VIRY.CZ

Zdravím komunitu dnes mi bylo zcizeno heslo pro aukro.cz a nějací Poláci začli prodávat přes můj účet drahá auta za zlomek ceny mám obavu ,že můj notebook je možná zombie v rukou zločinců.Děkuji za vaáš čas Lada

Logfile of random's system information tool 1.09 (written by random/random)
Run by ltrevor at 2013-11-23 18:05:16
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 199 GB (86%) free of 232 GB
Total RAM: 3032 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:05:23, on 23.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\DTS.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\AtService.exe
C:\WINDOWS\system32\FpLogonServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.exe
c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\Install\Windows-KB890830-V5.6-delta.exe
c:\60c7fe25b94ef8685a\mrtstub.exe
C:\WINDOWS\system32\MRT.exe
C:\Documents and Settings\ltrevor\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\ltrevor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TVT Scheduler Proxy] c:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [FingerPrintSoftware] "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ATFUS - C:\WINDOWS\system32\FpWinLogonNp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AD Monitor (ADMonitor) - Unknown owner - C:\WINDOWS\system32\ADMonitor.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\WINDOWS\system32\AtService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Data Transfer Service (dtsvc) - Unknown owner - C:\WINDOWS\system32\DTS.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Fingerprint Server (FingerprintServer) - AuthenTec,Inc - C:\WINDOWS\system32\FpLogonServ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

--
End of file - 10229 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Připomenutí registrace 1.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\ltrevor\Data aplikací\Mozilla\Firefox\Profiles\ycn1ofuy.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Documents and Settings\ltrevor\Data aplikací\Mozilla\Firefox\Profiles\ycn1ofuy.default\searchplugins\
s-amazon-bymp-int.xml
taobao.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-19 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2009-02-02 181536]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-04-14 15136]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-05-11 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-05-11 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-05-11 142872]
"TVT Scheduler Proxy"=c:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"FingerPrintSoftware"=C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [2011-05-31 12101448]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-10-21 20551328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\Apoint2K\Apoint.exe [2008-03-07 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2008-10-07 256576]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ATFUS]
C:\WINDOWS\system32\FpWinLogonNp.dll [2011-05-31 180224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-05-01 206848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2]
C:\Program Files\Lenovo\HOTKEY\notifyf2.dll [2006-09-06 34344]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\PANDORA.TV\PanService\PanProcess.exe"="C:\Program Files\PANDORA.TV\PanService\PanProcess.exe:*:Enabled:PanProcess"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"
"C:\Program Files\Litecoin\litecoin-qt.exe"="C:\Program Files\Litecoin\litecoin-qt.exe:*:Enabled:litecoin-qt"
"C:\Documents and Settings\ltrevor\Plocha\Tor Browser\App\tor.exe"="C:\Documents and Settings\ltrevor\Plocha\Tor Browser\App\tor.exe:*:Enabled:tor"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-11-23 18:05:16 ----D---- C:\rsit
2013-11-23 18:05:16 ----D---- C:\Program Files\trend micro
2013-11-23 18:04:46 ----D---- C:\60c7fe25b94ef8685a
2013-11-23 18:04:09 ----D---- C:\WINDOWS\LastGood
2013-11-23 17:43:12 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2013-11-17 21:35:04 ----D---- C:\Program Files\Mozilla Firefox
2013-11-13 16:31:46 ----D---- C:\Documents and Settings\ltrevor\Data aplikací\PLANStudio Setup
2013-10-27 12:32:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2847311$
2013-10-27 12:32:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$
2013-10-27 12:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2868038$
2013-10-27 12:29:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2883150$
2013-10-27 12:29:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$

======List of files/folders modified in the last 1 month======

2013-11-23 18:05:16 ----RD---- C:\Program Files
2013-11-23 18:04:56 ----D---- C:\WINDOWS\Prefetch
2013-11-23 18:04:55 ----D---- C:\WINDOWS\Temp
2013-11-23 18:04:55 ----D---- C:\WINDOWS\Debug
2013-11-23 18:04:49 ----A---- C:\WINDOWS\system32\MRT.exe
2013-11-23 18:04:22 ----HD---- C:\WINDOWS\inf
2013-11-23 18:04:17 ----D---- C:\WINDOWS
2013-11-23 18:04:09 ----D---- C:\WINDOWS\system32\CatRoot2
2013-11-23 17:43:12 ----D---- C:\WINDOWS\system32\drivers
2013-11-23 14:35:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-11-20 16:53:27 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-11-19 12:27:26 ----D---- C:\Documents and Settings\ltrevor\Data aplikací\uTorrent
2013-11-18 15:35:39 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-15 19:30:28 ----D---- C:\Documents and Settings\ltrevor\Data aplikací\Skype
2013-11-14 09:30:12 ----AD---- C:\WINDOWS\system32
2013-11-14 09:30:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-13 17:00:20 ----D---- C:\Program Files\The KMPlayer
2013-11-05 17:25:11 ----SHD---- C:\WINDOWS\Installer
2013-11-05 17:25:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-11-05 17:25:06 ----RD---- C:\Program Files\Skype
2013-11-04 19:40:28 ----D---- C:\Program Files\NetWaiting
2013-11-04 19:40:27 ----D---- C:\Program Files\Messenger
2013-10-30 10:02:43 ----D---- C:\WINDOWS\SoftwareDistribution
2013-10-28 13:14:29 ----D---- C:\WINDOWS\Microsoft.NET
2013-10-28 13:14:28 ----RSD---- C:\WINDOWS\assembly
2013-10-27 12:34:13 ----D---- C:\WINDOWS\WinSxS
2013-10-27 12:32:21 ----ASHDC---- C:\WINDOWS\system32\dllcache
2013-10-27 12:29:55 ----D---- C:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2009-02-11 329752]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 Shockprf;Shockprf; C:\WINDOWS\System32\DRIVERS\Apsx86.sys [2009-01-28 117800]
R0 TPDIGIMN;TPDIGIMN; C:\WINDOWS\System32\DRIVERS\ApsHM86.sys [2009-01-28 20520]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 lenovo.smi;Lenovo System Interface Driver; C:\WINDOWS\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys [2008-05-12 17844]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2008-04-09 12672]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-08-13 11904]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2008-03-07 154672]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ATSwpWDF;AuthenTec TruePrint USB Driver; C:\WINDOWS\System32\Drivers\ATSwpWDF.sys [2011-05-31 659968]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-11-29 163328]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-05-14 534312]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2009-05-14 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-05-14 991136]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-05-14 156816]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2009-05-14 47272]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAU32.sys [2009-02-06 809984]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2008-03-26 40832]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2008-04-09 985472]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2008-04-09 210560]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-05-01 6315008]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2009-03-19 25000]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2009-03-04 4202496]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2008-09-24 31680]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2009-05-14 80384]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-11-25 1754368]
R3 tpm;tpm; C:\WINDOWS\system32\DRIVERS\tpm.sys [2008-03-26 13824]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2008-04-09 731264]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HWHandSet;HWUSBSERSP; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\WINDOWS\system32\DRIVERS\silabenm.sys [2013-03-06 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\WINDOWS\system32\DRIVERS\silabser.sys [2013-03-06 63104]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WinUSB;Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ATService;AuthenTec Fingerprint Service; C:\WINDOWS\system32\AtService.exe [2011-05-31 1824584]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe [2009-05-08 349528]
R2 dtsvc;Data Transfer Service; C:\WINDOWS\system32\DTS.exe [2011-05-31 98304]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-02-27 870672]
R2 FingerprintServer;Fingerprint Server; C:\WINDOWS\system32\FpLogonServ.exe [2011-05-31 118784]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2009-03-19 38176]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-19 182696]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-02-27 473360]
R2 S24EventMonitor;Intel(R) PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2009-02-27 909312]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 3273088]
R2 SUService;System Update; c:\program files\lenovo\system update\suservice.exe [2009-07-10 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408]
R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.exe [2009-01-28 39976]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2009-05-21 62320]
R2 TVT Scheduler;TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-17 116648]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-05-21 45424]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 ADMonitor;AD Monitor; C:\WINDOWS\system32\ADMonitor.exe [2011-05-31 106496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-20 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-17 116648]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-17 119408]
S3 WMConnectCDS;Služba Windows Media Connect; C:\Program Files\Windows Media Connect 2\wmccds.exe [2005-10-06 855552]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravím, tohle fixni v HJT :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?

HJT najdeš zde :

C:\Program Files\trend micro\ltrevor.exe

Fix znamená že spustíš HJT Obrázek

jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

Služba Google Update (gupdate)

Služba Google Update (gupdatem)

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.

V Naplánovaných úlohách zakaž Google Update bude to tam několikrát.

Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.

Pak použij Mbam z mého podpisu a také mi sem z něj dej log, předem nic nemazat !

Vše jsem udělal zde je log z adwcleaner zatím sem nic nemazal jukněte na to a sdělte mi zda mám smaznout co našel.Jdu na ten mbam.

# AdwCleaner v3.012 - Report created 23/11/2013 at 21:43:18
# Updated 11/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : ltrevor - LENOVO-BDCFFB3D
# Running from : C:\Documents and Settings\ltrevor\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\ltrevor\Data aplikací\Mozilla\Firefox\Profiles\ycn1ofuy.default\user.js
Folder Found C:\Documents and Settings\All Users\Data aplikací\apn
Folder Found C:\Documents and Settings\ltrevor\Nabídka Start\Programy\LSHunter.TV

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\PIP
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v25.0.1 (cs)

[ File : C:\Documents and Settings\ltrevor\Data aplikací\Mozilla\Firefox\Profiles\ycn1ofuy.default\prefs.js ]

Line Found : user_pref("extensions.kango.storage.m2_k1", "0");
Line Found : user_pref("extensions.kango.storage.m2_k2", "10");
Line Found : user_pref("extensions.kango.storage.m2_k3", "1377499932063");
Line Found : user_pref("extensions.kango.storage.m2_k4", "1377361458198");
Line Found : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"AppsHat\",\"description\":\"AppsHat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%affi[...]
Line Found : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...]
Line Found : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...]

-\\ Google Chrome v31.0.1650.57

[ File : C:\Documents and Settings\ltrevor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Found : icon_url
Found : search_url
Found : suggest_url
Found : urls_to_restore_on_startup
Found : urls_to_restore_on_startup
Found : suggest_url

*************************

AdwCleaner[R0].txt - [3124 octets] - [23/11/2013 21:43:18]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3184 octets] ##########

mbam:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.23.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
ltrevor :: LENOVO-BDCFFB3D [administrátor]

23.11.2013 22:02:50
mbam-log-2013-11-23 (22-02-50).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 215490
Uplynulý čas: 5 minut, 44 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Znovu spusť AdwCleaner ale tentokrát klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zase zkopíruj Report.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

log : AdwCleaner - jdu na ten combo fix

# AdwCleaner v3.013 - Report created 26/11/2013 at 15:26:04
# Updated 24/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : ltrevor - LENOVO-BDCFFB3D
# Running from : C:\Documents and Settings\ltrevor\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v25.0.1 (cs)

[ File : C:\Documents and Settings\ltrevor\Data aplikací\Mozilla\Firefox\Profiles\ycn1ofuy.default\prefs.js ]

-\\ Google Chrome v31.0.1650.57

[ File : C:\Documents and Settings\ltrevor\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [3264 octets] - [23/11/2013 21:43:18]
AdwCleaner[R1].txt - [1099 octets] - [24/11/2013 00:34:58]
AdwCleaner[R2].txt - [1210 octets] - [26/11/2013 15:18:37]
AdwCleaner[S0].txt - [3324 octets] - [23/11/2013 21:55:45]
AdwCleaner[S1].txt - [1161 octets] - [24/11/2013 00:39:31]
AdwCleaner[S2].txt - [1132 octets] - [26/11/2013 15:26:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1192 octets] ##########

Zdravím zde je log z combofixu ...při instalaci mi to psalo,že běží residentní štít AVG kterej tam,ale nemám...

ComboFix 13-11-23.02 - ltrevor 26.11.2013 17:41:31.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3032.2167 [GMT 1:00]
Spuštěný z: c:\documents and settings\ltrevor\Plocha\ComboFix.exe
AV: AVG Anti-Virus 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\TPAPSLOG.LOG
c:\windows\system32\TPHDLOG0.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-26 do 2013-11-26 )))))))))))))))))))))))))))))))
.
.
2013-11-23 21:44 . 2013-11-23 21:44 -------- d-----w- c:\windows\ERUNT
2013-11-23 20:42 . 2013-11-26 14:26 -------- d-----w- C:\AdwCleaner
2013-11-23 17:30 . 2013-11-23 17:30 -------- d-sh--w- c:\documents and settings\ltrevor\IECompatCache
2013-11-23 17:05 . 2013-11-23 21:48 -------- d-----w- c:\program files\trend micro
2013-11-23 17:05 . 2013-11-23 17:05 -------- d-----w- C:\rsit
2013-11-13 15:31 . 2013-11-13 15:31 -------- d-----w- c:\documents and settings\ltrevor\Data aplikací\PLANStudio Setup
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-20 15:53 . 2012-08-05 19:20 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-20 15:53 . 2012-08-05 19:20 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-19 21:19 . 2013-10-19 21:19 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-19 21:19 . 2013-10-19 21:20 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-13 11:42 . 2008-08-06 13:30 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:12 . 2008-08-06 13:30 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-13 07:12 . 2008-08-06 13:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:12 . 2008-08-06 13:29 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:57 . 2008-08-06 13:29 385024 ------w- c:\windows\system32\html.iec
2013-10-12 15:57 . 2008-08-06 13:30 279552 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:13 . 2008-08-06 13:29 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-07 11:00 . 2008-08-06 13:29 606208 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:42 . 2010-08-13 16:44 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-08-29 07:01 . 2008-08-06 13:30 1878656 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-10-21 20551328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"TpShocks"="TpShocks.exe" [2009-02-02 181536]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-03-13 68976]
"LENOVO.TPFNF6R"="c:\program files\Lenovo\HOTKEY\TPFNF6R.exe" [2009-04-14 15136]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-05-11 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-05-11 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-05-11 142872]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2012-8-5 50688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ATFUS]
2011-05-31 05:28 180224 ----a-w- c:\windows\system32\FpWinlogonNp.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2006-09-06 07:37 34344 ----a-w- c:\program files\Lenovo\HOTKEY\notifyf2.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2008-03-07 11:21 167936 ----a-w- c:\program files\Apoint2K\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
2008-10-07 18:38 256576 ----a-w- c:\progra~1\ThinkPad\UTILIT~1\EZEJMNAP.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [28.1.2009 16:57 20520]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [23.10.2008 9:15 13480]
R2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [31.5.2011 6:23 1824584]
R2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [31.5.2011 6:26 98304]
R2 FingerprintServer;Fingerprint Server;c:\windows\system32\FpLogonServ.exe [31.5.2011 6:28 118784]
R2 TPHKSVC;On Screen Display;c:\program files\Lenovo\HOTKEY\TPHKSVC.exe [12.6.2009 10:00 62320]
R3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\drivers\ATSwpWDF.sys [5.8.2012 18:48 659968]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\Lenovo\HOTKEY\micmute.exe [12.6.2009 10:00 45424]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [16.9.2013 11:29 3273088]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 10:34 171680]
S3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [31.5.2011 6:26 106496]
S3 HWHandSet;HWUSBSERSP;c:\windows\system32\DRIVERS\hw_quusbmdm.sys --> c:\windows\system32\DRIVERS\hw_quusbmdm.sys [?]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [1.8.2013 14:36 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [1.8.2013 14:36 63104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-14 21:40 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-05 15:53]
.
2013-11-26 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 13:54]
.
2012-08-05 c:\windows\Tasks\Připomenutí registrace 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-08-06 12:00]
.
.
------- Doplňkový sken -------
.
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Odeslat do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.3.254 192.168.1.1
FF - ProfilePath - c:\documents and settings\ltrevor\Data aplikací\Mozilla\Firefox\Profiles\ycn1ofuy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-26 17:46
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1064)
c:\windows\system32\FpWinLogonNp.dll
c:\program files\Lenovo Fingerprint Software\ATCSSINT.dll
c:\program files\Lenovo Fingerprint Software\SharedResources.dll
c:\program files\Lenovo Fingerprint Software\FPResource.dll
.
Celkový čas: 2013-11-26 17:47:33
ComboFix-quarantined-files.txt 2013-11-26 16:47
.
Před spuštěním: Volných bajtů: 214 950 338 560
Po spuštění: Volných bajtů: 215 313 772 544
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 4697DDA9F6FD8F464D96114D1C19C1F1
583AF299571F9B85D4F064F7CC2577D6

LTREVOR píše:Zdravím zde je log z combofixu ...při instalaci mi to psalo,že běží residentní štít AVG kterej tam,ale nemám...

No jo no, ale někdy tam bylo.

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

Folder:: 
C:\Program Files\AVG

Registry::
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"=-

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Zdravím učiněno: Druhý den po tom co jsem se nemohl na aukro přihlásit už byli pod mím účtem na prodej auta v realné ceně cca pul milionu za cenu kolem 150,000kč.Naštěstí aukro resgovalo rychle ..vygenerovalo mi nové heslo které jsem zmněnil v silné ..pro jistotu jsem zmněnil takřka věude jinde.Nechápu jak to heslo mohli ti Poláci získat ..když se přihlašuji jen doma a žádnej phising jsem nezaznamenal..jen se zeptám byl v systemu nějakej xindl který by to umožnil? Pro jistotu jsem dnes objednal nod32 a příští měsíc koupím konečně sedmičky okna.Vám díky za trpělivost a váš čas.

ComboFix 13-11-27.01 - ltrevor 27.11.2013 17:41:57.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3032.2468 [GMT 1:00]
Spuštěný z: c:\documents and settings\ltrevor\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\ltrevor\Plocha\CFScript.txt
AV: AVG Anti-Virus 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\TPAPSLOG.LOG
c:\windows\system32\TPHDLOG0.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-27 do 2013-11-27 )))))))))))))))))))))))))))))))
.
.
2013-11-23 21:44 . 2013-11-23 21:44 -------- d-----w- c:\windows\ERUNT
2013-11-23 20:42 . 2013-11-26 14:26 -------- d-----w- C:\AdwCleaner
2013-11-23 17:30 . 2013-11-23 17:30 -------- d-sh--w- c:\documents and settings\ltrevor\IECompatCache
2013-11-23 17:05 . 2013-11-23 21:48 -------- d-----w- c:\program files\trend micro
2013-11-23 17:05 . 2013-11-23 17:05 -------- d-----w- C:\rsit
2013-11-13 15:31 . 2013-11-13 15:31 -------- d-----w- c:\documents and settings\ltrevor\Data aplikací\PLANStudio Setup
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-20 15:53 . 2012-08-05 19:20 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-20 15:53 . 2012-08-05 19:20 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-19 21:19 . 2013-10-19 21:19 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-19 21:19 . 2013-10-19 21:20 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-13 11:42 . 2008-08-06 13:30 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:12 . 2008-08-06 13:30 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-13 07:12 . 2008-08-06 13:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:12 . 2008-08-06 13:29 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:57 . 2008-08-06 13:29 385024 ------w- c:\windows\system32\html.iec
2013-10-12 15:57 . 2008-08-06 13:30 279552 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:13 . 2008-08-06 13:29 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-07 11:00 . 2008-08-06 13:29 606208 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:42 . 2010-08-13 16:44 7168 ----a-w- c:\windows\system32\xpsp4res.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-10-21 20551328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"TpShocks"="TpShocks.exe" [2009-02-02 181536]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-03-13 68976]
"LENOVO.TPFNF6R"="c:\program files\Lenovo\HOTKEY\TPFNF6R.exe" [2009-04-14 15136]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-05-11 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-05-11 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-05-11 142872]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2012-8-5 50688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ATFUS]
2011-05-31 05:28 180224 ----a-w- c:\windows\system32\FpWinlogonNp.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2006-09-06 07:37 34344 ----a-w- c:\program files\Lenovo\HOTKEY\notifyf2.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2008-03-07 11:21 167936 ----a-w- c:\program files\Apoint2K\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
2008-10-07 18:38 256576 ----a-w- c:\progra~1\ThinkPad\UTILIT~1\EZEJMNAP.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [28.1.2009 16:57 20520]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [23.10.2008 9:15 13480]
R2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [31.5.2011 6:23 1824584]
R2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [31.5.2011 6:26 98304]
R2 FingerprintServer;Fingerprint Server;c:\windows\system32\FpLogonServ.exe [31.5.2011 6:28 118784]
R2 TPHKSVC;On Screen Display;c:\program files\Lenovo\HOTKEY\TPHKSVC.exe [12.6.2009 10:00 62320]
R3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\drivers\ATSwpWDF.sys [5.8.2012 18:48 659968]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\Lenovo\HOTKEY\micmute.exe [12.6.2009 10:00 45424]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [16.9.2013 11:29 3273088]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 10:34 171680]
S3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [31.5.2011 6:26 106496]
S3 HWHandSet;HWUSBSERSP;c:\windows\system32\DRIVERS\hw_quusbmdm.sys --> c:\windows\system32\DRIVERS\hw_quusbmdm.sys [?]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [1.8.2013 14:36 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [1.8.2013 14:36 63104]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-14 21:40 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-05 15:53]
.
2013-11-26 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 13:54]
.
2012-08-05 c:\windows\Tasks\Připomenutí registrace 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-08-06 12:00]
.
.
------- Doplňkový sken -------
.
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Odeslat do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.3.254 192.168.1.1
FF - ProfilePath - c:\documents and settings\ltrevor\Data aplikací\Mozilla\Firefox\Profiles\ycn1ofuy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-27 17:47
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1064)
c:\windows\system32\FpWinLogonNp.dll
c:\program files\Lenovo Fingerprint Software\ATCSSINT.dll
c:\program files\Lenovo Fingerprint Software\SharedResources.dll
c:\program files\Lenovo Fingerprint Software\FPResource.dll
.
Celkový čas: 2013-11-27 17:48:48
ComboFix-quarantined-files.txt 2013-11-27 16:48
ComboFix2.txt 2013-11-26 16:47
.
Před spuštěním: Volných bajtů: 215 293 448 192
Po spuštění: Volných bajtů: 215 274 033 152
.
- - End Of File - - BD3C32A06E4FF7083DA81C0BD476F75B
583AF299571F9B85D4F064F7CC2577D6

LTREVOR píše:.... jen se zeptám byl v systemu nějakej xindl který by to umožnil?

Něco bylo přímo v prohlížečí a něco málo v systému.

LTREVOR píše:Pro jistotu jsem dnes objednal nod32 a příští měsíc koupím konečně sedmičky okna

Ono to není o systému ani o antiviru, vždy je problém mezi židlí a klávesnicí.

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Použij, nejlépe v Nouzovém režimu AVG Remover

Pak mi sem dej ještě pro kontrolu aktuální log z Rsit a písni jaký je stav PC.

Děkuju za informaci a nezbývá mi nic jineho než souhlasit díky vaší pomoci jsem zas o něco znalejší a strávil jsem i nějaký čas zde na foru čtením takže ještě jednou velké díky

Při odinstalaci combofixu zas vyskočila ta hláška o detekci rezidentního štítu AVG...tak jsem v nouzáku spustil ten AVG remover tak snad to zmizlo ..budu dnes instalovat ten NOD tak aby to nebylo kontraproduktivní.

Zde je ještě log z RSIT :

Logfile of random's system information tool 1.09 (written by random/random)
Run by ltrevor at 2013-11-28 12:22:25
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 210 GB (91%) free of 232 GB
Total RAM: 3032 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:22:31, on 28.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\DTS.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\AtService.exe
C:\WINDOWS\system32\FpLogonServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.exe
c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ltrevor\Plocha\security\RSIT.exe
C:\Program Files\trend micro\ltrevor.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TVT Scheduler Proxy] c:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [FingerPrintSoftware] "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ATFUS - C:\WINDOWS\system32\FpWinLogonNp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AD Monitor (ADMonitor) - Unknown owner - C:\WINDOWS\system32\ADMonitor.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\WINDOWS\system32\AtService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Data Transfer Service (dtsvc) - Unknown owner - C:\WINDOWS\system32\DTS.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Fingerprint Server (FingerprintServer) - AuthenTec,Inc - C:\WINDOWS\system32\FpLogonServ.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

--
End of file - 8136 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
C:\WINDOWS\tasks\Připomenutí registrace 1.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\ltrevor\Data aplikací\Mozilla\Firefox\Profiles\ycn1ofuy.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Documents and Settings\ltrevor\Data aplikací\Mozilla\Firefox\Profiles\ycn1ofuy.default\searchplugins\
s-amazon-bymp-int.xml
taobao.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-19 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2009-02-02 181536]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-04-14 15136]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-05-11 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-05-11 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-05-11 142872]
"TVT Scheduler Proxy"=c:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"FingerPrintSoftware"=C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [2011-05-31 12101448]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-10-21 20551328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\Apoint2K\Apoint.exe [2008-03-07 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2008-10-07 256576]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ATFUS]
C:\WINDOWS\system32\FpWinLogonNp.dll [2011-05-31 180224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-05-01 206848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2]
C:\Program Files\Lenovo\HOTKEY\notifyf2.dll [2006-09-06 34344]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-11-28 12:22:25 ----D---- C:\rsit
2013-11-28 12:13:40 ----SHD---- C:\RECYCLER
2013-11-28 12:11:47 ----ASH---- C:\hiberfil.sys
2013-11-28 12:09:27 ----A---- C:\WINDOWS\ntbtlog.txt
2013-11-26 17:39:00 ----A---- C:\Boot.bak
2013-11-26 17:38:57 ----RASHD---- C:\cmdcons
2013-11-23 22:44:05 ----D---- C:\WINDOWS\ERUNT
2013-11-23 18:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2013-11-23 18:06:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2013-11-23 18:06:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2013-11-23 18:06:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2013-11-23 18:05:16 ----D---- C:\Program Files\trend micro
2013-11-17 21:35:04 ----D---- C:\Program Files\Mozilla Firefox
2013-11-13 16:31:46 ----D---- C:\Documents and Settings\ltrevor\Data aplikací\PLANStudio Setup

======List of files/folders modified in the last 1 month======

2013-11-28 12:16:08 ----D---- C:\WINDOWS\Temp
2013-11-28 12:16:08 ----D---- C:\WINDOWS\Prefetch
2013-11-28 12:16:07 ----D---- C:\WINDOWS
2013-11-28 12:08:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-11-28 12:02:42 ----D---- C:\WINDOWS\system32\Restore
2013-11-28 12:01:49 ----D---- C:\WINDOWS\system32\drivers
2013-11-28 11:53:54 ----AD---- C:\WINDOWS\system32
2013-11-28 11:53:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-27 17:47:37 ----A---- C:\WINDOWS\system.ini
2013-11-27 17:47:30 ----D---- C:\WINDOWS\system32\drivers\etc
2013-11-27 17:45:35 ----D---- C:\WINDOWS\AppPatch
2013-11-27 17:45:33 ----D---- C:\Program Files\Common Files
2013-11-27 17:41:00 ----D---- C:\WINDOWS\system32\CatRoot2
2013-11-26 17:39:00 ----RASH---- C:\boot.ini
2013-11-26 14:30:35 ----D---- C:\Program Files\The KMPlayer
2013-11-24 00:40:29 ----RD---- C:\Program Files
2013-11-23 21:35:05 ----SD---- C:\WINDOWS\Tasks
2013-11-23 20:25:25 ----D---- C:\WINDOWS\Debug
2013-11-23 18:06:31 ----HD---- C:\WINDOWS\inf
2013-11-23 18:06:30 ----ASHDC---- C:\WINDOWS\system32\dllcache
2013-11-23 18:06:15 ----D---- C:\Program Files\Internet Explorer
2013-11-23 18:06:02 ----D---- C:\WINDOWS\system32\MRT
2013-11-23 18:04:49 ----A---- C:\WINDOWS\system32\MRT.exe
2013-11-20 16:53:27 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-11-19 12:27:26 ----D---- C:\Documents and Settings\ltrevor\Data aplikací\uTorrent
2013-11-18 15:35:39 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-15 19:30:28 ----D---- C:\Documents and Settings\ltrevor\Data aplikací\Skype
2013-11-05 17:25:11 ----SHD---- C:\WINDOWS\Installer
2013-11-05 17:25:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-11-05 17:25:06 ----RD---- C:\Program Files\Skype
2013-11-04 19:40:28 ----D---- C:\Program Files\NetWaiting
2013-11-04 19:40:27 ----D---- C:\Program Files\Messenger
2013-10-30 10:02:43 ----D---- C:\WINDOWS\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2009-02-11 329752]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 Shockprf;Shockprf; C:\WINDOWS\System32\DRIVERS\Apsx86.sys [2009-01-28 117800]
R0 TPDIGIMN;TPDIGIMN; C:\WINDOWS\System32\DRIVERS\ApsHM86.sys [2009-01-28 20520]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 lenovo.smi;Lenovo System Interface Driver; C:\WINDOWS\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys [2008-05-12 17844]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2008-04-09 12672]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-08-13 11904]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2008-03-07 154672]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ATSwpWDF;AuthenTec TruePrint USB Driver; C:\WINDOWS\System32\Drivers\ATSwpWDF.sys [2011-05-31 659968]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-11-29 163328]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-05-14 534312]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2009-05-14 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-05-14 991136]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-05-14 156816]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2009-05-14 47272]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAU32.sys [2009-02-06 809984]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2008-03-26 40832]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2008-04-09 985472]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2008-04-09 210560]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-05-01 6315008]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2009-03-19 25000]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2009-03-04 4202496]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2008-09-24 31680]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2009-05-14 80384]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-11-25 1754368]
R3 tpm;tpm; C:\WINDOWS\system32\DRIVERS\tpm.sys [2008-03-26 13824]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2008-04-09 731264]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HWHandSet;HWUSBSERSP; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\WINDOWS\system32\DRIVERS\silabenm.sys [2013-03-06 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\WINDOWS\system32\DRIVERS\silabser.sys [2013-03-06 63104]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WinUSB;Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ATService;AuthenTec Fingerprint Service; C:\WINDOWS\system32\AtService.exe [2011-05-31 1824584]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe [2009-05-08 349528]
R2 dtsvc;Data Transfer Service; C:\WINDOWS\system32\DTS.exe [2011-05-31 98304]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-02-27 870672]
R2 FingerprintServer;Fingerprint Server; C:\WINDOWS\system32\FpLogonServ.exe [2011-05-31 118784]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2009-03-19 38176]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-19 182696]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-02-27 473360]
R2 S24EventMonitor;Intel(R) PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2009-02-27 909312]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 3273088]
R2 SUService;System Update; c:\program files\lenovo\system update\suservice.exe [2009-07-10 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408]
R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.exe [2009-01-28 39976]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2009-05-21 62320]
R2 TVT Scheduler;TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-05-21 45424]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 ADMonitor;AD Monitor; C:\WINDOWS\system32\ADMonitor.exe [2011-05-31 106496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-20 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-17 119408]
S3 WMConnectCDS;Služba Windows Media Connect; C:\Program Files\Windows Media Connect 2\wmccds.exe [2005-10-06 855552]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-17 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-17 116648]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

AVG už tam nikde nevidím tak budeme doufat, že ten jejich remover pročistil i registr.

Ono totiž často měnit antivir není moc dobré, protože většina z nich neumí po sobě uklidit a pak může být problém.

Nainstaluj ten Nod a dej vědět jaký je stav a jak to dopadlo.

Zdravím nod nainstalován a vše šlape jak má a to díky tobě hlavně ..víc než poděkovat nejsem schopen .Díky ...nyní ještě podpořím vaše forum. Lada

Není zač a

VIRY.CZ

zneužití účtu na aukro.cz ....velmi prosím o kontrolu logu.

zneužití účtu na aukro.cz ....velmi prosím o kontrolu logu.

Re: zneužití účtu na aukro.cz ....velmi prosím o kontrolu lo

Re: zneužití účtu na aukro.cz ....velmi prosím o kontrolu lo

Re: zneužití účtu na aukro.cz ....velmi prosím o kontrolu lo

Re: zneužití účtu na aukro.cz ....velmi prosím o kontrolu lo

Re: zneužití účtu na aukro.cz ....velmi prosím o kontrolu lo

Re: zneužití účtu na aukro.cz ....velmi prosím o kontrolu lo

Re: zneužití účtu na aukro.cz ....velmi prosím o kontrolu lo

Re: zneužití účtu na aukro.cz ....velmi prosím o kontrolu lo

Re: zneužití účtu na aukro.cz ....velmi prosím o kontrolu lo

Re: zneužití účtu na aukro.cz ....velmi prosím o kontrolu lo

Re: zneužití účtu na aukro.cz ....velmi prosím o kontrolu lo

Re: zneužití účtu na aukro.cz ....velmi prosím o kontrolu lo

Re: zneužití účtu na aukro.cz ....velmi prosím o kontrolu lo