Prosím o kontrolu logu

[zeleninka100]

Dobrý den, mam notas, ale není firemní. Nastaveni je zde puvodní a ted jej mam pomalý pořad mi neco nacíta.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2013-02-11 15:27:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 10 GB (22%) free of 45 GB
Total RAM: 1014 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:27:49, on 11.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 193.245.35.130 www2.csob.cz
O1 - Hosts: 193.245.35.131 www2.csobpf.cz
O1 - Hosts: 91.221.72.64 www.ingkonto.cz
O1 - Hosts: 91.221.72.64 www.ingkonto.cz
O1 - Hosts: 91.221.72.65 www.ingkonto.sk
O1 - Hosts: 91.221.72.65 www.ingkonto.sk
O1 - Hosts: 91.221.72.66 ingkonto.ingbank.cz
O1 - Hosts: 91.221.72.66 ingkonto.ingbank.cz
O1 - Hosts: 91.221.72.67 ingkonto.ingbank.sk
O1 - Hosts: 91.221.72.67 ingkonto.ingbank.sk
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunServices: [PlatformJavaTM] C:\DOCUME~1\jpoduska\LOCALS~1\Temp\JMEd.exe
O4 - HKLM\..\RunServices: [PhotoshopAdapterPhotoshopAdapter8.0] c:\program files\common files\adobe\adobe asset services cs3\required\adobephotoshopadapter8.0.exe
O4 - HKLM\..\RunServices: [Libraryadobepersonalization] c:\program files\adobe\adobe flash cs3 video encoder\librarypublisher.exe
O4 - HKLM\..\RunServices: [PhotoModern1387] c:\program files\adobe\adobe flash cs3\cs\configuration\templates\photo slideshows\photoslideshow.exe
O4 - HKLM\..\RunServices: [AdobePhotoshopAdapter] c:\program files\common files\adobe\adobe asset services cs3\required\adobephotoshopadapter8.0.exe
O4 - HKLM\..\RunServices: [VAInstallerUnZip325.42] C:\program files\cisco systems\vpn client\unzip32systems.exe
O4 - HKLM\..\RunServices: [Thunderbirdspellcheckermyspell1.8.1.122008021305] c:\program files\mozilla thunderbird\components\thunderbirdspellchecker.exe
O4 - HKLM\..\RunServices: [SharePointPortal] C:\program files\common files\microsoft shared\web folders\1033\serversharepoint11.0.5510.0.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 6512889046
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6512877312
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://stargate.prg.aero/dana-cached/s ... tupSP1.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.ppas.cz/dana-cached/sc/ ... Client.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = clance.local
O17 - HKLM\Software\..\Telephony: DomainName = clance.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = clance.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = tsall.tsoft.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = clance.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = tsall.tsoft.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = tsall.tsoft.cz
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 11581 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{8CD9A4A4-59A2-44F2-BC10-E5311A7EE94D}.job
C:\WINDOWS\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\02we4avn.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =386496&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
NPOFF12.DLL
np32dsw.dll
ShockwavePlugin.class
npdeployJava1.dll

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.xml
avg-secure-search.xml
yahoo.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2012-06-24 1417336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-06 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-06 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-06 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2006-01-16 3080192]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-02-27 570664]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2008-02-18 1629480]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2008-02-18 1057064]
"NPSStartup"= []
"ROC_roc_dec12"=C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe /PROMPT /CMPID=roc_dec12 []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-05-29 3521464]
"ROC_ROC_JULY_P1"=C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe / /PROMPT /CMPID=ROC_JULY_P1 []
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-07-31 2596984]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-12-04 384800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-05-29 958392]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-05-29 21432]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^VPN Client.lnk]
C:\WINDOWS\INSTAL~1\{F3C1D~1\ICON3E~1.ICO [2011-02-14 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Bonjour Service"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
VPN Client.lnk - C:\WINDOWS\Installer\{F3C1DE9E-5E16-4BA9-B854-7B53A45E3579}\Icon3E5562ED7.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avmgma_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\gozer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpmgma_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=95

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe"="C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service"
"C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE"="C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service"
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Paros\IEEmbed.exe"="C:\Program Files\Paros\IEEmbed.exe:*:Enabled:JDesktop Integration Components binary"
"E:\CDS\Nero\Installation\SetupX.exe"="E:\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\WINDOWS\System32\muzapp.exe"="C:\WINDOWS\System32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Skype\Phone\Skype.exe"="C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Skype\Phone\Skype.exe:*:Disabled:Skype "
"C:\Documents and Settings\Pavla\Data aplikací\ICQ\Application\ICQ7.7\ICQ.exe"="C:\Documents and Settings\Pavla\Data aplikací\ICQ\Application\ICQ7.7\ICQ.exe:*:Disabled:ICQ"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Samsung\Kies\Kies.exe"="C:\Program Files\Samsung\Kies\Kies.exe:*:Enabled:Samsung Kies"
"C:\Program Files\Samsung\Samsung New PC Studio\NPSGuide.exe"="C:\Program Files\Samsung\Samsung New PC Studio\NPSGuide.exe:*:Enabled:Samsung New PC Studio"
"C:\Program Files\7-Zip\7zFM.exe"="C:\Program Files\7-Zip\7zFM.exe:*:Enabled:7-Zip File Manager"
"E:\EasySetupAssistant\wr741n\EasySetupAssistant.exe"="E:\EasySetupAssistant\wr741n\EasySetupAssistant.exe:*:Enabled:TP-LINK Easy Setup Assistant"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"C:\Program Files\AVG\AVG2012\avgemcx.exe"="C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\SmartWhois\sw.exe"="C:\Program Files\SmartWhois\sw.exe:*:Enabled:SmartWhois"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Z netu\WebGoat-5.2\java\bin\java.exe"="D:\Z netu\WebGoat-5.2\java\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Paros\IEEmbed.exe"="C:\Program Files\Paros\IEEmbed.exe:*:Enabled:JDesktop Integration Components binary"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\Program Files\Microsoft Office Communicator\communicator.exe"="C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Office Communicator"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-02-09 15:00:19 ----A---- C:\WINDOWS\system32\FODBCLib.dll
2013-02-09 15:00:18 ----D---- C:\Program Files\FitLinie
2013-02-09 15:00:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft NT Ident
2013-02-09 15:00:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\FitLinie
2013-01-21 15:35:25 ----A---- C:\WINDOWS\system32\mediarcpt.dll
2013-01-15 13:53:20 ----D---- C:\Program Files\Recepty doma
2013-01-12 10:39:58 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-01-12 10:20:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2013-01-12 10:20:09 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-01-12 10:09:16 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Avira
2013-01-12 10:03:24 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2013-01-12 10:03:21 ----A---- C:\WINDOWS\system32\drivers\avkmgr.sys
2013-01-12 10:03:21 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2013-01-12 10:03:21 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2013-01-12 10:03:20 ----D---- C:\Program Files\Avira

======List of files/folders modified in the last 1 month======

2013-02-11 15:27:22 ----A---- C:\WINDOWS\wincmd.ini
2013-02-11 15:25:36 ----A---- C:\WINDOWS\system32\eRLog.ini
2013-02-11 15:11:30 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2013-01-30 18:56:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-01-30 17:54:38 ----A---- C:\WINDOWS\cdplayer.ini
2013-01-13 15:33:16 ----A---- C:\WINDOWS\wininit.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2004-08-18 13952]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-09-18 639224]
R0 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-11-22 134336]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2012-11-22 36552]
R1 InCDPass;Nero InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2008-02-18 36648]
R1 incdrm;Nero InCD MRW Remapper; C:\WINDOWS\system32\drivers\InCDRm.sys [2008-02-18 38312]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2012-08-27 28520]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2012-11-27 83944]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 cnmpar21;Canon BJ Port Driver Cnmpar21; \??\C:\BJPrinter\CNMWINDOWS\Canon BJC-250 Series Installer\Inst\cnmpar21.sys []
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-11-01 424320]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-10-31 45312]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-01-17 328061]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-01-17 850474]
R3 Cam5603D;Acer OrbiCam; C:\WINDOWS\System32\Drivers\BisonCam.sys [2006-03-30 576000]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-08-28 131856]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2005-11-17 60928]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2005-11-17 37888]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2005-11-17 74624]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-24 218496]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-07-10 6144]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
R4 InCDfs;Nero InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2008-02-18 118952]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
S3 amp6z6a5;amp6z6a5; C:\WINDOWS\system32\drivers\amp6z6a5.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-12-08 30312]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-01-17 30459]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-01-17 148900]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2012-05-21 80824]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2012-05-23 20032]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 GemCCID;GemCCID; C:\WINDOWS\System32\Drivers\GemCCID.sys [2009-08-10 89600]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 mf;mf; C:\WINDOWS\system32\DRIVERS\mf.sys [2008-04-13 63744]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 PSSDK42;PSSDK42; \??\C:\WINDOWS\system32\Drivers\pssdk42.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-10-31 46080]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-12-08 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2012-05-21 181432]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudobex.sys [2012-05-21 181432]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2009-12-12 25984]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys []
S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-27 1427968]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-12-04 109344]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-12-04 85280]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-01-17 266295]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2009-01-13 1528608]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2008-02-18 1553704]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-06 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 InCDrec;Nero InCD File System Recognizer; C:\WINDOWS\system32\drivers\InCDRec.sys [2008-02-18 16040]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2012-08-13 5167736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-07-04 238952]
S2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 251248]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-09-01 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Márty84]

Zdravim

S timhle strojem uz jste tu byl a kontrolu nedokoncil. Tentokrat to bude jinak?

