VIRY.CZ

Zdravim. Dostal sa mi do ruk kamosov PC, po minulych skvelych skusenostiach s Vami som si jeho PC pozical a chcem mu s tym pomoct. Ide neskutocne pomaly, pritom je to celkom nadupana masina (ASUS A52J Series, 6GB RAM, atd...).


Prikladam log z RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Martiin at 2013-03-27 12:42:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 122 GB (40%) free of 305 GB
Total RAM: 5997 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:42:53, on 27. 3. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Users\Martiin\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files\trend micro\Martiin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
R3 - URLSearchHook: (no name) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.0"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\4.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [RMAlert] "C:\Program Files (x86)\PC Tools Registry Mechanic\Alert.exe" /PRODUCT=RM /R
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer
O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer
O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer
O4 - HKCU\..\Run: [BitTorrent] "C:\bittorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Google Update] "C:\Users\Martiin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14802 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {83892B85-4CCA-4B3A-9C95-131BF8B744E7}
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe"
"C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe"
"C:\Program Files (x86)\Steam\steam.exe" "steam://rungameid/570"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
taskeng.exe {817E73D0-7E63-4107-9ADA-D35D38E225FA}
C:\Users\Martiin\AppData\Local\Google\Update\GoogleUpdate.exe /c
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\taskmgr.exe" /4
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=7492.a009900.370045891 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 7492 "\\.\pipe\gecko-crash-server-pipe.7492" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash3252.5ED763D8.21841 --host-broker-channel=Flash3252.5ED763D8.9657 --host-pid=3252 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=2084.0030F8A0.854927469 --proxy-stub-channel=Flash3252.5ED763D8.21841 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Martiin\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2760217323-615456779-259505299-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2760217323-615456779-259505299-1000UA.job
C:\Windows\tasks\RMAutoUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll [2011-03-28 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-12-25 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-12-25 170416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll [2011-03-28 176936]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2918656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"=C:\bittorrent\BitTorrent.exe [2013-01-09 980376]
"Google Update"=C:\Users\Martiin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-01 136176]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-04-26 3111744]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2013-03-26 1631144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-06-29 3054136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-18 104936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [2008-02-22 62760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [2008-04-02 87336]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-06-24 6806144]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-03 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-07-02 1597440]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-02-21 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-09-24 210216]
"UpdatePPShortCut"=C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-01-04 222504]
"UpdatePSTShortCut"=C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-10-22 210216]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"SSDMonitor"=C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-04-26 103896]
"RMAlert"=C:\Program Files (x86)\PC Tools Registry Mechanic\Alert.exe [2012-04-26 1318872]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-04-06 641664]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-14 2255360]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll"=C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll [2012-07-31 90112]
"B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll"=C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll [2012-07-31 66048]
"B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll"=C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll [2012-07-31 335872]
"B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll"=C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll [2012-07-31 1101824]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-03-27 12:42:41 ----D---- C:\rsit
2013-03-27 12:42:41 ----D---- C:\Program Files\trend micro
2013-03-25 12:30:05 ----D---- C:\Users\Martiin\AppData\Roaming\ESET
2013-03-23 02:34:26 ----D---- C:\ProgramData\ESET
2013-03-09 04:18:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-04 20:49:42 ----D---- C:\Program Files (x86)\Plus500

======List of files/folders modified in the last 1 months======

2013-03-27 12:42:46 ----D---- C:\Windows\Temp
2013-03-27 12:42:41 ----RD---- C:\Program Files
2013-03-27 03:11:12 ----D---- C:\Windows\system32\config
2013-03-27 03:00:28 ----SHD---- C:\System Volume Information
2013-03-27 01:59:11 ----D---- C:\Program Files (x86)\Steam
2013-03-26 23:01:20 ----A---- C:\dpi.txt
2013-03-26 22:56:47 ----D---- C:\Users\Martiin\AppData\Roaming\BitTorrent
2013-03-26 22:53:31 ----AD---- C:\ProgramData\Temp
2013-03-26 22:53:20 ----D---- C:\Windows\system32\Tasks
2013-03-26 22:53:13 ----D---- C:\Program Files (x86)\PC Tools Registry Mechanic
2013-03-26 22:53:02 ----A---- C:\Windows\SYSWOW64\log.txt
2013-03-26 22:51:29 ----D---- C:\Windows\system32\NDF
2013-03-26 14:43:39 ----SHD---- C:\Windows\Installer
2013-03-26 14:43:13 ----D---- C:\Windows\system32\drivers
2013-03-26 14:43:13 ----D---- C:\Windows\system32\catroot
2013-03-26 14:43:12 ----D---- C:\Windows\system32\DriverStore
2013-03-26 14:43:10 ----D---- C:\Windows\inf
2013-03-26 13:31:46 ----D---- C:\Windows\winsxs
2013-03-26 13:31:46 ----D---- C:\Windows\Tasks
2013-03-26 13:31:46 ----D---- C:\Windows\SysWOW64
2013-03-26 13:31:46 ----D---- C:\Windows\system32\wfp
2013-03-26 13:31:46 ----D---- C:\Windows\system32\catroot2
2013-03-26 13:31:46 ----D---- C:\Windows\System32
2013-03-26 13:31:46 ----D---- C:\Windows
2013-03-26 13:31:42 ----D---- C:\ProgramData\P4G
2013-03-26 13:31:42 ----D---- C:\Program Files (x86)\Common Files
2013-03-26 13:31:38 ----D---- C:\Windows\system32\wbem
2013-03-26 13:31:38 ----D---- C:\Windows\registration
2013-03-26 04:20:24 ----D---- C:\Windows\Prefetch
2013-03-23 02:34:26 ----HD---- C:\ProgramData
2013-03-23 02:34:26 ----D---- C:\Program Files\ESET
2013-03-22 17:16:00 ----D---- C:\Users\Martiin\AppData\Roaming\Mozilla
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\wbem
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\Setup
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\migration
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\lt-LT
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\es-ES
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\de-DE
2013-03-22 16:19:02 ----D---- C:\Windows\SYSWOW64\bg-BG
2013-03-22 16:19:01 ----RSD---- C:\Windows\Fonts
2013-03-22 16:19:01 ----D---- C:\Windows\system32\zh-TW
2013-03-22 16:19:01 ----D---- C:\Windows\system32\zh-HK
2013-03-22 16:19:01 ----D---- C:\Windows\system32\sr-Latn-CS
2013-03-22 16:19:01 ----D---- C:\Windows\system32\sk-SK
2013-03-22 16:19:01 ----D---- C:\Windows\system32\pl-PL
2013-03-22 16:19:01 ----D---- C:\Windows\system32\nb-NO
2013-03-22 16:19:01 ----D---- C:\Windows\system32\migration
2013-03-22 16:19:01 ----D---- C:\Windows\system32\lv-LV
2013-03-22 16:19:01 ----D---- C:\Windows\system32\ja-JP
2013-03-22 16:19:01 ----D---- C:\Windows\system32\hu-HU
2013-03-22 16:19:01 ----D---- C:\Windows\system32\hr-HR
2013-03-22 16:19:01 ----D---- C:\Windows\system32\he-IL
2013-03-22 16:19:01 ----D---- C:\Windows\system32\et-EE
2013-03-22 16:19:01 ----D---- C:\Windows\system32\en-US
2013-03-22 16:19:01 ----D---- C:\Windows\system32\drivers\sk-SK
2013-03-22 16:19:01 ----D---- C:\Windows\system32\drivers\en-US
2013-03-22 16:19:01 ----D---- C:\Windows\system32\cs-CZ
2013-03-22 16:19:01 ----D---- C:\Windows\system32\bg-BG
2013-03-22 16:19:01 ----D---- C:\Windows\L2Schemas
2013-03-22 16:19:01 ----D---- C:\Windows\ehome
2013-03-22 16:19:01 ----D---- C:\Windows\AppPatch
2013-03-22 16:18:34 ----D---- C:\Windows\AppCompat
2013-03-22 16:18:33 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-22 16:18:30 ----D---- C:\Program Files (x86)\RelevantKnowledge
2013-03-22 16:18:30 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-22 16:15:12 ----D---- C:\Windows\system32\sysprep
2013-03-22 16:14:50 ----D---- C:\Windows\system32\Macromed
2013-03-22 16:14:23 ----D---- C:\Windows\system32\Boot
2013-03-22 16:11:48 ----D---- C:\Matoooo
2013-03-14 03:02:30 ----A---- C:\Windows\system32\MRT.exe
2013-03-13 17:09:39 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-13 16:54:49 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-03-13 16:54:49 ----D---- C:\Windows\system32\sl-SI
2013-03-13 16:54:26 ----D---- C:\Windows\system32\CodeIntegrity
2013-03-13 16:54:18 ----RD---- C:\Program Files (x86)
2013-03-13 16:54:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-13 16:51:44 ----D---- C:\Windows\SYSWOW64\WCN
2013-03-04 12:09:05 ----D---- C:\Windows\system32\LogFiles
2013-03-04 11:56:21 ----D---- C:\Program Files\Windows Journal

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2011-06-29 35384]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-12 283200]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 125296]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 17464]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-02-13 11174400]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-02-13 343040]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-13 95760]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-10-30 704512]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\drivers\ETD.sys [2010-04-13 135560]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-02-25 115312]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\drivers\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\drivers\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 121872]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Classic\safedrv.sys []
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-06-22 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-02-13 236544]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 262144]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-04-26 793048]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R3 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-03-26 543656]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 135664]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]
S2 RelevantKnowledge;RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe /service []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 42360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-09 115608]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-29 1255736]

-----------------EOF-----------------

Zdravim

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Prohledat
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

info.txt logfile of random's system information tool 1.08 2013-03-27 12:43:31

======Uninstall list======

-->C:\Program Files\Conexant\SAII\SETUP64.EXE -U -ISAII -SM=SmartAudio.EXE,1801
-->MsiExec.exe /I{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049} /S /v/qn
AC3Filter 1.62b-->"C:\Program Files (x86)\AC3Filter\unins000.exe"
Acrobat.com-->MsiExec.exe /X{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{FDB3B167-F4FA-461D-976F-286304A57B2A}
Adobe Community Help-->msiexec /qb /x {3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe Community Help-->MsiExec.exe /I{3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe Download Assistant-->msiexec /qb /x {79872596-B887-E700-8D56-CADBC78BA5DE}
Adobe Download Assistant-->MsiExec.exe /I{79872596-B887-E700-8D56-CADBC78BA5DE}
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe -maintain plugin
Adobe Photoshop CS5.1-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{9158FF30-78D7-40EF-B83E-451AC5334640}"
Adobe Reader X (10.1.6)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001}
Age of Mythology - The Titans Expansion-->"C:\Program Files (x86)\Microsoft Games\Age of Mythology\UNINSTXP.EXE" /runtemp /addremove
Age of Mythology-->"C:\Program Files (x86)\Microsoft Games\Age of Mythology\UNINSTAL.EXE" /runtemp /addremove
AMD Accelerated Video Transcoding-->MsiExec.exe /X{BABA4667-CF82-B330-A8E5-6E8A09B2D911}
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Catalyst Install Manager-->msiexec /q/x{E4490157-303F-F06F-FB6E-D2053A43A182} REBOOT=ReallySuppress
AMD Drag and Drop Transcoding-->MsiExec.exe /X{A71060CF-81D0-EC17-2252-78CA0E96CCCF}
AMD Media Foundation Decoders-->MsiExec.exe /X{2D58E228-ACD8-0B8A-E1FF-D3F7020DA30F}
Apple Application Support-->MsiExec.exe /I{F5266D28-E0B2-4130-BFC5-EE155AD514DC}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ASUS AI Recovery-->MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}
ASUS CopyProtect-->MsiExec.exe /I{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}
ASUS Data Security Manager-->MsiExec.exe /X{FA2092C5-7979-412D-A962-6485274AE1EE}
ASUS FancyStart-->MsiExec.exe /I{2B81872B-A054-48DA-BE3B-FA5C164C303A}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
ASUS MultiFrame-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9
ASUS Power4Gear Hybrid-->MsiExec.exe /I{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
ATI AVIVO64 Codecs-->MsiExec.exe /X{489F2C5A-83B9-79D5-714C-1DEF32A898E5}
ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
Bing Bar-->MsiExec.exe /X{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
BitTorrent-->"C:\bittorrent\BitTorrent.exe" /UNINSTALL
bwin Poker 1.0.0-->"C:\bwinPoker\unins000.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}
Click to Call with Skype-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Conduit Engine -->C:\Program Files (x86)\ConduitEngine\ConduitEngineUninstall.exe
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -IK52CC2wa.INF
ControlDeck-->MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21}
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
CyberLink PhotoNow-->"C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall
CyberLink PhotoNow-->"C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
DAEMON Tools Pro-->C:\Program Files (x86)\DAEMON Tools Pro\uninst.exe
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
Dota 2 Test-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/205790
Dota 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/570
EasyDent4 Simple Viewer-->C:\Program Files (x86)\InstallShield Installation Information\{8E1F4374-01EF-4CE5-8D5F-A5089FD36ADA}\setup.exe -runfromtemp -l0x0009 -removeonly
ETDWare PS/2-x64 7.0.5.11_WHQL-->%ProgramFiles%\Elantech\ETDUn_inst.exe
Fast Boot-->MsiExec.exe /I{13F4A7F3-EABC-4261-AF6B-1317777F0755}
File Type Assistant-->"C:\Program Files (x86)\File Type Assistant\unins000.exe"
GameSpy Arcade-->C:\PROGRA~2\GAMESP~1\UNWISE.EXE C:\PROGRA~2\GAMESP~1\INSTALL.LOG
Garena Classic 2011-->C:\Program Files (x86)\Garena Classic\uninst.exe
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Talk Plugin-->MsiExec.exe /I{A7E7E283-8AB2-3EFE-A3BD-8482F72BAFCF}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
GPL MPEG-1/2 DirectShow Decoder Filter-->MsiExec.exe /I{870815CA-6B60-47B6-88DD-A67F42D2F03E}
Graboid Video 3.11-->C:\Program Files (x86)\Graboid\uninst.exe
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Java 7 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217010FF}
Java(TM) 6 Update 37-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216037FF}
JMicron Ethernet Adapter NDIS Driver-->"C:\Program Files (x86)\JMicron\JME_DIR\setup.exe" delpkg
JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg
K_Series_ScreenSaver_EN-->C:\Windows\system32\K_Series_ScreenSaver_EN.scr /u
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {8B531332-0D5D-4B3B-A22C-8330DEA695A7} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{8B531332-0D5D-4B3B-A22C-8330DEA695A7}
MediaShow-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\Setup.exe" -uninstall
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Microsoft_VC90_MFCLOC_x86_x64-->MsiExec.exe /I{90BF0360-A1DB-4599-A643-95AB90A52C1E}
Microsoft_VC90_MFCLOC_x86-->MsiExec.exe /I{B6D38690-755E-4F40-A35A-23F8BC2B86AC}
Mozilla Firefox 19.0.2 (x86 en-US)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
MV2Player (remove only)-->C:\Program Files (x86)\Mv2Player\uninst.exe
NB Probe-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\Setup.exe" -l0x9
Net4Switch-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D6D7811-43B3-463C-BC79-5D1755269989}\setup.exe" -l0x9
OpenOffice.org 3.2-->MsiExec.exe /I{28B94253-5729-4C30-8DE4-F2A0A63149B0}
OpenTTD 1.2.2-->C:\Matoooo\tycoon\uninstall.exe
PC Tools Registry Mechanic 11.0-->"C:\Program Files (x86)\PC Tools Registry Mechanic\unins000.exe" /LOG
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Plus500-->C:\Program Files (x86)\Plus500\Plus500.exe /uninstall
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" -l0x000409 /z-uninstall
PowerProducer-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}
Rise of Nations-->"C:\Program Files (x86)\Microsoft Games\Rise of Nations\Uninstal.exe" /runtemp /uninstall
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Skype™ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
USB2.0 UVC VGA WebCam-->C:\Windows\snuninst.exe /name='USB2.0 UVC VGA WebCam'
VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
VLC media player 1.0.1-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
WinRAR 4.01 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}
Zaklínač rozšířená edice-->"C:\Program Files (x86)\InstallShield Installation Information\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}\setup.exe" -runfromtemp -l0x0005 -removeonly

======System event log======

Computer Name: Martiin-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Ide\IdePort0.
Record Number: 390587
Source Name: atapi
Time Written: 20130123180701.896278-000
Event Type: Error
User:

Computer Name: Martiin-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Ide\IdePort0.
Record Number: 390586
Source Name: atapi
Time Written: 20130123180659.036274-000
Event Type: Error
User:

Computer Name: Martiin-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Ide\IdePort0.
Record Number: 390585
Source Name: atapi
Time Written: 20130123180654.156267-000
Event Type: Error
User:

Computer Name: Martiin-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Ide\IdePort0.
Record Number: 390584
Source Name: atapi
Time Written: 20130123180653.436266-000
Event Type: Error
User:

Computer Name: Martiin-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Ide\IdePort0.
Record Number: 390582
Source Name: atapi
Time Written: 20130123180635.683835-000
Event Type: Error
User:

=====Security event log=====

Computer Name: Martiin-PC
Event Code: 5061
Message: Cryptographic operation.

Subject:
Security ID: S-1-5-19
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3e5

Cryptographic Parameters:
Provider Name: Microsoft Software Key Storage Provider
Algorithm Name: RSA
Key Name: 57c2d3b3-1ec4-42fb-b689-459c3d050caa
Key Type: Machine key.

Cryptographic Operation:
Operation: Open Key.
Return Code: 0x0
Record Number: 15240
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120223020920.613612-000
Event Type: Audit Success
User:

Computer Name: Martiin-PC
Event Code: 5058
Message: Key file operation.

Subject:
Security ID: S-1-5-19
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3e5

Cryptographic Parameters:
Provider Name: Microsoft Software Key Storage Provider
Algorithm Name: Not Available.
Key Name: 57c2d3b3-1ec4-42fb-b689-459c3d050caa
Key Type: Machine key.

Key File Operation Information:
File Path: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\edc15e1ed494d61731697686874773cb_0812d586-36c2-423b-a9eb-7da1618b6196
Operation: Read persisted key from file.
Return Code: 0x0
Record Number: 15239
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120223020920.613612-000
Event Type: Audit Success
User:

Computer Name: Martiin-PC
Event Code: 4634
Message: An account was logged off.

Subject:
Security ID: S-1-5-21-2760217323-615456779-259505299-1000
Account Name: Martiin
Account Domain: Martiin-PC
Logon ID: 0x5db4de

Logon Type: 7

This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
Record Number: 15238
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120222195052.081230-000
Event Type: Audit Success
User:

Computer Name: Martiin-PC
Event Code: 4634
Message: An account was logged off.

Subject:
Security ID: S-1-5-21-2760217323-615456779-259505299-1000
Account Name: Martiin
Account Domain: Martiin-PC
Logon ID: 0x5db4ea

Logon Type: 7

This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
Record Number: 15237
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120222195052.081230-000
Event Type: Audit Success
User:

Computer Name: Martiin-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-21-2760217323-615456779-259505299-1000
Account Name: Martiin
Account Domain: Martiin-PC
Logon ID: 0x5db4de

Privileges: SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 15236
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120222195052.065630-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=2502
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"configsetroot"=%SystemRoot%\ConfigSetRoot
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\

-----------------EOF-----------------

# AdwCleaner v2.115 - Log vytvorený 27/03/2013 o 21:55:17
# Aktualizované 17/03/2013 Xplode
# Operaený systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Martiin - MARTIIN-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Martiin\Desktop\adwcleaner.exe
# Volba [Preh3ada?]


***** [Služby] *****

Nájdené : RelevantKnowledge

***** [Súbory / Adresáre] *****

Adresár Nájdené : C:\Program Files (x86)\ConduitEngine
Adresár Nájdené : C:\Program Files (x86)\Free Offers from Freeze.com
Adresár Nájdené : C:\Program Files (x86)\RelevantKnowledge
Adresár Nájdené : C:\ProgramData\Babylon
Adresár Nájdené : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Adresár Nájdené : C:\Users\Martiin\AppData\Local\Babylon
Adresár Nájdené : C:\Users\Martiin\AppData\Local\Conduit
Adresár Nájdené : C:\Users\Martiin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Adresár Nájdené : C:\Users\Martiin\AppData\LocalLow\boost_interprocess
Adresár Nájdené : C:\Users\Martiin\AppData\LocalLow\Conduit
Adresár Nájdené : C:\Users\Martiin\AppData\LocalLow\ConduitEngine
Adresár Nájdené : C:\Users\Martiin\AppData\Roaming\Babylon
Adresár Nájdené : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\ConduitCommon
Adresár Nájdené : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\CT2790392
Adresár Nájdené : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\CT3031607
Adresár Nájdené : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\extensions\{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}
Adresár Nájdené : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Adresár Nájdené : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\extensions\ffxtlbr@babylon.com
Súbor Nájdené : C:\Windows\SysWOW64\conduitEngine.tmp

***** [Registre] *****

Hodnota Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Hodnota Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
K3úe Nájdené : HKCU\Software\AppDataLow\Software\Conduit
K3úe Nájdené : HKCU\Software\AppDataLow\Software\conduitEngine
K3úe Nájdené : HKCU\Software\AppDataLow\Software\conduitEngine
K3úe Nájdené : HKCU\Software\AppDataLow\Toolbar
K3úe Nájdené : HKCU\Software\Conduit
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
K3úe Nájdené : HKCU\Software\Softonic
K3úe Nájdené : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
K3úe Nájdené : HKLM\Software\Babylon
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\escort.DLL
K3úe Nájdené : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
K3úe Nájdené : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\Conduit.Engine
K3úe Nájdené : HKLM\SOFTWARE\Classes\Prod.cap
K3úe Nájdené : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
K3úe Nájdené : HKLM\SOFTWARE\Classes\Toolbar.CT3031607
K3úe Nájdené : HKLM\Software\Conduit
K3úe Nájdené : HKLM\Software\conduitEngine
K3úe Nájdené : HKLM\Software\conduitEngine
K3úe Nájdené : HKLM\Software\Freeze.com
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4CA3D909-9593-4878-8C86-4FACBBC7F960}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
K3úe Nájdené : HKU\S-1-5-21-2760217323-615456779-259505299-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internetové prehliadaee] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registre sú eisté.

-\\ Mozilla Firefox v19.0.2 (en-US)

Súbor : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\7p6lsfa8.default-1362707240906\prefs.js

[OK] Súbor je eistý.

Súbor : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\prefs.js

Nájdené : user_pref("CT2790392..clientLogIsEnabled", true);
Nájdené : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Nájdené : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Nájdené : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Nájdené : user_pref("CT2790392.AppTrackingLastCheckTime", "Mon Aug 15 2011 14:38:51 GMT+0200");
Nájdené : user_pref("CT2790392.CTID", "CT2790392");
Nájdené : user_pref("CT2790392.CurrentServerDate", "17-8-2011");
Nájdené : user_pref("CT2790392.DialogsAlignMode", "LTR");
Nájdené : user_pref("CT2790392.DialogsGetterLastCheckTime", "Mon Aug 15 2011 18:03:34 GMT+0200");
Nájdené : user_pref("CT2790392.DownloadReferralCookieData", "");
Nájdené : user_pref("CT2790392.EMailNotifierPollDate", "Sat Aug 06 2011 17:26:54 GMT+0200");
Nájdené : user_pref("CT2790392.FeedLastCount129313977501788460", 139);
Nájdené : user_pref("CT2790392.FeedPollDate129313974171006416", "Sat Aug 06 2011 17:26:54 GMT+0200");
Nájdené : user_pref("CT2790392.FeedPollDate129313975698350231", "Sat Aug 06 2011 17:26:54 GMT+0200");
Nájdené : user_pref("CT2790392.FeedPollDate129313976370850190", "Sat Aug 06 2011 17:26:54 GMT+0200");
Nájdené : user_pref("CT2790392.FeedPollDate129313976648818968", "Sat Aug 06 2011 17:26:54 GMT+0200");
Nájdené : user_pref("CT2790392.FeedPollDate129313977444757117", "Sat Aug 06 2011 17:26:54 GMT+0200");
Nájdené : user_pref("CT2790392.FeedPollDate129313980389131455", "Sat Aug 06 2011 17:26:54 GMT+0200");
Nájdené : user_pref("CT2790392.FeedPollDate129313980655381977", "Sat Aug 06 2011 17:26:54 GMT+0200");
Nájdené : user_pref("CT2790392.FeedPollDate129313980886163259", "Sat Aug 06 2011 17:26:54 GMT+0200");
Nájdené : user_pref("CT2790392.FeedPollDate129313981234756535", "Sat Aug 06 2011 17:26:54 GMT+0200");
Nájdené : user_pref("CT2790392.FeedPollDate129313983226631720", "Sat Aug 06 2011 17:26:55 GMT+0200");
Nájdené : user_pref("CT2790392.FeedPollDate129313983607725691", "Sat Aug 06 2011 17:26:55 GMT+0200");
Nájdené : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Nájdené : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Nájdené : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Nájdené : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Nájdené : user_pref("CT2790392.FirstServerDate", "6-8-2011");
Nájdené : user_pref("CT2790392.FirstTime", true);
Nájdené : user_pref("CT2790392.FirstTimeFF3", true);
Nájdené : user_pref("CT2790392.FixPageNotFoundErrors", false);
Nájdené : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Nájdené : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Nájdené : user_pref("CT2790392.HasUserGlobalKeys", true);
Nájdené : user_pref("CT2790392.HomePageProtectorEnabled", false);
Nájdené : user_pref("CT2790392.Initialize", true);
Nájdené : user_pref("CT2790392.InitializeCommonPrefs", true);
Nájdené : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Nájdené : user_pref("CT2790392.InstallationType", "UnknownIntegration");
Nájdené : user_pref("CT2790392.InstalledDate", "Sat Aug 06 2011 17:26:54 GMT+0200");
Nájdené : user_pref("CT2790392.IsAlertDBUpdated", true);
Nájdené : user_pref("CT2790392.IsGrouping", false);
Nájdené : user_pref("CT2790392.IsInitSetupIni", true);
Nájdené : user_pref("CT2790392.IsMulticommunity", false);
Nájdené : user_pref("CT2790392.IsOpenThankYouPage", true);
Nájdené : user_pref("CT2790392.IsOpenUninstallPage", false);
Nájdené : user_pref("CT2790392.LanguagePackLastCheckTime", "Thu Aug 18 2011 01:04:13 GMT+0200");
Nájdené : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Nájdené : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Nájdené : user_pref("CT2790392.LastLogin_3.5.0.12", "Wed Aug 17 2011 01:04:14 GMT+0200");
Nájdené : user_pref("CT2790392.LastLogin_3.6.0.10", "Wed Aug 17 2011 21:26:11 GMT+0200");
Nájdené : user_pref("CT2790392.LatestVersion", "3.6.0.10");
Nájdené : user_pref("CT2790392.Locale", "en");
Nájdené : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Nájdené : user_pref("CT2790392.MCDetectTooltipShow", false);
Nájdené : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Nájdené : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Nájdené : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Nájdené : user_pref("CT2790392.OriginalFirstVersion", "3.5.0.12");
Nájdené : user_pref("CT2790392.SearchBoxWidth", 100);
Nájdené : user_pref("CT2790392.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Nájdené : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Nájdené : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
Nájdené : user_pref("CT2790392.SearchInNewTabEnabled", true);
Nájdené : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Nájdené : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Thu Aug 18 2011 01:04:13 GMT+0200");
Nájdené : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Nájdené : user_pref("CT2790392.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Nájdené : user_pref("CT2790392.SearchProtectorEnabled", false);
Nájdené : user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
Nájdené : user_pref("CT2790392.ServiceMapLastCheckTime", "Wed Aug 17 2011 01:04:13 GMT+0200");
Nájdené : user_pref("CT2790392.SettingsLastCheckTime", "Wed Aug 17 2011 23:47:13 GMT+0200");
Nájdené : user_pref("CT2790392.SettingsLastUpdate", "1313478218");
Nájdené : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Nájdené : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Sat Aug 06 2011 17:26:53 GMT+0200");
Nájdené : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1246786978");
Nájdené : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Nájdené : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Nájdené : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Nájdené : user_pref("CT2790392.UserID", "UN64249331702243765");
Nájdené : user_pref("CT2790392.ValidationData_Toolbar", 1);
Nájdené : user_pref("CT2790392.WeatherNetwork", "");
Nájdené : user_pref("CT2790392.WeatherPollDate", "Sat Aug 06 2011 17:26:56 GMT+0200");
Nájdené : user_pref("CT2790392.WeatherUnit", "C");
Nájdené : user_pref("CT2790392.alertChannelId", "1182482");
Nájdené : user_pref("CT2790392.approveUntrustedApps", false);
Nájdené : user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Nájdené : user_pref("CT2790392.components.1000034", false);
Nájdené : user_pref("CT2790392.components.1000234", false);
Nájdené : user_pref("CT2790392.components.129298377186544355", false);
Nájdené : user_pref("CT2790392.components.129309565073350181", false);
Nájdené : user_pref("CT2790392.components.129309577647413174", false);
Nájdené : user_pref("CT2790392.components.129309578575850709", false);
Nájdené : user_pref("CT2790392.components.129313977501788460", false);
Nájdené : user_pref("CT2790392.components.129428949113825740", false);
Nájdené : user_pref("CT2790392.components.129526968991422666", false);
Nájdené : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Nájdené : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Wed Aug 17 2011 21:26:11 GMT+0200");
Nájdené : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Nájdené : user_pref("CT2790392.initDone", true);
Nájdené : user_pref("CT2790392.isAppTrackingManagerOn", true);
Nájdené : user_pref("CT2790392.myStuffEnabled", true);
Nájdené : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Nájdené : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Nájdené : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Nájdené : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Nájdené : user_pref("CT2790392.oldAppsList", "129298377186075601,129298377186388102,111,1000234,12929837718654[...]
Nájdené : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Nájdené : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Nájdené : user_pref("CT2790392.testingCtid", "");
Nájdené : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Wed Aug 17 2011 01:04:13 GMT+0200");
Nájdené : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Sat Aug 06 2011 17:26:55 GMT+0200");
Nájdené : user_pref("CT2790392.usagesFlag", 2);
Nájdené : user_pref("CT3031607..clientLogIsEnabled", true);
Nájdené : user_pref("CT3031607..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Nájdené : user_pref("CT3031607..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Nájdené : user_pref("CT3031607.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Nájdené : user_pref("CT3031607.BrowserCompStateIsOpen_129524509878872275", true);
Nájdené : user_pref("CT3031607.CTID", "CT3031607");
Nájdené : user_pref("CT3031607.CurrentServerDate", "18-8-2011");
Nájdené : user_pref("CT3031607.DialogsAlignMode", "LTR");
Nájdené : user_pref("CT3031607.DialogsGetterLastCheckTime", "Wed Aug 17 2011 23:13:13 GMT+0200");
Nájdené : user_pref("CT3031607.DownloadReferralCookieData", "");
Nájdené : user_pref("CT3031607.EMailNotifierPollDate", "Wed Aug 17 2011 23:13:12 GMT+0200");
Nájdené : user_pref("CT3031607.EnableClickToSearchBox", false);
Nájdené : user_pref("CT3031607.EnableSearchHistory", false);
Nájdené : user_pref("CT3031607.EnableSearchSuggest", false);
Nájdené : user_pref("CT3031607.FirstServerDate", "18-8-2011");
Nájdené : user_pref("CT3031607.FirstTime", true);
Nájdené : user_pref("CT3031607.FirstTimeFF3", true);
Nájdené : user_pref("CT3031607.FixPageNotFoundErrors", false);
Nájdené : user_pref("CT3031607.GroupingServerCheckInterval", 1440);
Nájdené : user_pref("CT3031607.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Nájdené : user_pref("CT3031607.HasUserGlobalKeys", true);
Nájdené : user_pref("CT3031607.Initialize", true);
Nájdené : user_pref("CT3031607.InitializeCommonPrefs", true);
Nájdené : user_pref("CT3031607.InstallationAndCookieDataSentCount", 1);
Nájdené : user_pref("CT3031607.InstallationId", "CT3031607_SFT_eng7.exe");
Nájdené : user_pref("CT3031607.InstallationType", "ConduitIntegration");
Nájdené : user_pref("CT3031607.InstalledDate", "Wed Aug 17 2011 23:13:12 GMT+0200");
Nájdené : user_pref("CT3031607.InvalidateCache", false);
Nájdené : user_pref("CT3031607.IsAlertDBUpdated", true);
Nájdené : user_pref("CT3031607.IsGrouping", false);
Nájdené : user_pref("CT3031607.IsInitSetupIni", true);
Nájdené : user_pref("CT3031607.IsMulticommunity", false);
Nájdené : user_pref("CT3031607.IsOpenThankYouPage", false);
Nájdené : user_pref("CT3031607.IsOpenUninstallPage", true);
Nájdené : user_pref("CT3031607.LanguagePackLastCheckTime", "Wed Aug 17 2011 23:13:15 GMT+0200");
Nájdené : user_pref("CT3031607.LanguagePackReloadIntervalMM", 1440);
Nájdené : user_pref("CT3031607.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Nájdené : user_pref("CT3031607.LastLogin_3.6.0.10", "Wed Aug 17 2011 23:13:13 GMT+0200");
Nájdené : user_pref("CT3031607.LatestVersion", "3.6.0.10");
Nájdené : user_pref("CT3031607.Locale", "en");
Nájdené : user_pref("CT3031607.MCDetectTooltipHeight", "83");
Nájdené : user_pref("CT3031607.MCDetectTooltipShow", false);
Nájdené : user_pref("CT3031607.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Nájdené : user_pref("CT3031607.MCDetectTooltipWidth", "295");
Nájdené : user_pref("CT3031607.MyStuffEnabledAtInstallation", true);
Nájdené : user_pref("CT3031607.OriginalFirstVersion", "3.6.0.10");
Nájdené : user_pref("CT3031607.RadioIsPodcast", false);
Nájdené : user_pref("CT3031607.RadioLastCheckTime", "Wed Aug 17 2011 23:13:15 GMT+0200");
Nájdené : user_pref("CT3031607.RadioLastUpdateIPServer", "3");
Nájdené : user_pref("CT3031607.RadioLastUpdateServer", "129524557143500000");
Nájdené : user_pref("CT3031607.RadioMediaID", "21889800");
Nájdené : user_pref("CT3031607.RadioMediaType", "Media Player");
Nájdené : user_pref("CT3031607.RadioMenuSelectedID", "EBRadioMenu_CT303160721889800");
Nájdené : user_pref("CT3031607.RadioShrinkedFromSetup", false);
Nájdené : user_pref("CT3031607.RadioStationName", "California%20Rock%20-%20Rock");
Nájdené : user_pref("CT3031607.RadioStationURL", "hxxp://www.feedlive.net/california.asx");
Nájdené : user_pref("CT3031607.SearchBackToDefaultEngine", false);
Nájdené : user_pref("CT3031607.SearchBoxWidth", 150);
Nájdené : user_pref("CT3031607.SearchFromAddressBarIsInit", true);
Nájdené : user_pref("CT3031607.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT303[...]
Nájdené : user_pref("CT3031607.SearchInNewTabEnabled", true);
Nájdené : user_pref("CT3031607.SearchInNewTabIntervalMM", 1440);
Nájdené : user_pref("CT3031607.SearchInNewTabLastCheckTime", "Wed Aug 17 2011 23:13:13 GMT+0200");
Nájdené : user_pref("CT3031607.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Nájdené : user_pref("CT3031607.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Nájdené : user_pref("CT3031607.SearchInNewTabUserEnabled", false);
Nájdené : user_pref("CT3031607.ServiceMapLastCheckTime", "Wed Aug 17 2011 23:13:12 GMT+0200");
Nájdené : user_pref("CT3031607.SettingsLastCheckTime", "Wed Aug 17 2011 23:13:12 GMT+0200");
Nájdené : user_pref("CT3031607.SettingsLastUpdate", "1313569856");
Nájdené : user_pref("CT3031607.ThirdPartyComponentsInterval", 504);
Nájdené : user_pref("CT3031607.ThirdPartyComponentsLastCheck", "Wed Aug 17 2011 23:13:12 GMT+0200");
Nájdené : user_pref("CT3031607.ThirdPartyComponentsLastUpdate", "1246786978");
Nájdené : user_pref("CT3031607.ToolbarShrinkedFromSetup", false);
Nájdené : user_pref("CT3031607.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3031607");
Nájdené : user_pref("CT3031607.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Nájdené : user_pref("CT3031607.UserID", "UN69355323609468861");
Nájdené : user_pref("CT3031607.alertChannelId", "1423186");
Nájdené : user_pref("CT3031607.approveUntrustedApps", false);
Nájdené : user_pref("CT3031607.components.1000034", false);
Nájdené : user_pref("CT3031607.components.1000082", false);
Nájdené : user_pref("CT3031607.components.129524450094515146", false);
Nájdené : user_pref("CT3031607.components.129524450332752173", false);
Nájdené : user_pref("CT3031607.components.129524509878872275", false);
Nájdené : user_pref("CT3031607.components.129524510190414247", false);
Nájdené : user_pref("CT3031607.components.129524513008329960", false);
Nájdené : user_pref("CT3031607.components.129524513362106645", false);
Nájdené : user_pref("CT3031607.components.129524513380649608", false);
Nájdené : user_pref("CT3031607.components.129524513646404813", false);
Nájdené : user_pref("CT3031607.components.129524513672164994", false);
Nájdené : user_pref("CT3031607.components.129574556201361886", false);
Nájdené : user_pref("CT3031607.components.129574556213383833", false);
Nájdené : user_pref("CT3031607.components.129574556260543848", false);
Nájdené : user_pref("CT3031607.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Nájdené : user_pref("CT3031607.globalFirstTimeInfoLastCheckTime", "Wed Aug 17 2011 23:13:13 GMT+0200");
Nájdené : user_pref("CT3031607.homepageProtectorEnableByLogin", true);
Nájdené : user_pref("CT3031607.initDone", true);
Nájdené : user_pref("CT3031607.isAppTrackingManagerOn", true);
Nájdené : user_pref("CT3031607.isFirstRadioInstallation", false);
Nájdené : user_pref("CT3031607.myStuffEnabled", true);
Nájdené : user_pref("CT3031607.myStuffPublihserMinWidth", 400);
Nájdené : user_pref("CT3031607.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Nájdené : user_pref("CT3031607.myStuffServiceIntervalMM", 1440);
Nájdené : user_pref("CT3031607.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Nájdené : user_pref("CT3031607.searchProtectorDialogDelayInSec", 10);
Nájdené : user_pref("CT3031607.searchProtectorEnableByLogin", true);
Nájdené : user_pref("CT3031607.testingCtid", "");
Nájdené : user_pref("CT3031607.toolbarAppMetaDataLastCheckTime", "Wed Aug 17 2011 23:13:13 GMT+0200");
Nájdené : user_pref("CT3031607.toolbarContextMenuLastCheckTime", "Wed Aug 17 2011 23:13:15 GMT+0200");
Nájdené : user_pref("CT3031607.usageEnabled", false);
Nájdené : user_pref("CT3031607.usagesFlag", 2);
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1182482/1178159/SK", "\"0\"[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3031607", [...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3031607",[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2790392&octid=[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT3031607&octid=[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\[...]
Nájdené : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Nájdené : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Martiin\\AppData\\Roaming\\Mozilla\[...]
Nájdené : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
Nájdené : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Nájdené : user_pref("CommunityToolbar.ToolbarsList", "CT2790392,CT3031607");
Nájdené : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392,CT3031607");
Nájdené : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392,CT3031607");
Nájdené : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Aug 06 2011 17:26:56 GMT+0200");
Nájdené : user_pref("CommunityToolbar.globalUserId", "62ce668e-c2e6-45db-b732-89da8f8b7a40");
Nájdené : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Nájdené : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Nájdené : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Aug 13 2011 20:45:3[...]
Nájdené : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Nájdené : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Aug 17 2011 01:04:22 GMT+020[...]
Nájdené : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Nájdené : user_pref("CommunityToolbar.notifications.locale", "en");
Nájdené : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Nájdené : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Aug 17 2011 01:04:14 GMT+0200");
Nájdené : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Nájdené : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Nájdené : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Nájdené : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Nájdené : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Nájdené : user_pref("CommunityToolbar.notifications.userId", "167d441f-1d34-4f49-ad01-6745f7bb9269");
Nájdené : user_pref("extensions.BabylonToolbar.bbDpng", 9);
Nájdené : user_pref("extensions.BabylonToolbar.cntry", "SK");
Nájdené : user_pref("extensions.BabylonToolbar.firstRun", false);
Nájdené : user_pref("extensions.BabylonToolbar.hdrMd5", "1E755D813D3DA4E30F9AA61DAC9E3060");
Nájdené : user_pref("extensions.BabylonToolbar.lastActv", "9");
Nájdené : user_pref("extensions.BabylonToolbar.lastDP", 9);
Nájdené : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.31.222:58:42");
Nájdené : user_pref("extensions.BabylonToolbar.newTab", true);
Nájdené : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Nájdené : user_pref("extensions.BabylonToolbar.propectorlck", 59431583);
Nájdené : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Nájdené : user_pref("keyword.URL", "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=bc5fd5bb00000000000020cf306[...]

-\\ Google Chrome v26.0.1410.43

Súbor : C:\Users\Martiin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Súbor je eistý.

*************************

AdwCleaner[R1].txt - [28491 octets] - [27/03/2013 21:55:17]

########## EOF - C:\AdwCleaner[R1].txt - [28552 octets] ##########

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Smazat
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

# AdwCleaner v2.115 - Log vytvorený 28/03/2013 o 10:09:58
# Aktualizované 17/03/2013 Xplode
# Operaený systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Martiin - MARTIIN-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Martiin\Desktop\adwcleaner.exe
# Volba [Vymaza?]


***** [Služby] *****

Zastavené & vymazané : RelevantKnowledge

***** [Súbory / Adresáre] *****

Adresár Vymazané : C:\Program Files (x86)\ConduitEngine
Adresár Vymazané : C:\Program Files (x86)\Free Offers from Freeze.com
Adresár Vymazané : C:\Program Files (x86)\RelevantKnowledge
Adresár Vymazané : C:\ProgramData\Babylon
Adresár Vymazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Adresár Vymazané : C:\Users\Martiin\AppData\Local\Babylon
Adresár Vymazané : C:\Users\Martiin\AppData\Local\Conduit
Adresár Vymazané : C:\Users\Martiin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Adresár Vymazané : C:\Users\Martiin\AppData\LocalLow\boost_interprocess
Adresár Vymazané : C:\Users\Martiin\AppData\LocalLow\Conduit
Adresár Vymazané : C:\Users\Martiin\AppData\LocalLow\ConduitEngine
Adresár Vymazané : C:\Users\Martiin\AppData\Roaming\Babylon
Adresár Vymazané : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\ConduitCommon
Adresár Vymazané : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\CT2790392
Adresár Vymazané : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\CT3031607
Adresár Vymazané : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\extensions\{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}
Adresár Vymazané : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Adresár Vymazané : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\extensions\ffxtlbr@babylon.com
Súbor Vymazané : C:\Windows\SysWOW64\conduitEngine.tmp

***** [Registre] *****

Hodnota Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
K3úe Vymazané : HKCU\Software\AppDataLow\Software\Conduit
K3úe Vymazané : HKCU\Software\AppDataLow\Software\conduitEngine
K3úe Vymazané : HKCU\Software\AppDataLow\Toolbar
K3úe Vymazané : HKCU\Software\Conduit
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
K3úe Vymazané : HKCU\Software\Softonic
K3úe Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
K3úe Vymazané : HKLM\Software\Babylon
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\escort.DLL
K3úe Vymazané : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
K3úe Vymazané : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\Conduit.Engine
K3úe Vymazané : HKLM\SOFTWARE\Classes\Prod.cap
K3úe Vymazané : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
K3úe Vymazané : HKLM\SOFTWARE\Classes\Toolbar.CT3031607
K3úe Vymazané : HKLM\Software\Conduit
K3úe Vymazané : HKLM\Software\conduitEngine
K3úe Vymazané : HKLM\Software\Freeze.com
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4CA3D909-9593-4878-8C86-4FACBBC7F960}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

***** [Internetové prehliadaee] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registre sú eisté.

-\\ Mozilla Firefox v19.0.2 (en-US)

Súbor : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\7p6lsfa8.default-1362707240906\prefs.js

[OK] Súbor je eistý.

Súbor : C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\prefs.js

Vymazané : user_pref("CT2790392..clientLogIsEnabled", true);
Vymazané : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Vymazané : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Vymazané : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Vymazané : user_pref("CT2790392.AppTrackingLastCheckTime", "Mon Aug 15 2011 14:38:51 GMT+0200");
Vymazané : user_pref("CT2790392.CTID", "CT2790392");
Vymazané : user_pref("CT2790392.CurrentServerDate", "17-8-2011");
Vymazané : user_pref("CT2790392.DialogsAlignMode", "LTR");
Vymazané : user_pref("CT2790392.DialogsGetterLastCheckTime", "Mon Aug 15 2011 18:03:34 GMT+0200");
Vymazané : user_pref("CT2790392.DownloadReferralCookieData", "");
Vymazané : user_pref("CT2790392.EMailNotifierPollDate", "Sat Aug 06 2011 17:26:54 GMT+0200");
Vymazané : user_pref("CT2790392.FeedLastCount129313977501788460", 139);
Vymazané : user_pref("CT2790392.FeedPollDate129313974171006416", "Sat Aug 06 2011 17:26:54 GMT+0200");
Vymazané : user_pref("CT2790392.FeedPollDate129313975698350231", "Sat Aug 06 2011 17:26:54 GMT+0200");
Vymazané : user_pref("CT2790392.FeedPollDate129313976370850190", "Sat Aug 06 2011 17:26:54 GMT+0200");
Vymazané : user_pref("CT2790392.FeedPollDate129313976648818968", "Sat Aug 06 2011 17:26:54 GMT+0200");
Vymazané : user_pref("CT2790392.FeedPollDate129313977444757117", "Sat Aug 06 2011 17:26:54 GMT+0200");
Vymazané : user_pref("CT2790392.FeedPollDate129313980389131455", "Sat Aug 06 2011 17:26:54 GMT+0200");
Vymazané : user_pref("CT2790392.FeedPollDate129313980655381977", "Sat Aug 06 2011 17:26:54 GMT+0200");
Vymazané : user_pref("CT2790392.FeedPollDate129313980886163259", "Sat Aug 06 2011 17:26:54 GMT+0200");
Vymazané : user_pref("CT2790392.FeedPollDate129313981234756535", "Sat Aug 06 2011 17:26:54 GMT+0200");
Vymazané : user_pref("CT2790392.FeedPollDate129313983226631720", "Sat Aug 06 2011 17:26:55 GMT+0200");
Vymazané : user_pref("CT2790392.FeedPollDate129313983607725691", "Sat Aug 06 2011 17:26:55 GMT+0200");
Vymazané : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Vymazané : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Vymazané : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Vymazané : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Vymazané : user_pref("CT2790392.FirstServerDate", "6-8-2011");
Vymazané : user_pref("CT2790392.FirstTime", true);
Vymazané : user_pref("CT2790392.FirstTimeFF3", true);
Vymazané : user_pref("CT2790392.FixPageNotFoundErrors", false);
Vymazané : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Vymazané : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Vymazané : user_pref("CT2790392.HasUserGlobalKeys", true);
Vymazané : user_pref("CT2790392.HomePageProtectorEnabled", false);
Vymazané : user_pref("CT2790392.Initialize", true);
Vymazané : user_pref("CT2790392.InitializeCommonPrefs", true);
Vymazané : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Vymazané : user_pref("CT2790392.InstallationType", "UnknownIntegration");
Vymazané : user_pref("CT2790392.InstalledDate", "Sat Aug 06 2011 17:26:54 GMT+0200");
Vymazané : user_pref("CT2790392.IsAlertDBUpdated", true);
Vymazané : user_pref("CT2790392.IsGrouping", false);
Vymazané : user_pref("CT2790392.IsInitSetupIni", true);
Vymazané : user_pref("CT2790392.IsMulticommunity", false);
Vymazané : user_pref("CT2790392.IsOpenThankYouPage", true);
Vymazané : user_pref("CT2790392.IsOpenUninstallPage", false);
Vymazané : user_pref("CT2790392.LanguagePackLastCheckTime", "Thu Aug 18 2011 01:04:13 GMT+0200");
Vymazané : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Vymazané : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Vymazané : user_pref("CT2790392.LastLogin_3.5.0.12", "Wed Aug 17 2011 01:04:14 GMT+0200");
Vymazané : user_pref("CT2790392.LastLogin_3.6.0.10", "Wed Aug 17 2011 21:26:11 GMT+0200");
Vymazané : user_pref("CT2790392.LatestVersion", "3.6.0.10");
Vymazané : user_pref("CT2790392.Locale", "en");
Vymazané : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Vymazané : user_pref("CT2790392.MCDetectTooltipShow", false);
Vymazané : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Vymazané : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Vymazané : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Vymazané : user_pref("CT2790392.OriginalFirstVersion", "3.5.0.12");
Vymazané : user_pref("CT2790392.SearchBoxWidth", 100);
Vymazané : user_pref("CT2790392.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Vymazané : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Vymazané : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
Vymazané : user_pref("CT2790392.SearchInNewTabEnabled", true);
Vymazané : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Vymazané : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Thu Aug 18 2011 01:04:13 GMT+0200");
Vymazané : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Vymazané : user_pref("CT2790392.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Vymazané : user_pref("CT2790392.SearchProtectorEnabled", false);
Vymazané : user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
Vymazané : user_pref("CT2790392.ServiceMapLastCheckTime", "Wed Aug 17 2011 01:04:13 GMT+0200");
Vymazané : user_pref("CT2790392.SettingsLastCheckTime", "Wed Aug 17 2011 23:47:13 GMT+0200");
Vymazané : user_pref("CT2790392.SettingsLastUpdate", "1313478218");
Vymazané : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Vymazané : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Sat Aug 06 2011 17:26:53 GMT+0200");
Vymazané : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1246786978");
Vymazané : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Vymazané : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Vymazané : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Vymazané : user_pref("CT2790392.UserID", "UN64249331702243765");
Vymazané : user_pref("CT2790392.ValidationData_Toolbar", 1);
Vymazané : user_pref("CT2790392.WeatherNetwork", "");
Vymazané : user_pref("CT2790392.WeatherPollDate", "Sat Aug 06 2011 17:26:56 GMT+0200");
Vymazané : user_pref("CT2790392.WeatherUnit", "C");
Vymazané : user_pref("CT2790392.alertChannelId", "1182482");
Vymazané : user_pref("CT2790392.approveUntrustedApps", false);
Vymazané : user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Vymazané : user_pref("CT2790392.components.1000034", false);
Vymazané : user_pref("CT2790392.components.1000234", false);
Vymazané : user_pref("CT2790392.components.129298377186544355", false);
Vymazané : user_pref("CT2790392.components.129309565073350181", false);
Vymazané : user_pref("CT2790392.components.129309577647413174", false);
Vymazané : user_pref("CT2790392.components.129309578575850709", false);
Vymazané : user_pref("CT2790392.components.129313977501788460", false);
Vymazané : user_pref("CT2790392.components.129428949113825740", false);
Vymazané : user_pref("CT2790392.components.129526968991422666", false);
Vymazané : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Vymazané : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Wed Aug 17 2011 21:26:11 GMT+0200");
Vymazané : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Vymazané : user_pref("CT2790392.initDone", true);
Vymazané : user_pref("CT2790392.isAppTrackingManagerOn", true);
Vymazané : user_pref("CT2790392.myStuffEnabled", true);
Vymazané : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Vymazané : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Vymazané : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Vymazané : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Vymazané : user_pref("CT2790392.oldAppsList", "129298377186075601,129298377186388102,111,1000234,12929837718654[...]
Vymazané : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Vymazané : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Vymazané : user_pref("CT2790392.testingCtid", "");
Vymazané : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Wed Aug 17 2011 01:04:13 GMT+0200");
Vymazané : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Sat Aug 06 2011 17:26:55 GMT+0200");
Vymazané : user_pref("CT2790392.usagesFlag", 2);
Vymazané : user_pref("CT3031607..clientLogIsEnabled", true);
Vymazané : user_pref("CT3031607..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Vymazané : user_pref("CT3031607..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Vymazané : user_pref("CT3031607.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Vymazané : user_pref("CT3031607.BrowserCompStateIsOpen_129524509878872275", true);
Vymazané : user_pref("CT3031607.CTID", "CT3031607");
Vymazané : user_pref("CT3031607.CurrentServerDate", "18-8-2011");
Vymazané : user_pref("CT3031607.DialogsAlignMode", "LTR");
Vymazané : user_pref("CT3031607.DialogsGetterLastCheckTime", "Wed Aug 17 2011 23:13:13 GMT+0200");
Vymazané : user_pref("CT3031607.DownloadReferralCookieData", "");
Vymazané : user_pref("CT3031607.EMailNotifierPollDate", "Wed Aug 17 2011 23:13:12 GMT+0200");
Vymazané : user_pref("CT3031607.EnableClickToSearchBox", false);
Vymazané : user_pref("CT3031607.EnableSearchHistory", false);
Vymazané : user_pref("CT3031607.EnableSearchSuggest", false);
Vymazané : user_pref("CT3031607.FirstServerDate", "18-8-2011");
Vymazané : user_pref("CT3031607.FirstTime", true);
Vymazané : user_pref("CT3031607.FirstTimeFF3", true);
Vymazané : user_pref("CT3031607.FixPageNotFoundErrors", false);
Vymazané : user_pref("CT3031607.GroupingServerCheckInterval", 1440);
Vymazané : user_pref("CT3031607.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Vymazané : user_pref("CT3031607.HasUserGlobalKeys", true);
Vymazané : user_pref("CT3031607.Initialize", true);
Vymazané : user_pref("CT3031607.InitializeCommonPrefs", true);
Vymazané : user_pref("CT3031607.InstallationAndCookieDataSentCount", 1);
Vymazané : user_pref("CT3031607.InstallationId", "CT3031607_SFT_eng7.exe");
Vymazané : user_pref("CT3031607.InstallationType", "ConduitIntegration");
Vymazané : user_pref("CT3031607.InstalledDate", "Wed Aug 17 2011 23:13:12 GMT+0200");
Vymazané : user_pref("CT3031607.InvalidateCache", false);
Vymazané : user_pref("CT3031607.IsAlertDBUpdated", true);
Vymazané : user_pref("CT3031607.IsGrouping", false);
Vymazané : user_pref("CT3031607.IsInitSetupIni", true);
Vymazané : user_pref("CT3031607.IsMulticommunity", false);
Vymazané : user_pref("CT3031607.IsOpenThankYouPage", false);
Vymazané : user_pref("CT3031607.IsOpenUninstallPage", true);
Vymazané : user_pref("CT3031607.LanguagePackLastCheckTime", "Wed Aug 17 2011 23:13:15 GMT+0200");
Vymazané : user_pref("CT3031607.LanguagePackReloadIntervalMM", 1440);
Vymazané : user_pref("CT3031607.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Vymazané : user_pref("CT3031607.LastLogin_3.6.0.10", "Wed Aug 17 2011 23:13:13 GMT+0200");
Vymazané : user_pref("CT3031607.LatestVersion", "3.6.0.10");
Vymazané : user_pref("CT3031607.Locale", "en");
Vymazané : user_pref("CT3031607.MCDetectTooltipHeight", "83");
Vymazané : user_pref("CT3031607.MCDetectTooltipShow", false);
Vymazané : user_pref("CT3031607.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Vymazané : user_pref("CT3031607.MCDetectTooltipWidth", "295");
Vymazané : user_pref("CT3031607.MyStuffEnabledAtInstallation", true);
Vymazané : user_pref("CT3031607.OriginalFirstVersion", "3.6.0.10");
Vymazané : user_pref("CT3031607.RadioIsPodcast", false);
Vymazané : user_pref("CT3031607.RadioLastCheckTime", "Wed Aug 17 2011 23:13:15 GMT+0200");
Vymazané : user_pref("CT3031607.RadioLastUpdateIPServer", "3");
Vymazané : user_pref("CT3031607.RadioLastUpdateServer", "129524557143500000");
Vymazané : user_pref("CT3031607.RadioMediaID", "21889800");
Vymazané : user_pref("CT3031607.RadioMediaType", "Media Player");
Vymazané : user_pref("CT3031607.RadioMenuSelectedID", "EBRadioMenu_CT303160721889800");
Vymazané : user_pref("CT3031607.RadioShrinkedFromSetup", false);
Vymazané : user_pref("CT3031607.RadioStationName", "California%20Rock%20-%20Rock");
Vymazané : user_pref("CT3031607.RadioStationURL", "hxxp://www.feedlive.net/california.asx");
Vymazané : user_pref("CT3031607.SearchBackToDefaultEngine", false);
Vymazané : user_pref("CT3031607.SearchBoxWidth", 150);
Vymazané : user_pref("CT3031607.SearchFromAddressBarIsInit", true);
Vymazané : user_pref("CT3031607.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT303[...]
Vymazané : user_pref("CT3031607.SearchInNewTabEnabled", true);
Vymazané : user_pref("CT3031607.SearchInNewTabIntervalMM", 1440);
Vymazané : user_pref("CT3031607.SearchInNewTabLastCheckTime", "Wed Aug 17 2011 23:13:13 GMT+0200");
Vymazané : user_pref("CT3031607.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Vymazané : user_pref("CT3031607.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Vymazané : user_pref("CT3031607.SearchInNewTabUserEnabled", false);
Vymazané : user_pref("CT3031607.ServiceMapLastCheckTime", "Wed Aug 17 2011 23:13:12 GMT+0200");
Vymazané : user_pref("CT3031607.SettingsLastCheckTime", "Wed Aug 17 2011 23:13:12 GMT+0200");
Vymazané : user_pref("CT3031607.SettingsLastUpdate", "1313569856");
Vymazané : user_pref("CT3031607.ThirdPartyComponentsInterval", 504);
Vymazané : user_pref("CT3031607.ThirdPartyComponentsLastCheck", "Wed Aug 17 2011 23:13:12 GMT+0200");
Vymazané : user_pref("CT3031607.ThirdPartyComponentsLastUpdate", "1246786978");
Vymazané : user_pref("CT3031607.ToolbarShrinkedFromSetup", false);
Vymazané : user_pref("CT3031607.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3031607");
Vymazané : user_pref("CT3031607.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Vymazané : user_pref("CT3031607.UserID", "UN69355323609468861");
Vymazané : user_pref("CT3031607.alertChannelId", "1423186");
Vymazané : user_pref("CT3031607.approveUntrustedApps", false);
Vymazané : user_pref("CT3031607.components.1000034", false);
Vymazané : user_pref("CT3031607.components.1000082", false);
Vymazané : user_pref("CT3031607.components.129524450094515146", false);
Vymazané : user_pref("CT3031607.components.129524450332752173", false);
Vymazané : user_pref("CT3031607.components.129524509878872275", false);
Vymazané : user_pref("CT3031607.components.129524510190414247", false);
Vymazané : user_pref("CT3031607.components.129524513008329960", false);
Vymazané : user_pref("CT3031607.components.129524513362106645", false);
Vymazané : user_pref("CT3031607.components.129524513380649608", false);
Vymazané : user_pref("CT3031607.components.129524513646404813", false);
Vymazané : user_pref("CT3031607.components.129524513672164994", false);
Vymazané : user_pref("CT3031607.components.129574556201361886", false);
Vymazané : user_pref("CT3031607.components.129574556213383833", false);
Vymazané : user_pref("CT3031607.components.129574556260543848", false);
Vymazané : user_pref("CT3031607.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Vymazané : user_pref("CT3031607.globalFirstTimeInfoLastCheckTime", "Wed Aug 17 2011 23:13:13 GMT+0200");
Vymazané : user_pref("CT3031607.homepageProtectorEnableByLogin", true);
Vymazané : user_pref("CT3031607.initDone", true);
Vymazané : user_pref("CT3031607.isAppTrackingManagerOn", true);
Vymazané : user_pref("CT3031607.isFirstRadioInstallation", false);
Vymazané : user_pref("CT3031607.myStuffEnabled", true);
Vymazané : user_pref("CT3031607.myStuffPublihserMinWidth", 400);
Vymazané : user_pref("CT3031607.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Vymazané : user_pref("CT3031607.myStuffServiceIntervalMM", 1440);
Vymazané : user_pref("CT3031607.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Vymazané : user_pref("CT3031607.searchProtectorDialogDelayInSec", 10);
Vymazané : user_pref("CT3031607.searchProtectorEnableByLogin", true);
Vymazané : user_pref("CT3031607.testingCtid", "");
Vymazané : user_pref("CT3031607.toolbarAppMetaDataLastCheckTime", "Wed Aug 17 2011 23:13:13 GMT+0200");
Vymazané : user_pref("CT3031607.toolbarContextMenuLastCheckTime", "Wed Aug 17 2011 23:13:15 GMT+0200");
Vymazané : user_pref("CT3031607.usageEnabled", false);
Vymazané : user_pref("CT3031607.usagesFlag", 2);
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1182482/1178159/SK", "\"0\"[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3031607", [...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3031607",[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2790392&octid=[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT3031607&octid=[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\[...]
Vymazané : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Vymazané : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Martiin\\AppData\\Roaming\\Mozilla\[...]
Vymazané : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
Vymazané : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Vymazané : user_pref("CommunityToolbar.ToolbarsList", "CT2790392,CT3031607");
Vymazané : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392,CT3031607");
Vymazané : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392,CT3031607");
Vymazané : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Aug 06 2011 17:26:56 GMT+0200");
Vymazané : user_pref("CommunityToolbar.globalUserId", "62ce668e-c2e6-45db-b732-89da8f8b7a40");
Vymazané : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Vymazané : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Vymazané : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Aug 13 2011 20:45:3[...]
Vymazané : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Vymazané : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Aug 17 2011 01:04:22 GMT+020[...]
Vymazané : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Vymazané : user_pref("CommunityToolbar.notifications.locale", "en");
Vymazané : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Vymazané : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Aug 17 2011 01:04:14 GMT+0200");
Vymazané : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Vymazané : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Vymazané : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Vymazané : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Vymazané : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Vymazané : user_pref("CommunityToolbar.notifications.userId", "167d441f-1d34-4f49-ad01-6745f7bb9269");
Vymazané : user_pref("extensions.BabylonToolbar.bbDpng", 9);
Vymazané : user_pref("extensions.BabylonToolbar.cntry", "SK");
Vymazané : user_pref("extensions.BabylonToolbar.firstRun", false);
Vymazané : user_pref("extensions.BabylonToolbar.hdrMd5", "1E755D813D3DA4E30F9AA61DAC9E3060");
Vymazané : user_pref("extensions.BabylonToolbar.lastActv", "9");
Vymazané : user_pref("extensions.BabylonToolbar.lastDP", 9);
Vymazané : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.31.222:58:42");
Vymazané : user_pref("extensions.BabylonToolbar.newTab", true);
Vymazané : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Vymazané : user_pref("extensions.BabylonToolbar.propectorlck", 59431583);
Vymazané : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Vymazané : user_pref("keyword.URL", "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=bc5fd5bb00000000000020cf306[...]

-\\ Google Chrome v26.0.1410.43

Súbor : C:\Users\Martiin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Súbor je eistý.

*************************

AdwCleaner[R1].txt - [28620 octets] - [27/03/2013 21:55:17]
AdwCleaner[S1].txt - [27940 octets] - [28/03/2013 10:09:58]

########## EOF - C:\AdwCleaner[S1].txt - [28001 octets] ##########

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 13-03-27.01 - Martiin . 03. 2013 13:08:26.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.5997.4427 [GMT 1:00]
Running from: c:\users\Martiin\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\program files (x86)\Common Files\Net4Switch.ico
c:\users\Martiin\AppData\Roaming\Setup.exe
c:\windows\msvcr71.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-28 )))))))))))))))))))))))))))))))
.
.
2013-03-28 12:35 . 2013-03-28 12:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-28 12:16 . 2013-03-28 12:16 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7ABF9566-07E8-4C89-9CBD-291074804DB7}\offreg.dll
2013-03-27 11:42 . 2013-03-27 11:43 -------- d-----w- C:\rsit
2013-03-27 11:42 . 2013-03-27 11:42 -------- d-----w- c:\program files\trend micro
2013-03-26 16:17 . 2013-03-26 16:17 -------- d-----w- c:\users\Martiin\AppData\Local\ElevatedDiagnostics
2013-03-26 12:46 . 2013-03-19 04:50 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7ABF9566-07E8-4C89-9CBD-291074804DB7}\mpengine.dll
2013-03-04 19:49 . 2013-03-13 15:54 -------- d-----w- c:\users\Martiin\AppData\Local\Plus500
2013-03-04 19:49 . 2013-03-13 15:54 -------- d-----w- c:\program files (x86)\Plus500
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-14 02:02 . 2011-06-29 11:19 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-13 16:09 . 2012-07-13 09:35 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 16:09 . 2011-08-06 20:37 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-12 23:10 . 2013-02-12 23:10 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2013-02-12 23:10 . 2013-02-12 23:10 909312 ----a-w- c:\windows\SysWow64\aticfx32.dll
2013-02-12 23:10 . 2013-02-12 23:10 360448 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2013-02-12 23:10 . 2013-02-12 23:10 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-02-12 23:10 . 2013-02-12 23:10 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2013-02-12 23:10 . 2013-02-12 23:10 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2013-02-12 23:10 . 2010-01-22 00:48 7479296 ----a-w- c:\windows\system32\atidxx64.dll
2013-02-12 23:10 . 2013-02-12 23:10 503808 ----a-w- c:\windows\system32\atieclxx.exe
2013-02-12 23:10 . 2013-02-12 23:10 514560 ----a-w- c:\windows\system32\atiadlxx.dll
2013-02-12 23:10 . 2010-01-22 00:47 1067520 ----a-w- c:\windows\system32\aticfx64.dll
2013-02-12 23:10 . 2013-02-12 23:10 120320 ----a-w- c:\windows\system32\atitmm64.dll
2013-02-12 23:10 . 2013-02-12 23:10 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2013-02-12 23:10 . 2013-02-12 23:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2013-02-12 23:10 . 2013-02-12 23:10 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2013-02-12 23:10 . 2013-02-12 23:10 59392 ----a-w- c:\windows\system32\atiedu64.dll
2013-02-12 23:10 . 2013-02-12 23:10 51200 ----a-w- c:\windows\system32\ATIODCLI.exe
2013-02-12 23:10 . 2010-01-22 00:21 4795904 ----a-w- c:\windows\SysWow64\atiumdva.dll
2013-02-12 23:10 . 2013-02-12 23:10 16090624 ----a-w- c:\windows\system32\aticaldd64.dll
2013-02-12 23:10 . 2013-02-12 23:10 6800896 ----a-w- c:\windows\SysWow64\atidxx32.dll
2013-02-12 23:10 . 2013-02-12 23:10 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2013-02-12 23:10 . 2013-02-12 23:10 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2013-02-12 23:10 . 2013-02-12 23:10 1831424 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2013-02-12 23:10 . 2010-01-22 00:07 54784 ----a-w- c:\windows\system32\atiuxp64.dll
2013-02-12 23:10 . 2013-02-12 23:10 7431680 ----a-w- c:\windows\system32\atiumd64.dll
2013-02-12 23:10 . 2013-02-12 23:10 11174400 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2013-02-12 23:10 . 2013-02-12 23:10 1120768 ----a-w- c:\windows\system32\atiumd6v.dll
2013-02-12 23:10 . 2011-06-29 09:27 64000 ----a-w- c:\windows\system32\coinst.dll
2013-02-12 23:10 . 2013-02-12 23:10 343040 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2013-02-12 23:10 . 2013-02-12 23:10 332800 ----a-w- c:\windows\system32\ATIODE.exe
2013-02-12 23:10 . 2013-02-12 23:10 26181632 ----a-w- c:\windows\system32\atio6axx.dll
2013-02-12 23:10 . 2013-02-12 23:10 236544 ----a-w- c:\windows\system32\atiesrxx.exe
2013-02-12 23:10 . 2013-02-12 23:10 44544 ----a-w- c:\windows\system32\atiu9p64.dll
2013-02-12 23:10 . 2013-02-12 23:10 4731904 ----a-w- c:\windows\system32\atiumd6a.dll
2013-02-12 23:10 . 2010-01-22 00:07 32256 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2013-02-12 23:10 . 2010-01-22 00:39 6203392 ----a-w- c:\windows\SysWow64\atiumdag.dll
2013-02-12 23:10 . 2013-02-12 23:10 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2013-02-12 23:10 . 2013-02-12 23:09 95760 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2013-02-12 23:10 . 2013-02-12 23:09 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2013-02-12 23:10 . 2013-02-12 23:09 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2013-02-12 23:10 . 2013-02-12 23:09 13764096 ----a-w- c:\windows\SysWow64\aticaldd.dll
2013-02-12 23:10 . 2013-02-12 23:09 19753984 ----a-w- c:\windows\SysWow64\atioglxx.dll
2013-02-12 23:09 . 2013-02-12 23:09 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2013-02-12 23:09 . 2013-02-12 23:09 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2013-02-12 23:09 . 2013-02-12 23:09 54784 ----a-w- c:\windows\system32\atimpc64.dll
2013-02-12 23:09 . 2013-02-12 23:09 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2013-02-12 23:09 . 2013-02-12 23:09 41984 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2013-02-12 23:09 . 2013-02-12 23:09 41984 ----a-w- c:\windows\system32\atig6txx.dll
2013-02-12 23:09 . 2013-02-12 23:09 21504 ----a-w- c:\windows\system32\atimuixx.dll
2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2009-04-08 08:31 . 2009-04-08 08:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-11 19:45 . 2008-08-11 19:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-04-26 3111744]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-03-26 1631144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-24 6806144]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-02-21 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-09-24 210216]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-22 210216]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-04-26 103896]
"RMAlert"="c:\program files (x86)\PC Tools Registry Mechanic\Alert.exe" [2012-04-26 1318872]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-14 2255360]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2011-6-29 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2011-6-29 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-04-29 32768]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Classic\safedrv.sys [x]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-06-29 1255736]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-12 283200]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-06-22 379520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-02-12 236544]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-04-26 793048]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2013-02-12 95760]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-04-13 135560]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [2010-02-25 115312]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-27 18:03 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-13 16:09]
.
2013-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 19:43]
.
2013-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 19:43]
.
2013-03-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2760217323-615456779-259505299-1000Core.job
- c:\users\Martiin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-05 10:30]
.
2013-03-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2760217323-615456779-259505299-1000UA.job
- c:\users\Martiin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-05 10:30]
.
2013-03-28 c:\windows\Tasks\RMAutoUpdate.job
- c:\program files (x86)\PC Tools Registry Mechanic\SULauncher.exe [2012-09-24 12:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 14:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - c:\users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
URLSearchHooks-{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-K_Series_ScreenSaver_EN - c:\windows\system32\K_Series_ScreenSaver_EN.scr
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-03-28 13:39:25
ComboFix-quarantined-files.txt 2013-03-28 12:39
.
Pre-Run: 135 284 367 360 bytes free
Post-Run: 135 344 156 672 bytes free
.
- - End Of File - - B8F24994526382D190D5A1CBAE082A03

halo, ja len ze ci sa na mna nezabudlo

nezabudlo, ale my jste mu ve svem volnem case a zdarma. Mel jsem vcera nejake soukrome aktivity a nyni cely den v praci

Poprosim o DDS http://forum.viry.cz/viewtopic.php?f=13&t=125171

Ok, dakujem za ochotu cenim si pomoc


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.10.2
Run by Martiin at 1:10:49 on 2013-03-30
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.5997.4252 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\notepad.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingBar.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingSurrogate.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingSurrogate.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingSurrogate.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingSurrogate.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Martiin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.0"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\4.0"
mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun: [RMAlert] "C:\Program Files (x86)\PC Tools Registry Mechanic\Alert.exe" /PRODUCT=RM /R
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer
mRunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
mRunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer
mRunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{C00AA680-C522-40C7-8708-257F53110908} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E46343AA-EABB-4CB0-9D9C-6E58C86A67CA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E46343AA-EABB-4CB0-9D9C-6E58C86A67CA}\0516471676F6E69616 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E46343AA-EABB-4CB0-9D9C-6E58C86A67CA}\14355535 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E46343AA-EABB-4CB0-9D9C-6E58C86A67CA}\6496E63656E6472757D6E4D424 : DHCPNameServer = 195.34.133.21 212.186.211.21
TCP: Interfaces\{E46343AA-EABB-4CB0-9D9C-6E58C86A67CA}\8445340205F627471626C6560284F6473707F647 : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Users\Martiin\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Users\Martiin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Martiin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Martiin\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
.
============= SERVICES / DRIVERS ===============
.
R0 lullaby;lullaby;C:\Windows\System32\drivers\lullaby.sys [2011-6-29 15928]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-7-12 283200]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-6-29 379520]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-2-13 236544]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-9-24 793048]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-6-29 2314240]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-13 95760]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-6-29 135560]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-6-29 56344]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2011-6-29 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\System32\drivers\JME.sys [2011-6-29 115312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2010-4-29 32768]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Služba Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-6-29 1255736]
.
=============== Created Last 30 ================
.
2013-03-29 12:59:18 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3C898284-1B27-4202-97DB-E9D2EEB6324A}\offreg.dll
2013-03-29 12:56:57 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-03-29 12:56:51 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3C898284-1B27-4202-97DB-E9D2EEB6324A}\mpengine.dll
2013-03-28 12:06:15 98816 ----a-w- C:\Windows\sed.exe
2013-03-28 12:06:15 256000 ----a-w- C:\Windows\PEV.exe
2013-03-28 12:06:15 208896 ----a-w- C:\Windows\MBR.exe
2013-03-27 11:42:41 -------- d-----w- C:\Program Files\trend micro
2013-03-26 16:17:37 -------- d-----w- C:\Users\Martiin\AppData\Local\ElevatedDiagnostics
2013-03-25 11:30:05 -------- d-----w- C:\Users\Martiin\AppData\Roaming\ESET
2013-03-04 19:49:42 -------- d-----w- C:\Users\Martiin\AppData\Local\Plus500
2013-03-04 19:49:42 -------- d-----w- C:\Program Files (x86)\Plus500
.
==================== Find3M ====================
.
2013-03-13 16:09:39 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 16:09:39 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-12 23:09:55 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2013-02-12 23:09:47 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2013-02-12 23:09:46 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2013-02-12 23:09:46 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2013-02-12 23:09:45 41984 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2013-02-12 23:09:43 41984 ----a-w- C:\Windows\System32\atig6txx.dll
2013-02-12 23:09:42 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2013-01-17 00:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2009-04-08 08:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-11 19:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll
.
============= FINISH: 1:13:15,42 ===============

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Pro Agent"=-
  "Steam"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  "UpdateLBPShortCut"=-
  "UpdateP2GoShortCut"=-
  "UpdatePPShortCut"=-
  "UpdatePSTShortCut"=-
  "DivXUpdate"=-
  "SwitchBoard"=-
  "AdobeCS5.5ServiceManager"=-
  "Adobe ARM"="-
  "QuickTime Task"=-
  "SunJavaUpdateSched"=-
  "LogMeIn Hamachi Ui"=-
  
  RegLock::
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
  
  File::
  C:\Windows\tasks\Adobe Flash Player Updater.job
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2760217323-615456779-259505299-1000Core.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2760217323-615456779-259505299-1000UA.job
  C:\Windows\tasks\RMAutoUpdate.job
  
  ClearJavaCache::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

ComboFix 13-03-30.01 - Martiin . 03. 2013 23:25:02.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.5997.4751 [GMT 1:00]
Running from: c:\users\Martiin\Desktop\ComboFix.exe
Command switches used :: c:\users\Martiin\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2760217323-615456779-259505299-1000Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2760217323-615456779-259505299-1000UA.job"
"c:\windows\tasks\RMAutoUpdate.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\tasks\Adobe Flash Player Updater.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2760217323-615456779-259505299-1000Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2760217323-615456779-259505299-1000UA.job
c:\windows\tasks\RMAutoUpdate.job
.
.
((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-30 )))))))))))))))))))))))))))))))
.
.
2013-03-30 22:32 . 2013-03-30 22:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-29 12:56 . 2013-03-19 04:50 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3C898284-1B27-4202-97DB-E9D2EEB6324A}\mpengine.dll
2013-03-27 11:42 . 2013-03-27 11:43 -------- d-----w- C:\rsit
2013-03-27 11:42 . 2013-03-27 11:42 -------- d-----w- c:\program files\trend micro
2013-03-26 16:17 . 2013-03-26 16:17 -------- d-----w- c:\users\Martiin\AppData\Local\ElevatedDiagnostics
2013-03-04 19:49 . 2013-03-13 15:54 -------- d-----w- c:\users\Martiin\AppData\Local\Plus500
2013-03-04 19:49 . 2013-03-13 15:54 -------- d-----w- c:\program files (x86)\Plus500
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-14 02:02 . 2011-06-29 11:19 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-13 16:09 . 2012-07-13 09:35 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 16:09 . 2011-08-06 20:37 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-12 23:10 . 2013-02-12 23:10 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2013-02-12 23:10 . 2013-02-12 23:10 909312 ----a-w- c:\windows\SysWow64\aticfx32.dll
2013-02-12 23:10 . 2013-02-12 23:10 360448 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2013-02-12 23:10 . 2013-02-12 23:10 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-02-12 23:10 . 2013-02-12 23:10 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2013-02-12 23:10 . 2013-02-12 23:10 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2013-02-12 23:10 . 2010-01-22 00:48 7479296 ----a-w- c:\windows\system32\atidxx64.dll
2013-02-12 23:10 . 2013-02-12 23:10 503808 ----a-w- c:\windows\system32\atieclxx.exe
2013-02-12 23:10 . 2013-02-12 23:10 514560 ----a-w- c:\windows\system32\atiadlxx.dll
2013-02-12 23:10 . 2010-01-22 00:47 1067520 ----a-w- c:\windows\system32\aticfx64.dll
2013-02-12 23:10 . 2013-02-12 23:10 120320 ----a-w- c:\windows\system32\atitmm64.dll
2013-02-12 23:10 . 2013-02-12 23:10 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2013-02-12 23:10 . 2013-02-12 23:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2013-02-12 23:10 . 2013-02-12 23:10 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2013-02-12 23:10 . 2013-02-12 23:10 59392 ----a-w- c:\windows\system32\atiedu64.dll
2013-02-12 23:10 . 2013-02-12 23:10 51200 ----a-w- c:\windows\system32\ATIODCLI.exe
2013-02-12 23:10 . 2010-01-22 00:21 4795904 ----a-w- c:\windows\SysWow64\atiumdva.dll
2013-02-12 23:10 . 2013-02-12 23:10 16090624 ----a-w- c:\windows\system32\aticaldd64.dll
2013-02-12 23:10 . 2013-02-12 23:10 6800896 ----a-w- c:\windows\SysWow64\atidxx32.dll
2013-02-12 23:10 . 2013-02-12 23:10 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2013-02-12 23:10 . 2013-02-12 23:10 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2013-02-12 23:10 . 2013-02-12 23:10 1831424 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2013-02-12 23:10 . 2010-01-22 00:07 54784 ----a-w- c:\windows\system32\atiuxp64.dll
2013-02-12 23:10 . 2013-02-12 23:10 7431680 ----a-w- c:\windows\system32\atiumd64.dll
2013-02-12 23:10 . 2013-02-12 23:10 11174400 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2013-02-12 23:10 . 2013-02-12 23:10 1120768 ----a-w- c:\windows\system32\atiumd6v.dll
2013-02-12 23:10 . 2011-06-29 09:27 64000 ----a-w- c:\windows\system32\coinst.dll
2013-02-12 23:10 . 2013-02-12 23:10 343040 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2013-02-12 23:10 . 2013-02-12 23:10 332800 ----a-w- c:\windows\system32\ATIODE.exe
2013-02-12 23:10 . 2013-02-12 23:10 26181632 ----a-w- c:\windows\system32\atio6axx.dll
2013-02-12 23:10 . 2013-02-12 23:10 236544 ----a-w- c:\windows\system32\atiesrxx.exe
2013-02-12 23:10 . 2013-02-12 23:10 44544 ----a-w- c:\windows\system32\atiu9p64.dll
2013-02-12 23:10 . 2013-02-12 23:10 4731904 ----a-w- c:\windows\system32\atiumd6a.dll
2013-02-12 23:10 . 2010-01-22 00:07 32256 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2013-02-12 23:10 . 2010-01-22 00:39 6203392 ----a-w- c:\windows\SysWow64\atiumdag.dll
2013-02-12 23:10 . 2013-02-12 23:10 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2013-02-12 23:10 . 2013-02-12 23:09 95760 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2013-02-12 23:10 . 2013-02-12 23:09 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2013-02-12 23:10 . 2013-02-12 23:09 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2013-02-12 23:10 . 2013-02-12 23:09 13764096 ----a-w- c:\windows\SysWow64\aticaldd.dll
2013-02-12 23:10 . 2013-02-12 23:09 19753984 ----a-w- c:\windows\SysWow64\atioglxx.dll
2013-02-12 23:09 . 2013-02-12 23:09 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2013-02-12 23:09 . 2013-02-12 23:09 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2013-02-12 23:09 . 2013-02-12 23:09 54784 ----a-w- c:\windows\system32\atimpc64.dll
2013-02-12 23:09 . 2013-02-12 23:09 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2013-02-12 23:09 . 2013-02-12 23:09 41984 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2013-02-12 23:09 . 2013-02-12 23:09 41984 ----a-w- c:\windows\system32\atig6txx.dll
2013-02-12 23:09 . 2013-02-12 23:09 21504 ----a-w- c:\windows\system32\atimuixx.dll
2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2009-04-08 08:31 . 2009-04-08 08:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-11 19:45 . 2008-08-11 19:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-24 6806144]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-04-26 103896]
"RMAlert"="c:\program files (x86)\PC Tools Registry Mechanic\Alert.exe" [2012-04-26 1318872]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2011-6-29 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2011-6-29 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-04-29 32768]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Classic\safedrv.sys [x]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-06-29 1255736]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-12 283200]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-06-22 379520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-02-12 236544]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-04-26 793048]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2013-02-12 95760]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-04-13 135560]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [2010-02-25 115312]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-27 18:03 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 14:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Martiin\AppData\Roaming\Mozilla\Firefox\Profiles\tyjkcd5y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-K_Series_ScreenSaver_EN - c:\windows\system32\K_Series_ScreenSaver_EN.scr
.
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\PC Tools Registry Mechanic\SULauncher.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\ASUS\Net4Switch\Net4Switch.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\CyberLink\PowerDVD\PDVDServ.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
c:\program files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe
.
**************************************************************************
.
Completion time: 2013-03-30 23:41:29 - machine was rebooted
ComboFix-quarantined-files.txt 2013-03-30 22:41
ComboFix2.txt 2013-03-28 12:39
.
Pre-Run: 133 217 824 768 bytes free
Post-Run: 132 795 338 752 bytes free
.
- - End Of File - - 18188C482E8EC740489F40F11B8934E0

Tak jeste uklidime

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Tak, posledne 2 kroky si uz robil kamos sam ja som len vkladal logy
Ze vraj problemy su zazehnane, takze obaja velmi pekne dakujeme

Kamos sa este chcel spytat - citujem "ze co som robil zle ze som ho tak doj**** a co mam robit aby som to neurobil zas a ze aku obranu do PC si mam dat"
(pre upresnenie - ma original platenu verziu NODu)

Este raz dik