VIRY.CZ

Ahoj,
prosim o radu. NB pomaly a vyskakuji okna:
RSIT log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Uživatel at 2014-08-23 11:27:54
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 60 GB (74%) free of 80 GB
Total RAM: 1014 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:28:40, on 23.8.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
c:\documents and settings\all users\data aplikac\companynotset\sw-booster\SW-Booster.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe
C:\WINDOWS\System32\ssins.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Kozaka\bin\utilKozaka.exe
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\TeamViewer\Version9\tv_w32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\lcpmncrnhoro.exe
C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winlbslvh.exe
C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\epath.exe
C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wincjpx.exe
C:\Program Files\Kozaka\bin\Kozaka.PurBrowse.exe
C:\Program Files\Kozaka\bin\Kozaka.BrowserAdapter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: FoIndBestDeal - {07FBB0A1-63C8-CCF7-F7A8-6AE57A107C05} - C:\Documents and Settings\All Users\Data aplikací\FoIndBestDeal\6TA.dll
O2 - BHO: NetoCoouupon - {110B70B3-C45A-A9B0-FC4C-0A468935A431} - C:\Documents and Settings\All Users\Data aplikací\NetoCoouupon\5GoVf2FE.dll
O2 - BHO: TuakeTheCOupuon - {13E3FBB2-2BDB-1266-3D09-4B50BFDF80E7} - C:\Documents and Settings\All Users\Data aplikací\TuakeTheCOupuon\lw2nMV.dll
O2 - BHO: safewieb - {62F83B5D-B263-8B39-A0BD-7C86A4FF1C0F} - C:\Program Files\safewieb\Xd2.dll
O2 - BHO: NewSaver - {6A146AD8-8EFC-C74A-70E8-AC6A955B197F} - C:\Documents and Settings\All Users\Data aplikací\NewSaver\zmZjQEVA.dll
O2 - BHO: YoutubeAdblocker - {9570C826-5F00-680C-8931-E832510E69B1} - C:\Program Files\YoutubeAdblocker\lr6uqZ.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MSStp] C:\WINDOWS\inf\msstp.vbe
O4 - HKLM\..\Run: [mncrnhoroSrv] C:\WINDOWS\system32\mncrnhoro.vbe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Yahoo! Search] C:\Documents and Settings\Uživatel\Data aplikací\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
O20 - AppInit_DLLs: c:\progra~1\assist~1.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: COSIDS_TB - TransAction Software, D 81737 Munich - C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
O23 - Service: CrypKey License - CrypKey (Canada) Ltd. - C:\WINDOWS\system32\crypserv.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SOMTS (MachineTokenService) - Unknown owner - C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\System32\ssins.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Util Kozaka - Unknown owner - C:\Program Files\Kozaka\bin\utilKozaka.exe

--
End of file - 7086 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\SW-Booster-S-828242259.job - c:\documents and settings\all users\data aplikac\companynotset\sw-booster\SW-Booster.exe /schedule /profile "c:\documents and settings\all users\data aplikac\companynotset\sw-booster\828242259.ini"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07FBB0A1-63C8-CCF7-F7A8-6AE57A107C05}]
FoIndBestDeal - C:\Documents and Settings\All Users\Data aplikací\FoIndBestDeal\6TA.dll [2014-06-11 370688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{110B70B3-C45A-A9B0-FC4C-0A468935A431}]
NetoCoouupon - C:\Documents and Settings\All Users\Data aplikací\NetoCoouupon\5GoVf2FE.dll [2014-05-23 372224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13E3FBB2-2BDB-1266-3D09-4B50BFDF80E7}]
TuakeTheCOupuon - C:\Documents and Settings\All Users\Data aplikací\TuakeTheCOupuon\lw2nMV.dll [2014-04-14 425472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62F83B5D-B263-8B39-A0BD-7C86A4FF1C0F}]
safewieb - C:\Program Files\safewieb\Xd2.dll [2014-04-02 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A146AD8-8EFC-C74A-70E8-AC6A955B197F}]
NewSaver - C:\Documents and Settings\All Users\Data aplikací\NewSaver\zmZjQEVA.dll [2014-05-27 372224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9570C826-5F00-680C-8931-E832510E69B1}]
YoutubeAdblocker - C:\Program Files\YoutubeAdblocker\lr6uqZ.dll [2013-04-02 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-11-28 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2013-11-28 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 102400]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"AGRSMMSG"=AGRSMMSG.exe []
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2003-12-15 225280]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2003-12-15 192512]
"MSStp"=C:\WINDOWS\inf\msstp.vbe [2014-03-05 1584]
"mncrnhoroSrv"=C:\WINDOWS\system32\mncrnhoro.vbe [2014-03-05 7670]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1768960]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1379136]
"Yahoo! Search"=C:\Documents and Settings\Uživatel\Data aplikací\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe [2014-08-13 613296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" c:\progra~1\assist~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-12-15 323584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:ipsec"
"C:\Program Files\ExpressFiles\expressdl.exe"="C:\Program Files\ExpressFiles\expressdl.exe:*:Enabled:Express Files"
"C:\Program Files\ExpressFiles\ExpressFiles.exe"="C:\Program Files\ExpressFiles\ExpressFiles.exe:*:Enabled:Express Files"
"C:\Program Files\TornTV.com\TornTV Downloader.exe"="C:\Program Files\TornTV.com\TornTV Downloader.exe:*:Disabled:TorntvDownloader"
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Documents and Settings\Uživatel\Local Settings\Temp\windows.exe"="C:\Documents and Settings\Uživatel\Local Settings\Temp\windows.exe:*:Enabled:windows.exe"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winegbdvh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winegbdvh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrfeeq.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrfeeq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\vgvhic.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\vgvhic.exe:*:Enabled:ipsec"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\vvcfk.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\vvcfk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wineaagvt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wineaagvt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\iaog.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\iaog.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winlmdlek.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winlmdlek.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\gmukt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\gmukt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winicxn.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winicxn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\bnss.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\bnss.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\oqbwcq.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\oqbwcq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\ypiu.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\ypiu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintrmwj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintrmwj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqpdr.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqpdr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winleeleg.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winleeleg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wokft.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wokft.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windtith.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windtith.exe:*:Enabled:ipsec"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec"
"C:\AGIS-DIESEL\AGIS DIESEL_v1.07\AgisDiesel.exe"="C:\AGIS-DIESEL\AGIS DIESEL_v1.07\AgisDiesel.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\jnnkc.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\jnnkc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windadco.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windadco.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winyoor.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winyoor.exe:*:Enabled:ipsec"
"C:\Program Files\ProFact 3.0 Free\ProFactFree.exe"="C:\Program Files\ProFact 3.0 Free\ProFactFree.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\olbkm.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\olbkm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winlmpxt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winlmpxt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\yykntm.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\yykntm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winglpwv.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winglpwv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintfslq.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintfslq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrgsqbo.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrgsqbo.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winslit.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winslit.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\qmfw.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\qmfw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\auvp.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\auvp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winmgboe.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winmgboe.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winufpfk.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winufpfk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winnduh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winnduh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rfoxl.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rfoxl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winyyvwcw.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winyyvwcw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\giaxu.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\giaxu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nxot.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nxot.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winvhoog.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winvhoog.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winabwrn.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winabwrn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wingwai.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wingwai.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\xdhiu.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\xdhiu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rxrbme.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rxrbme.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrwmx.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrwmx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winwdgrns.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winwdgrns.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winpvxmp.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winpvxmp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rruuyj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rruuyj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lxauwj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lxauwj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\yoalgd.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\yoalgd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhlnit.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhlnit.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winciljxw.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winciljxw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winknvpb.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winknvpb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winuwldj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winuwldj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winetdh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winetdh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nsrl.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nsrl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lhuvio.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lhuvio.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\saoh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\saoh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\cjlku.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\cjlku.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrfamp.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrfamp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrxbnw.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrxbnw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nsmv.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nsmv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winejrjoy.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winejrjoy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfapho.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfapho.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winjhmel.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winjhmel.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wrnhi.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wrnhi.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wineveq.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wineveq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winjwqow.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winjwqow.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhreae.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhreae.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winwjgk.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winwjgk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\aqai.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\aqai.exe:*:Enabled:ipsec"
"C:\Program Files\Adobe\Reader 11.0\Reader\Reader_sl.exe"="C:\Program Files\Adobe\Reader 11.0\Reader\Reader_sl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windudbh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windudbh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winkwkfx.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winkwkfx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintdsude.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintdsude.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfyrlp.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfyrlp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhxrf.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhxrf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqjead.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqjead.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqxkv.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqxkv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windlpox.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windlpox.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\exonmt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\exonmt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\cyoyqm.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\cyoyqm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winiooyuy.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winiooyuy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wicqs.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wicqs.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqoyy.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqoyy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wincoodej.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wincoodej.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windvnwv.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windvnwv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wingduogb.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wingduogb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lylavj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lylavj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nrfpud.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nrfpud.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wincfmlua.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wincfmlua.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"SENTINEL"=snti386.dll

======List of files/folders created in the last 1 month======

2014-08-23 11:27:56 ----D---- C:\Program Files\trend micro
2014-08-23 11:27:54 ----D---- C:\rsit
2014-08-20 15:32:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Supreme AdBlocker
2014-08-20 10:24:02 ----A---- C:\WINDOWS\system32\drivers\trz4.tmp
2014-08-19 15:21:07 ----A---- C:\WINDOWS\system32\drivers\trzA.tmp
2014-08-18 10:27:12 ----D---- C:\WINDOWS\system32
2014-08-18 06:01:50 ----D---- C:\WINDOWS
2014-08-17 01:35:28 ----D---- C:\Program Files\Common Files
2014-08-13 08:31:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\MinimumPrice
2014-08-13 08:26:41 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Pay-By-Ads
2014-08-13 07:51:53 ----A---- C:\WINDOWS\system32\drivers\trz3.tmp
2014-08-03 07:35:50 ----D---- C:\Program Files\AcGasSynchro II
2014-07-31 18:18:52 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\AcGasSynchro II

======List of files/folders modified in the last 1 month======

2014-08-23 11:27:56 ----RD---- C:\Program Files
2014-08-23 11:26:59 ----D---- C:\WINDOWS\Prefetch
2014-08-20 15:58:55 ----A---- C:\WINDOWS\win.ini
2014-08-20 14:55:01 ----D---- C:\WINDOWS\Temp
2014-08-20 14:52:59 ----D---- C:\WINDOWS\system32\drivers
2014-08-20 09:50:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-08-19 15:05:03 ----D---- C:\AUTOLYSA
2014-08-18 15:28:26 ----AD---- C:\ADCDA2
2014-08-17 20:53:04 ----N---- C:\WINDOWS\Setup1.exe
2014-08-17 20:52:53 ----A---- C:\WINDOWS\ST6UNST.EXE
2014-08-17 18:00:12 ----A---- C:\WINDOWS\ODBC.INI
2014-08-16 12:35:43 ----D---- C:\Program Files\The KMPlayer
2014-08-13 21:23:06 ----A---- C:\CKINFO.TXT
2014-08-13 21:15:29 ----D---- C:\Program Files\ProFact 3.0 Free
2014-08-13 08:31:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\83849f562e1d8df
2014-07-31 09:04:20 ----D---- C:\Program Files\Stefanelli_GR

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-11-27 175176]
R0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R1 {ce2cc6b9-0133-4405-9775-8944501dc17c}t;{ce2cc6b9-0133-4405-9775-8944501dc17c}t; C:\WINDOWS\system32\drivers\{ce2cc6b9-0133-4405-9775-8944501dc17c}t.sys [2014-04-24 55224]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-11-27 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-11-27 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-02-11 218688]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 NetWorkX;NetworkX; C:\WINDOWS\System32\ckldrv.sys [2010-03-19 23360]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2001-04-06 73216]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-12-16 122942]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-12-16 99002]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2003-01-23 1166336]
R3 amsint32;amsint32; \??\C:\WINDOWS\system32\drivers\ktigqn.sys []
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-06-24 34312]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 27656]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-06-24 38920]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-12-16 95579]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-10-17 247920]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 w29n51;Intel(R) PRO/Wireless 2915ABG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-10-29 55320]
S3 cyg_bus;Cygnal USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\cyg_bus.sys [2007-10-24 51040]
S3 cyg_ser;CP2101 USB to UART Bridge Controller Drivers; C:\WINDOWS\system32\DRIVERS\cyg_ser.sys [2007-10-24 82704]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 61704]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 73096]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\WINDOWS\system32\DRIVERS\silabenm.sys [2011-10-14 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\WINDOWS\system32\DRIVERS\silabser.sys [2011-10-14 61312]
S3 Sntnlusb;Sntnlusb; C:\WINDOWS\System32\Drivers\SNTNLUSB.SYS []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 c67abfdb;SW-Sustainer; c:\progra~1\sw-boo~1\AssistantSvc.dll [2014-04-02 174928]
R2 COSIDS_TB;COSIDS_TB; C:\PROGRA~1\COSIDS\BIN\TbMux32.exe [2001-11-20 165376]
R2 CrypKey License;CrypKey License; C:\WINDOWS\system32\crypserv.exe [2010-03-18 126976]
R2 hasplms;HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2008-03-19 2558464]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2013-11-28 153376]
R2 MachineTokenService;SOMTS; C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe [2011-05-10 57344]
R2 ssinstall;SInstalátor; C:\WINDOWS\System32\ssins.exe [2014-05-14 2324216]
R2 Start BT in service;Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2008-03-19 51816]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-06-16 5037888]
R2 Util Kozaka;Util Kozaka; C:\Program Files\Kozaka\bin\utilKozaka.exe [2014-05-05 97048]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
S2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2008-03-19 166520]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-04-27 184832]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-04-27 156160]

-----------------EOF-----------------

Zdravím,

pro začátek proveď následující

Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Scan po dokončení na Clean
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[S?].txt , jeho obsah vložíš sem

pravděpodobně budeš nucen vypnout na tu chvíli antivir - je to čisté, prověřeno

vyosek píše: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Po spuštění do okna vlozte skript nize

  Kód: Vybrat vše

  srinfo;
  autoclean;
  emptyclsid;
  iedefaults;
  process;
  hijackthis;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Log bude zde C:\zoek-results.log

ahoj,
posilam logy.
ADW:
# AdwCleaner v3.308 - Report created 23/08/2014 at 17:04:02
# Updated 20/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Uživatel - MARTIN-D16844BB
# Running from : C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : c67abfdb
[#] Service Deleted : Util Kozaka
[#] Service Deleted : {ce2cc6b9-0133-4405-9775-8944501dc17c}t

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\NewSaVer
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\DDisscounttExTeNsia
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\FoIndBestDeal
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\MinimumPrice
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\NetoCoouupon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\safewieb
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SavierEixtension
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Supreme AdBlocker
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\TuakeTheCOupuon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\YoutubeAdblocker
[!] Folder Deleted : C:\Program Files\Kozaka
Folder Deleted : C:\Program Files\sw-booster
Folder Deleted : C:\Program Files\safewieb
[!] Folder Deleted : C:\Program Files\Kozaka
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\torch
Folder Deleted : C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\apn
Folder Deleted : C:\Documents and Settings\AvastSoftwareUpdater\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\genienext
Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Mobogenie
Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\Uživatel\Data aplikací\ExpressFiles
Folder Deleted : C:\Documents and Settings\Uživatel\Data aplikací\Pay-By-Ads
Folder Deleted : C:\Documents and Settings\Uživatel\Nabídka Start\Programy\TornTV.com
Folder Deleted : C:\Documents and Settings\Uživatel\Dokumenty\Mobogenie
Folder Deleted : C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\pounpfoc.default\Extensions\4r1rd@qlfqqfc.org
Folder Deleted : C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\pounpfoc.default\Extensions\db88uyaa@pnfboxve.org
Folder Deleted : C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\pounpfoc.default\Extensions\i4nyle@ujmal.net
Folder Deleted : C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\pounpfoc.default\Extensions\jgzciyo5_n@rqxtasusvm.org
Folder Deleted : C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\pounpfoc.default\Extensions\mbmamfgb17k@znhlcsooa.com
Folder Deleted : C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\pounpfoc.default\Extensions\scr90oou@owj-rtiwp.net
Folder Deleted : C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\pounpfoc.default\Extensions\vjijs@otjdayyu.org
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
[!] Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg
File Deleted : C:\Program Files\Assistant.dll
File Deleted : C:\WINDOWS\system32\drivers\{ce2cc6b9-0133-4405-9775-8944501dc17c}t.sys
File Deleted : C:\Documents and Settings\Uživatel\daemonprocess.txt

***** [ Scheduled Tasks ] *****

Task Deleted : SW-Booster-S-828242259

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AmiBs.Installer
Key Deleted : HKLM\SOFTWARE\Classes\AmiBs.Installer.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\FinDBEEstDDeal.FinDBEEstDDeal
Key Deleted : HKLM\SOFTWARE\Classes\FinDBEEstDDeal.FinDBEEstDDeal.1.5
Key Deleted : HKLM\SOFTWARE\Classes\NNEtOCoUoponn.NNEtOCoUoponn
Key Deleted : HKLM\SOFTWARE\Classes\NNEtOCoUoponn.NNEtOCoUoponn.6.1
Key Deleted : HKLM\SOFTWARE\Classes\TaekeTuheCoaupon.TaekeTuheCoaupon
Key Deleted : HKLM\SOFTWARE\Classes\TaekeTuheCoaupon.TaekeTuheCoaupon.1.5
Key Deleted : HKLM\SOFTWARE\Classes\safeuWeb.safeuWeb
Key Deleted : HKLM\SOFTWARE\Classes\safeuWeb.safeuWeb.1.1
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Kozaka
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Kozaka
Key Deleted : HKCU\Software\ecc7c8c51c0850c1ec247c7fd3602f20
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-828242259
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{916e5338}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c67abfdb}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A6FEED89-3BCD-4D19-9DC2-3E613A80A2A4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07FBB0A1-63C8-CCF7-F7A8-6AE57A107C05}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{110B70B3-C45A-A9B0-FC4C-0A468935A431}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13E3FBB2-2BDB-1266-3D09-4B50BFDF80E7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{62F83B5D-B263-8B39-A0BD-7C86A4FF1C0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07FBB0A1-63C8-CCF7-F7A8-6AE57A107C05}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{110B70B3-C45A-A9B0-FC4C-0A468935A431}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13E3FBB2-2BDB-1266-3D09-4B50BFDF80E7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62F83B5D-B263-8B39-A0BD-7C86A4FF1C0F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07FBB0A1-63C8-CCF7-F7A8-6AE57A107C05}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{110B70B3-C45A-A9B0-FC4C-0A468935A431}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{13E3FBB2-2BDB-1266-3D09-4B50BFDF80E7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{62F83B5D-B263-8B39-A0BD-7C86A4FF1C0F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07FBB0A1-63C8-CCF7-F7A8-6AE57A107C05}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{110B70B3-C45A-A9B0-FC4C-0A468935A431}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{13E3FBB2-2BDB-1266-3D09-4B50BFDF80E7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{62F83B5D-B263-8B39-A0BD-7C86A4FF1C0F}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\expressdl.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\ExpressFiles.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\TornTV.com\TornTV Downloader.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\AGIS-DIESEL\AGIS DIESEL_v1.07\AgisDiesel.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Kozaka\bin\Kozaka.BrowserAdapter.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Kozaka\bin\7za.exe]
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\Kozaka
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\ExpressFiles
Key Deleted : HKLM\SOFTWARE\SW-Booster
Key Deleted : HKLM\SOFTWARE\Kozaka
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{274E3C5C-178E-EAE2-A52F-2863C0EECD46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{317D8BB4-16C3-CFBD-3777-AED69667DA46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{497C131E-2032-051B-B32A-C69A960FBB13}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{53B21E29-3967-C332-57EB-C02631658584}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6A08B379-76FB-B4CF-0C70-CAFCD3635A77}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B138259A-351E-33FA-2726-8D71704F1DA9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA1838EF-A497-194E-3850-37A62CEE398B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kozaka
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ExpressFiles
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{497C131E-2032-051B-B32A-C69A960FBB13}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{53B21E29-3967-C332-57EB-C02631658584}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\assist~1.dll

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\pounpfoc.default\prefs.js ]

Line Deleted : user_pref("extensions.5_IlfMjrV.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumoro[...]
Line Deleted : user_pref("extensions.5_IlfMjrV.url", "hxxp://centergoodfind.info/sync2/?q=hfZ9ojn8h7gMCyVUojaMg708BNmGWj8deShGheDUojw9rdgFrjw9rHCFqihIC7n0rjnEpdsHrjn8qjn4tNhVCT94tMVKhd9GrTUEqTs9pdCFpdkHqTnErTUHtNqHh[...]
Line Deleted : user_pref("extensions.DmKZg.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.n[...]
Line Deleted : user_pref("extensions.G4cp.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.ne[...]
Line Deleted : user_pref("extensions._ZwU.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.ne[...]
Line Deleted : user_pref("extensions.ae9WVO99y.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumoro[...]
Line Deleted : user_pref("extensions.bOvsYN.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.[...]
Line Deleted : user_pref("extensions.istGi9MnE6A.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumo[...]

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [25830 octets] - [23/08/2014 17:01:13]
AdwCleaner[S0].txt - [25767 octets] - [23/08/2014 17:04:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25828 octets] ##########


Log JRT se poprve neukazal a bohuel ani pres hledani jsem ho nenasel, tak jsem ho spustil znova a vygeneroval uz jen toto:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by U§ivatel on ne 24.08.2014 at 10:26:11,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 24.08.2014 at 10:35:25,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Log z ZOEK:
pri spusteni stale hlasil chyby, ze nema opravneni k registrum (pritom ucet je admin). Bezelo to celou noc a nic. Kdyz jsem spustil znova a odklikaval chybove hlasky do logu dal uz jen toto:

Zoek.exe v5.0.0.0 Updated 06-August-2014
Tool run by U§ivatel on ne 24.08.2014 at 9:45:00,96.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Documents and Settings\UIVATE~1\Plocha\zoek.exe [Scan all users] [Script inserted]

==== Policies Found ======================

DisableRegistryTools Found -> PUM - Fixed

==== C:\zoek_backup content ======================

po techto operacich se najednou probusil antivir a zacal hlasit vsude viry...firefox, vselijake exe soubory apod a zacal je hazet pryc...

udělej mi aktuální RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Uživatel at 2014-08-25 19:47:04
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 61 GB (76%) free of 80 GB
Total RAM: 1014 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:47:18, on 25.8.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe
C:\WINDOWS\System32\ssins.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\AJF12CLN\RSIT[1].exe
C:\Program Files\trend micro\Uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Search] C:\Documents and Settings\Uživatel\Data aplikací\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: COSIDS_TB - TransAction Software, D 81737 Munich - C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
O23 - Service: CrypKey License - CrypKey (Canada) Ltd. - C:\WINDOWS\system32\crypserv.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SOMTS (MachineTokenService) - Unknown owner - C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\System32\ssins.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 4489 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-11-28 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2013-11-28 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"AGRSMMSG"=AGRSMMSG.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Yahoo! Search"=C:\Documents and Settings\Uživatel\Data aplikací\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-12-15 323584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:ipsec"
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Documents and Settings\Uživatel\Local Settings\Temp\windows.exe"="C:\Documents and Settings\Uživatel\Local Settings\Temp\windows.exe:*:Enabled:windows.exe"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winegbdvh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winegbdvh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrfeeq.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrfeeq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\vgvhic.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\vgvhic.exe:*:Enabled:ipsec"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\vvcfk.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\vvcfk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wineaagvt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wineaagvt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\iaog.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\iaog.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winlmdlek.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winlmdlek.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\gmukt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\gmukt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winicxn.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winicxn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\bnss.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\bnss.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\oqbwcq.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\oqbwcq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\ypiu.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\ypiu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintrmwj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintrmwj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqpdr.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqpdr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winleeleg.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winleeleg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wokft.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wokft.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windtith.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windtith.exe:*:Enabled:ipsec"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\jnnkc.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\jnnkc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windadco.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windadco.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winyoor.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winyoor.exe:*:Enabled:ipsec"
"C:\Program Files\ProFact 3.0 Free\ProFactFree.exe"="C:\Program Files\ProFact 3.0 Free\ProFactFree.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\olbkm.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\olbkm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winlmpxt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winlmpxt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\yykntm.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\yykntm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winglpwv.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winglpwv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintfslq.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintfslq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrgsqbo.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrgsqbo.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winslit.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winslit.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\qmfw.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\qmfw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\auvp.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\auvp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winmgboe.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winmgboe.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winufpfk.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winufpfk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winnduh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winnduh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rfoxl.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rfoxl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winyyvwcw.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winyyvwcw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\giaxu.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\giaxu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nxot.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nxot.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winvhoog.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winvhoog.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winabwrn.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winabwrn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wingwai.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wingwai.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\xdhiu.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\xdhiu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rxrbme.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rxrbme.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrwmx.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrwmx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winwdgrns.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winwdgrns.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winpvxmp.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winpvxmp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rruuyj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rruuyj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lxauwj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lxauwj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\yoalgd.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\yoalgd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhlnit.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhlnit.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winciljxw.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winciljxw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winknvpb.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winknvpb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winuwldj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winuwldj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winetdh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winetdh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nsrl.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nsrl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lhuvio.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lhuvio.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\saoh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\saoh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\cjlku.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\cjlku.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrfamp.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrfamp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrxbnw.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrxbnw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nsmv.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nsmv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winejrjoy.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winejrjoy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfapho.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfapho.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winjhmel.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winjhmel.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wrnhi.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wrnhi.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wineveq.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wineveq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winjwqow.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winjwqow.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhreae.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhreae.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winwjgk.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winwjgk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\aqai.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\aqai.exe:*:Enabled:ipsec"
"C:\Program Files\Adobe\Reader 11.0\Reader\Reader_sl.exe"="C:\Program Files\Adobe\Reader 11.0\Reader\Reader_sl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windudbh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windudbh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winkwkfx.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winkwkfx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintdsude.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintdsude.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfyrlp.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfyrlp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhxrf.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhxrf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqjead.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqjead.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqxkv.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqxkv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windlpox.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windlpox.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\exonmt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\exonmt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\cyoyqm.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\cyoyqm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winiooyuy.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winiooyuy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wicqs.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wicqs.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqoyy.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqoyy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wincoodej.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wincoodej.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windvnwv.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windvnwv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wingduogb.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wingduogb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lylavj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lylavj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nrfpud.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nrfpud.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wincfmlua.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wincfmlua.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winiiocj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winiiocj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfbqt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfbqt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\enjsn.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\enjsn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winniysbc.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winniysbc.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"SENTINEL"=snti386.dll

======List of files/folders created in the last 1 month======

2014-08-24 09:44:33 ----A---- C:\WINDOWS\system32\drivers\trz2.tmp
2014-08-24 09:41:44 ----A---- C:\WINDOWS\system32\drivers\trz4.tmp
2014-08-23 17:11:43 ----D---- C:\zoek_backup
2014-08-23 17:03:41 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-08-23 17:00:41 ----D---- C:\AdwCleaner
2014-08-23 16:27:38 ----D---- C:\WINDOWS\ERUNT
2014-08-23 11:27:56 ----D---- C:\Program Files\trend micro
2014-08-23 11:27:54 ----D---- C:\rsit
2014-08-18 10:27:12 ----D---- C:\WINDOWS\system32
2014-08-18 06:01:50 ----D---- C:\WINDOWS
2014-08-17 01:35:28 ----D---- C:\Program Files\Common Files
2014-08-03 07:35:50 ----D---- C:\Program Files\AcGasSynchro II
2014-07-31 18:18:52 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\AcGasSynchro II

======List of files/folders modified in the last 1 month======

2014-08-25 19:47:12 ----D---- C:\WINDOWS\Prefetch
2014-08-25 19:08:06 ----D---- C:\WINDOWS\Temp
2014-08-24 10:10:30 ----A---- C:\WINDOWS\win.ini
2014-08-24 10:08:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-08-24 09:44:40 ----D---- C:\WINDOWS\system32\drivers
2014-08-24 09:14:45 ----HD---- C:\WINDOWS\inf
2014-08-24 08:54:08 ----D---- C:\Program Files\WinRAR
2014-08-24 08:54:05 ----D---- C:\Program Files\Windows NT
2014-08-24 08:54:04 ----D---- C:\Program Files\Windows Media Player
2014-08-24 08:54:03 ----D---- C:\Program Files\UltraISO
2014-08-24 08:46:49 ----D---- C:\Program Files\Adobe Acrobat Reader 10.10 CZ
2014-08-24 06:44:40 ----D---- C:\WINDOWS\system32\drivers\etc
2014-08-24 06:38:50 ----D---- C:\Program Files\Mozilla Firefox
2014-08-23 17:04:30 ----SD---- C:\WINDOWS\Tasks
2014-08-23 17:04:29 ----RD---- C:\Program Files
2014-08-23 17:04:10 ----D---- C:\Program Files\Kozaka
2014-08-19 15:05:03 ----D---- C:\AUTOLYSA
2014-08-18 15:28:26 ----AD---- C:\ADCDA2
2014-08-17 20:53:04 ----N---- C:\WINDOWS\Setup1.exe
2014-08-17 20:52:53 ----A---- C:\WINDOWS\ST6UNST.EXE
2014-08-17 18:00:12 ----A---- C:\WINDOWS\ODBC.INI
2014-08-16 12:35:43 ----D---- C:\Program Files\The KMPlayer
2014-08-13 21:23:06 ----A---- C:\CKINFO.TXT
2014-08-13 21:15:29 ----D---- C:\Program Files\ProFact 3.0 Free
2014-08-13 08:31:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\83849f562e1d8df
2014-07-31 09:04:20 ----D---- C:\Program Files\Stefanelli_GR

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-11-27 175176]
R0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-11-27 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-11-27 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-02-11 218688]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 NetWorkX;NetworkX; C:\WINDOWS\System32\ckldrv.sys [2010-03-19 23360]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2001-04-06 73216]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-12-16 122942]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-12-16 99002]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2003-01-23 1166336]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-06-24 34312]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 27656]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-06-24 38920]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-12-16 95579]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-10-17 247920]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 w29n51;Intel(R) PRO/Wireless 2915ABG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-10-29 55320]
S3 cyg_bus;Cygnal USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\cyg_bus.sys [2007-10-24 51040]
S3 cyg_ser;CP2101 USB to UART Bridge Controller Drivers; C:\WINDOWS\system32\DRIVERS\cyg_ser.sys [2007-10-24 82704]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 61704]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 73096]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\WINDOWS\system32\DRIVERS\silabenm.sys [2011-10-14 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\WINDOWS\system32\DRIVERS\silabser.sys [2011-10-14 61312]
S3 Sntnlusb;Sntnlusb; C:\WINDOWS\System32\Drivers\SNTNLUSB.SYS []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 COSIDS_TB;COSIDS_TB; C:\PROGRA~1\COSIDS\BIN\TbMux32.exe [2001-11-20 165376]
R2 CrypKey License;CrypKey License; C:\WINDOWS\system32\crypserv.exe [2010-03-18 126976]
R2 hasplms;HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2008-03-19 2558464]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2013-11-28 153376]
R2 MachineTokenService;SOMTS; C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe [2011-05-10 57344]
R2 ssinstall;SInstalátor; C:\WINDOWS\System32\ssins.exe [2014-05-14 2324216]
R2 Start BT in service;Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2008-03-19 51816]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-06-16 5037888]
S2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2008-03-19 166520]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

nevypadá to zatím moc dobře - zkusíme lehčí nástroj

Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „MoveIt!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\ - dej mi ho sem na kontrolu

Script OTM

moc se omlouvam, byl jsem tyden na sluzebce...dneska sem log hodim diky

Omluvy netřeba - taky tu nejsme 24/7
Log rád uvidím a budeme případně pokračovat

tak konecne...omlouvam se za prodlevu


All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: AvastSoftwareUpdater

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Guest

User: HelpAssistant

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 14172734 bytes
->Flash cache emptied: 988 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: SUPPORT_388945a0

User: Uživatel
->Temp folder emptied: 245270798 bytes
->Temporary Internet Files folder emptied: 15524007 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 20033974 bytes
->Flash cache emptied: 12530 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134153 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 10314 bytes
Windows Temp folder emptied: 2213441 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 2094390 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2080 bytes

Total Files Cleaned = 288,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: AvastSoftwareUpdater

User: Default User

User: Guest

User: HelpAssistant

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

User: SUPPORT_388945a0

User: Uživatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: AvastSoftwareUpdater

User: Default User

User: Guest

User: HelpAssistant

User: LocalService

User: NetworkService

User: SUPPORT_388945a0

User: Uživatel
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb

========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP215.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI633.tmp moved successfully.
C:\WINDOWS\Installer\MSI9C.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
File/Folder C:\Documents and Settings\Uživatel\Local Settings\Temp\*.exe not found.
File/Folder C:\WINDOWS\system32\drivers\trz2.tmp not found.
Folder C:\WINDOWS\system32\drivers\trz4.tmp not found.

OTM by OldTimer - Version 3.1.21.0 log created on 09162014_203817

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\hlktmp scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Udělej mi aktuální RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Uživatel at 2014-09-17 10:55:35
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 61 GB (76%) free of 80 GB
Total RAM: 1014 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:55:46, on 17.9.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\ssins.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\notepad.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Uživatel\Plocha\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Search] C:\Documents and Settings\Uživatel\Data aplikací\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: COSIDS_TB - TransAction Software, D 81737 Munich - C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
O23 - Service: CrypKey License - CrypKey (Canada) Ltd. - C:\WINDOWS\system32\crypserv.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SOMTS (MachineTokenService) - Unknown owner - C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\System32\ssins.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 4489 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-11-28 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2013-11-28 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"AGRSMMSG"=AGRSMMSG.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Yahoo! Search"=C:\Documents and Settings\Uživatel\Data aplikací\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-12-15 323584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:ipsec"
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Documents and Settings\Uživatel\Local Settings\Temp\windows.exe"="C:\Documents and Settings\Uživatel\Local Settings\Temp\windows.exe:*:Enabled:windows.exe"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winegbdvh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winegbdvh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrfeeq.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrfeeq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\vgvhic.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\vgvhic.exe:*:Enabled:ipsec"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\vvcfk.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\vvcfk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wineaagvt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wineaagvt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\iaog.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\iaog.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winlmdlek.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winlmdlek.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\gmukt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\gmukt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winicxn.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winicxn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\bnss.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\bnss.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\oqbwcq.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\oqbwcq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\ypiu.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\ypiu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintrmwj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintrmwj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqpdr.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqpdr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winleeleg.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winleeleg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wokft.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wokft.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windtith.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windtith.exe:*:Enabled:ipsec"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\jnnkc.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\jnnkc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windadco.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windadco.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winyoor.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winyoor.exe:*:Enabled:ipsec"
"C:\Program Files\ProFact 3.0 Free\ProFactFree.exe"="C:\Program Files\ProFact 3.0 Free\ProFactFree.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\olbkm.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\olbkm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winlmpxt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winlmpxt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\yykntm.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\yykntm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winglpwv.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winglpwv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintfslq.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintfslq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrgsqbo.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrgsqbo.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winslit.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winslit.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\qmfw.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\qmfw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\auvp.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\auvp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winmgboe.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winmgboe.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winufpfk.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winufpfk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winnduh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winnduh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rfoxl.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rfoxl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winyyvwcw.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winyyvwcw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\giaxu.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\giaxu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nxot.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nxot.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winvhoog.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winvhoog.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winabwrn.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winabwrn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wingwai.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wingwai.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\xdhiu.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\xdhiu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rxrbme.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rxrbme.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrwmx.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrwmx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winwdgrns.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winwdgrns.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winpvxmp.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winpvxmp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rruuyj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\rruuyj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lxauwj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lxauwj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\yoalgd.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\yoalgd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhlnit.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhlnit.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winciljxw.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winciljxw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winknvpb.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winknvpb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winuwldj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winuwldj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winetdh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winetdh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nsrl.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nsrl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lhuvio.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lhuvio.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\saoh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\saoh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\cjlku.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\cjlku.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrfamp.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrfamp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrxbnw.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winrxbnw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nsmv.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nsmv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winejrjoy.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winejrjoy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfapho.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfapho.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winjhmel.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winjhmel.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wrnhi.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wrnhi.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wineveq.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wineveq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winjwqow.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winjwqow.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhreae.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhreae.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winwjgk.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winwjgk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\aqai.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\aqai.exe:*:Enabled:ipsec"
"C:\Program Files\Adobe\Reader 11.0\Reader\Reader_sl.exe"="C:\Program Files\Adobe\Reader 11.0\Reader\Reader_sl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windudbh.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windudbh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winkwkfx.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winkwkfx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintdsude.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wintdsude.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfyrlp.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfyrlp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhxrf.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winhxrf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqjead.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqjead.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqxkv.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqxkv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windlpox.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windlpox.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\exonmt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\exonmt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\cyoyqm.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\cyoyqm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winiooyuy.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winiooyuy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wicqs.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wicqs.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqoyy.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winqoyy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wincoodej.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wincoodej.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windvnwv.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\windvnwv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wingduogb.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wingduogb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lylavj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\lylavj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nrfpud.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\nrfpud.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wincfmlua.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\wincfmlua.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winiiocj.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winiiocj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfbqt.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfbqt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\enjsn.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\enjsn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winniysbc.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winniysbc.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"SENTINEL"=snti386.dll

======List of files/folders created in the last 1 month======

2014-09-16 20:38:17 ----D---- C:\_OTM
2014-08-23 17:11:43 ----D---- C:\zoek_backup
2014-08-23 17:03:41 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-08-23 17:00:41 ----D---- C:\AdwCleaner
2014-08-23 16:27:38 ----D---- C:\WINDOWS\ERUNT
2014-08-23 11:27:56 ----D---- C:\Program Files\trend micro
2014-08-23 11:27:54 ----D---- C:\rsit
2014-08-18 10:27:12 ----D---- C:\WINDOWS\system32
2014-08-18 06:01:50 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 month======

2014-09-17 10:55:43 ----D---- C:\WINDOWS\Prefetch
2014-09-17 08:59:29 ----D---- C:\WINDOWS\Temp
2014-09-16 20:42:35 ----A---- C:\WINDOWS\win.ini
2014-09-16 20:40:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-09-16 20:39:11 ----D---- C:\WINDOWS\twain_32
2014-09-16 20:39:06 ----SHD---- C:\WINDOWS\Installer
2014-09-16 20:38:56 ----D---- C:\WINDOWS\system32\drivers
2014-08-24 09:14:45 ----HD---- C:\WINDOWS\inf
2014-08-24 08:54:08 ----D---- C:\Program Files\WinRAR
2014-08-24 08:54:05 ----D---- C:\Program Files\Windows NT
2014-08-24 08:54:04 ----D---- C:\Program Files\Windows Media Player
2014-08-24 08:54:03 ----D---- C:\Program Files\UltraISO
2014-08-24 08:46:49 ----D---- C:\Program Files\Adobe Acrobat Reader 10.10 CZ
2014-08-24 06:44:40 ----D---- C:\WINDOWS\system32\drivers\etc
2014-08-24 06:38:50 ----D---- C:\Program Files\Mozilla Firefox
2014-08-23 17:04:30 ----SD---- C:\WINDOWS\Tasks
2014-08-23 17:04:29 ----RD---- C:\Program Files
2014-08-23 17:04:10 ----D---- C:\Program Files\Kozaka
2014-08-19 15:05:03 ----D---- C:\AUTOLYSA
2014-08-18 15:28:26 ----AD---- C:\ADCDA2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-11-27 175176]
R0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-11-27 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-11-27 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-02-11 218688]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 NetWorkX;NetworkX; C:\WINDOWS\System32\ckldrv.sys [2010-03-19 23360]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2001-04-06 73216]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-12-16 122942]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-12-16 99002]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2003-01-23 1166336]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-06-24 34312]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 27656]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-06-24 38920]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-12-16 95579]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-10-17 247920]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 w29n51;Intel(R) PRO/Wireless 2915ABG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-10-29 55320]
S3 cyg_bus;Cygnal USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\cyg_bus.sys [2007-10-24 51040]
S3 cyg_ser;CP2101 USB to UART Bridge Controller Drivers; C:\WINDOWS\system32\DRIVERS\cyg_ser.sys [2007-10-24 82704]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 61704]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 73096]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\WINDOWS\system32\DRIVERS\silabenm.sys [2011-10-14 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\WINDOWS\system32\DRIVERS\silabser.sys [2011-10-14 61312]
S3 Sntnlusb;Sntnlusb; C:\WINDOWS\System32\Drivers\SNTNLUSB.SYS []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2008-03-19 166520]
R2 COSIDS_TB;COSIDS_TB; C:\PROGRA~1\COSIDS\BIN\TbMux32.exe [2001-11-20 165376]
R2 CrypKey License;CrypKey License; C:\WINDOWS\system32\crypserv.exe [2010-03-18 126976]
R2 hasplms;HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2008-03-19 2558464]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2013-11-28 153376]
R2 MachineTokenService;SOMTS; C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe [2011-05-10 57344]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 ssinstall;SInstalátor; C:\WINDOWS\System32\ssins.exe [2014-05-14 2324216]
R2 Start BT in service;Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2008-03-19 51816]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-06-16 5037888]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

zde Stáhni a nainstaluj MBAM zde http://www.bleepingcomputer.com/downloa ... re/dl/241/ verzi 1.75
Při aktualizaci ti jako první nabídne instalaci nové verze - dáš Storno
Spustit -> na 3.záložce "Aktualizace" -> Kontrola aktualizací (možná bude provedeno automaticky)
následně na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení a program nezavírej

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.09.17.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Uživatel :: MARTIN-D16844BB [administrátor]

17.9.2014 14:58:25
MBAM-log-2014-09-17 (16-21-53).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|H:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 377920
Uplynulý čas: 50 minut, 42 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 2
HKLM\SOFTWARE\Kozaka (PUP.Optional.Kozaka.A) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AMSINT32 (Virus.Sality) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.

Nalezené složky: 2
C:\WINDOWS\inf\mncrksoan (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\bitstreams (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 34
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\NetoCoouupon\5GoVf2FE.dll.vir (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\NewSaVer\zmZjQEVA.dll.vir (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\TuakeTheCOupuon\lw2nMV.dll.vir (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Kozaka\bin\plugins\Kozaka.Bromon.dll.vir (PUP.Optional.Sanbreel.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Kozaka\bin\plugins\Kozaka.BroStats.dll.vir (PUP.Optional.Sanbreel.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Kozaka\bin\plugins\Kozaka.BrowserAdapterS.dll.vir (PUP.Optional.Sanbreel.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Kozaka\bin\plugins\Kozaka.CompatibilityChecker.dll.vir (PUP.Optional.Sanbreel.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Kozaka\bin\plugins\Kozaka.OfSvc.dll.vir (PUP.Optional.Sanbreel.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Kozaka\bin\plugins\Kozaka.PurBrowse.dll.vir (PUP.Optional.Sanbreel.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\safewieb\Xd2.x64.dll.vir (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\avast free antivirus plna verze zdarma cz rar\is-0RDHC.tmp (Trojan.LVBP) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory\Nová složka\tis_2000_super_pro_usb_key_downloader.exe (PUP.Optional.ExpressFiles.A) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\system32\dcgmncrnhoro.exe (Trojan.BitMiner) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\system32\acumncrnhoro.exe (PUP.Optional.Bitcoin) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\msggfye\msggfye.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\msibcgg\msibcgg.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mslropx\mslropx.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mswwygua\mswwygua.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\mncrksoan.exe (Trojan.BitMiner) -> Nebyla provedena žádná instrukce.
D:\ZALOHA\Stažené soubory\Nová složka\tis_2000_super_pro_usb_key_downloader.exe (PUP.Optional.ExpressFiles.A) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\ntvdm.inf (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\diablo130302.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\diakgcn121016.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\libcurl-4.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\libeay32.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\libidn-11.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\librtmp.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\libssh2.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\phatk121016.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\poclbm130302.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\scrypt130511.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\ssleay32.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\zlib1.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mncrksoan\bitstreams\fpgaminer_top_fixed7_197MHz.ncd (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.

(konec)

Zobrazit výsledky -> zkontrolovat zda je vše označeno -> Odstranit označené
vyběhne log, ve kterém budou záznamy tohoto typu:
Nalezené soubory
C:\Program Files\xxxxxx -> Přesun do karantény a smazání se zdařilo
ten bych rád viděl

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.09.17.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Uživatel :: MARTIN-D16844BB [administrátor]

17.9.2014 14:58:25
mbam-log-2014-09-17 (14-58-25).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|H:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 377920
Uplynulý čas: 50 minut, 42 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 2
HKLM\SOFTWARE\Kozaka (PUP.Optional.Kozaka.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AMSINT32 (Virus.Sality) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.

Nalezené složky: 2
C:\WINDOWS\inf\mncrksoan (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\bitstreams (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 34
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\NetoCoouupon\5GoVf2FE.dll.vir (PUP.Optional.MultiPlug.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\NewSaVer\zmZjQEVA.dll.vir (PUP.Optional.MultiPlug.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Data aplikací\TuakeTheCOupuon\lw2nMV.dll.vir (PUP.Optional.MultiPlug.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files\Kozaka\bin\plugins\Kozaka.Bromon.dll.vir (PUP.Optional.Sanbreel.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files\Kozaka\bin\plugins\Kozaka.BroStats.dll.vir (PUP.Optional.Sanbreel.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files\Kozaka\bin\plugins\Kozaka.BrowserAdapterS.dll.vir (PUP.Optional.Sanbreel.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files\Kozaka\bin\plugins\Kozaka.CompatibilityChecker.dll.vir (PUP.Optional.Sanbreel.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files\Kozaka\bin\plugins\Kozaka.OfSvc.dll.vir (PUP.Optional.Sanbreel.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files\Kozaka\bin\plugins\Kozaka.PurBrowse.dll.vir (PUP.Optional.Sanbreel.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files\safewieb\Xd2.x64.dll.vir (PUP.Optional.MultiPlug.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\avast free antivirus plna verze zdarma cz rar\is-0RDHC.tmp (Trojan.LVBP) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory\Nová složka\tis_2000_super_pro_usb_key_downloader.exe (PUP.Optional.ExpressFiles.A) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\system32\dcgmncrnhoro.exe (Trojan.BitMiner) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\system32\acumncrnhoro.exe (PUP.Optional.Bitcoin) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\msggfye\msggfye.exe (BitcoinMiner) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\msibcgg\msibcgg.exe (BitcoinMiner) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mslropx\mslropx.exe (BitcoinMiner) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mswwygua\mswwygua.exe (BitcoinMiner) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\mncrksoan.exe (Trojan.BitMiner) -> Přesun do karantény a smazání se zdařilo.
D:\ZALOHA\Stažené soubory\Nová složka\tis_2000_super_pro_usb_key_downloader.exe (PUP.Optional.ExpressFiles.A) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\ntvdm.inf (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\diablo130302.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\diakgcn121016.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\libcurl-4.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\libeay32.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\libidn-11.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\librtmp.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\libssh2.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\phatk121016.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\poclbm130302.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\scrypt130511.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\ssleay32.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\zlib1.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\inf\mncrksoan\bitstreams\fpgaminer_top_fixed7_197MHz.ncd (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.

(konec)