Ze vseho nejdrive si rozmyslete, ktery antivir chcete. Bezi vam tam avira a avg. Jeden musi kazdopadne pryc. Az jeden odinstalujete, dejte novy log z RSIT a zkusime s tim neco udelat

[zeleninka100]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2013-02-12 17:51:40
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 10 GB (23%) free of 45 GB
Total RAM: 1014 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:52:48, on 12.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
C:\WINDOWS\System32\svchost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 193.245.35.130 www2.csob.cz
O1 - Hosts: 193.245.35.131 www2.csobpf.cz
O1 - Hosts: 91.221.72.64 www.ingkonto.cz
O1 - Hosts: 91.221.72.64 www.ingkonto.cz
O1 - Hosts: 91.221.72.65 www.ingkonto.sk
O1 - Hosts: 91.221.72.65 www.ingkonto.sk
O1 - Hosts: 91.221.72.66 ingkonto.ingbank.cz
O1 - Hosts: 91.221.72.66 ingkonto.ingbank.cz
O1 - Hosts: 91.221.72.67 ingkonto.ingbank.sk
O1 - Hosts: 91.221.72.67 ingkonto.ingbank.sk
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunServices: [PlatformJavaTM] C:\DOCUME~1\jpoduska\LOCALS~1\Temp\JMEd.exe
O4 - HKLM\..\RunServices: [PhotoshopAdapterPhotoshopAdapter8.0] c:\program files\common files\adobe\adobe asset services cs3\required\adobephotoshopadapter8.0.exe
O4 - HKLM\..\RunServices: [Libraryadobepersonalization] c:\program files\adobe\adobe flash cs3 video encoder\librarypublisher.exe
O4 - HKLM\..\RunServices: [PhotoModern1387] c:\program files\adobe\adobe flash cs3\cs\configuration\templates\photo slideshows\photoslideshow.exe
O4 - HKLM\..\RunServices: [AdobePhotoshopAdapter] c:\program files\common files\adobe\adobe asset services cs3\required\adobephotoshopadapter8.0.exe
O4 - HKLM\..\RunServices: [VAInstallerUnZip325.42] C:\program files\cisco systems\vpn client\unzip32systems.exe
O4 - HKLM\..\RunServices: [Thunderbirdspellcheckermyspell1.8.1.122008021305] c:\program files\mozilla thunderbird\components\thunderbirdspellchecker.exe
O4 - HKLM\..\RunServices: [SharePointPortal] C:\program files\common files\microsoft shared\web folders\1033\serversharepoint11.0.5510.0.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 6512889046
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6512877312
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://stargate.prg.aero/dana-cached/s ... tupSP1.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.ppas.cz/dana-cached/sc/ ... Client.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = clance.local
O17 - HKLM\Software\..\Telephony: DomainName = clance.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = clance.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = tsall.tsoft.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = clance.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = tsall.tsoft.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = tsall.tsoft.cz
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 10957 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{8CD9A4A4-59A2-44F2-BC10-E5311A7EE94D}.job
C:\WINDOWS\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\02we4avn.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =386496&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
NPOFF12.DLL
np32dsw.dll
ShockwavePlugin.class
npdeployJava1.dll

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.xml
avg-secure-search.xml
yahoo.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-06 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-06 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-06 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2006-01-16 3080192]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-02-27 570664]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2008-02-18 1629480]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2008-02-18 1057064]
"NPSStartup"= []
"ROC_roc_dec12"=C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe /PROMPT /CMPID=roc_dec12 []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-05-29 3521464]
"ROC_ROC_JULY_P1"=C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe / /PROMPT /CMPID=ROC_JULY_P1 []
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-12-04 384800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-05-29 958392]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-05-29 21432]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^VPN Client.lnk]
C:\WINDOWS\INSTAL~1\{F3C1D~1\ICON3E~1.ICO [2011-02-14 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Bonjour Service"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
VPN Client.lnk - C:\WINDOWS\Installer\{F3C1DE9E-5E16-4BA9-B854-7B53A45E3579}\Icon3E5562ED7.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avmgma_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\gozer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpmgma_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=95

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe"="C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service"
"C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE"="C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service"
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Paros\IEEmbed.exe"="C:\Program Files\Paros\IEEmbed.exe:*:Enabled:JDesktop Integration Components binary"
"E:\CDS\Nero\Installation\SetupX.exe"="E:\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\WINDOWS\System32\muzapp.exe"="C:\WINDOWS\System32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Skype\Phone\Skype.exe"="C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Skype\Phone\Skype.exe:*:Disabled:Skype "
"C:\Documents and Settings\Pavla\Data aplikací\ICQ\Application\ICQ7.7\ICQ.exe"="C:\Documents and Settings\Pavla\Data aplikací\ICQ\Application\ICQ7.7\ICQ.exe:*:Disabled:ICQ"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Samsung\Kies\Kies.exe"="C:\Program Files\Samsung\Kies\Kies.exe:*:Enabled:Samsung Kies"
"C:\Program Files\Samsung\Samsung New PC Studio\NPSGuide.exe"="C:\Program Files\Samsung\Samsung New PC Studio\NPSGuide.exe:*:Enabled:Samsung New PC Studio"
"C:\Program Files\7-Zip\7zFM.exe"="C:\Program Files\7-Zip\7zFM.exe:*:Enabled:7-Zip File Manager"
"E:\EasySetupAssistant\wr741n\EasySetupAssistant.exe"="E:\EasySetupAssistant\wr741n\EasySetupAssistant.exe:*:Enabled:TP-LINK Easy Setup Assistant"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\SmartWhois\sw.exe"="C:\Program Files\SmartWhois\sw.exe:*:Enabled:SmartWhois"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Z netu\WebGoat-5.2\java\bin\java.exe"="D:\Z netu\WebGoat-5.2\java\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Paros\IEEmbed.exe"="C:\Program Files\Paros\IEEmbed.exe:*:Enabled:JDesktop Integration Components binary"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\Program Files\Microsoft Office Communicator\communicator.exe"="C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Office Communicator"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-02-12 17:48:54 ----ASH---- C:\hiberfil.sys
2013-02-12 17:47:27 ----SHD---- C:\Config.Msi
2013-02-12 17:44:33 ----A---- C:\WINDOWS\ntbtlog.txt
2013-02-09 15:00:19 ----A---- C:\WINDOWS\system32\FODBCLib.dll
2013-02-09 15:00:18 ----D---- C:\Program Files\FitLinie
2013-02-09 15:00:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft NT Ident
2013-02-09 15:00:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\FitLinie
2013-01-21 15:35:25 ----A---- C:\WINDOWS\system32\mediarcpt.dll
2013-01-15 13:53:20 ----D---- C:\Program Files\Recepty doma

======List of files/folders modified in the last 1 month======

2013-02-12 17:51:52 ----A---- C:\WINDOWS\system32\eRLog.ini
2013-02-12 17:50:04 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2013-02-12 17:43:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-02-11 15:39:28 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-11 15:39:22 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-02-11 15:27:22 ----A---- C:\WINDOWS\wincmd.ini
2013-01-30 17:54:38 ----A---- C:\WINDOWS\cdplayer.ini
2013-01-13 15:33:16 ----A---- C:\WINDOWS\wininit.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2004-08-18 13952]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-09-18 639224]
R0 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-11-22 134336]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2012-11-22 36552]
R1 InCDPass;Nero InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2008-02-18 36648]
R1 incdrm;Nero InCD MRW Remapper; C:\WINDOWS\system32\drivers\InCDRm.sys [2008-02-18 38312]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2012-08-27 28520]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2012-11-27 83944]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 cnmpar21;Canon BJ Port Driver Cnmpar21; \??\C:\BJPrinter\CNMWINDOWS\Canon BJC-250 Series Installer\Inst\cnmpar21.sys []
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-11-01 424320]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-10-31 45312]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-01-17 328061]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-01-17 850474]
R3 Cam5603D;Acer OrbiCam; C:\WINDOWS\System32\Drivers\BisonCam.sys [2006-03-30 576000]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-08-28 131856]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2005-11-17 60928]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2005-11-17 37888]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2005-11-17 74624]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-24 218496]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-07-10 6144]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
R4 InCDfs;Nero InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2008-02-18 118952]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-12-08 30312]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 avehf8e7;avehf8e7; C:\WINDOWS\system32\drivers\avehf8e7.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-01-17 30459]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-01-17 148900]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2012-05-21 80824]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2012-05-23 20032]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 GemCCID;GemCCID; C:\WINDOWS\System32\Drivers\GemCCID.sys [2009-08-10 89600]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 mf;mf; C:\WINDOWS\system32\DRIVERS\mf.sys [2008-04-13 63744]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 PSSDK42;PSSDK42; \??\C:\WINDOWS\system32\Drivers\pssdk42.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-10-31 46080]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-12-08 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2012-05-21 181432]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudobex.sys [2012-05-21 181432]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2009-12-12 25984]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys []
S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-27 1427968]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-12-04 109344]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-12-04 85280]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-01-17 266295]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2009-01-13 1528608]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2008-02-18 1553704]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-06 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 InCDrec;Nero InCD File System Recognizer; C:\WINDOWS\system32\drivers\InCDRec.sys [2008-02-18 16040]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-07-04 238952]
S2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-11 251248]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-09-01 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Márty84]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Search a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

[zeleninka100]

# AdwCleaner v2.112 - Logfile created 02/12/2013 at 18:37:37
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - JPODUSKA
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Plocha\adwcleaner0.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Uninstall.exe
File Found : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\searchplugins\icqplugin.xml
File Found : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\searchplugins\icqplugin-1.xml
File Found : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\searchplugins\icqplugin-2.xml
File Found : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\searchplugins\icqplugin-3.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
File Found : C:\user.js
Folder Found : C:\Documents and Settings\Administrator\Data aplikací\OpenCandy
Folder Found : C:\Documents and Settings\Administrator\Nabídka Start\Programy\FreeRIP
Folder Found : C:\Documents and Settings\All Users\Data aplikací\FreeRIP
Folder Found : C:\Documents and Settings\jpoduska\Data aplikací\AVG Secure Search
Folder Found : C:\Documents and Settings\jpoduska\Data aplikací\Mozilla\Firefox\Profiles\ve47ve4b.default\extensions\avg@toolbar
Folder Found : C:\Documents and Settings\Pavla\Data aplikací\AVG Secure Search
Folder Found : C:\Documents and Settings\Pavla\Data aplikací\FreeRIP
Folder Found : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\extensions\ffxtlbr@funmoods.com
Folder Found : C:\Documents and Settings\Pavla\Data aplikací\Search Settings
Folder Found : C:\Program Files\FreeRIP
Folder Found : C:\Program Files\Funmoods

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKU\S-1-5-21-1806705297-4100408219-2962276925-500\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v8.0.1 (cs)

File : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\prefs.js

Found : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Data aplikací\\AVG S[...]
Found : user_pref("extensions.enabledAddons", "ffxtlbr@funmoods.com:1.5.0,{800b5000-a755-47e1-992b-48a1c1357[...]
Found : user_pref("extensions.foxcub.prev.KWD", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_[...]
Found : user_pref("extensions.funmoods.SimilarSitesStorage-pid2", "92d6f3288dfea611");
Found : user_pref("extensions.funmoods.admin", false);
Found : user_pref("extensions.funmoods.aflt", "drive");
Found : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Found : user_pref("extensions.funmoods.cntry", "CZ");
Found : user_pref("extensions.funmoods.cv", "cv5");
Found : user_pref("extensions.funmoods.dfltLng", "EN");
Found : user_pref("extensions.funmoods.dfltSrch", false);
Found : user_pref("extensions.funmoods.dfltlng", "EN");
Found : user_pref("extensions.funmoods.dfltsrch", "false");
Found : user_pref("extensions.funmoods.excTlbr", false);
Found : user_pref("extensions.funmoods.hdrMd5", "876AF11BFB4F6ADAE5232B3A18BB7BE2");
Found : user_pref("extensions.funmoods.hmpg", false);
Found : user_pref("extensions.funmoods.hrdid", "095416dc0000000000000016cef4844b");
Found : user_pref("extensions.funmoods.id", "095416dc0000000000000016cef4844b");
Found : user_pref("extensions.funmoods.instlDay", "15383");
Found : user_pref("extensions.funmoods.instlRef", "");
Found : user_pref("extensions.funmoods.instlday", "15383");
Found : user_pref("extensions.funmoods.instlref", "");
Found : user_pref("extensions.funmoods.isDcmntCmplt", false);
Found : user_pref("extensions.funmoods.keywordurl", "");
Found : user_pref("extensions.funmoods.lastVrsnTs", "1.5.11.1617:26:32");
Found : user_pref("extensions.funmoods.newTab", false);
Found : user_pref("extensions.funmoods.newtab", "false");
Found : user_pref("extensions.funmoods.newtaburl", "");
Found : user_pref("extensions.funmoods.noFFXTlbr", false);
Found : user_pref("extensions.funmoods.prdct", "funmoods");
Found : user_pref("extensions.funmoods.prtnrId", "funmoods");
Found : user_pref("extensions.funmoods.prtnrid", "funmoods");
Found : user_pref("extensions.funmoods.sg", "none");
Found : user_pref("extensions.funmoods.smplGrp", "none");
Found : user_pref("extensions.funmoods.smplgrp", "none");
Found : user_pref("extensions.funmoods.srch", "");
Found : user_pref("extensions.funmoods.srchprvdr", "");
Found : user_pref("extensions.funmoods.stAdmnPrms", true);
Found : user_pref("extensions.funmoods.tlbrId", "base");
Found : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=drive&q=")[...]
Found : user_pref("extensions.funmoods.tlbrid", "base");
Found : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/results.php?f=3&a=drive&q=")[...]
Found : user_pref("extensions.funmoods.vrsn", "1.5.11.16");
Found : user_pref("extensions.funmoods.vrsnTs", "1.5.11.1617:26:32");
Found : user_pref("extensions.funmoods.vrsni", "1.5.11.16");
Found : user_pref("extensions.funmoods.vrsnts", "1.5.11.1617:26:32");
Found : user_pref("extensions.funmoods_i.aflt", "drive");
Found : user_pref("extensions.funmoods_i.dfltLng", "");
Found : user_pref("extensions.funmoods_i.excTlbr", false);
Found : user_pref("extensions.funmoods_i.id", "095416dc0000000000000016cef4844b");
Found : user_pref("extensions.funmoods_i.instlDay", "15383");
Found : user_pref("extensions.funmoods_i.instlRef", "");
Found : user_pref("extensions.funmoods_i.newTab", false);
Found : user_pref("extensions.funmoods_i.prdct", "funmoods");
Found : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Found : user_pref("extensions.funmoods_i.smplGrp", "none");
Found : user_pref("extensions.funmoods_i.tlbrId", "base");
Found : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=drive&q=[...]
Found : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
Found : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1617:26:32");
Found : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");

File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\02we4avn.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\jpoduska\Data aplikací\Mozilla\Firefox\Profiles\ve47ve4b.default\prefs.js

Found : user_pref("browser.search.defaultenginename", "Winamp Search");
Found : user_pref("browser.search.defaulturl", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir[...]
Found : user_pref("keyword.URL", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&invocati[...]
Found : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");

File : C:\Documents and Settings\poduskaj\Data aplikací\Mozilla\Firefox\Profiles\ve47ve4b.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9540 octets] - [12/02/2013 18:37:37]

########## EOF - C:\AdwCleaner[R1].txt - [9600 octets] ##########

[Márty84]

Znovu ukoncete vsechny programy a spustte AdwCleaner.
Tentokrat kliknete na Delete
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.


Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[zeleninka100]

# AdwCleaner v2.112 - Logfile created 02/13/2013 at 15:48:28
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - JPODUSKA
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Plocha\adwcleaner0.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Uninstall.exe
File Deleted : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\searchplugins\icqplugin.xml
File Deleted : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
File Deleted : C:\user.js
Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\Administrator\Nabídka Start\Programy\FreeRIP
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\FreeRIP
Folder Deleted : C:\Documents and Settings\jpoduska\Data aplikací\AVG Secure Search
Folder Deleted : C:\Documents and Settings\jpoduska\Data aplikací\Mozilla\Firefox\Profiles\ve47ve4b.default\extensions\avg@toolbar
Folder Deleted : C:\Documents and Settings\Pavla\Data aplikací\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Pavla\Data aplikací\FreeRIP
Folder Deleted : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Deleted : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\extensions\ffxtlbr@funmoods.com
Folder Deleted : C:\Documents and Settings\Pavla\Data aplikací\Search Settings
Folder Deleted : C:\Program Files\FreeRIP
Folder Deleted : C:\Program Files\Funmoods

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v8.0.1 (cs)

File : C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\prefs.js

C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\9ob36372.default\user.js ... Deleted !

Deleted : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Data aplikací\\AVG S[...]
Deleted : user_pref("extensions.enabledAddons", "ffxtlbr@funmoods.com:1.5.0,{800b5000-a755-47e1-992b-48a1c1357[...]
Deleted : user_pref("extensions.foxcub.prev.KWD", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_[...]
Deleted : user_pref("extensions.funmoods.SimilarSitesStorage-pid2", "92d6f3288dfea611");
Deleted : user_pref("extensions.funmoods.admin", false);
Deleted : user_pref("extensions.funmoods.aflt", "drive");
Deleted : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Deleted : user_pref("extensions.funmoods.cntry", "CZ");
Deleted : user_pref("extensions.funmoods.cv", "cv5");
Deleted : user_pref("extensions.funmoods.dfltLng", "EN");
Deleted : user_pref("extensions.funmoods.dfltSrch", false);
Deleted : user_pref("extensions.funmoods.dfltlng", "EN");
Deleted : user_pref("extensions.funmoods.dfltsrch", "false");
Deleted : user_pref("extensions.funmoods.excTlbr", false);
Deleted : user_pref("extensions.funmoods.hdrMd5", "876AF11BFB4F6ADAE5232B3A18BB7BE2");
Deleted : user_pref("extensions.funmoods.hmpg", false);
Deleted : user_pref("extensions.funmoods.hrdid", "095416dc0000000000000016cef4844b");
Deleted : user_pref("extensions.funmoods.id", "095416dc0000000000000016cef4844b");
Deleted : user_pref("extensions.funmoods.instlDay", "15383");
Deleted : user_pref("extensions.funmoods.instlRef", "");
Deleted : user_pref("extensions.funmoods.instlday", "15383");
Deleted : user_pref("extensions.funmoods.instlref", "");
Deleted : user_pref("extensions.funmoods.isDcmntCmplt", false);
Deleted : user_pref("extensions.funmoods.keywordurl", "");
Deleted : user_pref("extensions.funmoods.lastVrsnTs", "1.5.11.1617:26:32");
Deleted : user_pref("extensions.funmoods.newTab", false);
Deleted : user_pref("extensions.funmoods.newtab", "false");
Deleted : user_pref("extensions.funmoods.newtaburl", "");
Deleted : user_pref("extensions.funmoods.noFFXTlbr", false);
Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods.prtnrid", "funmoods");
Deleted : user_pref("extensions.funmoods.sg", "none");
Deleted : user_pref("extensions.funmoods.smplGrp", "none");
Deleted : user_pref("extensions.funmoods.smplgrp", "none");
Deleted : user_pref("extensions.funmoods.srch", "");
Deleted : user_pref("extensions.funmoods.srchprvdr", "");
Deleted : user_pref("extensions.funmoods.stAdmnPrms", true);
Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=drive&q=")[...]
Deleted : user_pref("extensions.funmoods.tlbrid", "base");
Deleted : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/results.php?f=3&a=drive&q=")[...]
Deleted : user_pref("extensions.funmoods.vrsn", "1.5.11.16");
Deleted : user_pref("extensions.funmoods.vrsnTs", "1.5.11.1617:26:32");
Deleted : user_pref("extensions.funmoods.vrsni", "1.5.11.16");
Deleted : user_pref("extensions.funmoods.vrsnts", "1.5.11.1617:26:32");
Deleted : user_pref("extensions.funmoods_i.aflt", "drive");
Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
Deleted : user_pref("extensions.funmoods_i.id", "095416dc0000000000000016cef4844b");
Deleted : user_pref("extensions.funmoods_i.instlDay", "15383");
Deleted : user_pref("extensions.funmoods_i.instlRef", "");
Deleted : user_pref("extensions.funmoods_i.newTab", false);
Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=drive&q=[...]
Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1617:26:32");
Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");

File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\02we4avn.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\jpoduska\Data aplikací\Mozilla\Firefox\Profiles\ve47ve4b.default\prefs.js

C:\Documents and Settings\jpoduska\Data aplikací\Mozilla\Firefox\Profiles\ve47ve4b.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "Winamp Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir[...]
Deleted : user_pref("keyword.URL", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&invocati[...]
Deleted : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");

File : C:\Documents and Settings\poduskaj\Data aplikací\Mozilla\Firefox\Profiles\ve47ve4b.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9669 octets] - [12/02/2013 18:37:37]
AdwCleaner[R2].txt - [9729 octets] - [13/02/2013 15:48:02]
AdwCleaner[S1].txt - [9949 octets] - [13/02/2013 15:48:28]

########## EOF - C:\AdwCleaner[S1].txt - [10009 octets] ##########

[zeleninka100]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.02.13.07

Windows XP Service Pack 3 x86 FAT32
Internet Explorer 8.0.6001.18702
Administrator :: JPODUSKA [administrátor]

Ochrana: Povolena

13.2.2013 16:09:42
MBAM-log-2013-02-13 (17-53-03).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 480776
Uplynulý čas: 1 hodin, 42 minut, 39 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 6
C:\System Volume Information\_restore{9D5E3EE4-33B1-4531-84C0-457334EF9EE8}\RP809\A0155196.dll (PUP.FunMoods) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{9D5E3EE4-33B1-4531-84C0-457334EF9EE8}\RP809\A0155197.dll (PUP.FunMoods) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{9D5E3EE4-33B1-4531-84C0-457334EF9EE8}\RP809\A0155198.dll (PUP.FunMoods) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{9D5E3EE4-33B1-4531-84C0-457334EF9EE8}\RP809\A0155199.exe (PUP.FunMoods) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{9D5E3EE4-33B1-4531-84C0-457334EF9EE8}\RP809\A0155200.exe (PUP.FunMoods) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{9D5E3EE4-33B1-4531-84C0-457334EF9EE8}\RP809\A0155201.dll (PUP.Funmoods) -> Nebyla provedena žádná instrukce.

(konec)

[Márty84]

Nalezy MBAM nechte odstranit a protoze je havet v bodech obnovy, vymazte je podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=46&t=47040


Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu a spustte.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

[zeleninka100]

RogueKiller V8.5.1 [Feb 12 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Administrator [Práva správce]
Mód : Kontrola -- Datum : 02/13/2013 20:04:49
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NALEZENO
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowRecentDocs (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[Faked.Drv][FILE] wmilib.sys : C:\WINDOWS\system32\drivers\wmilib.sys [-] --> NALEZENO
[Faked.Drv][FILE] dmload.sys : C:\WINDOWS\system32\drivers\dmload.sys [-] --> NALEZENO
[Faked.Drv][FILE] partmgr.sys : C:\WINDOWS\system32\drivers\partmgr.sys [-] --> NALEZENO
[Faked.Drv][FILE] parport.sys : C:\WINDOWS\system32\drivers\parport.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndis.sys : C:\WINDOWS\system32\drivers\ndis.sys [-] --> NALEZENO
[Faked.Drv][FILE] ptilink.sys : C:\WINDOWS\system32\drivers\ptilink.sys [-] --> NALEZENO
[Faked.Drv][FILE] raspti.sys : C:\WINDOWS\system32\drivers\raspti.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndiswan.sys : C:\WINDOWS\system32\drivers\ndiswan.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdaudio.sys : C:\WINDOWS\system32\drivers\cdaudio.sys [-] --> NALEZENO
[Faked.Drv][FILE] fs_rec.sys : C:\WINDOWS\system32\drivers\fs_rec.sys [-] --> NALEZENO
[Faked.Drv][FILE] null.sys : C:\WINDOWS\system32\drivers\null.sys [-] --> NALEZENO
[Faked.Drv][FILE] beep.sys : C:\WINDOWS\system32\drivers\beep.sys [-] --> NALEZENO
[Faked.Drv][FILE] rdpcdd.sys : C:\WINDOWS\system32\drivers\rdpcdd.sys [-] --> NALEZENO
[Faked.Drv][FILE] rasacd.sys : C:\WINDOWS\system32\drivers\rasacd.sys [-] --> NALEZENO
[Faked.Drv][FILE] fdc.sys : C:\WINDOWS\system32\drivers\fdc.sys [-] --> NALEZENO
[Faked.Drv][FILE] dxgthk.sys : C:\WINDOWS\system32\drivers\dxgthk.sys [-] --> NALEZENO
[Faked.Drv][FILE] parvdm.sys : C:\WINDOWS\system32\drivers\parvdm.sys [-] --> NALEZENO
[Faked.Drv][FILE] atmepvc.sys : C:\WINDOWS\system32\drivers\atmepvc.sys [-] --> NALEZENO
[Faked.Drv][FILE] atmuni.sys : C:\WINDOWS\system32\drivers\atmuni.sys [-] --> NALEZENO
[Faked.Drv][FILE] dac960nt.sys : C:\WINDOWS\system32\drivers\dac960nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] cinemst2.sys : C:\WINDOWS\system32\drivers\cinemst2.sys [-] --> NALEZENO
[Faked.Drv][FILE] cpqdap01.sys : C:\WINDOWS\system32\drivers\cpqdap01.sys [-] --> NALEZENO
[Faked.Drv][FILE] dxapi.sys : C:\WINDOWS\system32\drivers\dxapi.sys [-] --> NALEZENO
[Faked.Drv][FILE] ipfltdrv.sys : C:\WINDOWS\system32\drivers\ipfltdrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] mcd.sys : C:\WINDOWS\system32\drivers\mcd.sys [-] --> NALEZENO
[Faked.Drv][FILE] nikedrv.sys : C:\WINDOWS\system32\drivers\nikedrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnkflt.sys : C:\WINDOWS\system32\drivers\nwlnkflt.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnkfwd.sys : C:\WINDOWS\system32\drivers\nwlnkfwd.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnknb.sys : C:\WINDOWS\system32\drivers\nwlnknb.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnkspx.sys : C:\WINDOWS\system32\drivers\nwlnkspx.sys [-] --> NALEZENO
[Faked.Drv][FILE] rawwan.sys : C:\WINDOWS\system32\drivers\rawwan.sys [-] --> NALEZENO
[Faked.Drv][FILE] rio8drv.sys : C:\WINDOWS\system32\drivers\rio8drv.sys [-] --> NALEZENO
[Faked.Drv][FILE] riodrv.sys : C:\WINDOWS\system32\drivers\riodrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] HSFHWAZL.sys : C:\WINDOWS\system32\drivers\HSFHWAZL.sys [-] --> NALEZENO
[Faked.Drv][FILE] splitter.sys : C:\WINDOWS\system32\drivers\splitter.sys [-] --> NALEZENO
[Faked.Drv][FILE] sonydcam.sys : C:\WINDOWS\system32\drivers\sonydcam.sys [-] --> NALEZENO
[Faked.Drv][FILE] rootmdm.sys : C:\WINDOWS\system32\drivers\rootmdm.sys [-] --> NALEZENO
[Faked.Drv][FILE] smclib.sys : C:\WINDOWS\system32\drivers\smclib.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosdvd.sys : C:\WINDOWS\system32\drivers\tosdvd.sys [-] --> NALEZENO
[Faked.Drv][FILE] tsbvcap.sys : C:\WINDOWS\system32\drivers\tsbvcap.sys [-] --> NALEZENO
[Faked.Drv][FILE] slip.sys : C:\WINDOWS\system32\drivers\slip.sys [-] --> NALEZENO
[Faked.Drv][FILE] sfloppy.sys : C:\WINDOWS\system32\drivers\sfloppy.sys [-] --> NALEZENO
[Faked.Drv][FILE] vdmindvd.sys : C:\WINDOWS\system32\drivers\vdmindvd.sys [-] --> NALEZENO
[Faked.Drv][FILE] ws2ifsl.sys : C:\WINDOWS\system32\drivers\ws2ifsl.sys [-] --> NALEZENO
[Faked.Drv][FILE] mnmdd.sys : C:\WINDOWS\system32\drivers\mnmdd.sys [-] --> NALEZENO
[Faked.Drv][FILE] fsvga.sys : C:\WINDOWS\system32\drivers\fsvga.sys [-] --> NALEZENO
[Faked.Drv][FILE] serial.sys : C:\WINDOWS\system32\drivers\serial.sys [-] --> NALEZENO
[Faked.Drv][FILE] acpiec.sys : C:\WINDOWS\system32\drivers\acpiec.sys [-] --> NALEZENO
[Faked.Drv][FILE] oprghdlr.sys : C:\WINDOWS\system32\drivers\oprghdlr.sys [-] --> NALEZENO
[Faked.Drv][FILE] usb8023x.sys : C:\WINDOWS\system32\drivers\usb8023x.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbd.sys : C:\WINDOWS\system32\drivers\usbd.sys [-] --> NALEZENO
[Faked.Drv][FILE] serenum.sys : C:\WINDOWS\system32\drivers\serenum.sys [-] --> NALEZENO
[Faked.Drv][FILE] crusoe.sys : C:\WINDOWS\system32\drivers\crusoe.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdrom.sys : C:\WINDOWS\system32\drivers\cdrom.sys [-] --> NALEZENO
[Faked.Drv][FILE] dmboot.sys : C:\WINDOWS\system32\drivers\dmboot.sys [-] --> NALEZENO
[Faked.Drv][FILE] scsiport.sys : C:\WINDOWS\system32\drivers\scsiport.sys [-] --> NALEZENO
[Faked.Drv][FILE] ks.sys : C:\WINDOWS\system32\drivers\ks.sys [-] --> NALEZENO
[Faked.Drv][FILE] mouclass.sys : C:\WINDOWS\system32\drivers\mouclass.sys [-] --> NALEZENO
[Faked.Drv][FILE] rndismp.sys : C:\WINDOWS\system32\drivers\rndismp.sys [-] --> NALEZENO
[Faked.Drv][FILE] redbook.sys : C:\WINDOWS\system32\drivers\redbook.sys [-] --> NALEZENO
[Faked.Drv][FILE] nabtsfec.sys : C:\WINDOWS\system32\drivers\nabtsfec.sys [-] --> NALEZENO
[Faked.Drv][FILE] RMCast.sys : C:\WINDOWS\system32\drivers\RMCast.sys [-] --> NALEZENO
[Faked.Drv][FILE] tcpip6.sys : C:\WINDOWS\system32\drivers\tcpip6.sys [-] --> NALEZENO
[Faked.Drv][FILE] mstee.sys : C:\WINDOWS\system32\drivers\mstee.sys [-] --> NALEZENO
[Faked.Drv][FILE] mbam.sys : C:\WINDOWS\system32\drivers\mbam.sys [-] --> NALEZENO
[Faked.Drv][FILE] nmnt.sys : C:\WINDOWS\system32\drivers\nmnt.sys [-] --> NALEZENO
[Faked.Drv][FILE] avgntflt.sys : C:\WINDOWS\system32\drivers\avgntflt.sys [-] --> NALEZENO
[Faked.Drv][FILE] ohci1394.sys : C:\WINDOWS\system32\drivers\ohci1394.sys [-] --> NALEZENO
[Faked.Drv][FILE] rdpdr.sys : C:\WINDOWS\system32\drivers\rdpdr.sys [-] --> NALEZENO
[Faked.Drv][FILE] HSF_CNXT.sys : C:\WINDOWS\system32\drivers\HSF_CNXT.sys [-] --> NALEZENO
[Faked.Drv][FILE] mf.sys : C:\WINDOWS\system32\drivers\mf.sys [-] --> NALEZENO
[Faked.Drv][FILE] fastfat.sys : C:\WINDOWS\system32\drivers\fastfat.sys [-] --> NALEZENO
[Faked.Drv][FILE] rdbss.sys : C:\WINDOWS\system32\drivers\rdbss.sys [-] --> NALEZENO
[Faked.Drv][FILE] raspptp.sys : C:\WINDOWS\system32\drivers\raspptp.sys [-] --> NALEZENO
[Faked.Drv][FILE] p3.sys : C:\WINDOWS\system32\drivers\p3.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdfs.sys : C:\WINDOWS\system32\drivers\cdfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] psched.sys : C:\WINDOWS\system32\drivers\psched.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndisuio.sys : C:\WINDOWS\system32\drivers\ndisuio.sys [-] --> NALEZENO
[Faked.Drv][FILE] rasl2tp.sys : C:\WINDOWS\system32\drivers\rasl2tp.sys [-] --> NALEZENO
[Faked.Drv][FILE] raspppoe.sys : C:\WINDOWS\system32\drivers\raspppoe.sys [-] --> NALEZENO
[Faked.Drv][FILE] processr.sys : C:\WINDOWS\system32\drivers\processr.sys [-] --> NALEZENO
[Faked.Drv][FILE] msfs.sys : C:\WINDOWS\system32\drivers\msfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] isapnp.sys : C:\WINDOWS\system32\drivers\isapnp.sys [-] --> NALEZENO
[Faked.Drv][FILE] fips.sys : C:\WINDOWS\system32\drivers\fips.sys [-] --> NALEZENO
[Faked.Drv][FILE] portcls.sys : C:\WINDOWS\system32\drivers\portcls.sys [-] --> NALEZENO
[Faked.Drv][FILE] pcmcia.sys : C:\WINDOWS\system32\drivers\pcmcia.sys [-] --> NALEZENO
[Faked.Drv][FILE] ipnat.sys : C:\WINDOWS\system32\drivers\ipnat.sys [-] --> NALEZENO
[Faked.Drv][FILE] pciidex.sys : C:\WINDOWS\system32\drivers\pciidex.sys [-] --> NALEZENO
[Faked.Drv][FILE] netbios.sys : C:\WINDOWS\system32\drivers\netbios.sys [-] --> NALEZENO
[Faked.Drv][FILE] pci.sys : C:\WINDOWS\system32\drivers\pci.sys [-] --> NALEZENO
[Faked.Drv][FILE] i8042prt.sys : C:\WINDOWS\system32\drivers\i8042prt.sys [-] --> NALEZENO
[Faked.Drv][FILE] dxg.sys : C:\WINDOWS\system32\drivers\dxg.sys [-] --> NALEZENO
[Faked.Drv][FILE] drmkaud.sys : C:\WINDOWS\system32\drivers\drmkaud.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnkipx.sys : C:\WINDOWS\system32\drivers\nwlnkipx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ntfs.sys : C:\WINDOWS\system32\drivers\ntfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] ssudbus.sys : C:\WINDOWS\system32\drivers\ssudbus.sys [-] --> NALEZENO
[Faked.Drv][FILE] disk.sys : C:\WINDOWS\system32\drivers\disk.sys [-] --> NALEZENO
[Faked.Drv][FILE] npfs.sys : C:\WINDOWS\system32\drivers\npfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] CVPNDRVA.sys : C:\WINDOWS\system32\drivers\CVPNDRVA.sys [-] --> NALEZENO
[Faked.Drv][FILE] amdagp.sys : C:\WINDOWS\system32\drivers\amdagp.sys [-] --> NALEZENO
[Faked.Drv][FILE] amdk6.sys : C:\WINDOWS\system32\drivers\amdk6.sys [-] --> NALEZENO
[Faked.Drv][FILE] arp1394.sys : C:\WINDOWS\system32\drivers\arp1394.sys [-] --> NALEZENO
[Faked.Drv][FILE] atapi.sys : C:\WINDOWS\system32\drivers\atapi.sys [-] --> NALEZENO
[Faked.Drv][FILE] atmarpc.sys : C:\WINDOWS\system32\drivers\atmarpc.sys [-] --> NALEZENO
[Faked.Drv][FILE] battc.sys : C:\WINDOWS\system32\drivers\battc.sys [-] --> NALEZENO
[Faked.Drv][FILE] ccdecode.sys : C:\WINDOWS\system32\drivers\ccdecode.sys [-] --> NALEZENO
[Faked.Drv][FILE] compbatt.sys : C:\WINDOWS\system32\drivers\compbatt.sys [-] --> NALEZENO
[Faked.Drv][FILE] diskdump.sys : C:\WINDOWS\system32\drivers\diskdump.sys [-] --> NALEZENO
[Faked.Drv][FILE] nic1394.sys : C:\WINDOWS\system32\drivers\nic1394.sys [-] --> NALEZENO
[Faked.Drv][FILE] avipbb.sys : C:\WINDOWS\system32\drivers\avipbb.sys [-] --> NALEZENO
[Faked.Drv][FILE] intelppm.sys : C:\WINDOWS\system32\drivers\intelppm.sys [-] --> NALEZENO
[Faked.Drv][FILE] intelide.sys : C:\WINDOWS\system32\drivers\intelide.sys [-] --> NALEZENO
[Faked.Drv][FILE] netbt.sys : C:\WINDOWS\system32\drivers\netbt.sys [-] --> NALEZENO
[Faked.Drv][FILE] avkmgr.sys : C:\WINDOWS\system32\drivers\avkmgr.sys [-] --> NALEZENO
[Faked.Drv][FILE] rdpwd.sys : C:\WINDOWS\system32\drivers\rdpwd.sys [-] --> NALEZENO
[Faked.Drv][FILE] irenum.sys : C:\WINDOWS\system32\drivers\irenum.sys [-] --> NALEZENO
[Faked.Drv][FILE] NdisIP.sys : C:\WINDOWS\system32\drivers\NdisIP.sys [-] --> NALEZENO
[Faked.Drv][FILE] mspqm.sys : C:\WINDOWS\system32\drivers\mspqm.sys [-] --> NALEZENO
[Faked.Drv][FILE] mspclock.sys : C:\WINDOWS\system32\drivers\mspclock.sys [-] --> NALEZENO
[Faked.Drv][FILE] mskssrv.sys : C:\WINDOWS\system32\drivers\mskssrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] msgpc.sys : C:\WINDOWS\system32\drivers\msgpc.sys [-] --> NALEZENO
[Faked.Drv][FILE] mrxdav.sys : C:\WINDOWS\system32\drivers\mrxdav.sys [-] --> NALEZENO
[Faked.Drv][FILE] mountmgr.sys : C:\WINDOWS\system32\drivers\mountmgr.sys [-] --> NALEZENO
[Faked.Drv][FILE] s3gnbm.sys : C:\WINDOWS\system32\drivers\s3gnbm.sys [-] --> NALEZENO
[Faked.Drv][FILE] modem.sys : C:\WINDOWS\system32\drivers\modem.sys [-] --> NALEZENO
[Faked.Drv][FILE] sdbus.sys : C:\WINDOWS\system32\drivers\sdbus.sys [-] --> NALEZENO
[Faked.Drv][FILE] sffp_mmc.sys : C:\WINDOWS\system32\drivers\sffp_mmc.sys [-] --> NALEZENO
[Faked.Drv][FILE] kmixer.sys : C:\WINDOWS\system32\drivers\kmixer.sys [-] --> NALEZENO
[Faked.Drv][FILE] sparrow.sys : C:\WINDOWS\system32\drivers\sparrow.sys [-] --> NALEZENO
[Faked.Drv][FILE] kbdhid.sys : C:\WINDOWS\system32\drivers\kbdhid.sys [-] --> NALEZENO
[Faked.Drv][FILE] kbdclass.sys : C:\WINDOWS\system32\drivers\kbdclass.sys [-] --> NALEZENO
[Faked.Drv][FILE] smbali.sys : C:\WINDOWS\system32\drivers\smbali.sys [-] --> NALEZENO
[Faked.Drv][FILE] irda.sys : C:\WINDOWS\system32\drivers\irda.sys [-] --> NALEZENO
[Faked.Drv][FILE] ipsec.sys : C:\WINDOWS\system32\drivers\ipsec.sys [-] --> NALEZENO
[Faked.Drv][FILE] ipinip.sys : C:\WINDOWS\system32\drivers\ipinip.sys [-] --> NALEZENO
[Faked.Drv][FILE] imapi.sys : C:\WINDOWS\system32\drivers\imapi.sys [-] --> NALEZENO
[Faked.Drv][FILE] i2omp.sys : C:\WINDOWS\system32\drivers\i2omp.sys [-] --> NALEZENO
[Faked.Drv][FILE] i2omgmt.sys : C:\WINDOWS\system32\drivers\i2omgmt.sys [-] --> NALEZENO
[Faked.Drv][FILE] watv10nt.sys : C:\WINDOWS\system32\drivers\watv10nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] 1394bus.sys : C:\WINDOWS\system32\drivers\1394bus.sys [-] --> NALEZENO
[Faked.Drv][FILE] Hdaudbus.sys : C:\WINDOWS\system32\drivers\Hdaudbus.sys [-] --> NALEZENO
[Faked.Drv][FILE] flpydisk.sys : C:\WINDOWS\system32\drivers\flpydisk.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidclass.sys : C:\WINDOWS\system32\drivers\hidclass.sys [-] --> NALEZENO
[Faked.Drv][FILE] Hdaudio.sys : C:\WINDOWS\system32\drivers\Hdaudio.sys [-] --> NALEZENO
[Faked.Drv][FILE] HSF_DPV.sys : C:\WINDOWS\system32\drivers\HSF_DPV.sys [-] --> NALEZENO
[Faked.Drv][FILE] ftdisk.sys : C:\WINDOWS\system32\drivers\ftdisk.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidusb.sys : C:\WINDOWS\system32\drivers\hidusb.sys [-] --> NALEZENO
[Faked.Drv][FILE] mdmxsdk.sys : C:\WINDOWS\system32\drivers\mdmxsdk.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidparse.sys : C:\WINDOWS\system32\drivers\hidparse.sys [-] --> NALEZENO
[Faked.Drv][FILE] ESD7SK.sys : C:\WINDOWS\system32\drivers\ESD7SK.sys [-] --> NALEZENO
[Faked.Drv][FILE] alim1541.sys : C:\WINDOWS\system32\drivers\alim1541.sys [-] --> NALEZENO
[Faked.Drv][FILE] drmk.sys : C:\WINDOWS\system32\drivers\drmk.sys [-] --> NALEZENO
[Faked.Drv][FILE] enum1394.sys : C:\WINDOWS\system32\drivers\enum1394.sys [-] --> NALEZENO
[Faked.Drv][FILE] afd.sys : C:\WINDOWS\system32\drivers\afd.sys [-] --> NALEZENO
[Faked.Drv][FILE] dne2000.sys : C:\WINDOWS\system32\drivers\dne2000.sys [-] --> NALEZENO
[Faked.Drv][FILE] ksecdd.sys : C:\WINDOWS\system32\drivers\ksecdd.sys [-] --> NALEZENO
[Faked.Drv][FILE] CmBatt.sys : C:\WINDOWS\system32\drivers\CmBatt.sys [-] --> NALEZENO
[Faked.Drv][FILE] dmio.sys : C:\WINDOWS\system32\drivers\dmio.sys [-] --> NALEZENO
[Faked.Drv][FILE] classpnp.sys : C:\WINDOWS\system32\drivers\classpnp.sys [-] --> NALEZENO
[Faked.Drv][FILE] atmlane.sys : C:\WINDOWS\system32\drivers\atmlane.sys [-] --> NALEZENO
[Faked.Drv][FILE] DMusic.sys : C:\WINDOWS\system32\drivers\DMusic.sys [-] --> NALEZENO
[Faked.Drv][FILE] bridge.sys : C:\WINDOWS\system32\drivers\bridge.sys [-] --> NALEZENO
[Faked.Drv][FILE] asyncmac.sys : C:\WINDOWS\system32\drivers\asyncmac.sys [-] --> NALEZENO
[Faked.Drv][FILE] bcm4sbxp.sys : C:\WINDOWS\system32\drivers\bcm4sbxp.sys [-] --> NALEZENO
[Faked.Drv][FILE] aec.sys : C:\WINDOWS\system32\drivers\aec.sys [-] --> NALEZENO
[Faked.Drv][FILE] perc2hib.sys : C:\WINDOWS\system32\drivers\perc2hib.sys [-] --> NALEZENO
[Faked.Drv][FILE] acpi.sys : C:\WINDOWS\system32\drivers\acpi.sys [-] --> NALEZENO
[Faked.Drv][FILE] ESM7SK.sys : C:\WINDOWS\system32\drivers\ESM7SK.sys [-] --> NALEZENO
[Faked.Drv][FILE] watv06nt.sys : C:\WINDOWS\system32\drivers\watv06nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] EMS7SK.sys : C:\WINDOWS\system32\drivers\EMS7SK.sys [-] --> NALEZENO
[Faked.Drv][FILE] wadv11nt.sys : C:\WINDOWS\system32\drivers\wadv11nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] wadv09nt.sys : C:\WINDOWS\system32\drivers\wadv09nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] ialmnt5.sys : C:\WINDOWS\system32\drivers\ialmnt5.sys [-] --> NALEZENO
[Faked.Drv][FILE] wadv08nt.sys : C:\WINDOWS\system32\drivers\wadv08nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] w39n51.sys : C:\WINDOWS\system32\drivers\w39n51.sys [-] --> NALEZENO
[Faked.Drv][FILE] wadv07nt.sys : C:\WINDOWS\system32\drivers\wadv07nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] wacompen.sys : C:\WINDOWS\system32\drivers\wacompen.sys [-] --> NALEZENO
[Faked.Drv][FILE] viaagp.sys : C:\WINDOWS\system32\drivers\viaagp.sys [-] --> NALEZENO
[Faked.Drv][FILE] ip6fw.sys : C:\WINDOWS\system32\drivers\ip6fw.sys [-] --> NALEZENO
[Faked.Drv][FILE] smcirda.sys : C:\WINDOWS\system32\drivers\smcirda.sys [-] --> NALEZENO
[Faked.Drv][FILE] agpcpq.sys : C:\WINDOWS\system32\drivers\agpcpq.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbvideo.sys : C:\WINDOWS\system32\drivers\usbvideo.sys [-] --> NALEZENO
[Faked.Drv][FILE] rasirda.sys : C:\WINDOWS\system32\drivers\rasirda.sys [-] --> NALEZENO
[Faked.Drv][FILE] audstub.sys : C:\WINDOWS\system32\drivers\audstub.sys [-] --> NALEZENO
[Faked.Drv][FILE] agp440.sys : C:\WINDOWS\system32\drivers\agp440.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbehci.sys : C:\WINDOWS\system32\drivers\usbehci.sys [-] --> NALEZENO
[Faked.Drv][FILE] dpti2o.sys : C:\WINDOWS\system32\drivers\dpti2o.sys [-] --> NALEZENO
[Faked.Drv][FILE] aic78u2.sys : C:\WINDOWS\system32\drivers\aic78u2.sys [-] --> NALEZENO
[Faked.Drv][FILE] aic78xx.sys : C:\WINDOWS\system32\drivers\aic78xx.sys [-] --> NALEZENO
[Faked.Drv][FILE] adpu160m.sys : C:\WINDOWS\system32\drivers\adpu160m.sys [-] --> NALEZENO
[Faked.Drv][FILE] update.sys : C:\WINDOWS\system32\drivers\update.sys [-] --> NALEZENO
[Faked.Drv][FILE] aha154x.sys : C:\WINDOWS\system32\drivers\aha154x.sys [-] --> NALEZENO
[Faked.Drv][FILE] uagp35.sys : C:\WINDOWS\system32\drivers\uagp35.sys [-] --> NALEZENO
[Faked.Drv][FILE] cpqarray.sys : C:\WINDOWS\system32\drivers\cpqarray.sys [-] --> NALEZENO
[Faked.Drv][FILE] tunmp.sys : C:\WINDOWS\system32\drivers\tunmp.sys [-] --> NALEZENO
[Faked.Drv][FILE] symc810.sys : C:\WINDOWS\system32\drivers\symc810.sys [-] --> NALEZENO
[Faked.Drv][FILE] slwdmsup.sys : C:\WINDOWS\system32\drivers\slwdmsup.sys [-] --> NALEZENO
[Faked.Drv][FILE] perc2.sys : C:\WINDOWS\system32\drivers\perc2.sys [-] --> NALEZENO
[Faked.Drv][FILE] sym_hi.sys : C:\WINDOWS\system32\drivers\sym_hi.sys [-] --> NALEZENO
[Faked.Drv][FILE] slnthal.sys : C:\WINDOWS\system32\drivers\slnthal.sys [-] --> NALEZENO
[Faked.Drv][FILE] slntamr.sys : C:\WINDOWS\system32\drivers\slntamr.sys [-] --> NALEZENO
[Faked.Drv][FILE] hpn.sys : C:\WINDOWS\system32\drivers\hpn.sys [-] --> NALEZENO
[Faked.Drv][FILE] cd20xrnt.sys : C:\WINDOWS\system32\drivers\cd20xrnt.sys [-] --> NALEZENO
[Faked.Drv][FILE] ql10wnt.sys : C:\WINDOWS\system32\drivers\ql10wnt.sys [-] --> NALEZENO
[Faked.Drv][FILE] sym_u3.sys : C:\WINDOWS\system32\drivers\sym_u3.sys [-] --> NALEZENO
[Faked.Drv][FILE] symc8xx.sys : C:\WINDOWS\system32\drivers\symc8xx.sys [-] --> NALEZENO
[Faked.Drv][FILE] dac2w2k.sys : C:\WINDOWS\system32\drivers\dac2w2k.sys [-] --> NALEZENO
[Faked.Drv][FILE] ql1080.sys : C:\WINDOWS\system32\drivers\ql1080.sys [-] --> NALEZENO
[Faked.Drv][FILE] ql1240.sys : C:\WINDOWS\system32\drivers\ql1240.sys [-] --> NALEZENO
[Faked.Drv][FILE] ql12160.sys : C:\WINDOWS\system32\drivers\ql12160.sys [-] --> NALEZENO
[Faked.Drv][FILE] ql1280.sys : C:\WINDOWS\system32\drivers\ql1280.sys [-] --> NALEZENO
[Faked.Drv][FILE] slnt7554.sys : C:\WINDOWS\system32\drivers\slnt7554.sys [-] --> NALEZENO
[Faked.Drv][FILE] mraid35x.sys : C:\WINDOWS\system32\drivers\mraid35x.sys [-] --> NALEZENO
[Faked.Drv][FILE] sisagp.sys : C:\WINDOWS\system32\drivers\sisagp.sys [-] --> NALEZENO
[Faked.Drv][FILE] cbidf2k.sys : C:\WINDOWS\system32\drivers\cbidf2k.sys [-] --> NALEZENO
[Faked.Drv][FILE] asc3550.sys : C:\WINDOWS\system32\drivers\asc3550.sys [-] --> NALEZENO
[Faked.Drv][FILE] asc.sys : C:\WINDOWS\system32\drivers\asc.sys [-] --> NALEZENO
[Faked.Drv][FILE] asc3350p.sys : C:\WINDOWS\system32\drivers\asc3350p.sys [-] --> NALEZENO
[Faked.Drv][FILE] ABP480N5.SYS : C:\WINDOWS\system32\drivers\ABP480N5.SYS [-] --> NALEZENO
[Faked.Drv][FILE] amsint.sys : C:\WINDOWS\system32\drivers\amsint.sys [-] --> NALEZENO
[Faked.Drv][FILE] ini910u.sys : C:\WINDOWS\system32\drivers\ini910u.sys [-] --> NALEZENO
[Faked.Drv][FILE] sffp_sd.sys : C:\WINDOWS\system32\drivers\sffp_sd.sys [-] --> NALEZENO
[Faked.Drv][FILE] sffdisk.sys : C:\WINDOWS\system32\drivers\sffdisk.sys [-] --> NALEZENO
[Faked.Drv][FILE] ultra.sys : C:\WINDOWS\system32\drivers\ultra.sys [-] --> NALEZENO
[Faked.Drv][FILE] rndismpx.sys : C:\WINDOWS\system32\drivers\rndismpx.sys [-] --> NALEZENO
[Faked.Drv][FILE] aliide.sys : C:\WINDOWS\system32\drivers\aliide.sys [-] --> NALEZENO
[Faked.Drv][FILE] rfcomm.sys : C:\WINDOWS\system32\drivers\rfcomm.sys [-] --> NALEZENO
[Faked.Drv][FILE] toside.sys : C:\WINDOWS\system32\drivers\toside.sys [-] --> NALEZENO
[Faked.Drv][FILE] pciide.sys : C:\WINDOWS\system32\drivers\pciide.sys [-] --> NALEZENO
[Faked.Drv][FILE] cmdide.sys : C:\WINDOWS\system32\drivers\cmdide.sys [-] --> NALEZENO
[Faked.Drv][FILE] osaio.sys : C:\WINDOWS\system32\drivers\osaio.sys [-] --> NALEZENO
[Faked.Drv][FILE] osanbm.sys : C:\WINDOWS\system32\drivers\osanbm.sys [-] --> NALEZENO
[Faked.Drv][FILE] OsaFsLoc.sys : C:\WINDOWS\system32\drivers\OsaFsLoc.sys [-] --> NALEZENO
[Faked.Drv][FILE] NdisFilt.sys : C:\WINDOWS\system32\drivers\NdisFilt.sys [-] --> NALEZENO
[Faked.Drv][FILE] NETMNT.sys : C:\WINDOWS\system32\drivers\NETMNT.sys [-] --> NALEZENO
[Faked.Drv][FILE] recagent.sys : C:\WINDOWS\system32\drivers\recagent.sys [-] --> NALEZENO
[Faked.Drv][FILE] nv4_mini.sys : C:\WINDOWS\system32\drivers\nv4_mini.sys [-] --> NALEZENO
[Faked.Drv][FILE] ntmtlfax.sys : C:\WINDOWS\system32\drivers\ntmtlfax.sys [-] --> NALEZENO
[Faked.Drv][FILE] mutohpen.sys : C:\WINDOWS\system32\drivers\mutohpen.sys [-] --> NALEZENO
[Faked.Drv][FILE] mtxparhm.sys : C:\WINDOWS\system32\drivers\mtxparhm.sys [-] --> NALEZENO
[Faked.Drv][FILE] mtlstrm.sys : C:\WINDOWS\system32\drivers\mtlstrm.sys [-] --> NALEZENO
[Faked.Drv][FILE] mtlmnt5.sys : C:\WINDOWS\system32\drivers\mtlmnt5.sys [-] --> NALEZENO
[Faked.Drv][FILE] mssmbios.sys : C:\WINDOWS\system32\drivers\mssmbios.sys [-] --> NALEZENO
[Faked.Drv][FILE] hsfdpsp2.sys : C:\WINDOWS\system32\drivers\hsfdpsp2.sys [-] --> NALEZENO
[Faked.Drv][FILE] hsfcxts2.sys : C:\WINDOWS\system32\drivers\hsfcxts2.sys [-] --> NALEZENO
[Faked.Drv][FILE] hsfbs2s2.sys : C:\WINDOWS\system32\drivers\hsfbs2s2.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidir.sys : C:\WINDOWS\system32\drivers\hidir.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidbth.sys : C:\WINDOWS\system32\drivers\hidbth.sys [-] --> NALEZENO
[Faked.Drv][FILE] gagp30kx.sys : C:\WINDOWS\system32\drivers\gagp30kx.sys [-] --> NALEZENO
[Faked.Drv][FILE] fltMgr.sys : C:\WINDOWS\system32\drivers\fltMgr.sys [-] --> NALEZENO
[Faked.Drv][FILE] UBHelper.sys : C:\WINDOWS\system32\drivers\UBHelper.sys [-] --> NALEZENO
[Faked.Drv][FILE] NTIDrvr.sys : C:\WINDOWS\system32\drivers\NTIDrvr.sys [-] --> NALEZENO
[Faked.Drv][FILE] BCMWL5.SYS : C:\WINDOWS\system32\drivers\BCMWL5.SYS [-] --> NALEZENO
[Faked.Drv][FILE] bthusb.sys : C:\WINDOWS\system32\drivers\bthusb.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthprint.sys : C:\WINDOWS\system32\drivers\bthprint.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthport.sys : C:\WINDOWS\system32\drivers\bthport.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthpan.sys : C:\WINDOWS\system32\drivers\bthpan.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthmodem.sys : C:\WINDOWS\system32\drivers\bthmodem.sys [-] --> NALEZENO
[Faked.Drv][FILE] BthEnum.sys : C:\WINDOWS\system32\drivers\BthEnum.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinxsxx.sys : C:\WINDOWS\system32\drivers\atinxsxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinxbxx.sys : C:\WINDOWS\system32\drivers\atinxbxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atintuxx.sys : C:\WINDOWS\system32\drivers\atintuxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinttxx.sys : C:\WINDOWS\system32\drivers\atinttxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinsnxx.sys : C:\WINDOWS\system32\drivers\atinsnxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinrvxx.sys : C:\WINDOWS\system32\drivers\atinrvxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinraxx.sys : C:\WINDOWS\system32\drivers\atinraxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinpdxx.sys : C:\WINDOWS\system32\drivers\atinpdxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinmdxx.sys : C:\WINDOWS\system32\drivers\atinmdxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinbtxx.sys : C:\WINDOWS\system32\drivers\atinbtxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati2mtag.sys : C:\WINDOWS\system32\drivers\ati2mtag.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati2mtaa.sys : C:\WINDOWS\system32\drivers\ati2mtaa.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1xsxx.sys : C:\WINDOWS\system32\drivers\ati1xsxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1xbxx.sys : C:\WINDOWS\system32\drivers\ati1xbxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1tuxx.sys : C:\WINDOWS\system32\drivers\ati1tuxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1ttxx.sys : C:\WINDOWS\system32\drivers\ati1ttxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1snxx.sys : C:\WINDOWS\system32\drivers\ati1snxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1rvxx.sys : C:\WINDOWS\system32\drivers\ati1rvxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1raxx.sys : C:\WINDOWS\system32\drivers\ati1raxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1pdxx.sys : C:\WINDOWS\system32\drivers\ati1pdxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1mdxx.sys : C:\WINDOWS\system32\drivers\ati1mdxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1btxx.sys : C:\WINDOWS\system32\drivers\ati1btxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] amdk7.sys : C:\WINDOWS\system32\drivers\amdk7.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwrdr.sys : C:\WINDOWS\system32\drivers\nwrdr.sys [-] --> NALEZENO
[Faked.Drv][FILE] mqac.sys : C:\WINDOWS\system32\drivers\mqac.sys [-] --> NALEZENO
[Faked.Drv][FILE] irbus.sys : C:\WINDOWS\system32\drivers\irbus.sys [-] --> NALEZENO
[Faked.Drv][FILE] srv.sys : C:\WINDOWS\system32\drivers\srv.sys [-] --> NALEZENO
[Faked.Drv][FILE] tcpip.sys : C:\WINDOWS\system32\drivers\tcpip.sys [-] --> NALEZENO
[Faked.Drv][FILE] ssmdrv.sys : C:\WINDOWS\system32\drivers\ssmdrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] mup.sys : C:\WINDOWS\system32\drivers\mup.sys [-] --> NALEZENO
[Faked.Drv][FILE] CVirtA.sys : C:\WINDOWS\system32\drivers\CVirtA.sys [-] --> NALEZENO
[Faked.Drv][FILE] TrueSight.sys : C:\WINDOWS\system32\drivers\TrueSight.sys [-] --> NALEZENO
[Faked.Drv][FILE] pssdk42.sys : C:\WINDOWS\system32\drivers\pssdk42.sys [-] --> NALEZENO
[Faked.Drv][FILE] hxxp.sys : C:\WINDOWS\system32\drivers\hxxp.sys [-] --> NALEZENO
[Faked.Drv][FILE] RtkHDAud.Sys : C:\WINDOWS\system32\drivers\RtkHDAud.Sys [-] --> NALEZENO
[Faked.Drv][FILE] btserial.sys : C:\WINDOWS\system32\drivers\btserial.sys [-] --> NALEZENO
[Faked.Drv][FILE] btslbcsp.sys : C:\WINDOWS\system32\drivers\btslbcsp.sys [-] --> NALEZENO
[Faked.Drv][FILE] btport.sys : C:\WINDOWS\system32\drivers\btport.sys [-] --> NALEZENO
[Faked.Drv][FILE] btwdndis.sys : C:\WINDOWS\system32\drivers\btwdndis.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdralw2k.sys : C:\WINDOWS\system32\drivers\cdralw2k.sys [-] --> NALEZENO
[Faked.Drv][FILE] bcbthub.sys : C:\WINDOWS\system32\drivers\bcbthub.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdr4_xp.sys : C:\WINDOWS\system32\drivers\cdr4_xp.sys [-] --> NALEZENO
[Faked.Drv][FILE] btkrnl.sys : C:\WINDOWS\system32\drivers\btkrnl.sys [-] --> NALEZENO
[Faked.Drv][FILE] GemCCID.sys : C:\WINDOWS\system32\drivers\GemCCID.sys [-] --> NALEZENO
[Faked.Drv][FILE] tap0901.sys : C:\WINDOWS\system32\drivers\tap0901.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndproxy.sys : C:\WINDOWS\system32\drivers\ndproxy.sys [-] --> NALEZENO
[Faked.Drv][FILE] InCDfs.sys : C:\WINDOWS\system32\drivers\InCDfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] PxHelp20.sys : C:\WINDOWS\system32\drivers\PxHelp20.sys [-] --> NALEZENO
[Faked.Drv][FILE] mrxsmb.sys : C:\WINDOWS\system32\drivers\mrxsmb.sys [-] --> NALEZENO
[Faked.Drv][FILE] InCDPass.sys : C:\WINDOWS\system32\drivers\InCDPass.sys [-] --> NALEZENO
[Faked.Drv][FILE] InCDrec.sys : C:\WINDOWS\system32\drivers\InCDrec.sys [-] --> NALEZENO
[Faked.Drv][FILE] InCDRm.sys : C:\WINDOWS\system32\drivers\InCDRm.sys [-] --> NALEZENO
[Faked.Drv][FILE] wpdusb.sys : C:\WINDOWS\system32\drivers\wpdusb.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndistapi.sys : C:\WINDOWS\system32\drivers\ndistapi.sys [-] --> NALEZENO
[Faked.Drv][FILE] ssadwh.sys : C:\WINDOWS\system32\drivers\ssadwh.sys [-] --> NALEZENO
[Faked.Drv][FILE] w810bus.sys : C:\WINDOWS\system32\drivers\w810bus.sys [-] --> NALEZENO
[Faked.Drv][FILE] btaudio.sys : C:\WINDOWS\system32\drivers\btaudio.sys [-] --> NALEZENO
[Faked.Drv][FILE] w810wh.sys : C:\WINDOWS\system32\drivers\w810wh.sys [-] --> NALEZENO
[Faked.Drv][FILE] ssadcm.sys : C:\WINDOWS\system32\drivers\ssadcm.sys [-] --> NALEZENO
[Faked.Drv][FILE] w810whnt.sys : C:\WINDOWS\system32\drivers\w810whnt.sys [-] --> NALEZENO
[Faked.Drv][FILE] ssadbus.sys : C:\WINDOWS\system32\drivers\ssadbus.sys [-] --> NALEZENO
[Faked.Drv][FILE] BisonCam.sys : C:\WINDOWS\system32\drivers\BisonCam.sys [-] --> NALEZENO
[Faked.Drv][FILE] ssadwhnt.sys : C:\WINDOWS\system32\drivers\ssadwhnt.sys [-] --> NALEZENO
[Faked.Drv][FILE] ssadmdm.sys : C:\WINDOWS\system32\drivers\ssadmdm.sys [-] --> NALEZENO
[Faked.Drv][FILE] ssadcmnt.sys : C:\WINDOWS\system32\drivers\ssadcmnt.sys [-] --> NALEZENO
[Faked.Drv][FILE] wdf01000.sys : C:\WINDOWS\system32\drivers\wdf01000.sys [-] --> NALEZENO
[Faked.Drv][FILE] winusb.sys : C:\WINDOWS\system32\drivers\winusb.sys [-] --> NALEZENO
[Faked.Drv][FILE] ssadmdfl.sys : C:\WINDOWS\system32\drivers\ssadmdfl.sys [-] --> NALEZENO
[Faked.Drv][FILE] ssadserd.sys : C:\WINDOWS\system32\drivers\ssadserd.sys [-] --> NALEZENO
[Faked.Drv][FILE] mouhid.sys : C:\WINDOWS\system32\drivers\mouhid.sys [-] --> NALEZENO
[Faked.Drv][FILE] ssadadb.sys : C:\WINDOWS\system32\drivers\ssadadb.sys [-] --> NALEZENO
[Faked.Drv][FILE] w810mdm.sys : C:\WINDOWS\system32\drivers\w810mdm.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbprint.sys : C:\WINDOWS\system32\drivers\usbprint.sys [-] --> NALEZENO
[Faked.Drv][FILE] ASPI32.SYS : C:\WINDOWS\system32\drivers\ASPI32.SYS [-] --> NALEZENO
[Faked.Drv][FILE] StarOpen.sys : C:\WINDOWS\system32\drivers\StarOpen.sys [-] --> NALEZENO
[Faked.Drv][FILE] w810cm.sys : C:\WINDOWS\system32\drivers\w810cm.sys [-] --> NALEZENO
[Faked.Drv][FILE] w810cmnt.sys : C:\WINDOWS\system32\drivers\w810cmnt.sys [-] --> NALEZENO
[Faked.Drv][FILE] w810mdfl.sys : C:\WINDOWS\system32\drivers\w810mdfl.sys [-] --> NALEZENO
[Faked.Drv][FILE] dgderdrv.sys : C:\WINDOWS\system32\drivers\dgderdrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] ssudmdm.sys : C:\WINDOWS\system32\drivers\ssudmdm.sys [-] --> NALEZENO
[Faked.Drv][FILE] ssudobex.sys : C:\WINDOWS\system32\drivers\ssudobex.sys [-] --> NALEZENO
[Faked.Drv][FILE] wdfldr.sys : C:\WINDOWS\system32\drivers\wdfldr.sys [-] --> NALEZENO
[Faked.Drv][FILE] WudfPf.sys : C:\WINDOWS\system32\drivers\WudfPf.sys [-] --> NALEZENO
[Faked.Drv][FILE] WudfRd.sys : C:\WINDOWS\system32\drivers\WudfRd.sys [-] --> NALEZENO
[Faked.Drv][FILE] secdrv.sys : C:\WINDOWS\system32\drivers\secdrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] wstcodec.sys : C:\WINDOWS\system32\drivers\wstcodec.sys [-] --> NALEZENO
[Faked.Drv][FILE] wmiacpi.sys : C:\WINDOWS\system32\drivers\wmiacpi.sys [-] --> NALEZENO
[Faked.Drv][FILE] wdmaud.sys : C:\WINDOWS\system32\drivers\wdmaud.sys [-] --> NALEZENO
[Faked.Drv][FILE] wanarp.sys : C:\WINDOWS\system32\drivers\wanarp.sys [-] --> NALEZENO
[Faked.Drv][FILE] volsnap.sys : C:\WINDOWS\system32\drivers\volsnap.sys [-] --> NALEZENO
[Faked.Drv][FILE] videoprt.sys : C:\WINDOWS\system32\drivers\videoprt.sys [-] --> NALEZENO
[Faked.Drv][FILE] viaide.sys : C:\WINDOWS\system32\drivers\viaide.sys [-] --> NALEZENO
[Faked.Drv][FILE] vga.sys : C:\WINDOWS\system32\drivers\vga.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbuhci.sys : C:\WINDOWS\system32\drivers\usbuhci.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbstor.sys : C:\WINDOWS\system32\drivers\usbstor.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbport.sys : C:\WINDOWS\system32\drivers\usbport.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbintel.sys : C:\WINDOWS\system32\drivers\usbintel.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbhub.sys : C:\WINDOWS\system32\drivers\usbhub.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbccgp.sys : C:\WINDOWS\system32\drivers\usbccgp.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbcamd2.sys : C:\WINDOWS\system32\drivers\usbcamd2.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbcamd.sys : C:\WINDOWS\system32\drivers\usbcamd.sys [-] --> NALEZENO
[Faked.Drv][FILE] usb8023.sys : C:\WINDOWS\system32\drivers\usb8023.sys [-] --> NALEZENO
[Faked.Drv][FILE] udfs.sys : C:\WINDOWS\system32\drivers\udfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] termdd.sys : C:\WINDOWS\system32\drivers\termdd.sys [-] --> NALEZENO
[Faked.Drv][FILE] tdtcp.sys : C:\WINDOWS\system32\drivers\tdtcp.sys [-] --> NALEZENO
[Faked.Drv][FILE] tdpipe.sys : C:\WINDOWS\system32\drivers\tdpipe.sys [-] --> NALEZENO
[Faked.Drv][FILE] tdi.sys : C:\WINDOWS\system32\drivers\tdi.sys [-] --> NALEZENO
[Faked.Drv][FILE] tape.sys : C:\WINDOWS\system32\drivers\tape.sys [-] --> NALEZENO
[Faked.Drv][FILE] sysaudio.sys : C:\WINDOWS\system32\drivers\sysaudio.sys [-] --> NALEZENO
[Faked.Drv][FILE] swmidi.sys : C:\WINDOWS\system32\drivers\swmidi.sys [-] --> NALEZENO
[Faked.Drv][FILE] swenum.sys : C:\WINDOWS\system32\drivers\swenum.sys [-] --> NALEZENO
[Faked.Drv][FILE] StreamIP.sys : C:\WINDOWS\system32\drivers\StreamIP.sys [-] --> NALEZENO
[Faked.Drv][FILE] stream.sys : C:\WINDOWS\system32\drivers\stream.sys [-] --> NALEZENO
[Faked.Drv][FILE] sr.sys : C:\WINDOWS\system32\drivers\sr.sys [-] --> NALEZENO

