome
2013-10-24 12:56:30 ----D---- C:\Program Files\GoforFiles
2013-10-23 18:38:19 ----D---- C:\ProgramData
2013-10-23 17:55:57 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2013-10-23 17:21:08 ----D---- C:\Program Files\Common Files
2013-10-23 17:06:13 ----D---- C:\Windows\system32\catroot2
2013-10-23 17:02:32 ----A---- C:\Windows\system.ini
2013-10-23 16:59:02 ----D---- C:\Windows\AppPatch
2013-10-23 15:56:16 ----D---- C:\Windows\Panther
2013-10-23 15:56:16 ----D---- C:\Windows\Logs
2013-10-23 15:56:16 ----D---- C:\Windows\debug
2013-10-23 15:52:49 ----D---- C:\Windows\system32\Tasks
2013-10-23 15:52:48 ----D---- C:\Program Files\CCleaner
2013-10-23 15:50:03 ----D---- C:\Windows\ModemLogs
2013-10-19 15:37:30 ----D---- C:\Users\Martin\AppData\Roaming\ZoomBrowser EX
2013-10-18 14:15:30 ----A---- C:\Windows\system32\javaw.exe
2013-10-18 14:15:29 ----D---- C:\Program Files\Java
2013-10-13 15:23:56 ----D---- C:\Windows\Tasks
2013-10-13 15:23:50 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-12 14:02:41 ----D---- C:\Windows\rescache
2013-10-12 13:14:00 ----D---- C:\Windows\Microsoft.NET
2013-10-12 13:12:05 ----RSD---- C:\Windows\assembly
2013-10-12 12:46:31 ----D---- C:\Windows\winsxs
2013-10-12 12:43:37 ----D---- C:\Windows\system32\cs-CZ
2013-10-12 12:43:37 ----D---- C:\Program Files\Internet Explorer
2013-10-12 12:43:34 ----D---- C:\Windows\system32\DriverStore
2013-10-12 12:42:44 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-12 12:42:43 ----D---- C:\Program Files\Common Files\Spigot
2013-10-11 16:48:34 ----D---- C:\Windows\system32\MRT
2013-10-11 16:47:06 ----A---- C:\Windows\system32\MRT.exe
2013-10-11 16:40:48 ----D---- C:\Windows\system32\catroot
2013-10-11 14:17:44 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2013-10-11 12:01:03 ----D---- C:\Program Files\Fotolab
2013-10-11 11:59:14 ----D---- C:\Program Files\RustemSoft
2013-10-08 13:05:05 ----D---- C:\Windows\system32\drivers\etc
2013-10-07 14:40:25 ----D---- C:\Windows\system32\wdi
2013-10-07 14:02:37 ----SD---- C:\ProgramData\Microsoft
2013-10-05 12:05:22 ----D---- C:\Users\Martin\AppData\Roaming\Movier
2013-10-03 11:26:31 ----D---- C:\Program Files\AVG Secure Search
2013-10-02 09:09:07 ----D---- C:\Program Files\Mozilla Maintenance Service
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVG Anti-Rootkit;AVG Anti-Rootkit; C:\Windows\System32\DRIVERS\avgarkt.sys [2007-01-31 5632]
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-09-02 145720]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-09-02 223032]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\Windows\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-09-25 120632]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-09-02 176952]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-10-03 37664]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 48128]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 296064]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-03 5340160]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-03 152064]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-09-03 3185640]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 583848]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 197800]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 24232]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 20136]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 172416]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 78336]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2013-10-07 77528]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\Windows\system32\ECED.tmp []
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-03 172032]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-03-29 598312]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [2013-10-03 1734680]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.3.107.0\SeaPort.exe [2013-08-30 240288]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.3.107.0\BBSvc.exe [2013-08-30 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-29 116648]
S2 MCEBuddy;MCEBuddy Service; C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe [2010-01-24 20480]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-29 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 820520]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-01 118680]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-18 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu - IP je blacklistu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu - IP je blacklistu
Zdravím!
Pokud je vaše IP na blacklistu, obvykle to má svůj důvod a tím nebývá virus. Faktem ale je, že vaše PC potřebuje vyčistit minimálně od zbytečností. Pokud jste připojen k nějaké síti, server registruje IP vstupního routeru této sítě a pak mají smůlu všichni, kteří jsou k ní připojeni. Mám s tím své zkušenosti, tenhle problém je tu také, když kvůli někomu, kdo se tu nechová, jak má a přihlašuje se sem pod různými nicky, dáme ban na IP.
K věci: spusťte nejprve tuto utlitu:
Pokud je vaše IP na blacklistu, obvykle to má svůj důvod a tím nebývá virus. Faktem ale je, že vaše PC potřebuje vyčistit minimálně od zbytečností. Pokud jste připojen k nějaké síti, server registruje IP vstupního routeru této sítě a pak mají smůlu všichni, kteří jsou k ní připojeni. Mám s tím své zkušenosti, tenhle problém je tu také, když kvůli někomu, kdo se tu nechová, jak má a přihlašuje se sem pod různými nicky, dáme ban na IP.
K věci: spusťte nejprve tuto utlitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu - IP je blacklistu
Dobrý večer,
tady je log:
# AdwCleaner v3.010 - Report created 29/10/2013 at 17:39:49
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Martin - MARTIN-PC
# Running from : C:\Users\Martin\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : vToolbarUpdater17.0.12
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\goforfiles
Folder Deleted : C:\Program Files\OApps
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Users\Martin\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Martin\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\Martin\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Martin\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Martin\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\Martin\AppData\Roaming\thinstall
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16720
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v24.0 (cs)
[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\rfv57ax2.default-1376389945516\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
*************************
AdwCleaner[R0].txt - [7826 octets] - [29/10/2013 17:37:27]
AdwCleaner[S0].txt - [7741 octets] - [29/10/2013 17:39:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7801 octets] ##########
tady je log:
# AdwCleaner v3.010 - Report created 29/10/2013 at 17:39:49
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Martin - MARTIN-PC
# Running from : C:\Users\Martin\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : vToolbarUpdater17.0.12
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\goforfiles
Folder Deleted : C:\Program Files\OApps
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Users\Martin\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Martin\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\Martin\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Martin\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Martin\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\Martin\AppData\Roaming\thinstall
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16720
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v24.0 (cs)
[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\rfv57ax2.default-1376389945516\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
*************************
AdwCleaner[R0].txt - [7826 octets] - [29/10/2013 17:37:27]
AdwCleaner[S0].txt - [7741 octets] - [29/10/2013 17:39:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7801 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu - IP je blacklistu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu - IP je blacklistu
Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2013-10-29 17:52:50
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 146 GB (21%) free of 707 GB
Total RAM: 3326 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:52:56, on 29.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Martin\Desktop\RSIT.exe
C:\Program Files\trend micro\Martin.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MCEBuddy Service (MCEBuddy) - Unknown owner - C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 6005 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\rfv57ax2.default-1376389945516
prefs.js - "browser.startup.homepage" - "http://atlas.centrum.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsjsrealplayerplugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-05-28 386264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll [2013-08-30 1423520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-18 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll [2013-08-30 1423520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-09-03 9726568]
"NeroCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-04-03 1234216]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-10-07 4908592]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-10-29 17:37:23 ----D---- C:\AdwCleaner
2013-10-23 17:55:32 ----D---- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2013-10-23 17:21:44 ----D---- C:\Program Files\Enigma Software Group
2013-10-23 17:21:08 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-10-23 17:03:20 ----SHD---- C:\$RECYCLE.BIN
2013-10-23 16:25:51 ----D---- C:\ProgramData\Norton
2013-10-18 14:16:23 ----D---- C:\ProgramData\Oracle
2013-10-18 14:16:19 ----D---- C:\Program Files\Common Files\Java
2013-10-18 14:15:46 ----A---- C:\Windows\system32\javaws.exe
2013-10-18 14:15:37 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-10-11 16:40:37 ----A---- C:\Windows\system32\jscript.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\jscript9.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\iesetup.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\urlmon.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 16:40:35 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\ieui.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\iernonce.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-11 16:40:34 ----A---- C:\Windows\system32\iertutil.dll
2013-10-11 16:40:33 ----A---- C:\Windows\system32\wininet.dll
2013-10-11 16:40:33 ----A---- C:\Windows\system32\ieframe.dll
2013-10-11 16:40:31 ----A---- C:\Windows\system32\mshtml.dll
2013-10-11 12:07:43 ----A---- C:\Windows\system32\comctl32.dll
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-11 12:07:40 ----A---- C:\Windows\system32\mswsock.dll
2013-10-11 12:07:40 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-11 12:07:39 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-11 12:07:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-11 12:07:36 ----A---- C:\Windows\system32\dciman32.dll
2013-10-11 12:07:36 ----A---- C:\Windows\system32\atmfd.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\lpk.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\fontsub.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\atmlib.dll
2013-10-11 12:07:34 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 12:07:24 ----A---- C:\Windows\system32\tdh.dll
2013-10-11 12:07:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-11 12:07:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-10-11 12:07:23 ----A---- C:\Windows\system32\ntdll.dll
2013-10-11 12:07:23 ----A---- C:\Windows\system32\advapi32.dll
2013-10-11 12:07:16 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-11 12:07:14 ----A---- C:\Windows\system32\win32k.sys
2013-10-11 12:07:10 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-11 12:07:10 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-11 12:07:10 ----A---- C:\Windows\system32\davclnt.dll
2013-10-11 12:07:05 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-11 12:07:02 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-08 12:53:23 ----A---- C:\Windows\zip.exe
2013-10-08 12:53:23 ----A---- C:\Windows\SWSC.exe
2013-10-08 12:53:23 ----A---- C:\Windows\SWREG.exe
2013-10-08 12:53:23 ----A---- C:\Windows\sed.exe
2013-10-08 12:53:23 ----A---- C:\Windows\PEV.exe
2013-10-08 12:53:23 ----A---- C:\Windows\NIRCMD.exe
2013-10-08 12:53:23 ----A---- C:\Windows\MBR.exe
2013-10-08 12:53:23 ----A---- C:\Windows\grep.exe
2013-10-07 19:48:28 ----D---- C:\Qoobox
2013-10-07 19:48:15 ----D---- C:\Windows\erdnt
2013-10-07 16:05:45 ----D---- C:\rsit
2013-10-07 16:05:45 ----D---- C:\Program Files\trend micro
2013-10-07 14:36:49 ----D---- C:\Program Files\GRISOFT
2013-10-07 14:36:49 ----A---- C:\Windows\system32\drivers\AvgArCln.sys
2013-10-07 14:10:26 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2013-10-07 12:48:26 ----D---- C:\Program Files\Sophos
2013-10-01 11:45:48 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2013-10-29 17:48:10 ----D---- C:\Windows\System32
2013-10-29 17:48:10 ----D---- C:\Windows\inf
2013-10-29 17:48:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-29 17:47:49 ----A---- C:\Windows\win.ini
2013-10-29 17:42:38 ----D---- C:\Windows\Prefetch
2013-10-29 17:41:42 ----D---- C:\Windows
2013-10-29 17:41:36 ----D---- C:\Windows\Temp
2013-10-29 17:40:24 ----D---- C:\Windows\system32\config
2013-10-29 17:39:58 ----D---- C:\Program Files\Common Files
2013-10-29 17:39:56 ----RD---- C:\Program Files
2013-10-29 17:39:55 ----D---- C:\ProgramData
2013-10-29 17:15:23 ----D---- C:\ProgramData\MFAData
2013-10-29 14:58:20 ----SHD---- C:\System Volume Information
2013-10-25 16:51:03 ----D---- C:\Users\Martin\AppData\Roaming\SoftGrid Client
2013-10-24 17:50:46 ----SHD---- C:\Windows\Installer
2013-10-24 17:50:46 ----D---- C:\Config.Msi
2013-10-24 13:31:05 ----D---- C:\Windows\system32\drivers
2013-10-24 12:57:41 ----D---- C:\Windows\ehome
2013-10-23 17:55:57 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2013-10-23 17:06:13 ----D---- C:\Windows\system32\catroot2
2013-10-23 17:02:32 ----A---- C:\Windows\system.ini
2013-10-23 16:59:02 ----D---- C:\Windows\AppPatch
2013-10-23 15:56:16 ----D---- C:\Windows\Panther
2013-10-23 15:56:16 ----D---- C:\Windows\Logs
2013-10-23 15:56:16 ----D---- C:\Windows\debug
2013-10-23 15:52:49 ----D---- C:\Windows\system32\Tasks
2013-10-23 15:52:48 ----D---- C:\Program Files\CCleaner
2013-10-23 15:50:03 ----D---- C:\Windows\ModemLogs
2013-10-19 15:37:30 ----D---- C:\Users\Martin\AppData\Roaming\ZoomBrowser EX
2013-10-18 14:15:30 ----A---- C:\Windows\system32\javaw.exe
2013-10-18 14:15:29 ----D---- C:\Program Files\Java
2013-10-13 15:23:56 ----D---- C:\Windows\Tasks
2013-10-13 15:23:50 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-12 14:02:41 ----D---- C:\Windows\rescache
2013-10-12 13:14:00 ----D---- C:\Windows\Microsoft.NET
2013-10-12 13:12:05 ----RSD---- C:\Windows\assembly
2013-10-12 12:46:31 ----D---- C:\Windows\winsxs
2013-10-12 12:43:37 ----D---- C:\Windows\system32\cs-CZ
2013-10-12 12:43:37 ----D---- C:\Program Files\Internet Explorer
2013-10-12 12:43:34 ----D---- C:\Windows\system32\DriverStore
2013-10-12 12:42:44 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-11 16:48:34 ----D---- C:\Windows\system32\MRT
2013-10-11 16:47:06 ----A---- C:\Windows\system32\MRT.exe
2013-10-11 16:40:48 ----D---- C:\Windows\system32\catroot
2013-10-11 14:17:44 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2013-10-11 12:01:03 ----D---- C:\Program Files\Fotolab
2013-10-11 11:59:14 ----D---- C:\Program Files\RustemSoft
2013-10-08 13:05:05 ----D---- C:\Windows\system32\drivers\etc
2013-10-07 14:40:25 ----D---- C:\Windows\system32\wdi
2013-10-07 14:02:37 ----SD---- C:\ProgramData\Microsoft
2013-10-05 12:05:22 ----D---- C:\Users\Martin\AppData\Roaming\Movier
2013-10-02 09:09:07 ----D---- C:\Program Files\Mozilla Maintenance Service
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVG Anti-Rootkit;AVG Anti-Rootkit; C:\Windows\System32\DRIVERS\avgarkt.sys [2007-01-31 5632]
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-09-02 145720]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-09-02 223032]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\Windows\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-09-25 120632]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-09-02 176952]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-10-03 37664]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 48128]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 296064]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-03 5340160]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-03 152064]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-09-03 3185640]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 583848]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 197800]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 24232]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 20136]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 172416]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 78336]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2013-10-07 77528]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\Windows\system32\ECED.tmp []
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-03 172032]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152]
R2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.3.107.0\BBSvc.exe [2013-08-30 193696]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-03-29 598312]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.3.107.0\SeaPort.exe [2013-08-30 240288]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-29 116648]
S2 MCEBuddy;MCEBuddy Service; C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe [2010-01-24 20480]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-29 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 820520]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-01 118680]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-18 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Run by Martin at 2013-10-29 17:52:50
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 146 GB (21%) free of 707 GB
Total RAM: 3326 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:52:56, on 29.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Martin\Desktop\RSIT.exe
C:\Program Files\trend micro\Martin.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MCEBuddy Service (MCEBuddy) - Unknown owner - C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 6005 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\rfv57ax2.default-1376389945516
prefs.js - "browser.startup.homepage" - "http://atlas.centrum.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsjsrealplayerplugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-05-28 386264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll [2013-08-30 1423520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-18 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll [2013-08-30 1423520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-09-03 9726568]
"NeroCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-04-03 1234216]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-10-07 4908592]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-10-29 17:37:23 ----D---- C:\AdwCleaner
2013-10-23 17:55:32 ----D---- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2013-10-23 17:21:44 ----D---- C:\Program Files\Enigma Software Group
2013-10-23 17:21:08 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-10-23 17:03:20 ----SHD---- C:\$RECYCLE.BIN
2013-10-23 16:25:51 ----D---- C:\ProgramData\Norton
2013-10-18 14:16:23 ----D---- C:\ProgramData\Oracle
2013-10-18 14:16:19 ----D---- C:\Program Files\Common Files\Java
2013-10-18 14:15:46 ----A---- C:\Windows\system32\javaws.exe
2013-10-18 14:15:37 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-10-11 16:40:37 ----A---- C:\Windows\system32\jscript.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\jscript9.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\iesetup.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\urlmon.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 16:40:35 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\ieui.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\iernonce.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-11 16:40:34 ----A---- C:\Windows\system32\iertutil.dll
2013-10-11 16:40:33 ----A---- C:\Windows\system32\wininet.dll
2013-10-11 16:40:33 ----A---- C:\Windows\system32\ieframe.dll
2013-10-11 16:40:31 ----A---- C:\Windows\system32\mshtml.dll
2013-10-11 12:07:43 ----A---- C:\Windows\system32\comctl32.dll
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-11 12:07:40 ----A---- C:\Windows\system32\mswsock.dll
2013-10-11 12:07:40 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-11 12:07:39 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-11 12:07:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-11 12:07:36 ----A---- C:\Windows\system32\dciman32.dll
2013-10-11 12:07:36 ----A---- C:\Windows\system32\atmfd.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\lpk.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\fontsub.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\atmlib.dll
2013-10-11 12:07:34 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 12:07:24 ----A---- C:\Windows\system32\tdh.dll
2013-10-11 12:07:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-11 12:07:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-10-11 12:07:23 ----A---- C:\Windows\system32\ntdll.dll
2013-10-11 12:07:23 ----A---- C:\Windows\system32\advapi32.dll
2013-10-11 12:07:16 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-11 12:07:14 ----A---- C:\Windows\system32\win32k.sys
2013-10-11 12:07:10 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-11 12:07:10 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-11 12:07:10 ----A---- C:\Windows\system32\davclnt.dll
2013-10-11 12:07:05 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-11 12:07:02 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-08 12:53:23 ----A---- C:\Windows\zip.exe
2013-10-08 12:53:23 ----A---- C:\Windows\SWSC.exe
2013-10-08 12:53:23 ----A---- C:\Windows\SWREG.exe
2013-10-08 12:53:23 ----A---- C:\Windows\sed.exe
2013-10-08 12:53:23 ----A---- C:\Windows\PEV.exe
2013-10-08 12:53:23 ----A---- C:\Windows\NIRCMD.exe
2013-10-08 12:53:23 ----A---- C:\Windows\MBR.exe
2013-10-08 12:53:23 ----A---- C:\Windows\grep.exe
2013-10-07 19:48:28 ----D---- C:\Qoobox
2013-10-07 19:48:15 ----D---- C:\Windows\erdnt
2013-10-07 16:05:45 ----D---- C:\rsit
2013-10-07 16:05:45 ----D---- C:\Program Files\trend micro
2013-10-07 14:36:49 ----D---- C:\Program Files\GRISOFT
2013-10-07 14:36:49 ----A---- C:\Windows\system32\drivers\AvgArCln.sys
2013-10-07 14:10:26 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2013-10-07 12:48:26 ----D---- C:\Program Files\Sophos
2013-10-01 11:45:48 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2013-10-29 17:48:10 ----D---- C:\Windows\System32
2013-10-29 17:48:10 ----D---- C:\Windows\inf
2013-10-29 17:48:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-29 17:47:49 ----A---- C:\Windows\win.ini
2013-10-29 17:42:38 ----D---- C:\Windows\Prefetch
2013-10-29 17:41:42 ----D---- C:\Windows
2013-10-29 17:41:36 ----D---- C:\Windows\Temp
2013-10-29 17:40:24 ----D---- C:\Windows\system32\config
2013-10-29 17:39:58 ----D---- C:\Program Files\Common Files
2013-10-29 17:39:56 ----RD---- C:\Program Files
2013-10-29 17:39:55 ----D---- C:\ProgramData
2013-10-29 17:15:23 ----D---- C:\ProgramData\MFAData
2013-10-29 14:58:20 ----SHD---- C:\System Volume Information
2013-10-25 16:51:03 ----D---- C:\Users\Martin\AppData\Roaming\SoftGrid Client
2013-10-24 17:50:46 ----SHD---- C:\Windows\Installer
2013-10-24 17:50:46 ----D---- C:\Config.Msi
2013-10-24 13:31:05 ----D---- C:\Windows\system32\drivers
2013-10-24 12:57:41 ----D---- C:\Windows\ehome
2013-10-23 17:55:57 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2013-10-23 17:06:13 ----D---- C:\Windows\system32\catroot2
2013-10-23 17:02:32 ----A---- C:\Windows\system.ini
2013-10-23 16:59:02 ----D---- C:\Windows\AppPatch
2013-10-23 15:56:16 ----D---- C:\Windows\Panther
2013-10-23 15:56:16 ----D---- C:\Windows\Logs
2013-10-23 15:56:16 ----D---- C:\Windows\debug
2013-10-23 15:52:49 ----D---- C:\Windows\system32\Tasks
2013-10-23 15:52:48 ----D---- C:\Program Files\CCleaner
2013-10-23 15:50:03 ----D---- C:\Windows\ModemLogs
2013-10-19 15:37:30 ----D---- C:\Users\Martin\AppData\Roaming\ZoomBrowser EX
2013-10-18 14:15:30 ----A---- C:\Windows\system32\javaw.exe
2013-10-18 14:15:29 ----D---- C:\Program Files\Java
2013-10-13 15:23:56 ----D---- C:\Windows\Tasks
2013-10-13 15:23:50 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-12 14:02:41 ----D---- C:\Windows\rescache
2013-10-12 13:14:00 ----D---- C:\Windows\Microsoft.NET
2013-10-12 13:12:05 ----RSD---- C:\Windows\assembly
2013-10-12 12:46:31 ----D---- C:\Windows\winsxs
2013-10-12 12:43:37 ----D---- C:\Windows\system32\cs-CZ
2013-10-12 12:43:37 ----D---- C:\Program Files\Internet Explorer
2013-10-12 12:43:34 ----D---- C:\Windows\system32\DriverStore
2013-10-12 12:42:44 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-11 16:48:34 ----D---- C:\Windows\system32\MRT
2013-10-11 16:47:06 ----A---- C:\Windows\system32\MRT.exe
2013-10-11 16:40:48 ----D---- C:\Windows\system32\catroot
2013-10-11 14:17:44 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2013-10-11 12:01:03 ----D---- C:\Program Files\Fotolab
2013-10-11 11:59:14 ----D---- C:\Program Files\RustemSoft
2013-10-08 13:05:05 ----D---- C:\Windows\system32\drivers\etc
2013-10-07 14:40:25 ----D---- C:\Windows\system32\wdi
2013-10-07 14:02:37 ----SD---- C:\ProgramData\Microsoft
2013-10-05 12:05:22 ----D---- C:\Users\Martin\AppData\Roaming\Movier
2013-10-02 09:09:07 ----D---- C:\Program Files\Mozilla Maintenance Service
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVG Anti-Rootkit;AVG Anti-Rootkit; C:\Windows\System32\DRIVERS\avgarkt.sys [2007-01-31 5632]
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-09-02 145720]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-09-02 223032]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\Windows\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-09-25 120632]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-09-02 176952]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-10-03 37664]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 48128]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 296064]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-03 5340160]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-03 152064]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-09-03 3185640]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 583848]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 197800]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 24232]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 20136]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 172416]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 78336]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2013-10-07 77528]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\Windows\system32\ECED.tmp []
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-03 172032]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152]
R2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.3.107.0\BBSvc.exe [2013-08-30 193696]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-03-29 598312]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.3.107.0\SeaPort.exe [2013-08-30 240288]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-29 116648]
S2 MCEBuddy;MCEBuddy Service; C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe [2010-01-24 20480]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-29 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 820520]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-01 118680]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-18 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu - IP je blacklistu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
C:\Program Files\Microsoft\BingBar
C:\Program Files\Windows Live\Companion\companioncore.dll
C:\Program Files\Skype\Toolbars
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:services
BBSvc
BBUpdate
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu - IP je blacklistu
Moc děkuji za Vaše rady. Tady je log.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2013-10-29 19:12:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 146 GB (21%) free of 707 GB
Total RAM: 3326 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:12:16, on 29.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Users\Martin\Desktop\RSIT.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\trend micro\Martin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (file missing)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MCEBuddy Service (MCEBuddy) - Unknown owner - C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 5586 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\rfv57ax2.default-1376389945516
prefs.js - "browser.startup.homepage" - "http://atlas.centrum.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsjsrealplayerplugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-18 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-09-03 9726568]
"NeroCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-04-03 1234216]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-10-07 4908592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-10-29 19:03:54 ----D---- C:\_OTM
2013-10-29 17:37:23 ----D---- C:\AdwCleaner
2013-10-23 17:21:44 ----D---- C:\Program Files\Enigma Software Group
2013-10-23 17:21:08 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-10-23 17:03:20 ----SHD---- C:\$RECYCLE.BIN
2013-10-23 16:25:51 ----D---- C:\ProgramData\Norton
2013-10-18 14:16:23 ----D---- C:\ProgramData\Oracle
2013-10-18 14:16:19 ----D---- C:\Program Files\Common Files\Java
2013-10-18 14:15:46 ----A---- C:\Windows\system32\javaws.exe
2013-10-18 14:15:37 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-10-11 16:40:37 ----A---- C:\Windows\system32\jscript.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\jscript9.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\iesetup.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\urlmon.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 16:40:35 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\ieui.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\iernonce.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-11 16:40:34 ----A---- C:\Windows\system32\iertutil.dll
2013-10-11 16:40:33 ----A---- C:\Windows\system32\wininet.dll
2013-10-11 16:40:33 ----A---- C:\Windows\system32\ieframe.dll
2013-10-11 16:40:31 ----A---- C:\Windows\system32\mshtml.dll
2013-10-11 12:07:43 ----A---- C:\Windows\system32\comctl32.dll
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-11 12:07:40 ----A---- C:\Windows\system32\mswsock.dll
2013-10-11 12:07:40 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-11 12:07:39 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-11 12:07:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-11 12:07:36 ----A---- C:\Windows\system32\dciman32.dll
2013-10-11 12:07:36 ----A---- C:\Windows\system32\atmfd.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\lpk.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\fontsub.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\atmlib.dll
2013-10-11 12:07:34 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 12:07:24 ----A---- C:\Windows\system32\tdh.dll
2013-10-11 12:07:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-11 12:07:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-10-11 12:07:23 ----A---- C:\Windows\system32\ntdll.dll
2013-10-11 12:07:23 ----A---- C:\Windows\system32\advapi32.dll
2013-10-11 12:07:16 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-11 12:07:14 ----A---- C:\Windows\system32\win32k.sys
2013-10-11 12:07:10 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-11 12:07:10 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-11 12:07:10 ----A---- C:\Windows\system32\davclnt.dll
2013-10-11 12:07:05 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-11 12:07:02 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-08 12:53:23 ----A---- C:\Windows\zip.exe
2013-10-08 12:53:23 ----A---- C:\Windows\SWSC.exe
2013-10-08 12:53:23 ----A---- C:\Windows\SWREG.exe
2013-10-08 12:53:23 ----A---- C:\Windows\sed.exe
2013-10-08 12:53:23 ----A---- C:\Windows\PEV.exe
2013-10-08 12:53:23 ----A---- C:\Windows\NIRCMD.exe
2013-10-08 12:53:23 ----A---- C:\Windows\MBR.exe
2013-10-08 12:53:23 ----A---- C:\Windows\grep.exe
2013-10-07 19:48:28 ----D---- C:\Qoobox
2013-10-07 19:48:15 ----D---- C:\Windows\erdnt
2013-10-07 16:05:45 ----D---- C:\rsit
2013-10-07 16:05:45 ----D---- C:\Program Files\trend micro
2013-10-07 14:36:49 ----D---- C:\Program Files\GRISOFT
2013-10-07 14:36:49 ----A---- C:\Windows\system32\drivers\AvgArCln.sys
2013-10-07 14:10:26 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2013-10-07 12:48:26 ----D---- C:\Program Files\Sophos
2013-10-01 11:45:48 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2013-10-29 19:11:20 ----D---- C:\Windows\System32
2013-10-29 19:11:20 ----D---- C:\Windows\inf
2013-10-29 19:11:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-29 19:07:43 ----A---- C:\Windows\win.ini
2013-10-29 19:07:04 ----D---- C:\Windows\Temp
2013-10-29 19:06:03 ----D---- C:\Windows\system32\config
2013-10-29 19:05:52 ----D---- C:\Windows
2013-10-29 19:05:13 ----RD---- C:\Program Files\Skype
2013-10-29 19:05:13 ----D---- C:\Windows\Tasks
2013-10-29 19:05:06 ----D---- C:\Program Files\Microsoft
2013-10-29 19:04:24 ----D---- C:\Windows\Prefetch
2013-10-29 19:03:58 ----D---- C:\Windows\system32\Tasks
2013-10-29 17:39:58 ----D---- C:\Program Files\Common Files
2013-10-29 17:39:56 ----RD---- C:\Program Files
2013-10-29 17:39:55 ----D---- C:\ProgramData
2013-10-29 17:15:23 ----D---- C:\ProgramData\MFAData
2013-10-29 14:58:20 ----SHD---- C:\System Volume Information
2013-10-25 16:51:03 ----D---- C:\Users\Martin\AppData\Roaming\SoftGrid Client
2013-10-24 17:50:46 ----SHD---- C:\Windows\Installer
2013-10-24 17:50:46 ----D---- C:\Config.Msi
2013-10-24 13:31:05 ----D---- C:\Windows\system32\drivers
2013-10-24 12:57:41 ----D---- C:\Windows\ehome
2013-10-23 17:55:57 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2013-10-23 17:06:13 ----D---- C:\Windows\system32\catroot2
2013-10-23 17:02:32 ----A---- C:\Windows\system.ini
2013-10-23 16:59:02 ----D---- C:\Windows\AppPatch
2013-10-23 15:56:16 ----D---- C:\Windows\Panther
2013-10-23 15:56:16 ----D---- C:\Windows\Logs
2013-10-23 15:56:16 ----D---- C:\Windows\debug
2013-10-23 15:52:48 ----D---- C:\Program Files\CCleaner
2013-10-23 15:50:03 ----D---- C:\Windows\ModemLogs
2013-10-19 15:37:30 ----D---- C:\Users\Martin\AppData\Roaming\ZoomBrowser EX
2013-10-18 14:15:30 ----A---- C:\Windows\system32\javaw.exe
2013-10-18 14:15:29 ----D---- C:\Program Files\Java
2013-10-13 15:23:50 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-12 14:02:41 ----D---- C:\Windows\rescache
2013-10-12 13:14:00 ----D---- C:\Windows\Microsoft.NET
2013-10-12 13:12:05 ----RSD---- C:\Windows\assembly
2013-10-12 12:46:31 ----D---- C:\Windows\winsxs
2013-10-12 12:43:37 ----D---- C:\Windows\system32\cs-CZ
2013-10-12 12:43:37 ----D---- C:\Program Files\Internet Explorer
2013-10-12 12:43:34 ----D---- C:\Windows\system32\DriverStore
2013-10-12 12:42:44 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-11 16:48:34 ----D---- C:\Windows\system32\MRT
2013-10-11 16:47:06 ----A---- C:\Windows\system32\MRT.exe
2013-10-11 16:40:48 ----D---- C:\Windows\system32\catroot
2013-10-11 14:17:44 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2013-10-11 12:01:03 ----D---- C:\Program Files\Fotolab
2013-10-11 11:59:14 ----D---- C:\Program Files\RustemSoft
2013-10-08 13:05:05 ----D---- C:\Windows\system32\drivers\etc
2013-10-07 14:40:25 ----D---- C:\Windows\system32\wdi
2013-10-07 14:02:37 ----SD---- C:\ProgramData\Microsoft
2013-10-05 12:05:22 ----D---- C:\Users\Martin\AppData\Roaming\Movier
2013-10-02 09:09:07 ----D---- C:\Program Files\Mozilla Maintenance Service
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVG Anti-Rootkit;AVG Anti-Rootkit; C:\Windows\System32\DRIVERS\avgarkt.sys [2007-01-31 5632]
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-09-02 145720]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-09-02 223032]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\Windows\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-09-25 120632]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-09-02 176952]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-10-03 37664]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 48128]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 296064]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-03 5340160]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-03 152064]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-09-03 3185640]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 583848]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 197800]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 24232]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 20136]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 172416]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 78336]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2013-10-07 77528]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\Windows\system32\ECED.tmp []
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-03 172032]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-03-29 598312]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-29 116648]
S2 MCEBuddy;MCEBuddy Service; C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe [2010-01-24 20480]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-29 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 820520]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-01 118680]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-18 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2013-10-29 19:12:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 146 GB (21%) free of 707 GB
Total RAM: 3326 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:12:16, on 29.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Users\Martin\Desktop\RSIT.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\trend micro\Martin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (file missing)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MCEBuddy Service (MCEBuddy) - Unknown owner - C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 5586 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\rfv57ax2.default-1376389945516
prefs.js - "browser.startup.homepage" - "http://atlas.centrum.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsjsrealplayerplugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-18 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-09-03 9726568]
"NeroCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-04-03 1234216]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-10-07 4908592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-10-29 19:03:54 ----D---- C:\_OTM
2013-10-29 17:37:23 ----D---- C:\AdwCleaner
2013-10-23 17:21:44 ----D---- C:\Program Files\Enigma Software Group
2013-10-23 17:21:08 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-10-23 17:03:20 ----SHD---- C:\$RECYCLE.BIN
2013-10-23 16:25:51 ----D---- C:\ProgramData\Norton
2013-10-18 14:16:23 ----D---- C:\ProgramData\Oracle
2013-10-18 14:16:19 ----D---- C:\Program Files\Common Files\Java
2013-10-18 14:15:46 ----A---- C:\Windows\system32\javaws.exe
2013-10-18 14:15:37 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-10-11 16:40:37 ----A---- C:\Windows\system32\jscript.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\jscript9.dll
2013-10-11 16:40:36 ----A---- C:\Windows\system32\iesetup.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\urlmon.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 16:40:35 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\ieui.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\iernonce.dll
2013-10-11 16:40:35 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-11 16:40:34 ----A---- C:\Windows\system32\iertutil.dll
2013-10-11 16:40:33 ----A---- C:\Windows\system32\wininet.dll
2013-10-11 16:40:33 ----A---- C:\Windows\system32\ieframe.dll
2013-10-11 16:40:31 ----A---- C:\Windows\system32\mshtml.dll
2013-10-11 12:07:43 ----A---- C:\Windows\system32\comctl32.dll
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-11 12:07:41 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-11 12:07:40 ----A---- C:\Windows\system32\mswsock.dll
2013-10-11 12:07:40 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-11 12:07:39 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-11 12:07:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-11 12:07:36 ----A---- C:\Windows\system32\dciman32.dll
2013-10-11 12:07:36 ----A---- C:\Windows\system32\atmfd.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\lpk.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\fontsub.dll
2013-10-11 12:07:35 ----A---- C:\Windows\system32\atmlib.dll
2013-10-11 12:07:34 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 12:07:24 ----A---- C:\Windows\system32\tdh.dll
2013-10-11 12:07:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-11 12:07:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-10-11 12:07:23 ----A---- C:\Windows\system32\ntdll.dll
2013-10-11 12:07:23 ----A---- C:\Windows\system32\advapi32.dll
2013-10-11 12:07:16 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-11 12:07:14 ----A---- C:\Windows\system32\win32k.sys
2013-10-11 12:07:10 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-11 12:07:10 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-11 12:07:10 ----A---- C:\Windows\system32\davclnt.dll
2013-10-11 12:07:05 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-11 12:07:02 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-08 12:53:23 ----A---- C:\Windows\zip.exe
2013-10-08 12:53:23 ----A---- C:\Windows\SWSC.exe
2013-10-08 12:53:23 ----A---- C:\Windows\SWREG.exe
2013-10-08 12:53:23 ----A---- C:\Windows\sed.exe
2013-10-08 12:53:23 ----A---- C:\Windows\PEV.exe
2013-10-08 12:53:23 ----A---- C:\Windows\NIRCMD.exe
2013-10-08 12:53:23 ----A---- C:\Windows\MBR.exe
2013-10-08 12:53:23 ----A---- C:\Windows\grep.exe
2013-10-07 19:48:28 ----D---- C:\Qoobox
2013-10-07 19:48:15 ----D---- C:\Windows\erdnt
2013-10-07 16:05:45 ----D---- C:\rsit
2013-10-07 16:05:45 ----D---- C:\Program Files\trend micro
2013-10-07 14:36:49 ----D---- C:\Program Files\GRISOFT
2013-10-07 14:36:49 ----A---- C:\Windows\system32\drivers\AvgArCln.sys
2013-10-07 14:10:26 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2013-10-07 12:48:26 ----D---- C:\Program Files\Sophos
2013-10-01 11:45:48 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2013-10-29 19:11:20 ----D---- C:\Windows\System32
2013-10-29 19:11:20 ----D---- C:\Windows\inf
2013-10-29 19:11:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-29 19:07:43 ----A---- C:\Windows\win.ini
2013-10-29 19:07:04 ----D---- C:\Windows\Temp
2013-10-29 19:06:03 ----D---- C:\Windows\system32\config
2013-10-29 19:05:52 ----D---- C:\Windows
2013-10-29 19:05:13 ----RD---- C:\Program Files\Skype
2013-10-29 19:05:13 ----D---- C:\Windows\Tasks
2013-10-29 19:05:06 ----D---- C:\Program Files\Microsoft
2013-10-29 19:04:24 ----D---- C:\Windows\Prefetch
2013-10-29 19:03:58 ----D---- C:\Windows\system32\Tasks
2013-10-29 17:39:58 ----D---- C:\Program Files\Common Files
2013-10-29 17:39:56 ----RD---- C:\Program Files
2013-10-29 17:39:55 ----D---- C:\ProgramData
2013-10-29 17:15:23 ----D---- C:\ProgramData\MFAData
2013-10-29 14:58:20 ----SHD---- C:\System Volume Information
2013-10-25 16:51:03 ----D---- C:\Users\Martin\AppData\Roaming\SoftGrid Client
2013-10-24 17:50:46 ----SHD---- C:\Windows\Installer
2013-10-24 17:50:46 ----D---- C:\Config.Msi
2013-10-24 13:31:05 ----D---- C:\Windows\system32\drivers
2013-10-24 12:57:41 ----D---- C:\Windows\ehome
2013-10-23 17:55:57 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2013-10-23 17:06:13 ----D---- C:\Windows\system32\catroot2
2013-10-23 17:02:32 ----A---- C:\Windows\system.ini
2013-10-23 16:59:02 ----D---- C:\Windows\AppPatch
2013-10-23 15:56:16 ----D---- C:\Windows\Panther
2013-10-23 15:56:16 ----D---- C:\Windows\Logs
2013-10-23 15:56:16 ----D---- C:\Windows\debug
2013-10-23 15:52:48 ----D---- C:\Program Files\CCleaner
2013-10-23 15:50:03 ----D---- C:\Windows\ModemLogs
2013-10-19 15:37:30 ----D---- C:\Users\Martin\AppData\Roaming\ZoomBrowser EX
2013-10-18 14:15:30 ----A---- C:\Windows\system32\javaw.exe
2013-10-18 14:15:29 ----D---- C:\Program Files\Java
2013-10-13 15:23:50 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-12 14:02:41 ----D---- C:\Windows\rescache
2013-10-12 13:14:00 ----D---- C:\Windows\Microsoft.NET
2013-10-12 13:12:05 ----RSD---- C:\Windows\assembly
2013-10-12 12:46:31 ----D---- C:\Windows\winsxs
2013-10-12 12:43:37 ----D---- C:\Windows\system32\cs-CZ
2013-10-12 12:43:37 ----D---- C:\Program Files\Internet Explorer
2013-10-12 12:43:34 ----D---- C:\Windows\system32\DriverStore
2013-10-12 12:42:44 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-11 16:48:34 ----D---- C:\Windows\system32\MRT
2013-10-11 16:47:06 ----A---- C:\Windows\system32\MRT.exe
2013-10-11 16:40:48 ----D---- C:\Windows\system32\catroot
2013-10-11 14:17:44 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2013-10-11 12:01:03 ----D---- C:\Program Files\Fotolab
2013-10-11 11:59:14 ----D---- C:\Program Files\RustemSoft
2013-10-08 13:05:05 ----D---- C:\Windows\system32\drivers\etc
2013-10-07 14:40:25 ----D---- C:\Windows\system32\wdi
2013-10-07 14:02:37 ----SD---- C:\ProgramData\Microsoft
2013-10-05 12:05:22 ----D---- C:\Users\Martin\AppData\Roaming\Movier
2013-10-02 09:09:07 ----D---- C:\Program Files\Mozilla Maintenance Service
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVG Anti-Rootkit;AVG Anti-Rootkit; C:\Windows\System32\DRIVERS\avgarkt.sys [2007-01-31 5632]
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-09-02 145720]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-09-02 223032]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\Windows\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-09-25 120632]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-09-02 176952]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-10-03 37664]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 48128]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 296064]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-03 5340160]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-03 152064]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-09-03 3185640]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 583848]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 197800]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 24232]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 20136]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 172416]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 78336]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2013-10-07 77528]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\Windows\system32\ECED.tmp []
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-03 172032]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-03-29 598312]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-29 116648]
S2 MCEBuddy;MCEBuddy Service; C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe [2010-01-24 20480]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-29 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 820520]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-01 118680]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-18 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu - IP je blacklistu
Dvouklikem na soubor spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu - IP je blacklistu
Dobrý den,
pokračoval jsem podle Vašem návodu a když jsem v programu HijackThis kliknul na FixChecked tak mi vyskočila tato hláška.
Tak se raději ptám jak dál.
Děkuji.
pokračoval jsem podle Vašem návodu a když jsem v programu HijackThis kliknul na FixChecked tak mi vyskočila tato hláška.
Tak se raději ptám jak dál.
Děkuji.
- Přílohy
-
- 2694.png (40.45 KiB) Zobrazeno 1416 x
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu - IP je blacklistu
Ne všechno lze fixovat. Jedná se ale o nečinné zbytčnosti, takže to neřešte. Jak jste na tom s vaším problémem?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu - IP je blacklistu
Zdá se, že problém je vyřešen. IP už na žádném blacklistu není a na stránky se už dostanu.
Mockrát Vám děkuji za Vaše rady.
Děkuji Martin.
Mockrát Vám děkuji za Vaše rady.
Děkuji Martin.
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu - IP je blacklistu
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?