VIRY.CZ

Dobrej,

v posledni dobe se me stava, ze PC zbytecne pracuje a otevrení filmu nebo spusteni spravce uloh trva treba i minutu .... po cca 20-30 minutach to prestane a PC je opet v klidu.

asi pred 4 dny jsem nasel a smazal v PC 2 Trojany.. od te doby sice MSE hlasi, ze je cisto, ale jeden nikdy nevi..

RSIT log zde.. Diky moc

Logfile of random's system information tool 1.09 (written by random/random)
Run by Radar at 2013-03-14 23:57:36
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 754 GB (40%) free of 1908 GB
Total RAM: 3569 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:57:58, on 14.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\programy a stahovani\iTunes\iTunesHelper.exe
C:\programy a stahovani\TS3\ts3client_win32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Users\Radar\Desktop\RSIT.exe
C:\Program Files\trend micro\Radar.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Radar\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AtherosBtStack] "C:\Program Files\Bluetooth Suite\BtvStack.exe"
O4 - HKLM\..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORDTSUPTBT
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\programy a stahovani\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [EADM] "C:\GAMES\ORIGIN EA\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Radar\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DTSAudioService - DTS - C:\Program Files\Realtek\Audio\HDA\DTSAudioService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\programy a stahovani\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\programy a stahovani\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

--
End of file - 9050 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\programy a stahovani\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.104.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.104.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.116.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.116.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.122.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.138.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.138.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=2.1.3]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.1.3\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\extensions\
jid1-qQSMEVsYTOjgYA@jetpack
{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\searchplugins\
conduit.xml
qip-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-08-28 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Radar\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-28 59376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]
"NUSB3MON"=C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-11-05 113288]
"AtherosBtStack"=C:\Program Files\Bluetooth Suite\BtvStack.exe [2010-10-27 486560]
"AthBtTray"=C:\Program Files\Bluetooth Suite\AthBtTray.exe [2010-10-27 302240]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-10-17 11430504]
"RtHDVBg_DTS"=C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2011-10-14 1571432]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
"iTunesHelper"=C:\programy a stahovani\iTunes\iTunesHelper.exe [2013-02-20 152392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"=C:\GAMES\ORIGIN EA\Origin\Origin.exe [2013-02-21 3494992]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]

C:\Users\Radar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Radar\AppData\Roaming\Dropbox\bin\Dropbox.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"VIDC.XFR1"=xfcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"msacm.divxa32"=msaud32_divx.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-14 01:59:09 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 01:59:09 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 01:59:08 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 01:59:07 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 01:59:07 ----A---- C:\Windows\system32\url.dll
2013-03-14 01:59:07 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 01:59:07 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 01:59:06 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 01:59:05 ----A---- C:\Windows\system32\ieframe.dll
2013-03-12 16:22:31 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2013-03-12 16:21:44 ----D---- C:\Program Files\iPod
2013-03-12 16:21:43 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-03-12 16:14:10 ----D---- C:\Windows\system32\appmgmt
2013-03-12 15:30:04 ----AH---- C:\Windows\system32\mlfcache.dat
2013-03-12 14:40:13 ----D---- C:\Users\Radar\AppData\Roaming\Apple Computer
2013-03-12 14:40:11 ----DC---- C:\Windows\system32\DRVSTORE
2013-03-12 14:39:13 ----D---- C:\ProgramData\Apple Computer
2013-03-12 14:38:40 ----D---- C:\Program Files\Apple Software Update
2013-03-12 14:37:47 ----D---- C:\ProgramData\Apple
2013-03-12 14:37:47 ----D---- C:\Program Files\Common Files\Apple
2013-03-08 09:44:07 ----D---- C:\Program Files\Mozilla Firefox
2013-03-01 00:28:44 ----A---- C:\Windows\fred2_open_Diaspora_R1.INI
2013-02-28 19:16:27 ----D---- C:\Users\Radar\AppData\Roaming\wxlauncher
2013-02-27 23:38:08 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-27 23:37:26 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-27 23:37:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 23:37:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 23:37:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 23:37:05 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 23:37:03 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 23:37:03 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\dxgi.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-27 23:37:01 ----A---- C:\Windows\system32\d3d11.dll
2013-02-27 23:37:01 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-27 23:37:01 ----A---- C:\Windows\system32\d3d10.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\FntCache.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\DWrite.dll
2013-02-27 23:36:59 ----A---- C:\Windows\system32\d2d1.dll
2013-02-22 17:20:47 ----D---- C:\Program Files\OpenAL
2013-02-22 17:20:47 ----A---- C:\Windows\system32\wrap_oal.dll
2013-02-22 17:20:47 ----A---- C:\Windows\system32\OpenAL32.dll
2013-02-22 16:53:55 ----A---- C:\Windows\FRED2.INI
2013-02-22 16:46:39 ----D---- C:\Windows\temp
2013-02-22 16:41:54 ----A---- C:\0.bak
2013-02-22 16:30:02 ----D---- C:\Users\Radar\AppData\Roaming\ParetoLogic
2013-02-22 16:30:02 ----D---- C:\Users\Radar\AppData\Roaming\DriverCure
2013-02-22 16:29:54 ----D---- C:\ProgramData\ParetoLogic
2013-02-22 16:22:30 ----D---- C:\data

======List of files/folders modified in the last 1 month======

2013-03-14 23:57:58 ----D---- C:\Program Files\trend micro
2013-03-14 23:57:47 ----D---- C:\Windows\Prefetch
2013-03-14 23:56:30 ----D---- C:\Users\Radar\AppData\Roaming\Xfire
2013-03-14 23:12:43 ----D---- C:\Users\Radar\AppData\Roaming\Skype
2013-03-14 22:22:31 ----D---- C:\Users\Radar\AppData\Roaming\uTorrent
2013-03-14 21:24:25 ----D---- C:\Windows\System32
2013-03-14 21:24:20 ----A---- C:\Windows\system32\PnkBstrB.exe
2013-03-14 17:25:43 ----D---- C:\Users\Radar\AppData\Roaming\TS3Client
2013-03-14 17:07:05 ----D---- C:\Windows\system32\config
2013-03-14 16:59:08 ----D---- C:\Users\Radar\AppData\Roaming\Dropbox
2013-03-14 16:45:57 ----D---- C:\ProgramData\NVIDIA
2013-03-14 08:14:39 ----D---- C:\Windows\rescache
2013-03-14 07:30:48 ----D---- C:\Windows\winsxs
2013-03-14 07:30:28 ----D---- C:\Windows\system32\migration
2013-03-14 07:30:28 ----D---- C:\Program Files\Internet Explorer
2013-03-14 07:30:26 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 02:00:23 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 02:00:20 ----SHD---- C:\Windows\Installer
2013-03-14 02:00:19 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 01:59:16 ----D---- C:\Windows\system32\catroot
2013-03-14 01:59:15 ----D---- C:\Windows\system32\catroot2
2013-03-14 01:58:54 ----D---- C:\Windows\AppPatch
2013-03-14 01:58:19 ----SHD---- C:\System Volume Information
2013-03-14 00:52:14 ----D---- C:\Users\Radar\AppData\Roaming\Media Player Classic
2013-03-13 15:17:52 ----D---- C:\ProgramData\Xfire
2013-03-13 15:05:04 ----D---- C:\Windows\inf
2013-03-13 15:05:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-12 23:25:09 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-12 18:49:13 ----D---- C:\programy a stahovani
2013-03-12 16:22:31 ----D---- C:\Windows\system32\drivers
2013-03-12 16:21:44 ----RD---- C:\Program Files
2013-03-12 16:21:43 ----HD---- C:\ProgramData
2013-03-12 14:38:42 ----D---- C:\Windows\system32\Tasks
2013-03-12 14:38:34 ----D---- C:\Windows\system32\DriverStore
2013-03-12 14:37:58 ----D---- C:\Program Files\Bonjour
2013-03-12 14:37:47 ----D---- C:\Program Files\Common Files
2013-03-09 09:38:24 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-06 15:24:55 ----D---- C:\GAMES
2013-03-06 12:57:26 ----D---- C:\Windows
2013-03-06 09:37:45 ----HD---- C:\Program Files\InstallShield Installation Information
2013-03-06 09:21:38 ----D---- C:\Program Files\Common Files\BioWare
2013-03-06 09:21:37 ----D---- C:\ProgramData\BioWare
2013-03-05 10:21:28 ----D---- C:\Program Files\Battlelog Web Plugins
2013-03-04 17:24:41 ----D---- C:\Windows\system32\NDF
2013-03-03 21:17:11 ----D---- C:\Users\Radar\AppData\Roaming\Wargaming.net
2013-03-03 20:06:07 ----D---- C:\Windows\system32\directx
2013-03-03 20:06:02 ----HD---- C:\Windows\msdownld.tmp
2013-02-27 23:45:01 ----D---- C:\Windows\system32\pt-BR
2013-02-27 23:45:01 ----D---- C:\Windows\system32\it-IT
2013-02-27 23:45:00 ----D---- C:\Windows\system32\zh-HK
2013-02-27 23:45:00 ----D---- C:\Windows\system32\pt-PT
2013-02-27 23:45:00 ----D---- C:\Windows\system32\pl-PL
2013-02-27 23:45:00 ----D---- C:\Windows\system32\ko-KR
2013-02-27 23:45:00 ----D---- C:\Windows\system32\hu-HU
2013-02-27 23:44:59 ----D---- C:\Windows\system32\tr-TR
2013-02-27 23:44:59 ----D---- C:\Windows\system32\sv-SE
2013-02-27 23:44:59 ----D---- C:\Windows\system32\nl-NL
2013-02-27 23:44:59 ----D---- C:\Windows\system32\fr-FR
2013-02-27 23:44:59 ----D---- C:\Windows\system32\fi-FI
2013-02-27 23:44:59 ----D---- C:\Windows\system32\el-GR
2013-02-27 23:44:58 ----D---- C:\Windows\system32\zh-TW
2013-02-27 23:44:58 ----D---- C:\Windows\system32\zh-CN
2013-02-27 23:44:58 ----D---- C:\Windows\system32\es-ES
2013-02-27 23:44:58 ----D---- C:\Windows\system32\de-DE
2013-02-27 23:44:58 ----D---- C:\Windows\system32\cs-CZ
2013-02-27 23:44:57 ----D---- C:\Windows\system32\ru-RU
2013-02-27 23:44:57 ----D---- C:\Windows\system32\nb-NO
2013-02-27 23:44:57 ----D---- C:\Windows\system32\ja-JP
2013-02-27 23:44:57 ----D---- C:\Windows\system32\en-US
2013-02-27 23:44:57 ----D---- C:\Windows\system32\da-DK
2013-02-26 21:59:40 ----RSD---- C:\Windows\assembly
2013-02-26 21:56:31 ----D---- C:\Windows\Logs
2013-02-25 02:32:47 ----D---- C:\Users\Radar\AppData\Roaming\vlc
2013-02-24 20:41:37 ----D---- C:\ProgramData\EA Logs
2013-02-22 23:46:37 ----D---- C:\Users\Radar\AppData\Roaming\Adobe
2013-02-22 16:57:47 ----D---- C:\Windows\Tasks
2013-02-22 16:51:19 ----D---- C:\Windows\SoftwareDistribution
2013-02-22 16:44:10 ----D---- C:\Users\Radar\AppData\Roaming\Macromedia
2013-02-22 16:42:44 ----D---- C:\Windows\Panther
2013-02-22 16:42:41 ----D---- C:\Windows\system32\Msdtc
2013-02-22 16:42:41 ----D---- C:\Program Files\K-Lite Codec Pack
2013-02-22 14:28:27 ----D---- C:\Program Files\Xfire
2013-02-16 01:49:59 ----D---- C:\Program Files\Microsoft Security Client
2013-02-15 16:34:48 ----D---- C:\Windows\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 461080]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 mv91cons;Marvell 91xx Config Device Driver; C:\Windows\system32\DRIVERS\mv91cons.sys [2010-11-22 21808]
R0 mv91xx;mv91xx; C:\Windows\system32\DRIVERS\mv91xx.sys [2010-11-22 266544]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-06 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 MpKsl15509d3c;MpKsl15509d3c; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A769FD0C-3C7E-4106-9B48-AC1519AF6588}\MpKsl15509d3c.sys [2013-03-14 29904]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/11/06 02:14:31]; \??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 87536]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-10-27 37224]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-10-27 260968]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-10-27 26984]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 178024]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 51560]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 143336]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 242024]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c6232.sys [2011-11-05 268968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-10-18 3546664]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 21104]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-11-05 62336]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-11-05 141440]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-07-03 149352]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-09-22 10064]
S1 fgdldpss;fgdldpss; \??\C:\Windows\system32\drivers\fgdldpss.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 am434d9v;am434d9v; C:\Windows\system32\drivers\am434d9v.sys []
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 47144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 AtherosSvc;AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [2010-10-27 56480]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DTSAudioService;DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService.exe [2011-05-31 173672]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2011-06-29 112800]
R2 MBAMScheduler;MBAMScheduler; C:\programy a stahovani\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 645992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-08-21 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-11-02 1479488]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MBAMService;MBAMService; C:\programy a stahovani\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-04-24 654848]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-11-13 419624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-06 1343400]

-----------------EOF-----------------

Zdravím!
Nejprve spusťte tuto utilitu:

Stáhněte AdwCleaner http://stahnu.cz/tag/adw-cleaner-free-download
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.

tady.. diky za odpoved



# AdwCleaner v2.114 - Logfile created 03/15/2013 at 20:11:38
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Radar - RADAR-PC
# Boot Mode : Normal
# Running from : C:\Users\Radar\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Radar\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Found : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\searchplugins\Conduit.xml
File Found : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\searchplugins\qip-search.xml
Folder Found : C:\Users\Radar\AppData\Local\Conduit
Folder Found : C:\Users\Radar\AppData\LocalLow\Conduit
Folder Found : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\ConduitCommon
Folder Found : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\CT2233703
Folder Found : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}
Folder Found : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\jetpack

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKU\S-1-5-21-2133374080-2393072957-2572211807-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKU\S-1-5-21-2133374080-2393072957-2572211807-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie

-\\ Mozilla Firefox v19.0 (cs)

File : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\prefs.js

Found : user_pref("CT2233703..clientLogIsEnabled", true);
Found : user_pref("CT2233703..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2233703..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2233703.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2233703.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2233703.BrowserCompStateIsOpen_1000515", true);
Found : user_pref("CT2233703.BrowserCompStateIsOpen_1308308482930860462", true);
Found : user_pref("CT2233703.CT2233703", "CT2233703");
Found : user_pref("CT2233703.CurrentServerDate", "7-11-2011");
Found : user_pref("CT2233703.DSInstall", true);
Found : user_pref("CT2233703.DialogsAlignMode", "LTR");
Found : user_pref("CT2233703.DialogsGetterLastCheckTime", "Mon Nov 07 2011 18:39:49 GMT+0100");
Found : user_pref("CT2233703.DownloadReferralCookieData", "");
Found : user_pref("CT2233703.EMailNotifierPollDate", "Mon Nov 07 2011 18:39:49 GMT+0100");
Found : user_pref("CT2233703.FirstServerDate", "7-11-2011");
Found : user_pref("CT2233703.FirstTime", true);
Found : user_pref("CT2233703.FirstTimeFF3", true);
Found : user_pref("CT2233703.FixPageNotFoundErrors", true);
Found : user_pref("CT2233703.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2233703.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2233703.HPChangedManually", false);
Found : user_pref("CT2233703.HPInstall", true);
Found : user_pref("CT2233703.HPProtectChoice", true);
Found : user_pref("CT2233703.HPProtectCount", 1);
Found : user_pref("CT2233703.HasUserGlobalKeys", true);
Found : user_pref("CT2233703.HomePageProtectorEnabled", true);
Found : user_pref("CT2233703.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2233703&SearchSource=[...]
Found : user_pref("CT2233703.Initialize", true);
Found : user_pref("CT2233703.InitializeCommonPrefs", true);
Found : user_pref("CT2233703.InstallationAndCookieDataSentCount", 1);
Found : user_pref("CT2233703.InstallationType", "Unknown");
Found : user_pref("CT2233703.InstalledDate", "Mon Nov 07 2011 18:39:50 GMT+0100");
Found : user_pref("CT2233703.InvalidateCache", false);
Found : user_pref("CT2233703.IsAlertDBUpdated", true);
Found : user_pref("CT2233703.IsGrouping", false);
Found : user_pref("CT2233703.IsInitSetupIni", true);
Found : user_pref("CT2233703.IsMulticommunity", false);
Found : user_pref("CT2233703.IsOpenThankYouPage", true);
Found : user_pref("CT2233703.IsOpenUninstallPage", true);
Found : user_pref("CT2233703.IsProtectorsInit", true);
Found : user_pref("CT2233703.LanguagePackLastCheckTime", "Mon Nov 07 2011 18:39:49 GMT+0100");
Found : user_pref("CT2233703.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2233703.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2233703.LastLogin_3.8.0.8", "Mon Nov 07 2011 18:40:04 GMT+0100");
Found : user_pref("CT2233703.LatestVersion", "3.8.0.8");
Found : user_pref("CT2233703.Locale", "en");
Found : user_pref("CT2233703.MCDetectTooltipHeight", "83");
Found : user_pref("CT2233703.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2233703.MCDetectTooltipWidth", "295");
Found : user_pref("CT2233703.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2233703.OriginalFirstVersion", "3.8.0.8");
Found : user_pref("CT2233703.RadioIsPodcast", false);
Found : user_pref("CT2233703.RadioLastCheckTime", "Mon Nov 07 2011 18:39:49 GMT+0100");
Found : user_pref("CT2233703.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2233703.RadioLastUpdateServer", "129141247792900000");
Found : user_pref("CT2233703.RadioMediaID", "11027882");
Found : user_pref("CT2233703.RadioMediaType", "Media Player");
Found : user_pref("CT2233703.RadioMenuSelectedID", "EBRadioMenu_CT223370311027882");
Found : user_pref("CT2233703.RadioShrinkedFromSetup", false);
Found : user_pref("CT2233703.RadioStationName", "DANCE%20radio");
Found : user_pref("CT2233703.RadioStationURL", "hxxp://www.abradio.cz/asx/danceradio32.asx");
Found : user_pref("CT2233703.SavedHomepage", "www.seznam.cz");
Found : user_pref("CT2233703.SearchCaption", "4shared.com Customized Web Search");
Found : user_pref("CT2233703.SearchEngineBeforeUnload", "4shared.com Customized Web Search");
Found : user_pref("CT2233703.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2233703.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT223[...]
Found : user_pref("CT2233703.SearchInNewTabEnabled", true);
Found : user_pref("CT2233703.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2233703.SearchInNewTabLastCheckTime", "Mon Nov 07 2011 18:40:05 GMT+0100");
Found : user_pref("CT2233703.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2233703.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2233703.SearchProtectorEnabled", true);
Found : user_pref("CT2233703.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2233703.SendProtectorDataViaLogin", true);
Found : user_pref("CT2233703.ServiceMapLastCheckTime", "Mon Nov 07 2011 18:39:48 GMT+0100");
Found : user_pref("CT2233703.SettingsLastCheckTime", "Mon Nov 07 2011 18:39:48 GMT+0100");
Found : user_pref("CT2233703.SettingsLastUpdate", "1317103424");
Found : user_pref("CT2233703.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2233703&SearchSource=13");
Found : user_pref("CT2233703.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2233703.ThirdPartyComponentsLastCheck", "Mon Nov 07 2011 18:39:48 GMT+0100");
Found : user_pref("CT2233703.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT2233703.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2233703.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2233703");
Found : user_pref("CT2233703.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2233703.UserID", "UN89943871389045964");
Found : user_pref("CT2233703.WeatherNetwork", "");
Found : user_pref("CT2233703.WeatherPollDate", "Mon Nov 07 2011 18:41:50 GMT+0100");
Found : user_pref("CT2233703.WeatherUnit", "C");
Found : user_pref("CT2233703.alertChannelId", "631527");
Found : user_pref("CT2233703.components.1000515", true);
Found : user_pref("CT2233703.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2233703.globalFirstTimeInfoLastCheckTime", "Mon Nov 07 2011 18:39:49 GMT+0100");
Found : user_pref("CT2233703.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2233703.initDone", true);
Found : user_pref("CT2233703.isAppTrackingManagerOn", true);
Found : user_pref("CT2233703.isFirstRadioInstallation", false);
Found : user_pref("CT2233703.myStuffEnabled", true);
Found : user_pref("CT2233703.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2233703.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2233703.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2233703.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2233703.revertSettingsEnabled", true);
Found : user_pref("CT2233703.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2233703.searchProtectorEnableByLogin", true);
Found : user_pref("CT2233703.testingCtid", "");
Found : user_pref("CT2233703.toolbarAppMetaDataLastCheckTime", "Mon Nov 07 2011 18:39:49 GMT+0100");
Found : user_pref("CT2233703.toolbarContextMenuLastCheckTime", "Mon Nov 07 2011 18:39:50 GMT+0100");
Found : user_pref("CT2233703.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2233703&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "4shared.com Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/631527/627389/CZ", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2233703", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2233703",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2233703&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"1d8[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Radar\\AppData\\Roaming\\Mozilla\\F[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2233703");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2233703");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2233703");
Found : user_pref("CommunityToolbar.globalUserId", "c04df718-0f1d-4c27-a677-74d3729c5394");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2233703");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Nov 07 2011 18:39:4[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Nov 07 2011 18:39:57 GMT+010[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Nov 07 2011 18:39:48 GMT+0100");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "b610dee8-8aeb-496d-b635-ce6016f3acfa");
Found : user_pref("CommunityToolbar.originalHomepage", "www.seznam.cz");
Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Found : user_pref("browser.search.defaultthis.engineName", "4shared.com Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&Sea[...]
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=2&q=[...]

*************************

AdwCleaner[R1].txt - [15361 octets] - [15/03/2013 20:11:38]

########## EOF - C:\AdwCleaner[R1].txt - [15422 octets] ##########

Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.

Dal jsem Delete.... ukon byl provede, pote restart PC a vyhodilo em to tenhle log... vkladam:


# AdwCleaner v2.114 - Logfile created 03/15/2013 at 21:09:36
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Radar - RADAR-PC
# Boot Mode : Normal
# Running from : C:\Users\Radar\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Radar\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Deleted : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\searchplugins\qip-search.xml
Folder Deleted : C:\Users\Radar\AppData\Local\Conduit
Folder Deleted : C:\Users\Radar\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\ConduitCommon
Folder Deleted : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\CT2233703
Folder Deleted : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}
Folder Deleted : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\jetpack

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://qip.ru --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0 (cs)

File : C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\prefs.js

Deleted : user_pref("CT2233703..clientLogIsEnabled", true);
Deleted : user_pref("CT2233703..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2233703..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2233703.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2233703.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2233703.BrowserCompStateIsOpen_1000515", true);
Deleted : user_pref("CT2233703.BrowserCompStateIsOpen_1308308482930860462", true);
Deleted : user_pref("CT2233703.CT2233703", "CT2233703");
Deleted : user_pref("CT2233703.CurrentServerDate", "7-11-2011");
Deleted : user_pref("CT2233703.DSInstall", true);
Deleted : user_pref("CT2233703.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2233703.DialogsGetterLastCheckTime", "Mon Nov 07 2011 18:39:49 GMT+0100");
Deleted : user_pref("CT2233703.DownloadReferralCookieData", "");
Deleted : user_pref("CT2233703.EMailNotifierPollDate", "Mon Nov 07 2011 18:39:49 GMT+0100");
Deleted : user_pref("CT2233703.FirstServerDate", "7-11-2011");
Deleted : user_pref("CT2233703.FirstTime", true);
Deleted : user_pref("CT2233703.FirstTimeFF3", true);
Deleted : user_pref("CT2233703.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2233703.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2233703.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2233703.HPChangedManually", false);
Deleted : user_pref("CT2233703.HPInstall", true);
Deleted : user_pref("CT2233703.HPProtectChoice", true);
Deleted : user_pref("CT2233703.HPProtectCount", 1);
Deleted : user_pref("CT2233703.HasUserGlobalKeys", true);
Deleted : user_pref("CT2233703.HomePageProtectorEnabled", true);
Deleted : user_pref("CT2233703.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2233703&SearchSource=[...]
Deleted : user_pref("CT2233703.Initialize", true);
Deleted : user_pref("CT2233703.InitializeCommonPrefs", true);
Deleted : user_pref("CT2233703.InstallationAndCookieDataSentCount", 1);
Deleted : user_pref("CT2233703.InstallationType", "Unknown");
Deleted : user_pref("CT2233703.InstalledDate", "Mon Nov 07 2011 18:39:50 GMT+0100");
Deleted : user_pref("CT2233703.InvalidateCache", false);
Deleted : user_pref("CT2233703.IsAlertDBUpdated", true);
Deleted : user_pref("CT2233703.IsGrouping", false);
Deleted : user_pref("CT2233703.IsInitSetupIni", true);
Deleted : user_pref("CT2233703.IsMulticommunity", false);
Deleted : user_pref("CT2233703.IsOpenThankYouPage", true);
Deleted : user_pref("CT2233703.IsOpenUninstallPage", true);
Deleted : user_pref("CT2233703.IsProtectorsInit", true);
Deleted : user_pref("CT2233703.LanguagePackLastCheckTime", "Mon Nov 07 2011 18:39:49 GMT+0100");
Deleted : user_pref("CT2233703.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2233703.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2233703.LastLogin_3.8.0.8", "Mon Nov 07 2011 18:40:04 GMT+0100");
Deleted : user_pref("CT2233703.LatestVersion", "3.8.0.8");
Deleted : user_pref("CT2233703.Locale", "en");
Deleted : user_pref("CT2233703.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2233703.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2233703.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2233703.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2233703.OriginalFirstVersion", "3.8.0.8");
Deleted : user_pref("CT2233703.RadioIsPodcast", false);
Deleted : user_pref("CT2233703.RadioLastCheckTime", "Mon Nov 07 2011 18:39:49 GMT+0100");
Deleted : user_pref("CT2233703.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2233703.RadioLastUpdateServer", "129141247792900000");
Deleted : user_pref("CT2233703.RadioMediaID", "11027882");
Deleted : user_pref("CT2233703.RadioMediaType", "Media Player");
Deleted : user_pref("CT2233703.RadioMenuSelectedID", "EBRadioMenu_CT223370311027882");
Deleted : user_pref("CT2233703.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2233703.RadioStationName", "DANCE%20radio");
Deleted : user_pref("CT2233703.RadioStationURL", "hxxp://www.abradio.cz/asx/danceradio32.asx");
Deleted : user_pref("CT2233703.SavedHomepage", "www.seznam.cz");
Deleted : user_pref("CT2233703.SearchCaption", "4shared.com Customized Web Search");
Deleted : user_pref("CT2233703.SearchEngineBeforeUnload", "4shared.com Customized Web Search");
Deleted : user_pref("CT2233703.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2233703.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT223[...]
Deleted : user_pref("CT2233703.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2233703.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2233703.SearchInNewTabLastCheckTime", "Mon Nov 07 2011 18:40:05 GMT+0100");
Deleted : user_pref("CT2233703.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2233703.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2233703.SearchProtectorEnabled", true);
Deleted : user_pref("CT2233703.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2233703.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2233703.ServiceMapLastCheckTime", "Mon Nov 07 2011 18:39:48 GMT+0100");
Deleted : user_pref("CT2233703.SettingsLastCheckTime", "Mon Nov 07 2011 18:39:48 GMT+0100");
Deleted : user_pref("CT2233703.SettingsLastUpdate", "1317103424");
Deleted : user_pref("CT2233703.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2233703&SearchSource=13");
Deleted : user_pref("CT2233703.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2233703.ThirdPartyComponentsLastCheck", "Mon Nov 07 2011 18:39:48 GMT+0100");
Deleted : user_pref("CT2233703.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2233703.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2233703.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2233703");
Deleted : user_pref("CT2233703.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2233703.UserID", "UN89943871389045964");
Deleted : user_pref("CT2233703.WeatherNetwork", "");
Deleted : user_pref("CT2233703.WeatherPollDate", "Mon Nov 07 2011 18:41:50 GMT+0100");
Deleted : user_pref("CT2233703.WeatherUnit", "C");
Deleted : user_pref("CT2233703.alertChannelId", "631527");
Deleted : user_pref("CT2233703.components.1000515", true);
Deleted : user_pref("CT2233703.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2233703.globalFirstTimeInfoLastCheckTime", "Mon Nov 07 2011 18:39:49 GMT+0100");
Deleted : user_pref("CT2233703.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2233703.initDone", true);
Deleted : user_pref("CT2233703.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2233703.isFirstRadioInstallation", false);
Deleted : user_pref("CT2233703.myStuffEnabled", true);
Deleted : user_pref("CT2233703.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2233703.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2233703.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2233703.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2233703.revertSettingsEnabled", true);
Deleted : user_pref("CT2233703.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2233703.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2233703.testingCtid", "");
Deleted : user_pref("CT2233703.toolbarAppMetaDataLastCheckTime", "Mon Nov 07 2011 18:39:49 GMT+0100");
Deleted : user_pref("CT2233703.toolbarContextMenuLastCheckTime", "Mon Nov 07 2011 18:39:50 GMT+0100");
Deleted : user_pref("CT2233703.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2233703&Search[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "4shared.com Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/631527/627389/CZ", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2233703", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2233703",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2233703&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"1d8[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Radar\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2233703");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2233703");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2233703");
Deleted : user_pref("CommunityToolbar.globalUserId", "c04df718-0f1d-4c27-a677-74d3729c5394");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2233703");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Nov 07 2011 18:39:4[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Nov 07 2011 18:39:57 GMT+010[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Nov 07 2011 18:39:48 GMT+0100");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "b610dee8-8aeb-496d-b635-ce6016f3acfa");
Deleted : user_pref("CommunityToolbar.originalHomepage", "www.seznam.cz");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Deleted : user_pref("browser.search.defaultthis.engineName", "4shared.com Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&Sea[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=2&q=[...]

*************************

AdwCleaner[R1].txt - [15492 octets] - [15/03/2013 20:11:38]
AdwCleaner[S1].txt - [15676 octets] - [15/03/2013 21:09:36]

########## EOF - C:\AdwCleaner[S1].txt - [15737 octets] ##########

Dejte nový log RSIT.

RSIT log:



Logfile of random's system information tool 1.09 (written by random/random)
Run by Radar at 2013-03-15 22:12:44
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 758 GB (40%) free of 1908 GB
Total RAM: 3569 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:13:24, on 15.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\GAMES\ORIGIN EA\Origin\Origin.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Radar\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\programy a stahovani\TS3\ts3client_win32.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Radar\Desktop\RSIT.exe
C:\Program Files\trend micro\Radar.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Radar\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (file missing)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AtherosBtStack] "C:\Program Files\Bluetooth Suite\BtvStack.exe"
O4 - HKLM\..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORDTSUPTBT
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [EADM] "C:\GAMES\ORIGIN EA\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Radar\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DTSAudioService - DTS - C:\Program Files\Realtek\Audio\HDA\DTSAudioService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\programy a stahovani\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\programy a stahovani\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

--
End of file - 8750 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\programy a stahovani\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.104.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.104.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.116.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.116.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.122.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.138.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.138.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=2.1.3]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.1.3\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\extensions\
jid1-qQSMEVsYTOjgYA@jetpack
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-08-28 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Radar\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-28 59376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]
"NUSB3MON"=C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-11-05 113288]
"AtherosBtStack"=C:\Program Files\Bluetooth Suite\BtvStack.exe [2010-10-27 486560]
"AthBtTray"=C:\Program Files\Bluetooth Suite\AthBtTray.exe [2010-10-27 302240]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-10-17 11430504]
"RtHDVBg_DTS"=C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2011-10-14 1571432]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"=C:\GAMES\ORIGIN EA\Origin\Origin.exe [2013-02-21 3494992]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]

C:\Users\Radar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Radar\AppData\Roaming\Dropbox\bin\Dropbox.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"VIDC.XFR1"=xfcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"msacm.divxa32"=msaud32_divx.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-15 21:09:36 ----A---- C:\AdwCleaner[S1].txt
2013-03-15 20:11:38 ----A---- C:\AdwCleaner[R1].txt
2013-03-14 01:59:09 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 01:59:09 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 01:59:08 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 01:59:07 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 01:59:07 ----A---- C:\Windows\system32\url.dll
2013-03-14 01:59:07 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 01:59:07 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 01:59:06 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 01:59:05 ----A---- C:\Windows\system32\ieframe.dll
2013-03-12 16:22:31 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2013-03-12 16:21:44 ----D---- C:\Program Files\iPod
2013-03-12 16:21:43 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-03-12 16:14:10 ----D---- C:\Windows\system32\appmgmt
2013-03-12 15:30:04 ----AH---- C:\Windows\system32\mlfcache.dat
2013-03-12 14:40:13 ----D---- C:\Users\Radar\AppData\Roaming\Apple Computer
2013-03-12 14:40:11 ----DC---- C:\Windows\system32\DRVSTORE
2013-03-12 14:39:13 ----D---- C:\ProgramData\Apple Computer
2013-03-12 14:38:40 ----D---- C:\Program Files\Apple Software Update
2013-03-12 14:37:47 ----D---- C:\ProgramData\Apple
2013-03-12 14:37:47 ----D---- C:\Program Files\Common Files\Apple
2013-03-08 09:44:07 ----D---- C:\Program Files\Mozilla Firefox
2013-03-01 00:28:44 ----A---- C:\Windows\fred2_open_Diaspora_R1.INI
2013-02-28 19:16:27 ----D---- C:\Users\Radar\AppData\Roaming\wxlauncher
2013-02-27 23:38:08 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-27 23:37:26 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-27 23:37:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 23:37:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 23:37:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 23:37:05 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 23:37:03 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 23:37:03 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\dxgi.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-27 23:37:01 ----A---- C:\Windows\system32\d3d11.dll
2013-02-27 23:37:01 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-27 23:37:01 ----A---- C:\Windows\system32\d3d10.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\FntCache.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\DWrite.dll
2013-02-27 23:36:59 ----A---- C:\Windows\system32\d2d1.dll
2013-02-22 17:20:47 ----D---- C:\Program Files\OpenAL
2013-02-22 17:20:47 ----A---- C:\Windows\system32\wrap_oal.dll
2013-02-22 17:20:47 ----A---- C:\Windows\system32\OpenAL32.dll
2013-02-22 16:53:55 ----A---- C:\Windows\FRED2.INI
2013-02-22 16:46:39 ----D---- C:\Windows\temp
2013-02-22 16:41:54 ----A---- C:\0.bak
2013-02-22 16:30:02 ----D---- C:\Users\Radar\AppData\Roaming\ParetoLogic
2013-02-22 16:30:02 ----D---- C:\Users\Radar\AppData\Roaming\DriverCure
2013-02-22 16:29:54 ----D---- C:\ProgramData\ParetoLogic
2013-02-22 16:22:30 ----D---- C:\data

======List of files/folders modified in the last 1 month======

2013-03-15 22:13:19 ----D---- C:\Program Files\trend micro
2013-03-15 22:11:45 ----D---- C:\Users\Radar\AppData\Roaming\Skype
2013-03-15 22:08:29 ----D---- C:\Users\Radar\AppData\Roaming\Xfire
2013-03-15 21:38:09 ----D---- C:\Windows\system32\config
2013-03-15 21:24:19 ----D---- C:\Windows\Prefetch
2013-03-15 21:17:51 ----D---- C:\Windows\System32
2013-03-15 21:17:47 ----A---- C:\Windows\system32\PnkBstrB.exe
2013-03-15 21:13:14 ----D---- C:\Users\Radar\AppData\Roaming\TS3Client
2013-03-15 21:12:19 ----D---- C:\Users\Radar\AppData\Roaming\Dropbox
2013-03-15 21:11:12 ----D---- C:\ProgramData\NVIDIA
2013-03-15 10:11:00 ----D---- C:\Windows\system32\catroot2
2013-03-15 08:38:54 ----D---- C:\Windows
2013-03-15 00:16:23 ----D---- C:\Users\Radar\AppData\Roaming\Media Player Classic
2013-03-14 22:22:31 ----D---- C:\Users\Radar\AppData\Roaming\uTorrent
2013-03-14 08:14:39 ----D---- C:\Windows\rescache
2013-03-14 07:30:48 ----D---- C:\Windows\winsxs
2013-03-14 07:30:28 ----D---- C:\Windows\system32\migration
2013-03-14 07:30:28 ----D---- C:\Program Files\Internet Explorer
2013-03-14 07:30:26 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 02:00:23 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 02:00:20 ----SHD---- C:\Windows\Installer
2013-03-14 02:00:19 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 01:59:16 ----D---- C:\Windows\system32\catroot
2013-03-14 01:58:54 ----D---- C:\Windows\AppPatch
2013-03-14 01:58:19 ----SHD---- C:\System Volume Information
2013-03-13 15:17:52 ----D---- C:\ProgramData\Xfire
2013-03-13 15:05:04 ----D---- C:\Windows\inf
2013-03-13 15:05:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-12 23:25:09 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-12 18:49:13 ----D---- C:\programy a stahovani
2013-03-12 16:22:31 ----D---- C:\Windows\system32\drivers
2013-03-12 16:21:44 ----RD---- C:\Program Files
2013-03-12 16:21:43 ----HD---- C:\ProgramData
2013-03-12 14:38:42 ----D---- C:\Windows\system32\Tasks
2013-03-12 14:38:34 ----D---- C:\Windows\system32\DriverStore
2013-03-12 14:37:58 ----D---- C:\Program Files\Bonjour
2013-03-12 14:37:47 ----D---- C:\Program Files\Common Files
2013-03-09 09:38:24 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-06 15:24:55 ----D---- C:\GAMES
2013-03-06 09:37:45 ----HD---- C:\Program Files\InstallShield Installation Information
2013-03-06 09:21:38 ----D---- C:\Program Files\Common Files\BioWare
2013-03-06 09:21:37 ----D---- C:\ProgramData\BioWare
2013-03-05 10:21:28 ----D---- C:\Program Files\Battlelog Web Plugins
2013-03-04 17:24:41 ----D---- C:\Windows\system32\NDF
2013-03-03 21:17:11 ----D---- C:\Users\Radar\AppData\Roaming\Wargaming.net
2013-03-03 20:06:07 ----D---- C:\Windows\system32\directx
2013-03-03 20:06:02 ----HD---- C:\Windows\msdownld.tmp
2013-02-27 23:45:01 ----D---- C:\Windows\system32\pt-BR
2013-02-27 23:45:01 ----D---- C:\Windows\system32\it-IT
2013-02-27 23:45:00 ----D---- C:\Windows\system32\zh-HK
2013-02-27 23:45:00 ----D---- C:\Windows\system32\pt-PT
2013-02-27 23:45:00 ----D---- C:\Windows\system32\pl-PL
2013-02-27 23:45:00 ----D---- C:\Windows\system32\ko-KR
2013-02-27 23:45:00 ----D---- C:\Windows\system32\hu-HU
2013-02-27 23:44:59 ----D---- C:\Windows\system32\tr-TR
2013-02-27 23:44:59 ----D---- C:\Windows\system32\sv-SE
2013-02-27 23:44:59 ----D---- C:\Windows\system32\nl-NL
2013-02-27 23:44:59 ----D---- C:\Windows\system32\fr-FR
2013-02-27 23:44:59 ----D---- C:\Windows\system32\fi-FI
2013-02-27 23:44:59 ----D---- C:\Windows\system32\el-GR
2013-02-27 23:44:58 ----D---- C:\Windows\system32\zh-TW
2013-02-27 23:44:58 ----D---- C:\Windows\system32\zh-CN
2013-02-27 23:44:58 ----D---- C:\Windows\system32\es-ES
2013-02-27 23:44:58 ----D---- C:\Windows\system32\de-DE
2013-02-27 23:44:58 ----D---- C:\Windows\system32\cs-CZ
2013-02-27 23:44:57 ----D---- C:\Windows\system32\ru-RU
2013-02-27 23:44:57 ----D---- C:\Windows\system32\nb-NO
2013-02-27 23:44:57 ----D---- C:\Windows\system32\ja-JP
2013-02-27 23:44:57 ----D---- C:\Windows\system32\en-US
2013-02-27 23:44:57 ----D---- C:\Windows\system32\da-DK
2013-02-26 21:59:40 ----RSD---- C:\Windows\assembly
2013-02-26 21:56:31 ----D---- C:\Windows\Logs
2013-02-25 02:32:47 ----D---- C:\Users\Radar\AppData\Roaming\vlc
2013-02-24 20:41:37 ----D---- C:\ProgramData\EA Logs
2013-02-22 23:46:37 ----D---- C:\Users\Radar\AppData\Roaming\Adobe
2013-02-22 16:57:47 ----D---- C:\Windows\Tasks
2013-02-22 16:51:19 ----D---- C:\Windows\SoftwareDistribution
2013-02-22 16:44:10 ----D---- C:\Users\Radar\AppData\Roaming\Macromedia
2013-02-22 16:42:44 ----D---- C:\Windows\Panther
2013-02-22 16:42:41 ----D---- C:\Windows\system32\Msdtc
2013-02-22 16:42:41 ----D---- C:\Program Files\K-Lite Codec Pack
2013-02-22 14:28:27 ----D---- C:\Program Files\Xfire
2013-02-16 01:49:59 ----D---- C:\Program Files\Microsoft Security Client

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 461080]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 mv91cons;Marvell 91xx Config Device Driver; C:\Windows\system32\DRIVERS\mv91cons.sys [2010-11-22 21808]
R0 mv91xx;mv91xx; C:\Windows\system32\DRIVERS\mv91xx.sys [2010-11-22 266544]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-06 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/11/06 02:14:31]; \??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 87536]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-10-27 37224]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-10-27 260968]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-10-27 26984]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 178024]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 51560]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 143336]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 242024]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c6232.sys [2011-11-05 268968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-10-18 3546664]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 21104]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-11-05 62336]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-11-05 141440]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-07-03 149352]
R3 PnkBstrK;PnkBstrK; \??\C:\Windows\system32\drivers\PnkBstrK.sys [2013-03-15 137992]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-09-22 10064]
S1 fgdldpss;fgdldpss; \??\C:\Windows\system32\drivers\fgdldpss.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 a0iz4u7m;a0iz4u7m; C:\Windows\system32\drivers\a0iz4u7m.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 47144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 AtherosSvc;AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [2010-10-27 56480]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DTSAudioService;DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService.exe [2011-05-31 173672]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2011-06-29 112800]
R2 MBAMScheduler;MBAMScheduler; C:\programy a stahovani\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 645992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-08-21 76888]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2013-03-15 291088]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-11-02 1479488]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MBAMService;MBAMService; C:\programy a stahovani\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-04-24 654848]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-11-13 419624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-06 1343400]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\Skype\Toolbars
C:\0.bak

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

:services
Skype C2C Service

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Movenuto ... restartovano a novej RSITlog:


Logfile of random's system information tool 1.09 (written by random/random)
Run by Radar at 2013-03-15 23:08:58
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 761 GB (40%) free of 1908 GB
Total RAM: 3569 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:09:22, on 15.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\GAMES\ORIGIN EA\Origin\Origin.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Radar\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Xfire\Xfire.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Radar\Desktop\RSIT.exe
C:\Program Files\trend micro\Radar.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AtherosBtStack] "C:\Program Files\Bluetooth Suite\BtvStack.exe"
O4 - HKLM\..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORDTSUPTBT
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [EADM] "C:\GAMES\ORIGIN EA\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Radar\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DTSAudioService - DTS - C:\Program Files\Realtek\Audio\HDA\DTSAudioService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\programy a stahovani\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\programy a stahovani\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

--
End of file - 7927 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\programy a stahovani\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.104.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.104.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.116.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.116.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.122.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.138.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.138.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=2.1.3]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.1.3\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Radar\AppData\Roaming\Mozilla\Firefox\Profiles\7tzivw7s.default\extensions\
jid1-qQSMEVsYTOjgYA@jetpack
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-08-28 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-28 59376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]
"NUSB3MON"=C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-11-05 113288]
"AtherosBtStack"=C:\Program Files\Bluetooth Suite\BtvStack.exe [2010-10-27 486560]
"AthBtTray"=C:\Program Files\Bluetooth Suite\AthBtTray.exe [2010-10-27 302240]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-10-17 11430504]
"RtHDVBg_DTS"=C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2011-10-14 1571432]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"=C:\GAMES\ORIGIN EA\Origin\Origin.exe [2013-02-21 3494992]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]

C:\Users\Radar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Radar\AppData\Roaming\Dropbox\bin\Dropbox.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"VIDC.XFR1"=xfcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"msacm.divxa32"=msaud32_divx.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-15 23:02:48 ----D---- C:\_OTM
2013-03-15 21:09:36 ----A---- C:\AdwCleaner[S1].txt
2013-03-15 20:11:38 ----A---- C:\AdwCleaner[R1].txt
2013-03-14 01:59:09 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 01:59:09 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 01:59:08 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 01:59:08 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 01:59:07 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 01:59:07 ----A---- C:\Windows\system32\url.dll
2013-03-14 01:59:07 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 01:59:07 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 01:59:06 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 01:59:05 ----A---- C:\Windows\system32\ieframe.dll
2013-03-12 16:22:31 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2013-03-12 16:21:44 ----D---- C:\Program Files\iPod
2013-03-12 16:21:43 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-03-12 16:14:10 ----D---- C:\Windows\system32\appmgmt
2013-03-12 15:30:04 ----AH---- C:\Windows\system32\mlfcache.dat
2013-03-12 14:40:13 ----D---- C:\Users\Radar\AppData\Roaming\Apple Computer
2013-03-12 14:40:11 ----DC---- C:\Windows\system32\DRVSTORE
2013-03-12 14:39:13 ----D---- C:\ProgramData\Apple Computer
2013-03-12 14:38:40 ----D---- C:\Program Files\Apple Software Update
2013-03-12 14:37:47 ----D---- C:\ProgramData\Apple
2013-03-12 14:37:47 ----D---- C:\Program Files\Common Files\Apple
2013-03-08 09:44:07 ----D---- C:\Program Files\Mozilla Firefox
2013-03-01 00:28:44 ----A---- C:\Windows\fred2_open_Diaspora_R1.INI
2013-02-28 19:16:27 ----D---- C:\Users\Radar\AppData\Roaming\wxlauncher
2013-02-27 23:38:08 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-27 23:37:26 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-27 23:37:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 23:37:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 23:37:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 23:37:05 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 23:37:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 23:37:03 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 23:37:03 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\dxgi.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-27 23:37:02 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-27 23:37:01 ----A---- C:\Windows\system32\d3d11.dll
2013-02-27 23:37:01 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-27 23:37:01 ----A---- C:\Windows\system32\d3d10.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\FntCache.dll
2013-02-27 23:37:00 ----A---- C:\Windows\system32\DWrite.dll
2013-02-27 23:36:59 ----A---- C:\Windows\system32\d2d1.dll
2013-02-22 17:20:47 ----D---- C:\Program Files\OpenAL
2013-02-22 17:20:47 ----A---- C:\Windows\system32\wrap_oal.dll
2013-02-22 17:20:47 ----A---- C:\Windows\system32\OpenAL32.dll
2013-02-22 16:53:55 ----A---- C:\Windows\FRED2.INI
2013-02-22 16:46:39 ----D---- C:\Windows\temp
2013-02-22 16:30:02 ----D---- C:\Users\Radar\AppData\Roaming\ParetoLogic
2013-02-22 16:30:02 ----D---- C:\Users\Radar\AppData\Roaming\DriverCure
2013-02-22 16:29:54 ----D---- C:\ProgramData\ParetoLogic
2013-02-22 16:22:30 ----D---- C:\data

======List of files/folders modified in the last 1 month======

2013-03-15 23:09:02 ----D---- C:\Program Files\trend micro
2013-03-15 23:07:55 ----D---- C:\Users\Radar\AppData\Roaming\Skype
2013-03-15 23:07:44 ----D---- C:\Users\Radar\AppData\Roaming\Dropbox
2013-03-15 23:06:53 ----D---- C:\ProgramData\NVIDIA
2013-03-15 23:05:56 ----D---- C:\Windows\system32\config
2013-03-15 23:03:23 ----D---- C:\Windows
2013-03-15 23:02:52 ----RD---- C:\Program Files\Skype
2013-03-15 23:02:35 ----D---- C:\Windows\Prefetch
2013-03-15 23:02:18 ----D---- C:\Users\Radar\AppData\Roaming\TS3Client
2013-03-15 22:08:29 ----D---- C:\Users\Radar\AppData\Roaming\Xfire
2013-03-15 21:17:51 ----D---- C:\Windows\System32
2013-03-15 21:17:47 ----A---- C:\Windows\system32\PnkBstrB.exe
2013-03-15 10:11:00 ----D---- C:\Windows\system32\catroot2
2013-03-15 00:16:23 ----D---- C:\Users\Radar\AppData\Roaming\Media Player Classic
2013-03-14 22:22:31 ----D---- C:\Users\Radar\AppData\Roaming\uTorrent
2013-03-14 08:14:39 ----D---- C:\Windows\rescache
2013-03-14 07:30:48 ----D---- C:\Windows\winsxs
2013-03-14 07:30:28 ----D---- C:\Windows\system32\migration
2013-03-14 07:30:28 ----D---- C:\Program Files\Internet Explorer
2013-03-14 07:30:26 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 02:00:23 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 02:00:20 ----SHD---- C:\Windows\Installer
2013-03-14 02:00:19 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 01:59:16 ----D---- C:\Windows\system32\catroot
2013-03-14 01:58:54 ----D---- C:\Windows\AppPatch
2013-03-14 01:58:19 ----SHD---- C:\System Volume Information
2013-03-13 15:17:52 ----D---- C:\ProgramData\Xfire
2013-03-13 15:05:04 ----D---- C:\Windows\inf
2013-03-13 15:05:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-12 23:25:09 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-12 18:49:13 ----D---- C:\programy a stahovani
2013-03-12 16:22:31 ----D---- C:\Windows\system32\drivers
2013-03-12 16:21:44 ----RD---- C:\Program Files
2013-03-12 16:21:43 ----HD---- C:\ProgramData
2013-03-12 14:38:42 ----D---- C:\Windows\system32\Tasks
2013-03-12 14:38:34 ----D---- C:\Windows\system32\DriverStore
2013-03-12 14:37:58 ----D---- C:\Program Files\Bonjour
2013-03-12 14:37:47 ----D---- C:\Program Files\Common Files
2013-03-09 09:38:24 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-06 15:24:55 ----D---- C:\GAMES
2013-03-06 09:37:45 ----HD---- C:\Program Files\InstallShield Installation Information
2013-03-06 09:21:38 ----D---- C:\Program Files\Common Files\BioWare
2013-03-06 09:21:37 ----D---- C:\ProgramData\BioWare
2013-03-05 10:21:28 ----D---- C:\Program Files\Battlelog Web Plugins
2013-03-04 17:24:41 ----D---- C:\Windows\system32\NDF
2013-03-03 21:17:11 ----D---- C:\Users\Radar\AppData\Roaming\Wargaming.net
2013-03-03 20:06:07 ----D---- C:\Windows\system32\directx
2013-02-27 23:45:01 ----D---- C:\Windows\system32\pt-BR
2013-02-27 23:45:01 ----D---- C:\Windows\system32\it-IT
2013-02-27 23:45:00 ----D---- C:\Windows\system32\zh-HK
2013-02-27 23:45:00 ----D---- C:\Windows\system32\pt-PT
2013-02-27 23:45:00 ----D---- C:\Windows\system32\pl-PL
2013-02-27 23:45:00 ----D---- C:\Windows\system32\ko-KR
2013-02-27 23:45:00 ----D---- C:\Windows\system32\hu-HU
2013-02-27 23:44:59 ----D---- C:\Windows\system32\tr-TR
2013-02-27 23:44:59 ----D---- C:\Windows\system32\sv-SE
2013-02-27 23:44:59 ----D---- C:\Windows\system32\nl-NL
2013-02-27 23:44:59 ----D---- C:\Windows\system32\fr-FR
2013-02-27 23:44:59 ----D---- C:\Windows\system32\fi-FI
2013-02-27 23:44:59 ----D---- C:\Windows\system32\el-GR
2013-02-27 23:44:58 ----D---- C:\Windows\system32\zh-TW
2013-02-27 23:44:58 ----D---- C:\Windows\system32\zh-CN
2013-02-27 23:44:58 ----D---- C:\Windows\system32\es-ES
2013-02-27 23:44:58 ----D---- C:\Windows\system32\de-DE
2013-02-27 23:44:58 ----D---- C:\Windows\system32\cs-CZ
2013-02-27 23:44:57 ----D---- C:\Windows\system32\ru-RU
2013-02-27 23:44:57 ----D---- C:\Windows\system32\nb-NO
2013-02-27 23:44:57 ----D---- C:\Windows\system32\ja-JP
2013-02-27 23:44:57 ----D---- C:\Windows\system32\en-US
2013-02-27 23:44:57 ----D---- C:\Windows\system32\da-DK
2013-02-26 21:59:40 ----RSD---- C:\Windows\assembly
2013-02-26 21:56:31 ----D---- C:\Windows\Logs
2013-02-25 02:32:47 ----D---- C:\Users\Radar\AppData\Roaming\vlc
2013-02-24 20:41:37 ----D---- C:\ProgramData\EA Logs
2013-02-22 23:46:37 ----D---- C:\Users\Radar\AppData\Roaming\Adobe
2013-02-22 16:57:47 ----D---- C:\Windows\Tasks
2013-02-22 16:51:19 ----D---- C:\Windows\SoftwareDistribution
2013-02-22 16:44:10 ----D---- C:\Users\Radar\AppData\Roaming\Macromedia
2013-02-22 16:42:44 ----D---- C:\Windows\Panther
2013-02-22 16:42:41 ----D---- C:\Windows\system32\Msdtc
2013-02-22 16:42:41 ----D---- C:\Program Files\K-Lite Codec Pack
2013-02-22 14:28:27 ----D---- C:\Program Files\Xfire
2013-02-16 01:49:59 ----D---- C:\Program Files\Microsoft Security Client

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 461080]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 mv91cons;Marvell 91xx Config Device Driver; C:\Windows\system32\DRIVERS\mv91cons.sys [2010-11-22 21808]
R0 mv91xx;mv91xx; C:\Windows\system32\DRIVERS\mv91xx.sys [2010-11-22 266544]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-06 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/11/06 02:14:31]; \??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 87536]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-10-27 37224]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-10-27 260968]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-10-27 26984]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 178024]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 51560]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 143336]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 242024]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c6232.sys [2011-11-05 268968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-10-18 3546664]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 21104]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-11-05 62336]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-11-05 141440]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-07-03 149352]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-09-22 10064]
S1 fgdldpss;fgdldpss; \??\C:\Windows\system32\drivers\fgdldpss.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aofymhjc;aofymhjc; C:\Windows\system32\drivers\aofymhjc.sys []
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 47144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 AtherosSvc;AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [2010-10-27 56480]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DTSAudioService;DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService.exe [2011-05-31 173672]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2011-06-29 112800]
R2 MBAMScheduler;MBAMScheduler; C:\programy a stahovani\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 645992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-08-21 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-11-02 1479488]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MBAMService;MBAMService; C:\programy a stahovani\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-04-24 654848]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-11-13 419624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-06 1343400]

-----------------EOF-----------------

Dvouklikem na soubor C:\Program Files\trend micro\Radar.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Hotovo.... melo by to bejt ted vyreseny?

Pokud se PC zrychlil, pak ano.

ok.. uvidime po par hodinach ... kdyz tak napisu zase ...

Jinak Moc dekuju

Nemáte zač!