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[25] : NtClose @ 0x805BC538 -> HOOKED (Unknown @ 0xF7C9806C)
SSDT[41] : NtCreateKey @ 0x80623FD6 -> HOOKED (Unknown @ 0xF7C98026)
SSDT[50] : NtCreateSection @ 0x805AB3D0 -> HOOKED (Unknown @ 0xF7C98076)
SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0xF7C9801C)
SSDT[63] : NtDeleteKey @ 0x80624472 -> HOOKED (Unknown @ 0xF7C9802B)
SSDT[65] : NtDeleteValueKey @ 0x80624642 -> HOOKED (Unknown @ 0xF7C98035)
SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0xF7C98067)
SSDT[98] : NtLoadKey @ 0x806261FA -> HOOKED (Unknown @ 0xF7C9803A)
SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0xF7C98008)
SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0xF7C9800D)
SSDT[177] : NtQueryValueKey @ 0x806221FA -> HOOKED (Unknown @ 0xF7C9808F)
SSDT[193] : NtReplaceKey @ 0x806260AA -> HOOKED (Unknown @ 0xF7C98044)
SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D7E -> HOOKED (Unknown @ 0xF7C98080)
SSDT[204] : NtRestoreKey @ 0x806259B6 -> HOOKED (Unknown @ 0xF7C9803F)
SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0xF7C9807B)
SSDT[237] : NtSetSecurityObject @ 0x805C0636 -> HOOKED (Unknown @ 0xF7C98085)
SSDT[247] : NtSetValueKey @ 0x80622548 -> HOOKED (Unknown @ 0xF7C98030)
SSDT[255] : NtSystemDebugControl @ 0x80617FAA -> HOOKED (Unknown @ 0xF7C9808A)
SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0xF7C98017)
S_SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0xF7C9809E)
S_SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0xF7C980A3)

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
193.245.35.130 www2.csob.cz
193.245.35.131 www2.csobpf.cz
91.221.72.64 www.ingkonto.cz
91.221.72.64 www.ingkonto.cz
91.221.72.65 www.ingkonto.sk
91.221.72.65 www.ingkonto.sk
91.221.72.66 ingkonto.ingbank.cz
91.221.72.66 ingkonto.ingbank.cz
91.221.72.67 ingkonto.ingbank.sk
91.221.72.67 ingkonto.ingbank.sk
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwebsearch.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9100824A +++++
--- User ---
[MBR] 26e99b56637d460ec055efed7b8a52ec
[BSP] e5aba2262621711fb837293f9548c7e7 : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 4996 Mo
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 10233405 | Size: 44947 Mo
2 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 102285855 | Size: 45449 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_02132013_02d2004.txt >>
RKreport[1]_S_02132013_02d2004.txt

[Márty84]

Vypnete na chvili antivir, at nebrani programku v praci.
Znovu spustte RogueKiller (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

[zeleninka100]

kdyz dam zpravu tak mi to nic nenapise, nevím co stim mam dělat.

[Márty84]

Zkuste to v nouzovem rezimu.


Do nouzoveho rezimu se dostanete takto:
restartujte pc, mackejte klavesu F8 - pripadne jinou, zalezi na typu stroje - a zvolte moznost nouzovy rezim, nebo kdyby to neslo, zde je jiny postup http://forum.viry.cz/viewtopic.php?f=46&t=7554

[zeleninka100]

Boužel ani v nouzovem systemu mi nenapsalo zpravu.

[Márty84]

Takze se na plose (nebo v miste ulozeni programu) neobjevujou nove textove dokumenty?


Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku