VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Podezření na havět

https://forum.viry.cz:443/viewtopic.php?t=134904

Stránka 1 z 1

Podezření na havět

Napsal: 23 pro 2013 20:12
od Petr1675
Dobrý den,

Mám podezřeni, že mám v PC nějakou havět. Zde přikládám log z HijackThis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:57:20, on 23.12.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil_.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ASUS\Printer Utilities\UsbService.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
C:\Documents and Settings\Sanda.PETA\Dokumenty\Stažené soubory\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60747
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60747
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60747
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60747
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60747
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Downlloaod KeepeR - {4129D1CF-1D19-244E-DCEB-56083FE1CB43} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0544115828
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlls.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Eltima Usb to Ethernet Connector (UsbService) - ASUSTek COMPUTER INC. - C:\Program Files\ASUS\Printer Utilities\UsbService.exe
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\viakaraokesrv.exe

--
End of file - 11252 bytes

Re: Podezření na havět

Napsal: 23 pro 2013 20:32
od Rudy
Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

Re: Podezření na havět

Napsal: 23 pro 2013 20:39
od Petr1675
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-12-2013
Ran by Sanda (administrator) on PETA on 23-12-2013 20:30:29
Running from C:\Documents and Settings\Sanda.PETA\Dokumenty\Stažené soubory
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 6
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IObit) C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Macrovision Corporation) C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(IVT Corporation.) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil_.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\WINDOWS\system32\PnkBstrA.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(ASUSTek COMPUTER INC.) C:\Program Files\ASUS\Printer Utilities\UsbService.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
(EFD Software) C:\Hry\HD Tune\HDTune.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.exe [16384000 2007-08-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] - C:\WINDOWS\SkyTel.exe [1826816 2007-08-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\WINDOWS\Alcmtr.exe [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [BluetoothAuthenticationAgent] - rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [40983152 2010-08-11] (VIA Technologies, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512 2013-06-15] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-21] (AVAST Software)
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\RelevantKnowledge: C:\Program Files\RelevantKnowledge\rlls.dll [X]
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [133104 2011-08-01] (Google Inc.)
HKCU\...\Run: [ISUSPM] - C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe [226904 2007-07-12] (Macrovision Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
HKCU\...\Policies\Explorer: [NoSecurityTab] 0
HKCU\...\Policies\Explorer: [_NoDriveTypeAutoRun] 145
HKU\Sanda\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKU\Sanda\...\Run: [PcSync] - C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
HKU\Sanda\...\Run: [ISUSPM] - C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe [ 2007-07-12] (Macrovision Corporation)
HKU\Sanda\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Sanda\...\Run: [Sony Ericsson PC Companion] - "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
HKU\Sanda\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-11-15] (Skype Technologies S.A.)
HKU\Sanda\...\Run: [Google Update] - C:\Documents and Settings\Sanda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [ 2011-04-13] (Google Inc.)
HKU\Sanda\...\Run: [ICQ] - ~"C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
Lsa: [Notification Packages] scecli
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BlueSoleil.lnk
ShortcutTarget: BlueSoleil.lnk -> C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe ()
Startup: C:\Documents and Settings\Sanda.PETA\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=062513
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... }&ch_id=sm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60747
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60747
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60747
URLSearchHook: HKCU - (No Name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
URLSearchHook: HKCU - (No Name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - No File
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... earchTerms}
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... earchTerms}
SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2304157
SearchScopes: HKCU - Plasmoo URL = http://plasmoo.com/index.htm?SearchMash ... earchTerms}
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/custom/java/re ... tid=OSJ000
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.com/search/dispatche ... tbid=60747
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2304157
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: No Name - {4129D1CF-1D19-244E-DCEB-56083FE1CB43} - No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll (Unitech LLC)
BHO: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Sanda.PETA\Data aplikací\Mozilla\Firefox\Profiles\6ved3550.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.2.32 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 - c:\Program Files\Sony\Media Go\npmediago.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}] - C:\Program Files\RelevantKnowledge
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=062513
CHR RestoreOnStartup: "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=062513", "hxxp://www.google.com/"
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\19.0.1084.56\gcswf32.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikac\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Relevant-Knowledge) - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikac\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.332.1_0\plugins/rlcm.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikac\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Java(TM) Platform SE 6 U32) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\WINDOWS\system32\npdeployJava1.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Media Go Detector) - c:\Program Files\Sony\Media Go\npmediago.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (SearchNewTab) - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aocdikfhnflhejgebjjlhiiblhoiljbl\1
CHR Extension: (YouTube) - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Downlloaod KeepeR) - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bnbijincjombnkhmpnghmadgilbfkjbn\1.6
CHR Extension: (Google Search) - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (RealDownloader) - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (ssaFe! save) - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nljilkmgccdnhaofccmgbgllfmkkeaei\1
CHR Extension: (Gmail) - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [giacfgjdclhnmkacnfbaljbmpnelflol] - C:\Program Files\iVIDI.org plugin\ividiplg.crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [kpdhgpkkloealnjnmepfhanpcleldbef] - C:\Program Files\Unitech LLC\ividi\1.8.23.0\ividi.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-21] (AVAST Software)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1664336 2013-11-29] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2013-10-11] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2012-04-03] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 UsbService; C:\Program Files\ASUS\Printer Utilities\UsbService.exe [217088 2009-05-05] (ASUSTek COMPUTER INC.)
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-07-12] (VIA Technologies, Inc.)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2006-06-18] (Advanced Micro Devices)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2013-12-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2013-12-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-21] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2013-12-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2013-12-21] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2013-12-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-21] ()
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [34704 2007-05-11] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [27792 2007-03-05] (IVT Corporation.)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [18320 2007-03-05] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [36496 2007-05-09] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [20880 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [35600 2007-03-05] (IVT Corporation.)
S3 BTNetFilter; C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [22416 2006-11-21] (IVT Corporation.)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 L1c; C:\Windows\System32\DRIVERS\l1c51x86.sys [75504 2011-08-11] (Atheros Communications, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R1 MpKsl8df5bad5; c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BACEDC68-E364-4F74-9EC1-FA5E3543ACDF}\MpKsl8df5bad5.sys [40392 2013-12-23] (Microsoft Corporation)
S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [58752 2007-03-06] (NVIDIA Corporation)
S3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [19968 2007-03-06] (NVIDIA Corporation)
S3 PCASp50; C:\Windows\System32\Drivers\PCASp50.sys [52800 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104616 2008-11-04] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2009-11-19] (MCCI Corporation)
S3 SE27bus; C:\Windows\System32\DRIVERS\SE27bus.sys [61600 2006-09-18] (MCCI)
S3 SE27mdfl; C:\Windows\System32\DRIVERS\SE27mdfl.sys [9360 2006-09-18] (MCCI)
S3 SE27mdm; C:\Windows\System32\DRIVERS\SE27mdm.sys [97184 2006-09-18] (MCCI)
S3 SE27mgmt; C:\Windows\System32\DRIVERS\SE27mgmt.sys [88688 2006-09-18] (MCCI)
S3 se27nd5; C:\Windows\System32\DRIVERS\se27nd5.sys [18704 2006-09-18] (MCCI)
S3 SE27obex; C:\Windows\System32\DRIVERS\SE27obex.sys [86560 2006-09-18] (MCCI)
S3 se27unic; C:\Windows\System32\DRIVERS\se27unic.sys [90800 2006-09-18] (MCCI)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [14776 2010-11-26] ()
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [34448 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [44304 2007-03-05] (IVT Corporation.)
S3 VHidMinidrv; C:\Windows\System32\drivers\VHIDMini.sys [19472 2007-03-05] (IVT Corporation.)
S3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [2127728 2010-08-04] (VIA Technologies, Inc.)
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [66432 2007-12-20] ()
S3 w200bus; C:\Windows\System32\DRIVERS\w200bus.sys [61504 2006-11-07] (MCCI)
S3 w200mdfl; C:\Windows\System32\DRIVERS\w200mdfl.sys [9328 2006-11-07] (MCCI)
S3 w200mdm; C:\Windows\System32\DRIVERS\w200mdm.sys [97056 2006-11-07] (MCCI)
S3 w200mgmt; C:\Windows\System32\DRIVERS\w200mgmt.sys [88560 2006-11-07] (MCCI)
S3 w200obex; C:\Windows\System32\DRIVERS\w200obex.sys [86368 2006-11-07] (MCCI)
S3 btaudio; system32\drivers\btaudio.sys [x]
S3 BTDriver; system32\DRIVERS\btport.sys [x]
S3 BTKRNL; system32\DRIVERS\btkrnl.sys [x]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [x]
S3 btwhid; system32\DRIVERS\btwhid.sys [x]
S3 BTWUSB; System32\Drivers\btwusb.sys [x]
S3 EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwdhirep; No ImagePath
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL;
R3 XDva405; \??\C:\WINDOWS\system32\XDva405.sys [x]
R3 XDva407; \??\C:\WINDOWS\system32\XDva407.sys [x]

========================== Drivers MD5 =======================

C:\Windows\System32\DRIVERS\ACPI.sys 4FE34F1F3126B61FCC6B2043AA8112C9
C:\Windows\System32\Drivers\ACPIEC.sys AFDFF022A01F0B11C776F0860C3B282F
C:\Windows\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\Windows\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\Windows\System32\DRIVERS\AmdK8.sys F6F5E047369784E607F3A636AC576148
C:\WINDOWS\system32\drivers\aswMonFlt.sys 6F1505608202BBD179095A6A150D103F
C:\WINDOWS\system32\drivers\aswRdr.sys B269C41DF93EFF71DF0986BD982D1C46
C:\Windows\System32\Drivers\aswRvrt.sys F385467DF95D0A73775CB3B076B8B969
C:\WINDOWS\system32\drivers\aswSnx.sys 0F639D0526820BA7872C963813E0EB8D
C:\WINDOWS\system32\drivers\aswSP.sys 7BA7543EA7936A7ADA615F6DE7C95494
C:\WINDOWS\system32\drivers\aswTdi.sys 875D2B1054F2ECD8F575D6CBE78DD7BA
C:\Windows\System32\Drivers\aswVmm.sys 1B0662514A68C3A42E60D240C5ABEF28
C:\Windows\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\Windows\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\Windows\System32\DRIVERS\ati2mtag.sys 913DA327AD22C6FA44C41D36FD8CC570
C:\Windows\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\Windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\Windows\System32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\Windows\System32\DRIVERS\blueletaudio.sys 852A1BD08E7DFEB9E30B5440881C0501
C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys 8FC27B12A02B43947787F0EF1885DF9B
C:\Windows\System32\DRIVERS\btnetdrv.sys C5CCE2B26F73F8CF7F3C82159E79AA08
C:\Windows\System32\Drivers\btcusb.sys DA473D279420234170DA795F1CAD4479
C:\Windows\System32\DRIVERS\BthEnum.sys B279426E3C0C344893ED78A613A73BDE
C:\Windows\System32\Drivers\vbtenum.sys CE643D0918123D76A5CAAB008FCA9663
C:\Windows\System32\Drivers\BTHidMgr.sys DFCA4FE4C8AEC786B4D0F432EB730F48
C:\Windows\System32\DRIVERS\bthmodem.sys FCA6F069597B62D42495191ACE3FC6C1
C:\Windows\System32\DRIVERS\bthpan.sys 80602B8746D3738F5886CE3D67EF06B6
C:\Windows\System32\Drivers\BTHport.sys F338662A6C1FC11DD9508F6DFF2C06A2
C:\Windows\System32\Drivers\BTHUSB.sys 61364CD71EF63B0F038B7E9DF00F1EFA
C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys 4F26303BECBB7CC5CA8FF39593124CF2
C:\Windows\System32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\Windows\System32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\Windows\System32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\Windows\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\Windows\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\Windows\System32\drivers\dmboot.sys DB5FD2BF5B07DC54BFCB3664FF05BD7C
C:\Windows\System32\drivers\dmio.sys FFF1720AF51171F32F1EAD5CF71F2810
C:\Windows\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\Windows\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\Windows\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\Windows\System32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\Windows\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\Windows\System32\Drivers\Fips.sys AC366695A0796560AA37215AD5762AAF
C:\Windows\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\Windows\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\Windows\System32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\Windows\System32\DRIVERS\ftdisk.sys 4E664D8541DB4A66B73A24257E322E1F
C:\Windows\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\Windows\System32\DRIVERS\hamachi.sys 833051C6C6C42117191935F734CFBD97
C:\Windows\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
C:\Windows\System32\DRIVERS\hidbth.sys 0D349DC78C6EE16E655557E325A67D9C
C:\Windows\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\Windows\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\Windows\System32\DRIVERS\i8042prt.sys C528E27945367191E7BAE364930B6932
C:\Windows\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\Windows\System32\drivers\RtkHDAud.sys 8F924588C272FDAA28CF31A9BBC21A72
C:\Windows\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\Windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\Windows\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\Windows\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\Windows\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\Windows\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\Windows\System32\DRIVERS\isapnp.sys CC9F8A2D60AED1A51A3AC34C59B987AE
C:\Windows\System32\DRIVERS\kbdclass.sys 1B6162FE7F66B1A71A4B70F941C4AA9B
C:\Windows\System32\DRIVERS\kbdhid.sys 86C8F23616C6C6E5B2776901C17B945B
C:\Windows\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\Windows\System32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\Windows\System32\DRIVERS\l1c51x86.sys CDA416A81CEDCA675CC3316A0617A213
C:\Windows\System32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\Windows\System32\Drivers\Modem.sys 44032B0C6D9954D3FD26438330B99EE7
C:\Windows\System32\DRIVERS\mouclass.sys 4CB582831DBDE63CE43B45D771218374
C:\Windows\System32\DRIVERS\mouhid.sys BB269EBA740737AB749B214D568B6812
C:\Windows\System32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\Windows\System32\DRIVERS\MpFilter.sys E77DC03DD3C8E5A388BF9EED2A28F3D1
c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BACEDC68-E364-4F74-9EC1-FA5E3543ACDF}\MpKsl8df5bad5.sys 06D4F934E09C359B0EFBFB3146F1D910
C:\Windows\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\Windows\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\Windows\System32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\Windows\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\Windows\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\Windows\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\Windows\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\Windows\System32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\Windows\System32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\Windows\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\Windows\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\Windows\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\Windows\System32\Drivers\NDProxy.sys 9282BD12DFB069D3889EB3FCC1000A9B
C:\Windows\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\Windows\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\Windows\System32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\Windows\System32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\Windows\System32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\Windows\System32\DRIVERS\nv4_mini.sys F43B110E1E97EB5606AB51AEA2A26247
C:\Windows\System32\DRIVERS\NVENETFD.sys D875346596BD48D74AC9B9BE791B8D69
C:\Windows\System32\DRIVERS\nvnetbus.sys F02C1C5E84C37667ECD3EEA5958449BC
C:\Windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\Windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\Windows\System32\DRIVERS\parport.sys 46F8DB73B4A53E543F8E371DC7C75BAE
C:\Windows\System32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\Windows\System32\Drivers\ParVdm.sys 1FAE19D0457176318BBA4A8795656EBC
C:\Windows\System32\Drivers\PCASp50.sys 5F0ED2F6DA0DF347AB7777EEDD5253BB
C:\Windows\System32\DRIVERS\pci.sys 6CE351D149CB4BEFC702951E471E1730
C:\Windows\System32\DRIVERS\pciide.sys 2DA4EC85E0EA7A45C6B2A05820492D5A
C:\Windows\System32\Drivers\Pcmcia.sys 4FC31E6C19A5CE5198B1ABFF94CAE758
C:\Windows\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\Windows\System32\DRIVERS\processr.sys 7EB15DCE4EC3A0220BD796A15C18186E
C:\Windows\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\Windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\Windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\Windows\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\Windows\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\Windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\Windows\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\Windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\Windows\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\Windows\System32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\Windows\System32\DRIVERS\redbook.sys 611BFD220305BE3A85AE876EA47D4AA5
C:\Windows\System32\DRIVERS\rfcomm.sys 851C30DF2807FCFA21E4C681A7D6440E
C:\Windows\System32\Drivers\RootMdm.sys D8B0B4ADE32574B2D9C5CC34DC0DBBE7
C:\Windows\System32\DRIVERS\s0016bus.sys 59509AD6CBC28F2C73056268985B3E48
C:\Windows\System32\DRIVERS\s0016mdfl.sys B98C3A6F91F4FBA285AF9606A240C6B4
C:\Windows\System32\DRIVERS\s0016mdm.sys 8A83426F4FB7B5212825D9DE76368B1A
C:\Windows\System32\DRIVERS\s0016mgmt.sys 7A78BBA97FEB5E6D24C49E93A3BF7287
C:\Windows\System32\DRIVERS\s0016nd5.sys 34EF7B5F611957B73E7219DD5A222AD1
C:\Windows\System32\DRIVERS\s0016obex.sys 36792935847143E4A3CDA0DC87248487
C:\Windows\System32\DRIVERS\s0016unic.sys 927208754FB27FC3E7A659E77500C5D1
C:\Windows\System32\DRIVERS\s1018bus.sys 12A851F30853A5A8E7B50341FA4B0FFB
C:\Windows\System32\DRIVERS\s1018mdfl.sys A0141D5DC689A892B3F30446CBE52575
C:\Windows\System32\DRIVERS\s1018mdm.sys 07D430E4B2BFDE6B07F31F1DA6E7CAB0
C:\Windows\System32\DRIVERS\s1018mgmt.sys D73C20D3F0F825C8FD23F841CDCB14C0
C:\Windows\System32\DRIVERS\s1018nd5.sys 895A1A2812DBD5AFDD5CA4686A89A33C
C:\Windows\System32\DRIVERS\s1018obex.sys A986E9683C74FA06456FD2AD34BA1490
C:\Windows\System32\DRIVERS\s1018unic.sys DA83525924C23F30F37AC1D1F11D6F15
C:\Windows\System32\DRIVERS\s1039bus.sys D0EEDC88876B20D42157CDCCA3E647F3
C:\Windows\System32\DRIVERS\s1039mdfl.sys 58780C6C3AD51DA84B57D6AE42DC49CA
C:\Windows\System32\DRIVERS\s1039mdm.sys 1FF8B42D1346133A945B52876376ED40
C:\Windows\System32\DRIVERS\s1039mgmt.sys 2649CA09585A7531126DCC116AD1F88C
C:\Windows\System32\DRIVERS\s1039nd5.sys 6D3F549EFD6DAEDD7D12F3DE2175053F
C:\Windows\System32\DRIVERS\s1039obex.sys 305E3E3ACA0037AF2E2C1B50A383C91B
C:\Windows\System32\DRIVERS\s1039unic.sys 7DD02A58277C84C043442561589914F4
C:\Windows\System32\DRIVERS\SE27bus.sys 59A9EB4073A39895AF314780D0A032FA
C:\Windows\System32\DRIVERS\SE27mdfl.sys D53E7E53107D1796825540129F8FE89F
C:\Windows\System32\DRIVERS\SE27mdm.sys 2AFA2F65A6E91DA5B5070E734769827E
C:\Windows\System32\DRIVERS\SE27mgmt.sys 5A33A8D7B44C7BD8ABE248B4DCD1FF3C
C:\Windows\System32\DRIVERS\se27nd5.sys BB30139683BBF3EE89EC931393D9335C
C:\Windows\System32\DRIVERS\SE27obex.sys 5DA6FF71E94B9134DDD094EBB09F05E6
C:\Windows\System32\DRIVERS\se27unic.sys 4D54A9D7C22157AB3D2442E8BCF5ECD2
C:\Windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\Windows\System32\DRIVERS\serial.sys B842729337C9B921615C40D3C1A1AF96
C:\Windows\System32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\Windows\System32\Drivers\SmartDefragDriver.sys 14BB60A4F1C5291217A05D5728C403E6
C:\Windows\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\Windows\System32\DRIVERS\sr.sys 94610C8653635E4459316A0050D55CE7
C:\Windows\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\Windows\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\Windows\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\Windows\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\Windows\System32\DRIVERS\tcpip.sys D9F19E78F98834CB411D6AD3C68D181A
C:\Windows\System32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\Windows\System32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\Windows\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\Windows\System32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\Windows\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\Windows\System32\drivers\usbaudio.sys 65898A183FBF1D1F7759D5CCB364DCD4
C:\Windows\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\Windows\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\Windows\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\Windows\System32\DRIVERS\usbohci.sys 0DAECCE65366EA32B162F85F07C6753B
C:\Windows\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\Windows\System32\DRIVERS\usbscan.sys F8EDE2B6928970DCE3D5614C27D9E7F6
C:\Windows\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\Windows\System32\DRIVERS\VComm.sys 51750B0539986186C6931FC40D171521
C:\Windows\System32\Drivers\VcommMgr.sys 6D9C891C0A761AFED1F3609C2E56F2B9
C:\Windows\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\Windows\System32\drivers\VHIDMini.sys B2A7F67DF95E5FFF5129734F854B7705
C:\Windows\System32\drivers\viahduaa.sys 3082F6F16F90EBCC85BF2A3D9880F3C5
C:\Windows\System32\Drivers\VolSnap.sys 28A4B296B47782173C346E376CB374D1
C:\Windows\System32\DRIVERS\vuhub.sys C21DBD71AA028B3D213460F88D43BBFD
C:\Windows\System32\DRIVERS\w200bus.sys 34923E278EAC7DDCEA717AE1FCF592F6
C:\Windows\System32\DRIVERS\w200mdfl.sys EFF90A983CD3DEAB05922242E8072DC6
C:\Windows\System32\DRIVERS\w200mdm.sys F03DA4FBB2708A0B5409EA63E88C0F50
C:\Windows\System32\DRIVERS\w200mgmt.sys 1522D6387E6BB54AEF9824B1733832DB
C:\Windows\System32\DRIVERS\w200obex.sys 8405BE0BBA1CCF26D0FBDD26BE03C816
C:\Windows\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\Windows\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\Windows\System32\DRIVERS\wmiacpi.sys C42584FD66CE9E17403AEBCA199F7BDB
C:\Windows\System32\DRIVERS\wpdusb.sys CF4DEF1BF66F06964DC0D91844239104
C:\Windows\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311
C:\Windows\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-23 20:29 - 2013-12-23 20:29 - 00000000 ____D C:\FRST
2013-12-23 20:24 - 2013-12-23 20:24 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune
2013-12-22 14:27 - 2013-12-23 19:41 - 00001874 _____ C:\WINDOWS\setupapi.log
2013-12-22 03:01 - 2013-12-22 03:01 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Dokumenty\Bluetooth
2013-12-22 03:01 - 2013-12-22 03:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\LogMeIn
2013-12-22 03:01 - 2013-12-22 03:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Bluetooth
2013-12-21 23:00 - 2013-12-21 23:00 - 00000762 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2013-12-21 23:00 - 2013-12-21 23:00 - 00000756 _____ C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2013-12-21 23:00 - 2013-12-21 23:00 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-21 23:00 - 2013-12-21 23:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-21 22:59 - 2013-12-21 22:59 - 23882680 _____ (Mozilla) C:\Documents and Settings\Sanda.PETA\Dokumenty\Firefox Setup 26.0.exe
2013-12-21 21:16 - 2013-12-23 20:30 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Dokumenty\Stažené soubory
2013-12-21 19:12 - 2013-12-23 19:12 - 00000362 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-12-21 19:12 - 2013-12-21 19:12 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00001765 _____ C:\Documents and Settings\All Users\Plocha\avast!.lnk
2013-12-21 19:12 - 2013-12-21 19:12 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Data aplikací\AVAST Software
2013-12-21 19:12 - 2013-12-21 19:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2013-12-21 19:12 - 2013-12-21 19:11 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-12-21 19:11 - 2013-12-21 19:11 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-12-21 19:09 - 2013-12-21 19:09 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-21 19:09 - 2013-12-21 19:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-12-21 06:36 - 2013-12-23 16:19 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-12-21 06:35 - 2013-12-23 16:30 - 00000366 ____H C:\WINDOWS\Tasks\MpIdleTask.job
2013-12-21 02:54 - 2013-12-21 02:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898785$
2013-12-21 02:54 - 2013-12-21 02:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-21 02:53 - 2013-12-21 02:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-21 02:49 - 2013-12-21 02:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-21 02:49 - 2013-12-21 02:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-21 02:49 - 2013-12-21 02:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-20 15:15 - 2013-12-21 02:54 - 00001730 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
2013-12-20 15:15 - 2013-12-21 02:53 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-12-20 11:02 - 2013-12-21 22:58 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Mozilla Firefox
2013-12-11 20:05 - 2013-12-11 20:05 - 09293192 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-12-07 17:46 - 2013-12-07 17:46 - 00000000 ____D C:\Program Files\Common Files\DirectX
2013-12-07 17:34 - 2013-12-07 17:34 - 00000728 _____ C:\Documents and Settings\Sanda.PETA\Plocha\MicroVolts.lnk
2013-12-07 17:34 - 2013-12-07 17:34 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\MicroVolts
2013-12-07 17:30 - 2013-12-23 19:31 - 00000000 ____D C:\Program Files\MicroVolts
2013-12-07 17:09 - 2013-12-07 17:30 - 00000000 ____D C:\MicroVolts Package
2013-12-03 19:17 - 2013-12-03 19:17 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2013-12-03 19:17 - 2013-12-03 19:17 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\LogMeIn Hamachi
2013-12-01 01:18 - 2013-12-01 01:18 - 00526192 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2013-12-01 00:05 - 2013-12-01 00:07 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Overwolf
2013-11-24 17:51 - 2013-11-24 17:51 - 00000492 _____ C:\Documents and Settings\Sanda.PETA\Plocha\Mamča.lnk
2013-11-23 22:55 - 2013-11-23 22:55 - 00000821 _____ C:\Documents and Settings\Sanda.PETA\Plocha\CrossFire.lnk

==================== One Month Modified Files and Folders =======

2013-12-23 20:30 - 2013-12-21 21:16 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Dokumenty\Stažené soubory
2013-12-23 20:29 - 2013-12-23 20:29 - 00000000 ____D C:\FRST
2013-12-23 20:24 - 2013-12-23 20:24 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune
2013-12-23 20:24 - 2008-12-17 22:08 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-12-23 20:24 - 2008-12-17 15:29 - 00000000 ___RD C:\Hry
2013-12-23 20:05 - 2012-11-07 19:25 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-23 19:54 - 2012-03-11 11:39 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-23 19:53 - 2012-12-09 16:51 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Data aplikací\TS3Client
2013-12-23 19:45 - 2011-08-01 20:27 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1482476501-725345543-1003UA.job
2013-12-23 19:41 - 2013-12-22 14:27 - 00001874 _____ C:\WINDOWS\setupapi.log
2013-12-23 19:31 - 2013-12-07 17:30 - 00000000 ____D C:\Program Files\MicroVolts
2013-12-23 19:12 - 2013-12-21 19:12 - 00000362 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-12-23 18:54 - 2013-09-01 00:24 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Dokumenty\Cross Fire
2013-12-23 16:54 - 2012-03-11 11:39 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-23 16:30 - 2013-12-21 06:35 - 00000366 ____H C:\WINDOWS\Tasks\MpIdleTask.job
2013-12-23 16:19 - 2013-12-21 06:36 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-12-23 16:13 - 2008-12-17 22:09 - 01030804 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-23 16:09 - 2013-06-15 11:30 - 00000300 _____ C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1292428093-1482476501-725345543-1003.job
2013-12-23 16:09 - 2013-06-15 11:25 - 00000286 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1292428093-1482476501-725345543-1003.job
2013-12-23 16:09 - 2013-06-15 11:25 - 00000278 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1292428093-1482476501-725345543-1003.job
2013-12-23 16:09 - 2013-02-03 21:36 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\LogMeIn Hamachi
2013-12-23 16:09 - 2013-02-03 21:35 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
2013-12-23 16:09 - 2013-01-02 19:27 - 00000278 _____ C:\WINDOWS\Tasks\SmartDefragUpdate.job
2013-12-23 16:09 - 2013-01-02 02:02 - 00000308 _____ C:\WINDOWS\Tasks\GlaryInitialize.job
2013-12-23 16:09 - 2008-12-17 22:11 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-12-23 16:09 - 2008-12-17 22:11 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-12-23 16:09 - 2001-10-25 15:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-23 16:08 - 2012-11-28 18:28 - 00000280 _____ C:\WINDOWS\Tasks\SmartDefrag_Startup.job
2013-12-23 16:08 - 2008-12-17 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-23 12:53 - 2013-10-05 21:09 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Data aplikací\Skype
2013-12-23 10:05 - 2008-12-17 14:21 - 00032484 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-23 08:50 - 2008-12-17 14:16 - 01551751 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-22 23:45 - 2011-05-12 05:52 - 00000178 __SHC C:\Documents and Settings\Sanda.PETA\ntuser.ini
2013-12-22 21:24 - 2013-11-22 23:44 - 00000000 ____D C:\CFLog
2013-12-22 20:45 - 2011-08-01 20:27 - 00000984 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1482476501-725345543-1003Core.job
2013-12-22 12:30 - 2013-06-15 11:30 - 00000326 _____ C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1292428093-1482476501-725345543-1003.job
2013-12-22 06:34 - 2013-06-15 11:30 - 00000308 _____ C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1292428093-1482476501-725345543-1003.job
2013-12-22 03:01 - 2013-12-22 03:01 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Dokumenty\Bluetooth
2013-12-22 03:01 - 2013-12-22 03:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\LogMeIn
2013-12-22 03:01 - 2013-12-22 03:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Bluetooth
2013-12-22 03:01 - 2011-05-12 05:52 - 00000000 ___RD C:\Documents and Settings\Sanda.PETA\Dokumenty
2013-12-22 03:01 - 2008-12-17 22:06 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-12-21 23:01 - 2011-05-12 06:10 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Data aplikací\Mozilla
2013-12-21 23:00 - 2013-12-21 23:00 - 00000762 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2013-12-21 23:00 - 2013-12-21 23:00 - 00000756 _____ C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2013-12-21 23:00 - 2013-12-21 23:00 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-21 23:00 - 2013-12-21 23:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-21 23:00 - 2008-12-17 22:08 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-12-21 22:59 - 2013-12-21 22:59 - 23882680 _____ (Mozilla) C:\Documents and Settings\Sanda.PETA\Dokumenty\Firefox Setup 26.0.exe
2013-12-21 22:58 - 2013-12-20 11:02 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Mozilla Firefox
2013-12-21 22:04 - 2011-05-12 05:52 - 00000000 ____D C:\Documents and Settings\Sanda.PETA
2013-12-21 20:52 - 2011-05-12 05:52 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Plocha
2013-12-21 20:42 - 2012-03-11 12:38 - 00000000 ___RD C:\Documents and Settings\Sanda.PETA\Plocha\Programy
2013-12-21 20:40 - 2011-05-12 05:52 - 00000000 __RHD C:\Documents and Settings\Sanda.PETA\Data aplikací
2013-12-21 20:35 - 2013-09-14 20:41 - 00000000 ____D C:\Program Files\PopCap Games
2013-12-21 20:35 - 2013-08-15 21:00 - 00000000 ____D C:\Program Files\Common Files\Nero
2013-12-21 20:34 - 2013-08-15 21:00 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Nero
2013-12-21 20:34 - 2008-12-17 14:40 - 00000000 ____D C:\Program Files\Nero
2013-12-21 20:31 - 2008-12-17 14:40 - 00000000 ____D C:\Program Files\Common Files\Ahead
2013-12-21 20:30 - 2011-05-12 07:13 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Data aplikací\Ahead
2013-12-21 20:28 - 2013-07-02 13:20 - 00000000 __SHD C:\WINDOWS\system32\AI_RecycleBin
2013-12-21 20:24 - 2011-05-12 05:54 - 00086528 _____ C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-21 20:24 - 2008-12-17 18:20 - 00000116 _____ C:\WINDOWS\NeroDigital.ini
2013-12-21 20:22 - 2008-12-17 14:22 - 00000000 __RHD C:\Documents and Settings\Sanda\Data aplikací
2013-12-21 20:22 - 2008-12-17 14:22 - 00000000 ____D C:\Documents and Settings\Sanda
2013-12-21 20:16 - 2011-05-12 05:52 - 00000000 ___RD C:\Documents and Settings\Sanda.PETA\Dokumenty\Obrázky
2013-12-21 20:15 - 2012-12-11 19:33 - 00000000 ___RD C:\Documents and Settings\Sanda.PETA\Dokumenty\Filmy
2013-12-21 19:12 - 2013-12-21 19:12 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-12-21 19:12 - 2013-12-21 19:12 - 00001765 _____ C:\Documents and Settings\All Users\Plocha\avast!.lnk
2013-12-21 19:12 - 2013-12-21 19:12 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Data aplikací\AVAST Software
2013-12-21 19:12 - 2013-12-21 19:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2013-12-21 19:11 - 2013-12-21 19:12 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-12-21 19:11 - 2013-12-21 19:11 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-12-21 19:09 - 2013-12-21 19:09 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-21 19:09 - 2013-12-21 19:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-12-21 06:25 - 2008-12-17 22:06 - 00278152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-21 02:55 - 2008-12-17 14:45 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-12-21 02:54 - 2013-12-21 02:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898785$
2013-12-21 02:54 - 2013-12-21 02:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-21 02:54 - 2013-12-20 15:15 - 00001730 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
2013-12-21 02:54 - 2012-11-15 16:33 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-12-21 02:53 - 2013-12-21 02:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-21 02:53 - 2013-12-20 15:15 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-12-21 02:53 - 2008-12-17 18:34 - 00250858 ____C C:\WINDOWS\system32\TZLog.log
2013-12-21 02:52 - 2013-09-27 12:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-21 02:49 - 2013-12-21 02:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-21 02:49 - 2013-12-21 02:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-21 02:49 - 2013-12-21 02:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-21 02:49 - 2012-04-28 11:57 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-20 16:07 - 2009-04-08 13:24 - 00000000 ____D C:\WINDOWS\Minidump
2013-12-20 15:20 - 2011-05-12 05:52 - 00000000 ___HD C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací
2013-12-16 11:43 - 2013-08-01 18:00 - 00000000 ____D C:\Program Files\Opera
2013-12-15 15:43 - 2011-06-05 07:19 - 00170496 __SHC C:\Documents and Settings\Sanda.PETA\Plocha\Thumbs.db
2013-12-11 22:44 - 2013-11-22 15:04 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Dokumenty\Mamča
2013-12-11 20:05 - 2013-12-11 20:05 - 09293192 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-12-11 20:05 - 2012-11-07 19:25 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-11 20:05 - 2012-02-28 17:52 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-07 17:47 - 2013-10-26 15:14 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Data aplikací\Unitech LLC
2013-12-07 17:46 - 2013-12-07 17:46 - 00000000 ____D C:\Program Files\Common Files\DirectX
2013-12-07 17:34 - 2013-12-07 17:34 - 00000728 _____ C:\Documents and Settings\Sanda.PETA\Plocha\MicroVolts.lnk
2013-12-07 17:34 - 2013-12-07 17:34 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\MicroVolts
2013-12-07 17:30 - 2013-12-07 17:09 - 00000000 ____D C:\MicroVolts Package
2013-12-05 08:15 - 2010-11-29 19:37 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-12-03 19:17 - 2013-12-03 19:17 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2013-12-03 19:17 - 2013-12-03 19:17 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\LogMeIn Hamachi
2013-12-01 01:18 - 2013-12-01 01:18 - 00526192 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2013-12-01 01:18 - 2008-12-17 14:21 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2013-12-01 00:07 - 2013-12-01 00:05 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Overwolf
2013-12-01 00:06 - 2011-05-12 05:52 - 00000000 ___RD C:\Documents and Settings\Sanda.PETA\Nabídka Start
2013-11-30 12:51 - 2013-10-05 21:09 - 00000000 ___RD C:\Program Files\Skype
2013-11-30 12:51 - 2013-10-05 21:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype
2013-11-24 17:51 - 2013-11-24 17:51 - 00000492 _____ C:\Documents and Settings\Sanda.PETA\Plocha\Mamča.lnk
2013-11-23 23:19 - 2013-01-26 16:46 - 00000000 ____D C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\PMB Files
2013-11-23 22:55 - 2013-11-23 22:55 - 00000821 _____ C:\Documents and Settings\Sanda.PETA\Plocha\CrossFire.lnk
2013-11-23 22:55 - 2012-05-07 19:45 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Z8Games
2013-11-23 22:48 - 2013-01-26 16:46 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\PMB Files
2013-11-23 22:41 - 2011-05-12 05:52 - 00000000 ___RD C:\Documents and Settings\Sanda.PETA\Nabídka Start\Programy

Some content of TEMP:
====================
C:\Documents and Settings\Sanda\Local Settings\Temp\02b673270b0b50a8d44ad649a71454c1.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\abd2bca3e572e998a09f73c81b93454a.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Sanda\Local Settings\Temp\comver.dll
C:\Documents and Settings\Sanda\Local Settings\Temp\drm_dialogs.dll
C:\Documents and Settings\Sanda\Local Settings\Temp\drm_dyndata_7400008.dll
C:\Documents and Settings\Sanda\Local Settings\Temp\EAInstall.dll
C:\Documents and Settings\Sanda\Local Settings\Temp\firefoxjre_exe.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\FP_PL_PFS_INSTALLER-1.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\FP_PL_PFS_INSTALLER.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\GLF21.tmp.ConduitEngineSetup.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\GoogleToolbarInstaller_en.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\hamachi-update-2.0.2.85.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\IcqUpdater.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\nerodeltmp.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\ose00000.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\setup.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\tbXfir.dll
C:\Documents and Settings\Sanda\Local Settings\Temp\tdll.dll
C:\Documents and Settings\Sanda\Local Settings\Temp\_is1.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\_is10.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\_is2.exe
C:\Documents and Settings\Sanda\Local Settings\Temp\_is78.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-17 14:49] - [2008-04-14 04:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2004-08-17 14:49] - [2008-04-14 04:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2004-08-17 14:49] - [2008-04-14 04:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2012-12-02 21:06] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2004-08-17 14:49] - [2008-04-14 04:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2012-12-02 20:03] - [2008-04-14 04:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2012-12-02 20:03] - [2008-04-14 03:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

Re: Podezření na havět

Napsal: 23 pro 2013 21:06
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\RelevantKnowledge: C:\Program Files\RelevantKnowledge\rlls.dll [X]
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... }&ch_id=sm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60747
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60747
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60747
URLSearchHook: HKCU - (No Name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
URLSearchHook: HKCU - (No Name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - No File
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... earchTerms}
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... earchTerms}
SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2304157
SearchScopes: HKCU - Plasmoo URL = http://plasmoo.com/index.htm?SearchMash ... earchTerms}
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/custom/java/re ... src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60747
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2304157
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: No Name - {4129D1CF-1D19-244E-DCEB-56083FE1CB43} - No File
BHO: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKLM - No Name - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: http://www.bing.com/search?FORM=UP97DF& ... =062513&q={searchTerms}&src=IE-SearchBox
CHR Plugin: (Relevant-Knowledge) - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikac\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.332.1_0\plugins/rlcm.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Extension: (SearchNewTab) - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aocdikfhnflhejgebjjlhiiblhoiljbl\1
CHR Extension: (ssaFe! save) - C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nljilkmgccdnhaofccmgbgllfmkkeaei\1
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R3 XDva405; \??\C:\WINDOWS\system32\XDva405.sys [x]
R3 XDva407; \??\C:\WINDOWS\system32\XDva407.sys [x]
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1482476501-725345543-1003UA.job
C:\Documents and Settings\Sanda\Local Settings\Temp
End
Uložte do C:\Documents and Settings\Sanda.PETA\Dokumenty\Stažené soubory jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Podezření na havět

Napsal: 23 pro 2013 21:14
od Petr1675
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RelevantKnowledge => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\ICQ Search => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\SearchAssistant => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\CustomizeSearch => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\Plasmoo => Key deleted successfully.
HKCR\Wow6432Node\CLSID\Plasmoo => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA} => Key deleted successfully.
HKCR\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4129D1CF-1D19-244E-DCEB-56083FE1CB43} => Key deleted successfully.
HKCR\CLSID\{4129D1CF-1D19-244E-DCEB-56083FE1CB43} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Value deleted successfully.
HKCR\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key not found.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
CHR DefaultSearchKeyword: bing.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: Bing ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://www.bing.com/search?FORM=UP97DF& ... =062513&q={searchTerms}&src=IE-SearchBox ==> The Chrome "Settings" can be used to fix the entry.
C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikac\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.332.1_0\plugins/rlcm.dll not found.
C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll not found.
C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aocdikfhnflhejgebjjlhiiblhoiljbl => Moved successfully.
C:\Documents and Settings\Sanda.PETA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nljilkmgccdnhaofccmgbgllfmkkeaei => Moved successfully.
Skype C2C Service => Service deleted successfully.
XDva405 => Service deleted successfully.
XDva407 => Service deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1482476501-725345543-1003UA.job => Moved successfully.
C:\Documents and Settings\Sanda\Local Settings\Temp => Moved successfully.


The system needs a manual reboot.

==== End of Fixlog ====

Re: Podezření na havět

Napsal: 23 pro 2013 22:14
od Rudy
Vše smazáno. Je ještě nějaký problém?

Re: Podezření na havět

Napsal: 23 pro 2013 22:21
od Petr1675
Myslím, že není. A pak bych měl ještě dotaz. Když naformátuju disk s nějakým virem či spywarem, malwarem atd.. a nainstaluju znovu windows, tak viry tam už nebudou, že ?

Re: Podezření na havět

Napsal: 23 pro 2013 22:24
od Rudy
Pokud není virus v bootovacím sektoru, pak ne.

Re: Podezření na havět

Napsal: 23 pro 2013 22:29
od Petr1675
A mohu nějak zjistit zda je virus v bootovacím sektoru ?

Re: Podezření na havět

Napsal: 23 pro 2013 22:45
od Rudy
Jsou na to utility, ale pro profesionály. Virus v bootsektoru se pozná nestandardním chováním PC. Obvykle ho detekuje i AV, ale neodstraní ho. Pokud disk budete formátovat, postačí shodit partition, znovu ji vytvořit a pak disk zformátovat. Tím zničíte oprvdu všechny šmejdy, které byly ny disku.

Re: Podezření na havět

Napsal: 23 pro 2013 23:02
od Petr1675
Aha a mohl bys te mi skontrolovat log z boot sektoru ?

zde log z mbr:
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD2500AAKS-00F0A0 rev.12.01B02 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

Re: Podezření na havět

Napsal: 24 pro 2013 11:19
od Rudy
Bootsektor je OK. Kdyby nebyl, poznal bych to už na předchozích skenech.

Re: Podezření na havět

Napsal: 24 pro 2013 11:39
od Petr1675
Tak tedy velmi děkuji za pomoc a přeji Vám ŠTASTNÉ a VESELÉ Vánoce.

Re: Podezření na havět

Napsal: 24 pro 2013 11:41
od Rudy
Totéž přeji i já vám a nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz