VIRY.CZ

Prosím o kontrolu DDS logu.. děkuji

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_39
Run by Camilla at 15:36:21 on 2013-02-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3071.1442 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
I:\TRELL\Trell2012\TRELL_sklady.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe
C:\Windows\SoftwareDistribution\Download\Install\ndp40-kb2789642-x86.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe
i:\fb196a7b30247f99233c033d\Setup.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\MsiExec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\prxtbBrot.dll
mURLSearchHooks: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\prxtbBrot.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\prxtbBrot.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: BrotherSoft Extreme Toolbar: {51A86BB3-6602-4C85-92A5-130EE4864F13} - c:\program files\brothersoft_extreme\prxtbBrot.dll
TB: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\prxtbBrot.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [NETGEARGenie] "c:\program files\netgear genie\bin\NETGEARGenie.exe" -mini -redirect
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_5_502_149_Plugin.exe -update plugin
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [HControlUser] c:\program files\asus\atk hotkey\HControlUser.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [HPUsageTracking] "c:\program files\hp\hp ut\bin\hppusg.exe" "c:\program files\hp\hp ut\"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{371641A6-9EF8-45E9-BA62-67CAA05A55A5} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F394A31A-0E3F-46AA-BF67-8620794330BF} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\camilla\appdata\roaming\mozilla\firefox\profiles\v08vffft.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\users\camilla\appdata\roaming\mozilla\firefox\profiles\v08vffft.default\extensions\{0b457caa-602d-484a-8fe7-c1d894a011ba}\platform\winnt_x86-msvc\components\SSSLauncher.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_149.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-02-05 09:24; {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-5-19 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-5 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-5 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-6-5 58680]
R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2009-12-3 625224]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-11-24 80184]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-12-25 39272]
S3 HPEWSFXBULK;HPEWSFXBULK;c:\windows\system32\drivers\hpfxbulk.sys [2009-2-25 17432]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-8-19 189440]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-11-24 181432]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-9 52224]
.
=============== Created Last 30 ================
.
2013-02-14 14:21:59 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f5df9a47-7b94-4e3b-a45e-3c27c5e5d18b}\mpengine.dll
.
==================== Find3M ====================
.
2013-02-11 12:45:12 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-11 12:45:12 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-15 15:56:10 477616 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-15 15:56:07 473520 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:56:23 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe
2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll
2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-17 13:38:19 96784 ----a-w- c:\windows\system32\packet.dll
2012-11-17 13:38:19 35088 ----a-w- c:\windows\system32\drivers\npf.sys
2012-11-17 13:38:19 281104 ----a-w- c:\windows\system32\wpcap.dll
.
============= FINISH: 15:39:39,64 ===============

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Search
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

# AdwCleaner v2.112 - Logfile created 02/14/2013 at 19:57:51
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Camilla - CAMILLA
# Boot Mode : Normal
# Running from : C:\Users\Camilla\Desktop\adwcleaner0.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\searchplugins\MyStart Search.xml
File Found : C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\searchplugins\SweetIm.xml
File Found : C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\searchplugins\web-search.xml
Folder Found : C:\Program Files\BrotherSoft_Extreme
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\ConduitEngine
Folder Found : C:\Users\Camilla\AppData\Local\Conduit
Folder Found : C:\Users\Camilla\AppData\Local\OpenCandy
Folder Found : C:\Users\Camilla\AppData\LocalLow\BrotherSoft_Extreme
Folder Found : C:\Users\Camilla\AppData\LocalLow\Conduit
Folder Found : C:\Users\Camilla\AppData\LocalLow\ConduitEngine
Folder Found : C:\Users\Camilla\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\Conduit
Folder Found : C:\Users\Camilla\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\BrotherSoft_Extreme
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37A84C51-75AE-45D7-A155-BFED32229B5B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Found : HKLM\Software\BrotherSoft_Extreme
Key Found : HKLM\SOFTWARE\Classes\CLSID\{37A84C51-75AE-45D7-A155-BFED32229B5B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2776682
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6EF5F2-4807-423E-A61D-E4A81A18F7C4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{464DDEC8-7262-4697-9CA5-40A1E3E2E03E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A9562F6-0901-4ED1-9785-D2A27AF7E83F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37A84C51-75AE-45D7-A155-BFED32229B5B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrotherSoft_Extreme Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Software
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{51A86BB3-6602-4C85-92A5-130EE4864F13}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{51A86BB3-6602-4C85-92A5-130EE4864F13}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{51A86BB3-6602-4C85-92A5-130EE4864F13}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{51A86BB3-6602-4C85-92A5-130EE4864F13}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (cs)

File : C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\prefs.js

Found : user_pref("CT2776682..clientLogIsEnabled", false);
Found : user_pref("CT2776682..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2776682..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2776682.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2776682.CTID", "CT2776682");
Found : user_pref("CT2776682.CurrentServerDate", "22-6-2011");
Found : user_pref("CT2776682.DialogsAlignMode", "LTR");
Found : user_pref("CT2776682.DialogsGetterLastCheckTime", "Sat Apr 16 2011 20:04:56 GMT+0200");
Found : user_pref("CT2776682.DownloadReferralCookieData", "");
Found : user_pref("CT2776682.FirstServerDate", "16-4-2011");
Found : user_pref("CT2776682.FirstTime", true);
Found : user_pref("CT2776682.FirstTimeFF3", true);
Found : user_pref("CT2776682.FixPageNotFoundErrors", true);
Found : user_pref("CT2776682.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2776682.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2776682.HasUserGlobalKeys", true);
Found : user_pref("CT2776682.Initialize", true);
Found : user_pref("CT2776682.InitializeCommonPrefs", true);
Found : user_pref("CT2776682.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2776682.InstallationId", "BrotherSoftExtreme_CT2776682.exe");
Found : user_pref("CT2776682.InstallationType", "ConduitIntegration");
Found : user_pref("CT2776682.InstalledDate", "Sat Apr 16 2011 20:04:55 GMT+0200");
Found : user_pref("CT2776682.InvalidateCache", false);
Found : user_pref("CT2776682.IsGrouping", false);
Found : user_pref("CT2776682.IsMulticommunity", false);
Found : user_pref("CT2776682.IsOpenThankYouPage", false);
Found : user_pref("CT2776682.IsOpenUninstallPage", true);
Found : user_pref("CT2776682.LanguagePackLastCheckTime", "Wed Jun 22 2011 09:02:42 GMT+0200");
Found : user_pref("CT2776682.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2776682.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2776682.LastLogin_3.3.3.2", "Wed Jun 22 2011 09:02:43 GMT+0200");
Found : user_pref("CT2776682.LatestVersion", "3.3.3.2");
Found : user_pref("CT2776682.Locale", "en");
Found : user_pref("CT2776682.MCDetectTooltipHeight", "83");
Found : user_pref("CT2776682.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2776682.MCDetectTooltipWidth", "295");
Found : user_pref("CT2776682.RadioIsPodcast", false);
Found : user_pref("CT2776682.RadioLastCheckTime", "Wed Jun 22 2011 09:02:42 GMT+0200");
Found : user_pref("CT2776682.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2776682.RadioLastUpdateServer", "3");
Found : user_pref("CT2776682.RadioMediaID", "9962");
Found : user_pref("CT2776682.RadioMediaType", "Media Player");
Found : user_pref("CT2776682.RadioMenuSelectedID", "EBRadioMenu_CT27766829962");
Found : user_pref("CT2776682.RadioStationName", "California%20Rock");
Found : user_pref("CT2776682.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT2776682.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2776682.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT277[...]
Found : user_pref("CT2776682.SearchInNewTabEnabled", true);
Found : user_pref("CT2776682.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2776682.SearchInNewTabLastCheckTime", "Wed Jun 22 2011 09:02:41 GMT+0200");
Found : user_pref("CT2776682.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2776682.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2776682.ServiceMapLastCheckTime", "Wed Jun 22 2011 09:02:41 GMT+0200");
Found : user_pref("CT2776682.SettingsLastCheckTime", "Wed Jun 22 2011 09:02:41 GMT+0200");
Found : user_pref("CT2776682.SettingsLastUpdate", "1308032799");
Found : user_pref("CT2776682.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2776682.ThirdPartyComponentsLastCheck", "Wed Jun 22 2011 09:02:41 GMT+0200");
Found : user_pref("CT2776682.ThirdPartyComponentsLastUpdate", "1246786978");
Found : user_pref("CT2776682.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2776682");
Found : user_pref("CT2776682.Uninstall", true);
Found : user_pref("CT2776682.UserID", "UN96041438544279878");
Found : user_pref("CT2776682.alertChannelId", "1168776");
Found : user_pref("CT2776682.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Found : user_pref("CT2776682.globalFirstTimeInfoLastCheckTime", "Wed Jun 22 2011 09:02:43 GMT+0200");
Found : user_pref("CT2776682.isAppTrackingManagerOn", true);
Found : user_pref("CT2776682.myStuffEnabled", true);
Found : user_pref("CT2776682.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2776682.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2776682.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2776682.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2776682.oldAppsList", "129288498392881552,129288498393350308,129512039755754602,1295207[...]
Found : user_pref("CT2776682.testingCtid", "");
Found : user_pref("CT2776682.toolbarAppMetaDataLastCheckTime", "Wed Jun 22 2011 09:02:42 GMT+0200");
Found : user_pref("CT2776682.toolbarContextMenuLastCheckTime", "Sat Apr 16 2011 20:04:57 GMT+0200");
Found : user_pref("CT2776682.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1168776/1164461/CZ", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2776682", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2776682",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2776682/CT2776682[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/equalizer_dea[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/minimize.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/play.gif", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/stop.gif", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/vol.gif", "\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Found : user_pref("CommunityToolbar.EngineHiddenByUser", false);
Found : user_pref("CommunityToolbar.EngineOwner", "CT2776682");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{51a86bb3-6602-4c85-92a5-130ee4864f13}");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "brothersoft_extreme");
Found : user_pref("CommunityToolbar.IsEngineShown", false);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "data:text/plain,keyword.URL=hxxp://searc[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2776682");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2776682");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Apr 16 2011 20:04:51 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri May 13 2011 18:00:26 GMT+0200");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Jun 21 2011 17:52:57 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "d5835830-d69e-4fec-8dfe-db888cda1371");
Found : user_pref("CommunityToolbar.globalUserId", "a1296409-d2bc-4c03-aaab-31919344b39d");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("browser.search.defaultenginename", "SweetIM Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.sweetim.com/search.asp?src=2&q=");
Found : user_pref("extensions.opensearch@ask.com.install-event-fired", true);

*************************

AdwCleaner[R1].txt - [15103 octets] - [14/02/2013 19:57:51]

########## EOF - C:\AdwCleaner[R1].txt - [15164 octets] ##########

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Delete
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

# AdwCleaner v2.112 - Logfile created 02/15/2013 at 13:21:56
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Camilla - CAMILLA
# Boot Mode : Normal
# Running from : C:\Users\Camilla\Desktop\adwcleaner0.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\searchplugins\MyStart Search.xml
File Deleted : C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\searchplugins\SweetIm.xml
File Deleted : C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\searchplugins\web-search.xml
Folder Deleted : C:\Program Files\BrotherSoft_Extreme
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\ConduitEngine
Folder Deleted : C:\Users\Camilla\AppData\Local\Conduit
Folder Deleted : C:\Users\Camilla\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Camilla\AppData\LocalLow\BrotherSoft_Extreme
Folder Deleted : C:\Users\Camilla\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Camilla\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Camilla\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\Conduit
Folder Deleted : C:\Users\Camilla\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\BrotherSoft_Extreme
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37A84C51-75AE-45D7-A155-BFED32229B5B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Deleted : HKLM\Software\BrotherSoft_Extreme
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37A84C51-75AE-45D7-A155-BFED32229B5B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2776682
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6EF5F2-4807-423E-A61D-E4A81A18F7C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{464DDEC8-7262-4697-9CA5-40A1E3E2E03E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A9562F6-0901-4ED1-9785-D2A27AF7E83F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37A84C51-75AE-45D7-A155-BFED32229B5B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrotherSoft_Extreme Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{51A86BB3-6602-4C85-92A5-130EE4864F13}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{51A86BB3-6602-4C85-92A5-130EE4864F13}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{51A86BB3-6602-4C85-92A5-130EE4864F13}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{51A86BB3-6602-4C85-92A5-130EE4864F13}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (cs)

File : C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\prefs.js

Deleted : user_pref("CT2776682..clientLogIsEnabled", false);
Deleted : user_pref("CT2776682..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2776682..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2776682.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2776682.CTID", "CT2776682");
Deleted : user_pref("CT2776682.CurrentServerDate", "22-6-2011");
Deleted : user_pref("CT2776682.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2776682.DialogsGetterLastCheckTime", "Sat Apr 16 2011 20:04:56 GMT+0200");
Deleted : user_pref("CT2776682.DownloadReferralCookieData", "");
Deleted : user_pref("CT2776682.FirstServerDate", "16-4-2011");
Deleted : user_pref("CT2776682.FirstTime", true);
Deleted : user_pref("CT2776682.FirstTimeFF3", true);
Deleted : user_pref("CT2776682.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2776682.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2776682.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2776682.HasUserGlobalKeys", true);
Deleted : user_pref("CT2776682.Initialize", true);
Deleted : user_pref("CT2776682.InitializeCommonPrefs", true);
Deleted : user_pref("CT2776682.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2776682.InstallationId", "BrotherSoftExtreme_CT2776682.exe");
Deleted : user_pref("CT2776682.InstallationType", "ConduitIntegration");
Deleted : user_pref("CT2776682.InstalledDate", "Sat Apr 16 2011 20:04:55 GMT+0200");
Deleted : user_pref("CT2776682.InvalidateCache", false);
Deleted : user_pref("CT2776682.IsGrouping", false);
Deleted : user_pref("CT2776682.IsMulticommunity", false);
Deleted : user_pref("CT2776682.IsOpenThankYouPage", false);
Deleted : user_pref("CT2776682.IsOpenUninstallPage", true);
Deleted : user_pref("CT2776682.LanguagePackLastCheckTime", "Wed Jun 22 2011 09:02:42 GMT+0200");
Deleted : user_pref("CT2776682.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2776682.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2776682.LastLogin_3.3.3.2", "Wed Jun 22 2011 09:02:43 GMT+0200");
Deleted : user_pref("CT2776682.LatestVersion", "3.3.3.2");
Deleted : user_pref("CT2776682.Locale", "en");
Deleted : user_pref("CT2776682.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2776682.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2776682.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2776682.RadioIsPodcast", false);
Deleted : user_pref("CT2776682.RadioLastCheckTime", "Wed Jun 22 2011 09:02:42 GMT+0200");
Deleted : user_pref("CT2776682.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2776682.RadioLastUpdateServer", "3");
Deleted : user_pref("CT2776682.RadioMediaID", "9962");
Deleted : user_pref("CT2776682.RadioMediaType", "Media Player");
Deleted : user_pref("CT2776682.RadioMenuSelectedID", "EBRadioMenu_CT27766829962");
Deleted : user_pref("CT2776682.RadioStationName", "California%20Rock");
Deleted : user_pref("CT2776682.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT2776682.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2776682.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT277[...]
Deleted : user_pref("CT2776682.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2776682.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2776682.SearchInNewTabLastCheckTime", "Wed Jun 22 2011 09:02:41 GMT+0200");
Deleted : user_pref("CT2776682.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2776682.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2776682.ServiceMapLastCheckTime", "Wed Jun 22 2011 09:02:41 GMT+0200");
Deleted : user_pref("CT2776682.SettingsLastCheckTime", "Wed Jun 22 2011 09:02:41 GMT+0200");
Deleted : user_pref("CT2776682.SettingsLastUpdate", "1308032799");
Deleted : user_pref("CT2776682.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2776682.ThirdPartyComponentsLastCheck", "Wed Jun 22 2011 09:02:41 GMT+0200");
Deleted : user_pref("CT2776682.ThirdPartyComponentsLastUpdate", "1246786978");
Deleted : user_pref("CT2776682.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2776682");
Deleted : user_pref("CT2776682.Uninstall", true);
Deleted : user_pref("CT2776682.UserID", "UN96041438544279878");
Deleted : user_pref("CT2776682.alertChannelId", "1168776");
Deleted : user_pref("CT2776682.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Deleted : user_pref("CT2776682.globalFirstTimeInfoLastCheckTime", "Wed Jun 22 2011 09:02:43 GMT+0200");
Deleted : user_pref("CT2776682.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2776682.myStuffEnabled", true);
Deleted : user_pref("CT2776682.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2776682.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2776682.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2776682.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2776682.oldAppsList", "129288498392881552,129288498393350308,129512039755754602,1295207[...]
Deleted : user_pref("CT2776682.testingCtid", "");
Deleted : user_pref("CT2776682.toolbarAppMetaDataLastCheckTime", "Wed Jun 22 2011 09:02:42 GMT+0200");
Deleted : user_pref("CT2776682.toolbarContextMenuLastCheckTime", "Sat Apr 16 2011 20:04:57 GMT+0200");
Deleted : user_pref("CT2776682.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1168776/1164461/CZ", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2776682", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2776682",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2776682/CT2776682[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/equalizer_dea[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/minimize.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/play.gif", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/stop.gif", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/vol.gif", "\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.EngineHiddenByUser", false);
Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2776682");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{51a86bb3-6602-4c85-92a5-130ee4864f13}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "brothersoft_extreme");
Deleted : user_pref("CommunityToolbar.IsEngineShown", false);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "data:text/plain,keyword.URL=hxxp://searc[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2776682");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2776682");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Apr 16 2011 20:04:51 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri May 13 2011 18:00:26 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Jun 21 2011 17:52:57 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "d5835830-d69e-4fec-8dfe-db888cda1371");
Deleted : user_pref("CommunityToolbar.globalUserId", "a1296409-d2bc-4c03-aaab-31919344b39d");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("browser.search.defaultenginename", "SweetIM Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.sweetim.com/search.asp?src=2&q=");
Deleted : user_pref("extensions.opensearch@ask.com.install-event-fired", true);

*************************

AdwCleaner[R1].txt - [15234 octets] - [14/02/2013 19:57:51]
AdwCleaner[S1].txt - [15097 octets] - [15/02/2013 13:21:56]

########## EOF - C:\AdwCleaner[S1].txt - [15158 octets] ##########

Poprosim o log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

Logfile of random's system information tool 1.09 (written by random/random)
Run by Camilla at 2013-02-17 08:27:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 111 GB (73%) free of 153 GB
Total RAM: 3071 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:27:27, on 17.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Camilla\Desktop\RSIT.exe
C:\Program Files\trend micro\Camilla.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files\HP\HP UT\bin\hppusg.exe" "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NETGEARGenie] "C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NETGEARGenieDaemon - NETGEAR - C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6746 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "noia2_option@kk.noia:3.76, personas@christopher.beard:1.6.2, silvermelxt@pardal.de:1.3.6, {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88, {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.4, {63414328-3ab4-2c84-6c41-5a473c4b2ff7}:1.0, {7645f4b1-1f19-13dd-2d6b-0200600c2a56}:1.0, bkmrksync@nokia.com:1.0.0.732, {2832ABCD-4444-1012-2D45-132D5447C445}:1.0.0, {62760FD6-B943-48C9-AB09-F99C6FE96088}:2.1.6, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, toolbar-amazon@alexa.com:2.11, extension@virtusdesigns.com:3.6.7, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {8675f4b3-2f19-11ed-2d6b-0800600c0a16}:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16, silvermel@pardal.de:1.3.6, {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91, {1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}:3.6, {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.7, {961408A3-C970-4577-970A-D97C29839A67}:1.3.6, {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsILegitCheckPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npLegitCheckPlugin.dll
nppdf32.dll
npwachk.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\extensions\
{0b457cAA-602d-484a-8fe7-c1d894a011ba}
{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\searchplugins\
firmycz.xml
mapycz.xml
rapidlibrarycom.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-01-15 330160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-01-15 59824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]
""= []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-17 1549608]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-09-16 7739936]
"HPUsageTracking"=C:\Program Files\HP\HP UT\bin\hppusg.exe [2009-05-11 24576]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"NETGEARGenie"=C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [2012-06-15 1040712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Color LaserJet CM1312 MFP Series Fax]
C:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [2009-09-22 2453504]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.ACDV"=ACDV.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-02-15 14:00:57 ----D---- C:\ProgramData\ZapWallPaper
2013-02-15 14:00:55 ----D---- C:\Program Files\ZapWallPaper
2013-02-15 13:21:56 ----A---- C:\AdwCleaner[S1].txt
2013-02-14 19:57:51 ----A---- C:\AdwCleaner[R1].txt
2013-02-14 15:28:13 ----D---- C:\Program Files\Mozilla Firefox
2013-02-14 15:26:07 ----A---- C:\Windows\system32\win32k.sys
2013-02-14 15:25:48 ----A---- C:\Windows\system32\ieframe.dll
2013-02-14 15:25:46 ----A---- C:\Windows\system32\mshtml.dll
2013-02-14 15:25:43 ----A---- C:\Windows\system32\iertutil.dll
2013-02-14 15:25:41 ----A---- C:\Windows\system32\wininet.dll
2013-02-14 15:25:40 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-14 15:25:36 ----A---- C:\Windows\system32\urlmon.dll
2013-02-14 15:25:34 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-14 15:25:33 ----A---- C:\Windows\system32\url.dll
2013-02-14 15:25:32 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-14 15:25:32 ----A---- C:\Windows\system32\ieui.dll
2013-02-14 15:25:23 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-02-14 15:25:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-14 15:25:18 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-14 15:25:17 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-14 15:24:55 ----A---- C:\Windows\system32\winsrv.dll
2013-02-05 09:24:48 ----A---- C:\Windows\system32\javaws.exe
2013-02-05 09:24:48 ----A---- C:\Windows\system32\javaw.exe
2013-02-05 09:24:48 ----A---- C:\Windows\system32\java.exe

======List of files/folders modified in the last 1 month======

2013-02-17 08:27:22 ----D---- C:\Windows\Temp
2013-02-17 08:27:07 ----D---- C:\Program Files\trend micro
2013-02-17 08:26:38 ----D---- C:\Windows\system32\config
2013-02-15 14:27:02 ----D---- C:\Windows\Microsoft.NET
2013-02-15 14:26:03 ----RSD---- C:\Windows\assembly
2013-02-15 14:00:57 ----HD---- C:\ProgramData
2013-02-15 14:00:55 ----RD---- C:\Program Files
2013-02-15 13:18:43 ----D---- C:\Windows\winsxs
2013-02-15 13:15:52 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-02-14 20:00:06 ----D---- C:\Windows\system32\migration
2013-02-14 20:00:06 ----D---- C:\Windows\System32
2013-02-14 20:00:06 ----D---- C:\Program Files\Internet Explorer
2013-02-14 20:00:05 ----D---- C:\Windows\system32\drivers
2013-02-14 15:39:16 ----A---- C:\Windows\system32\MRT.exe
2013-02-14 15:38:02 ----SHD---- C:\Windows\Installer
2013-02-14 15:38:02 ----HD---- C:\Config.Msi
2013-02-14 15:34:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-14 15:34:55 ----D---- C:\Windows\inf
2013-02-14 15:34:44 ----SHD---- C:\System Volume Information
2013-02-14 15:25:08 ----D---- C:\Windows\system32\catroot
2013-02-14 15:25:07 ----D---- C:\Windows\system32\catroot2
2013-02-11 13:45:12 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-02-05 12:37:11 ----D---- C:\Windows\system32\Tasks
2013-02-05 09:24:43 ----D---- C:\Program Files\Java
2013-01-31 22:11:20 ----RSD---- C:\Windows\Fonts
2013-01-28 14:33:24 ----A---- C:\Windows\barcode.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 14392]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R2 NPF;NetGroup Packet Filter Driver; \??\C:\Windows\system32\drivers\npf.sys [2012-11-17 35088]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-16 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-10-02 5166592]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-10-02 121344]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-06-27 2191872]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-10-02 5166592]
R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2009-12-03 625224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-09-16 2771104]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2009-05-13 14392]
R3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2011-02-26 10368]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2009-07-17 155648]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-17 223920]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 cpuz132;cpuz132; \??\C:\Users\Camilla\AppData\Local\Temp\cpuz132\cpuz132_x32.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2011-11-24 80184]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 HPEWSFXBULK;HPEWSFXBULK; C:\Windows\system32\drivers\hpfxbulk.sys [2009-02-25 17432]
S3 HPFXBULK;HPFXBULK; C:\Windows\system32\drivers\hpfxbulk.sys [2009-02-25 17432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-08-19 189440]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2011-11-24 181432]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-10-02 172032]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [2012-07-10 195400]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-11 251248]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-02-26 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-14 115608]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-09 1343400]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Pockejte na dokonceni PreScanu
• Zvolte moznost Prohledat (scan)
• Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
• Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

RogueKiller V8.5.1 [Feb 12 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Camilla [Práva správce]
Mód : Kontrola -- Datum : 02/17/2013 15:02:33
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9320320AS ATA Device +++++
--- User ---
[MBR] d29f2754edd8a448b82b7ae7517cebdc
[BSP] c83f6d3cdea8c218388548da794008b8 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 10001 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20482875 | Size: 152617 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 333043515 | Size: 142623 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: USB FLASH DRIVE USB Device +++++
--- User ---
[MBR] c93a64aefc282d7e376e5f8e2d44c30e
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 8064 | Size: 1906 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: ADATA HDD SH93 USB Device +++++
--- User ---
[MBR] 0b3c7a569b34dc5c6db615fdd9589163
[BSP] 1c910d058648f4874f256f923c66888c : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_02172013_02d1502.txt >>
RKreport[1]_S_02172013_02d1502.txt

Spustte znovu RogueKiller

• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
• Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

smazáno:
RogueKiller V8.5.1 [Feb 12 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Camilla [Práva správce]
Mód : Odebrat -- Datum : 02/17/2013 21:22:10
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9320320AS ATA Device +++++
--- User ---
[MBR] d29f2754edd8a448b82b7ae7517cebdc
[BSP] c83f6d3cdea8c218388548da794008b8 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 10001 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20482875 | Size: 152617 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 333043515 | Size: 142623 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: USB FLASH DRIVE USB Device +++++
--- User ---
[MBR] c93a64aefc282d7e376e5f8e2d44c30e
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 8064 | Size: 1906 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: ADATA HDD SH93 USB Device +++++
--- User ---
[MBR] 0b3c7a569b34dc5c6db615fdd9589163
[BSP] 1c910d058648f4874f256f923c66888c : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: SD Memory Card +++++
--- User ---
[MBR] fa6d13ad7179118f4fed64408274dacd
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 135 | Size: 1884 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!

Dokončeno : << RKreport[3]_D_02172013_02d2122.txt >>
RKreport[1]_S_02172013_02d1502.txt ; RKreport[2]_S_02172013_02d2120.txt ; RKreport[3]_D_02172013_02d2122.txt

oprava host:
RogueKiller V8.5.1 [Feb 12 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Camilla [Práva správce]
Mód : Oprava HOSTS -- Datum : 02/17/2013 21:23:22
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_02172013_02d2123.txt >>
RKreport[1]_S_02172013_02d1502.txt ; RKreport[2]_S_02172013_02d2120.txt ; RKreport[3]_D_02172013_02d2122.txt ; RKreport[4]_H_02172013_02d2123.txt

Poprosim o novy log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

Logfile of random's system information tool 1.09 (written by random/random)
Run by Camilla at 2013-02-17 21:29:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 111 GB (73%) free of 153 GB
Total RAM: 3071 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:30:01, on 17.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Camilla\Desktop\RSIT.exe
C:\Program Files\trend micro\Camilla.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files\HP\HP UT\bin\hppusg.exe" "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NETGEARGenie] "C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NETGEARGenieDaemon - NETGEAR - C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6662 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "noia2_option@kk.noia:3.76, personas@christopher.beard:1.6.2, silvermelxt@pardal.de:1.3.6, {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88, {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.4, {63414328-3ab4-2c84-6c41-5a473c4b2ff7}:1.0, {7645f4b1-1f19-13dd-2d6b-0200600c2a56}:1.0, bkmrksync@nokia.com:1.0.0.732, {2832ABCD-4444-1012-2D45-132D5447C445}:1.0.0, {62760FD6-B943-48C9-AB09-F99C6FE96088}:2.1.6, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, toolbar-amazon@alexa.com:2.11, extension@virtusdesigns.com:3.6.7, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {8675f4b3-2f19-11ed-2d6b-0800600c0a16}:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16, silvermel@pardal.de:1.3.6, {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91, {1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}:3.6, {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.7, {961408A3-C970-4577-970A-D97C29839A67}:1.3.6, {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsILegitCheckPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npLegitCheckPlugin.dll
nppdf32.dll
npwachk.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\extensions\
{0b457cAA-602d-484a-8fe7-c1d894a011ba}
{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Camilla\AppData\Roaming\Mozilla\Firefox\Profiles\v08vffft.default\searchplugins\
firmycz.xml
mapycz.xml
rapidlibrarycom.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-01-15 330160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-01-15 59824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]
""= []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-17 1549608]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-09-16 7739936]
"HPUsageTracking"=C:\Program Files\HP\HP UT\bin\hppusg.exe [2009-05-11 24576]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"NETGEARGenie"=C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [2012-06-15 1040712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Color LaserJet CM1312 MFP Series Fax]
C:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [2009-09-22 2453504]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.ACDV"=ACDV.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-02-15 14:00:57 ----D---- C:\ProgramData\ZapWallPaper
2013-02-15 14:00:55 ----D---- C:\Program Files\ZapWallPaper
2013-02-15 13:21:56 ----A---- C:\AdwCleaner[S1].txt
2013-02-14 19:57:51 ----A---- C:\AdwCleaner[R1].txt
2013-02-14 15:28:13 ----D---- C:\Program Files\Mozilla Firefox
2013-02-14 15:26:07 ----A---- C:\Windows\system32\win32k.sys
2013-02-14 15:25:48 ----A---- C:\Windows\system32\ieframe.dll
2013-02-14 15:25:46 ----A---- C:\Windows\system32\mshtml.dll
2013-02-14 15:25:43 ----A---- C:\Windows\system32\iertutil.dll
2013-02-14 15:25:41 ----A---- C:\Windows\system32\wininet.dll
2013-02-14 15:25:40 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-14 15:25:36 ----A---- C:\Windows\system32\urlmon.dll
2013-02-14 15:25:34 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-14 15:25:33 ----A---- C:\Windows\system32\url.dll
2013-02-14 15:25:32 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-14 15:25:32 ----A---- C:\Windows\system32\ieui.dll
2013-02-14 15:25:23 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-02-14 15:25:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-14 15:25:18 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-14 15:25:17 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-14 15:24:55 ----A---- C:\Windows\system32\winsrv.dll
2013-02-05 09:24:48 ----A---- C:\Windows\system32\javaws.exe
2013-02-05 09:24:48 ----A---- C:\Windows\system32\javaw.exe
2013-02-05 09:24:48 ----A---- C:\Windows\system32\java.exe

======List of files/folders modified in the last 1 month======

2013-02-17 21:30:01 ----D---- C:\Windows\Temp
2013-02-17 21:29:57 ----D---- C:\Program Files\trend micro
2013-02-17 21:29:40 ----D---- C:\Windows\system32\drivers
2013-02-17 21:03:27 ----D---- C:\Users\Camilla\AppData\Roaming\Any Video Converter Professional
2013-02-17 08:37:25 ----D---- C:\Windows\system32\config
2013-02-15 14:27:02 ----D---- C:\Windows\Microsoft.NET
2013-02-15 14:26:03 ----RSD---- C:\Windows\assembly
2013-02-15 14:00:57 ----HD---- C:\ProgramData
2013-02-15 14:00:55 ----RD---- C:\Program Files
2013-02-15 13:18:43 ----D---- C:\Windows\winsxs
2013-02-15 13:15:52 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-02-14 20:00:06 ----D---- C:\Windows\system32\migration
2013-02-14 20:00:06 ----D---- C:\Windows\System32
2013-02-14 20:00:06 ----D---- C:\Program Files\Internet Explorer
2013-02-14 15:39:16 ----A---- C:\Windows\system32\MRT.exe
2013-02-14 15:38:02 ----SHD---- C:\Windows\Installer
2013-02-14 15:38:02 ----HD---- C:\Config.Msi
2013-02-14 15:34:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-14 15:34:55 ----D---- C:\Windows\inf
2013-02-14 15:34:44 ----SHD---- C:\System Volume Information
2013-02-14 15:25:08 ----D---- C:\Windows\system32\catroot
2013-02-14 15:25:07 ----D---- C:\Windows\system32\catroot2
2013-02-11 13:45:12 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-02-05 12:37:11 ----D---- C:\Windows\system32\Tasks
2013-02-05 09:24:43 ----D---- C:\Program Files\Java
2013-01-31 22:11:20 ----RSD---- C:\Windows\Fonts
2013-01-28 14:33:24 ----A---- C:\Windows\barcode.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 14392]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R2 NPF;NetGroup Packet Filter Driver; \??\C:\Windows\system32\drivers\npf.sys [2012-11-17 35088]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-16 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-10-02 5166592]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-10-02 121344]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-06-27 2191872]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-10-02 5166592]
R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2009-12-03 625224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-09-16 2771104]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2009-05-13 14392]
R3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2011-02-26 10368]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2009-07-17 155648]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-17 223920]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 cpuz132;cpuz132; \??\C:\Users\Camilla\AppData\Local\Temp\cpuz132\cpuz132_x32.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2011-11-24 80184]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 HPEWSFXBULK;HPEWSFXBULK; C:\Windows\system32\drivers\hpfxbulk.sys [2009-02-25 17432]
S3 HPFXBULK;HPFXBULK; C:\Windows\system32\drivers\hpfxbulk.sys [2009-02-25 17432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-08-19 189440]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2011-11-24 181432]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-10-02 172032]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [2012-07-10 195400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-11 251248]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-02-26 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-14 115608]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-09 1343400]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse