VIRY.CZ

Dobrý den, prosím o preventivní kontrolu. děkuji

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jarda at 2013-01-29 16:24:09
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 32 GB (65%) free of 50 GB
Total RAM: 3037 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:24:35, on 29.1.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Jarda\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Jarda.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?SearchSource ... =CT1750559
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [MsgTranAgt] C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Program Files\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus SX200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU "C:\WINDOWS\TEMP\E_S12.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 8845 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1844237615-1614895754-1801674531-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1844237615-1614895754-1801674531-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-22 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-12-13 4527888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-10-17 1521352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-22 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-05-09 176936]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-10-17 1521352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MsgTranAgt"=C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe [2008-08-18 117304]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ATKHOTKEY"=C:\Program Files\ASUS\ATK Hotkey\HControl.exe [2009-03-20 174648]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-03-04 8392704]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-07 159744]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-02-26 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-02-26 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-02-26 142360]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2009-02-06 1593344]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-03-23 33599488]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-03-30 418816]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2012-10-17 1573576]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EPSON Stylus SX200 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE [2007-12-13 188928]
"Facebook Update"=C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-11-09 17877168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-02-20 206848]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2013-01-29 16:24:09 ----D---- C:\rsit
2013-01-29 16:24:09 ----D---- C:\Program Files\trend micro
2013-01-22 19:10:28 ----D---- C:\Program Files\Common Files\Java
2013-01-22 19:10:02 ----A---- C:\WINDOWS\system32\javaws.exe
2013-01-22 19:09:55 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-01-22 19:09:55 ----A---- C:\WINDOWS\system32\javaw.exe
2013-01-22 19:09:55 ----A---- C:\WINDOWS\system32\java.exe
2013-01-22 19:09:36 ----D---- C:\Program Files\Java
2013-01-18 23:24:11 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2013-01-29 16:24:18 ----D---- C:\WINDOWS\Prefetch
2013-01-29 16:24:09 ----RD---- C:\Program Files
2013-01-29 16:20:09 ----D---- C:\WINDOWS\Temp
2013-01-29 16:19:57 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Skype
2013-01-29 16:18:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-01-29 09:48:21 ----D---- C:\WINDOWS
2013-01-27 18:43:12 ----D---- C:\WINDOWS\system32
2013-01-22 19:10:29 ----SHD---- C:\WINDOWS\Installer
2013-01-22 19:10:28 ----D---- C:\Program Files\Common Files
2013-01-22 19:09:40 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-01-21 16:37:16 ----D---- C:\Program Files\JDownloader
2013-01-19 01:04:57 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-01-15 15:02:22 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2013-01-15 09:07:38 ----D---- C:\Program Files\BS_Player
2013-01-15 09:07:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-01-09 18:43:31 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-09-19 1570240]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 ETD;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2009-03-30 129024]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-02-20 6312864]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-12-16 38400]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-17 7680]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-03-20 1057280]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS []
S3 BattStatSys;BattStatSys; \??\C:\DOCUME~1\Jarda\LOCALS~1\Temp\BSS1.tmp []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CRFILTER;USB Mass Storage Filter; C:\WINDOWS\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
S3 massfilter;Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2010-02-22 9216]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2010-03-02 105856]
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2010-03-02 105856]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2010-03-02 105856]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-03-08 122608]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-07 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-01-22 170912]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-09 136176]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-09 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-18 115608]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

Zdravím.

Vydrž minutku, na logu se intenzivně pracuje.

Takže, pokud je tam najdeš, tak v nabídce Přidat nebo odebrat programy odinstaluj tyto toolbary:

• BS Player Toolbar a Ask Toolbar.

Toolbary (lišty prohlížečů) jsou veliká "zdržovadla" systému a v případě například Ask.com Toolbar, Conduit Engine a dalších se dá hovořit už i o havěti.


Potom stáhni AdwCleaner - http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulož jej nejlépe na Plochu.
• Ukonči všechny programy!!
• Spusť AdwCleaner.
• Klikni na [Search].
• Proběhne scan a pak se objeví log, který bude případně uložen na systémovém disku jako AdwCleaner[R?].txt - ten mi sem vlož.

# AdwCleaner v2.109 - Logfile created 01/29/2013 at 17:47:13
# Updated 26/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Jarda - JAROSLAV-76B838
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Jarda\Plocha\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\searchplugins\Askcom.xml
File Found : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\searchplugins\askcomsearch.xml
File Found : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\searchplugins\Conduit.xml
File Found : C:\END
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Found : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\ConduitCommon
Folder Found : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\CT1750559
Folder Found : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Folder Found : C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Conduit
Folder Found : C:\Program Files\Conduit

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\SmartBar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Found : HKLM\Software\Conduit
Key Found : HKU\S-1-5-21-1844237615-1614895754-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKU\S-1-5-21-1844237615-1614895754-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com/?SearchSource=10&ctid=CT1750559

-\\ Mozilla Firefox v18.0.1 (cs)

File : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\prefs.js

Found : user_pref("CT1750559..clientLogIsEnabled", false);
Found : user_pref("CT1750559..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT1750559..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT1750559.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT1750559.BrowserCompStateIsOpen_129502713039250930", true);
Found : user_pref("CT1750559.BrowserCompStateIsOpen_129544988592463877", true);
Found : user_pref("CT1750559.CT1750559", "CT1750559");
Found : user_pref("CT1750559.CurrentServerDate", "29-1-2013");
Found : user_pref("CT1750559.DSInstall", true);
Found : user_pref("CT1750559.DialogsAlignMode", "LTR");
Found : user_pref("CT1750559.DialogsGetterLastCheckTime", "Sun Jan 27 2013 18:32:00 GMT+0100");
Found : user_pref("CT1750559.DownloadReferralCookieData", "");
Found : user_pref("CT1750559.EnableClickToSearchBox", false);
Found : user_pref("CT1750559.EnableSearchHistory", false);
Found : user_pref("CT1750559.EnableSearchSuggest", false);
Found : user_pref("CT1750559.FirstServerDate", "11-9-2012");
Found : user_pref("CT1750559.FirstTime", true);
Found : user_pref("CT1750559.FirstTimeFF3", true);
Found : user_pref("CT1750559.FirstTimeHiddenVer", true);
Found : user_pref("CT1750559.FixPageNotFoundErrors", false);
Found : user_pref("CT1750559.GroupingServerCheckInterval", 1440);
Found : user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT1750559.HPInstall", true);
Found : user_pref("CT1750559.HasUserGlobalKeys", true);
Found : user_pref("CT1750559.HomePageProtectorEnabled", true);
Found : user_pref("CT1750559.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=[...]
Found : user_pref("CT1750559.Initialize", true);
Found : user_pref("CT1750559.InitializeCommonPrefs", true);
Found : user_pref("CT1750559.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT1750559.InstallationType", "Unknown");
Found : user_pref("CT1750559.InstalledDate", "Tue Sep 11 2012 01:33:10 GMT+0200");
Found : user_pref("CT1750559.InvalidateCache", false);
Found : user_pref("CT1750559.IsAlertDBUpdated", true);
Found : user_pref("CT1750559.IsGrouping", false);
Found : user_pref("CT1750559.IsInitSetupIni", true);
Found : user_pref("CT1750559.IsMulticommunity", false);
Found : user_pref("CT1750559.IsOpenThankYouPage", true);
Found : user_pref("CT1750559.IsOpenUninstallPage", true);
Found : user_pref("CT1750559.IsProtectorsInit", true);
Found : user_pref("CT1750559.LanguagePackLastCheckTime", "Mon Jan 28 2013 22:35:07 GMT+0100");
Found : user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT1750559.LastLogin_3.15.1.0", "Tue Jan 29 2013 16:20:28 GMT+0100");
Found : user_pref("CT1750559.LatestVersion", "3.16.0.3");
Found : user_pref("CT1750559.Locale", "en-us");
Found : user_pref("CT1750559.MCDetectTooltipHeight", "83");
Found : user_pref("CT1750559.MCDetectTooltipShow", false);
Found : user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT1750559.MCDetectTooltipWidth", "295");
Found : user_pref("CT1750559.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT1750559.OriginalFirstVersion", "3.15.1.0");
Found : user_pref("CT1750559.RadioIsPodcast", false);
Found : user_pref("CT1750559.RadioLastCheckTime", "Tue Sep 11 2012 01:33:08 GMT+0200");
Found : user_pref("CT1750559.RadioLastUpdateIPServer", "3");
Found : user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
Found : user_pref("CT1750559.RadioMediaID", "11237206");
Found : user_pref("CT1750559.RadioMediaType", "Media Player");
Found : user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
Found : user_pref("CT1750559.RadioShrinkedFromSetup", false);
Found : user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
Found : user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
Found : user_pref("CT1750559.SavedHomepage", "hxxp://seznam.cz/");
Found : user_pref("CT1750559.SearchBackToDefaultEngine", false);
Found : user_pref("CT1750559.SearchCaption", "BS Player Customized Web Search");
Found : user_pref("CT1750559.SearchEngineBeforeUnload", "BS Player Customized Web Search");
Found : user_pref("CT1750559.SearchFromAddressBarIsInit", true);
Found : user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT175[...]
Found : user_pref("CT1750559.SearchInNewTabEnabled", true);
Found : user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT1750559.SearchInNewTabLastCheckTime", "Mon Jan 28 2013 22:35:05 GMT+0100");
Found : user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT1750559.SearchInNewTabUserEnabled", false);
Found : user_pref("CT1750559.SearchProtectorEnabled", true);
Found : user_pref("CT1750559.SearchProtectorToolbarDisabled", true);
Found : user_pref("CT1750559.SendProtectorDataViaLogin", true);
Found : user_pref("CT1750559.ServiceMapLastCheckTime", "Mon Jan 28 2013 22:35:06 GMT+0100");
Found : user_pref("CT1750559.SettingsLastCheckTime", "Tue Jan 29 2013 16:20:25 GMT+0100");
Found : user_pref("CT1750559.SettingsLastUpdate", "1359468618");
Found : user_pref("CT1750559.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13");
Found : user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Tue Sep 11 2012 01:33:04 GMT+0200");
Found : user_pref("CT1750559.ToolbarDisabled", false);
Found : user_pref("CT1750559.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT1750559.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1750559");
Found : user_pref("CT1750559.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT1750559.UserID", "UN47581751281311261");
Found : user_pref("CT1750559.WeatherNetwork", "");
Found : user_pref("CT1750559.WeatherPollDate", "Tue Sep 11 2012 01:33:10 GMT+0200");
Found : user_pref("CT1750559.WeatherUnit", "C");
Found : user_pref("CT1750559.alertChannelId", "31130");
Found : user_pref("CT1750559.approveUntrustedApps", true);
Found : user_pref("CT1750559.autoDisableScopes", -1);
Found : user_pref("CT1750559.backendstorage.appbuttondisablenull", "30");
Found : user_pref("CT1750559.backendstorage.twitter_v1.8.0_twitter_app_open_t_f", "66616C7365");
Found : user_pref("CT1750559.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT1750559.globalFirstTimeInfoLastCheckTime", "Tue Sep 11 2012 01:33:06 GMT+0200");
Found : user_pref("CT1750559.homepageProtectorEnableByLogin", true);
Found : user_pref("CT1750559.initDone", true);
Found : user_pref("CT1750559.isAppTrackingManagerOn", false);
Found : user_pref("CT1750559.isFirstRadioInstallation", false);
Found : user_pref("CT1750559.isSearchProtectorNotifyChanges", false);
Found : user_pref("CT1750559.myStuffEnabled", true);
Found : user_pref("CT1750559.myStuffPublihserMinWidth", 400);
Found : user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT1750559.navigateToUrlOnSearch", false);
Found : user_pref("CT1750559.revertSettingsEnabled", true);
Found : user_pref("CT1750559.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT1750559.searchProtectorEnableByLogin", true);
Found : user_pref("CT1750559.testingCtid", "");
Found : user_pref("CT1750559.toolbarAppMetaDataLastCheckTime", "Mon Jan 28 2013 22:35:07 GMT+0100");
Found : user_pref("CT1750559.toolbarContextMenuLastCheckTime", "Tue Sep 11 2012 01:33:10 GMT+0200");
Found : user_pref("CT1750559.usageEnabled", false);
Found : user_pref("CT1750559.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT1750559&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "BS Player Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1750559/CT1750559[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/31130/30609/CZ", "\"0\"");
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1750559", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1750559",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Jarda\\Data aplika[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT1750559");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT1750559");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT1750559");
Found : user_pref("CommunityToolbar.globalUserId", "d45ca359-7677-4710-a7e1-c04c66af456f");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Sep 11 2012 01:33:1[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Sep 11 2012 01:33:19 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Sep 11 2012 01:33:07 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "5df55507-d0ed-4a37-ab64-ce785e4ac0e9");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://seznam.cz/");
Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Found : user_pref("browser.search.defaultthis.engineName", "BS Player Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&Sea[...]
Found : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v24.0.1312.56

File : C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

Found [l.39] : icon_url = "hxxp://www.ask.com/favicon.ico",
Found [l.42] : keyword = "ask.com",
Found [l.45] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=15E535F0-18BD-4C22-BBAB-58E6981670FD&apn_ptnrs=&apn_sauid=C84CACA2-AA65-4E0E-8493-BB45747B9C52&apn_dtid=OSJ000&q={searchTerms}",
Found [l.46] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}"

*************************

AdwCleaner[R1].txt - [15908 octets] - [29/01/2013 17:47:13]

########## EOF - C:\AdwCleaner[R1].txt - [15969 octets] ##########

No, fest tam toho máš.


Provedeme opravy.

• Spusť AdwCleaner znovu.
• Pokud používáš operační systém Windows Vista či Windows 7, klikni na AdwCleaner pravým myšítkem a dej Run As Administrator či Spustit jako správce.
• Klikni na [Delete].
• PC provede opravu, restartuje se a vytvoří log C:\AdwCleaner [S1].txt - jeho obsah mi sem zase vlož.

Dále stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ulož jej nejlépe na Plochu.
• Ukonči všechny programy!
• Spusť RogueKiller.
• Počkej, než program dokončí Prescan.
• Potom klikni na tlačítko [Prohledat] a počkej, až prohlídka proběhne.
• Klikni na tlačítko [Zpráva] - otevře se log, ten mi sem vlož.
• Detailní postup včetně obrázků najdeš zde: http://forum.viry.cz/viewtopic.php?f=24&t=120452

# AdwCleaner v2.109 - Logfile created 01/29/2013 at 18:24:30
# Updated 26/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Jarda - JAROSLAV-76B838
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Jarda\Plocha\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\searchplugins\Askcom.xml
File Deleted : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\searchplugins\askcomsearch.xml
File Deleted : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\searchplugins\Conduit.xml
File Deleted : C:\END
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\CT1750559
Folder Deleted : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Folder Deleted : C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\Program Files\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\Software\Conduit
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com/?SearchSource=10&ctid=CT1750559 --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.1 (cs)

File : C:\Documents and Settings\Jarda\Data aplikací\Mozilla\Firefox\Profiles\1jjt4nnx.default\prefs.js

Deleted : user_pref("CT1750559..clientLogIsEnabled", false);
Deleted : user_pref("CT1750559..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT1750559..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT1750559.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT1750559.BrowserCompStateIsOpen_129502713039250930", true);
Deleted : user_pref("CT1750559.BrowserCompStateIsOpen_129544988592463877", true);
Deleted : user_pref("CT1750559.CT1750559", "CT1750559");
Deleted : user_pref("CT1750559.CurrentServerDate", "29-1-2013");
Deleted : user_pref("CT1750559.DSInstall", true);
Deleted : user_pref("CT1750559.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1750559.DialogsGetterLastCheckTime", "Sun Jan 27 2013 18:32:00 GMT+0100");
Deleted : user_pref("CT1750559.DownloadReferralCookieData", "");
Deleted : user_pref("CT1750559.EnableClickToSearchBox", false);
Deleted : user_pref("CT1750559.EnableSearchHistory", false);
Deleted : user_pref("CT1750559.EnableSearchSuggest", false);
Deleted : user_pref("CT1750559.FirstServerDate", "11-9-2012");
Deleted : user_pref("CT1750559.FirstTime", true);
Deleted : user_pref("CT1750559.FirstTimeFF3", true);
Deleted : user_pref("CT1750559.FirstTimeHiddenVer", true);
Deleted : user_pref("CT1750559.FixPageNotFoundErrors", false);
Deleted : user_pref("CT1750559.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT1750559.HPInstall", true);
Deleted : user_pref("CT1750559.HasUserGlobalKeys", true);
Deleted : user_pref("CT1750559.HomePageProtectorEnabled", true);
Deleted : user_pref("CT1750559.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=[...]
Deleted : user_pref("CT1750559.Initialize", true);
Deleted : user_pref("CT1750559.InitializeCommonPrefs", true);
Deleted : user_pref("CT1750559.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT1750559.InstallationType", "Unknown");
Deleted : user_pref("CT1750559.InstalledDate", "Tue Sep 11 2012 01:33:10 GMT+0200");
Deleted : user_pref("CT1750559.InvalidateCache", false);
Deleted : user_pref("CT1750559.IsAlertDBUpdated", true);
Deleted : user_pref("CT1750559.IsGrouping", false);
Deleted : user_pref("CT1750559.IsInitSetupIni", true);
Deleted : user_pref("CT1750559.IsMulticommunity", false);
Deleted : user_pref("CT1750559.IsOpenThankYouPage", true);
Deleted : user_pref("CT1750559.IsOpenUninstallPage", true);
Deleted : user_pref("CT1750559.IsProtectorsInit", true);
Deleted : user_pref("CT1750559.LanguagePackLastCheckTime", "Mon Jan 28 2013 22:35:07 GMT+0100");
Deleted : user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT1750559.LastLogin_3.15.1.0", "Tue Jan 29 2013 16:20:28 GMT+0100");
Deleted : user_pref("CT1750559.LatestVersion", "3.16.0.3");
Deleted : user_pref("CT1750559.Locale", "en-us");
Deleted : user_pref("CT1750559.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT1750559.MCDetectTooltipShow", false);
Deleted : user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT1750559.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT1750559.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT1750559.OriginalFirstVersion", "3.15.1.0");
Deleted : user_pref("CT1750559.RadioIsPodcast", false);
Deleted : user_pref("CT1750559.RadioLastCheckTime", "Tue Sep 11 2012 01:33:08 GMT+0200");
Deleted : user_pref("CT1750559.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
Deleted : user_pref("CT1750559.RadioMediaID", "11237206");
Deleted : user_pref("CT1750559.RadioMediaType", "Media Player");
Deleted : user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
Deleted : user_pref("CT1750559.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
Deleted : user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
Deleted : user_pref("CT1750559.SavedHomepage", "hxxp://seznam.cz/");
Deleted : user_pref("CT1750559.SearchBackToDefaultEngine", false);
Deleted : user_pref("CT1750559.SearchCaption", "BS Player Customized Web Search");
Deleted : user_pref("CT1750559.SearchEngineBeforeUnload", "BS Player Customized Web Search");
Deleted : user_pref("CT1750559.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT175[...]
Deleted : user_pref("CT1750559.SearchInNewTabEnabled", true);
Deleted : user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT1750559.SearchInNewTabLastCheckTime", "Mon Jan 28 2013 22:35:05 GMT+0100");
Deleted : user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT1750559.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT1750559.SearchProtectorEnabled", true);
Deleted : user_pref("CT1750559.SearchProtectorToolbarDisabled", true);
Deleted : user_pref("CT1750559.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT1750559.ServiceMapLastCheckTime", "Mon Jan 28 2013 22:35:06 GMT+0100");
Deleted : user_pref("CT1750559.SettingsLastCheckTime", "Tue Jan 29 2013 16:20:25 GMT+0100");
Deleted : user_pref("CT1750559.SettingsLastUpdate", "1359468618");
Deleted : user_pref("CT1750559.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13");
Deleted : user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Tue Sep 11 2012 01:33:04 GMT+0200");
Deleted : user_pref("CT1750559.ToolbarDisabled", false);
Deleted : user_pref("CT1750559.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT1750559.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1750559");
Deleted : user_pref("CT1750559.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT1750559.UserID", "UN47581751281311261");
Deleted : user_pref("CT1750559.WeatherNetwork", "");
Deleted : user_pref("CT1750559.WeatherPollDate", "Tue Sep 11 2012 01:33:10 GMT+0200");
Deleted : user_pref("CT1750559.WeatherUnit", "C");
Deleted : user_pref("CT1750559.alertChannelId", "31130");
Deleted : user_pref("CT1750559.approveUntrustedApps", true);
Deleted : user_pref("CT1750559.autoDisableScopes", -1);
Deleted : user_pref("CT1750559.backendstorage.appbuttondisablenull", "30");
Deleted : user_pref("CT1750559.backendstorage.twitter_v1.8.0_twitter_app_open_t_f", "66616C7365");
Deleted : user_pref("CT1750559.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT1750559.globalFirstTimeInfoLastCheckTime", "Tue Sep 11 2012 01:33:06 GMT+0200");
Deleted : user_pref("CT1750559.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT1750559.initDone", true);
Deleted : user_pref("CT1750559.isAppTrackingManagerOn", false);
Deleted : user_pref("CT1750559.isFirstRadioInstallation", false);
Deleted : user_pref("CT1750559.isSearchProtectorNotifyChanges", false);
Deleted : user_pref("CT1750559.myStuffEnabled", true);
Deleted : user_pref("CT1750559.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT1750559.navigateToUrlOnSearch", false);
Deleted : user_pref("CT1750559.revertSettingsEnabled", true);
Deleted : user_pref("CT1750559.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT1750559.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT1750559.testingCtid", "");
Deleted : user_pref("CT1750559.toolbarAppMetaDataLastCheckTime", "Mon Jan 28 2013 22:35:07 GMT+0100");
Deleted : user_pref("CT1750559.toolbarContextMenuLastCheckTime", "Tue Sep 11 2012 01:33:10 GMT+0200");
Deleted : user_pref("CT1750559.usageEnabled", false);
Deleted : user_pref("CT1750559.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT1750559&Search[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "BS Player Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1750559/CT1750559[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/31130/30609/CZ", "\"0\"");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1750559", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1750559",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Jarda\\Data aplika[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1750559");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1750559");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT1750559");
Deleted : user_pref("CommunityToolbar.globalUserId", "d45ca359-7677-4710-a7e1-c04c66af456f");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Sep 11 2012 01:33:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Sep 11 2012 01:33:19 GMT+020[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Sep 11 2012 01:33:07 GMT+0200");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "5df55507-d0ed-4a37-ab64-ce785e4ac0e9");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://seznam.cz/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Deleted : user_pref("browser.search.defaultthis.engineName", "BS Player Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&Sea[...]
Deleted : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v24.0.1312.56

File : C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

Deleted [l.39] : icon_url = "hxxp://www.ask.com/favicon.ico",
Deleted [l.42] : keyword = "ask.com",
Deleted [l.45] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=15[...]
Deleted [l.46] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]

*************************

AdwCleaner[R1].txt - [16039 octets] - [29/01/2013 17:47:13]
AdwCleaner[R2].txt - [16100 octets] - [29/01/2013 18:24:17]
AdwCleaner[S1].txt - [16009 octets] - [29/01/2013 18:24:30]

########## EOF - C:\AdwCleaner[S1].txt - [16070 octets] ##########

RogueKiller V8.4.3 [Jan 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jarda [Práva správce]
Mód : Kontrola -- Datum : 01/29/2013 18:28:25
| ARK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> NALEZENO
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> NALEZENO
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9320325AS +++++
--- User ---
[MBR] 6a12a5a8ede1883f3b88411083e4a1b8
[BSP] 5ca9597b0e0ee9627ca318e04e3d4f06 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 102398310 | Size: 255235 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_01292013_02d1828.txt >>
RKreport[1]_S_01292013_02d1828.txt

Takže provedeme další opravy.

• Ukonči všechny programy!
• Spusť RogueKiller.
• Počkej, než program dokončí Prescan.
• Zvol možnost [Prohledat] a počkej, až prohlídka proběhne.
• V záložce Registry nech všechny nálezy označeny.
• Klikni na tlačítko [Smazat] a následně na [Zpráva] - otevře se log, ten mi sem vlož.
• Pak ještě klikni na tlačítko [Oprava Hosts] a potom opět na [Zpráva] - otevře se další log, který mi sem také vlož.

A vlož mi sem také prosím nový aktuální log ze RSITu, ať se podívám, co se povedlo a co zatím ne.

1. log

RogueKiller V8.4.3 [Jan 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jarda [Práva správce]
Mód : Odebrat -- Datum : 01/29/2013 18:42:45
| ARK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> NAHRAZENO (0)
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> NAHRAZENO (0)
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9320325AS +++++
--- User ---
[MBR] 6a12a5a8ede1883f3b88411083e4a1b8
[BSP] 5ca9597b0e0ee9627ca318e04e3d4f06 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 102398310 | Size: 255235 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[3]_D_01292013_02d1842.txt >>
RKreport[1]_S_01292013_02d1828.txt ; RKreport[2]_S_01292013_02d1841.txt ; RKreport[3]_D_01292013_02d1842.txt



2. log

RogueKiller V8.4.3 [Jan 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jarda [Práva správce]
Mód : Oprava HOSTS -- Datum : 01/29/2013 18:43:47
| ARK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_01292013_02d1843.txt >>
RKreport[1]_S_01292013_02d1828.txt ; RKreport[2]_S_01292013_02d1841.txt ; RKreport[3]_D_01292013_02d1842.txt ; RKreport[4]_H_01292013_02d1843.txt

log rsit

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jarda at 2013-01-29 18:44:47
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 33 GB (65%) free of 50 GB
Total RAM: 3037 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:45:00, on 29.1.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Jarda\Plocha\RSIT.exe
C:\Program Files\trend micro\Jarda.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [MsgTranAgt] C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Program Files\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus SX200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU "C:\WINDOWS\TEMP\E_S12.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7812 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1844237615-1614895754-1801674531-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1844237615-1614895754-1801674531-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-22 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-12-13 4527888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-22 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MsgTranAgt"=C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe [2008-08-18 117304]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ATKHOTKEY"=C:\Program Files\ASUS\ATK Hotkey\HControl.exe [2009-03-20 174648]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-03-04 8392704]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-07 159744]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-02-26 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-02-26 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-02-26 142360]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2009-02-06 1593344]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-03-23 33599488]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-03-30 418816]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EPSON Stylus SX200 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE [2007-12-13 188928]
"Facebook Update"=C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-11-09 17877168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-02-20 206848]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2013-01-29 18:24:30 ----A---- C:\AdwCleaner[S1].txt
2013-01-29 18:24:17 ----A---- C:\AdwCleaner[R2].txt
2013-01-29 17:47:13 ----A---- C:\AdwCleaner[R1].txt
2013-01-29 16:24:09 ----D---- C:\rsit
2013-01-29 16:24:09 ----D---- C:\Program Files\trend micro
2013-01-22 19:10:28 ----D---- C:\Program Files\Common Files\Java
2013-01-22 19:10:02 ----A---- C:\WINDOWS\system32\javaws.exe
2013-01-22 19:09:55 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-01-22 19:09:55 ----A---- C:\WINDOWS\system32\javaw.exe
2013-01-22 19:09:55 ----A---- C:\WINDOWS\system32\java.exe
2013-01-22 19:09:36 ----D---- C:\Program Files\Java
2013-01-18 23:24:11 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2013-01-29 18:44:56 ----D---- C:\WINDOWS\Prefetch
2013-01-29 18:44:15 ----D---- C:\WINDOWS\system32\drivers
2013-01-29 18:26:49 ----D---- C:\WINDOWS\Temp
2013-01-29 18:25:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-01-29 18:24:35 ----RD---- C:\Program Files
2013-01-29 18:22:08 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Skype
2013-01-29 17:41:41 ----SHD---- C:\WINDOWS\Installer
2013-01-29 17:41:35 ----SD---- C:\WINDOWS\Tasks
2013-01-29 09:48:21 ----D---- C:\WINDOWS
2013-01-27 18:43:12 ----D---- C:\WINDOWS\system32
2013-01-22 19:10:28 ----D---- C:\Program Files\Common Files
2013-01-22 19:09:40 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-01-21 16:37:16 ----D---- C:\Program Files\JDownloader
2013-01-19 01:04:57 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-01-15 15:02:22 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2013-01-15 09:07:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-01-09 18:43:31 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-09-19 1570240]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 ETD;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2009-03-30 129024]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-02-20 6312864]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-12-16 38400]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-17 7680]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-03-20 1057280]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS []
S3 BattStatSys;BattStatSys; \??\C:\DOCUME~1\Jarda\LOCALS~1\Temp\BSS1.tmp []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CRFILTER;USB Mass Storage Filter; C:\WINDOWS\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
S3 massfilter;Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2010-02-22 9216]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2010-03-02 105856]
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2010-03-02 105856]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2010-03-02 105856]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-03-08 122608]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-07 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-01-22 170912]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-09 136176]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-09 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-18 115608]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

Takže fixni v HJT níže uvedené položky.

• Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
• Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
• Položky, které v seznamu nenajdeš, prostě přeskoč.
• HJT najdeš zde: C:\Program Files\trend micro\Jarda.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll


Dále stáhni utilitu OTM z jednoho z těchto odkazů:

• http://oldtimer.geekstogo.com/OTM.exe
• http://oldtimer.geekstogo.com/OTM.com
• http://oldtimer.geekstogo.com/OTM.scr

Ulož ji na Plochu a dvojklikem spusť.

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script (pouze zelená písmenka v bílém poli, včetně té dvojtečky před Commands!): Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\

All processes killed
========== COMMANDS ==========

Restore point Set: OTM Restore Point
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Jarda
->Temp folder emptied: 38186500 bytes
->Temporary Internet Files folder emptied: 573988 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 67468203 bytes
->Google Chrome cache emptied: 10368445 bytes
->Flash cache emptied: 779 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2351732 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 7774 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 114,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: Jarda
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service BattStatSys stopped successfully!
Service BattStatSys deleted successfully!
========== FILES ==========
C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Video\Skype folder moved successfully.
C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Video\Common\fb#3aac4rwsy5dbec184hsdeoejcb_8etx0q_hy_xfpodqtunlujynf8izo0j_mputyxbpiw folder moved successfully.
C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Video\Common folder moved successfully.
C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Video folder moved successfully.
C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Update\Manifest\Initial folder moved successfully.
C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Update\Manifest folder moved successfully.
C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Update\Download folder moved successfully.
C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Update\1.2.205.0 folder moved successfully.
C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\Update folder moved successfully.
C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook\CrashReports folder moved successfully.
C:\Documents and Settings\Jarda\Local Settings\Data aplikací\Facebook folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP272.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D.tmp folder moved successfully.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1844237615-1614895754-1801674531-1003Core.job moved successfully.
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1844237615-1614895754-1801674531-1003UA.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\AdwCleaner[S1].txt moved successfully.
C:\AdwCleaner[R2].txt moved successfully.
C:\AdwCleaner[R1].txt moved successfully.
File/Folder C:\Documents and Settings\Jarda\Local Settings\Temp\BSS1.tmp not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE5D279F-081B-4404-994D-C6B60AAEBA6D}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IgfxTray deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Persistence deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Wireless Console 3 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 01292013_193402

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

OK, OTM provedlo, co mělo.

Jak je na tom počítač? Můžu po sobě uklidit a hotovo?

já myslím, že ano, vypadá to dobře

Super, tak to vem zvrchu postupně.


T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stáhni a spusť.
• Pro potvrzení volby mačkej A, Enter.
• Po použití utilitu smaž ručně.
• Antiviry mohou tuto utilitu chybně označit jako vir - jedná se o falešný poplach - takže v pohodě stáhni (případně vypni při stahování antivir)!

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stáhni a spusť.
• Klikni na CleanUp a potvrď YES.
• Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stáhni a spusť.
• Klikni na Start a potvrď OK.
• Program uklidí a může (nemusí) restartovat PC.
• Po použití utilitu smaž ručně.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

• Panel čistič
• Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

• Panel registry
• Klikni na Hledej problémy.
• Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
• Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

• Panel nástroje
• Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.