Preventivní kontrola logu

[jacktenrek]

zdravím, po delší době tu mám jeden log na kontrolu děkuji předem

Logfile of random's system information tool 1.09 (written by random/random)
Run by MSI_1 at 2013-04-24 17:28:52
WIN_XP Service Pack 3
System drive C: has 5 GB (20%) free of 26 GB
Total RAM: 2047 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:29:09, on 24.4.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Common Files\COMODO\launcher_service.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
C:\Program Files\Comodo\COMODO Internet Security\cis.exe
C:\Program Files\Comodo\COMODO Internet Security\cis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Comodo\COMODO Internet Security\CIS.exe
D:\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\MSI_1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33568
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo2.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo2.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [gbrspcontrol] "C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "D:\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-682003330-1637723038-839522115-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-682003330-1637723038-839522115-1003\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-682003330-1637723038-839522115-1003 Startup: Registration IL-2 Sturmovik Series (User '?')
O4 - Startup: Registration IL-2 Sturmovik Series
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\Comodo\GeekBuddy\launcher.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7EBF420-4778-41DE-B723-D8358EE7DA7B}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: GeekBuddyRSP Service (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 10675 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
C:\WINDOWS\tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
C:\WINDOWS\tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\MSI_1\Data aplikací\Mozilla\Firefox\Profiles\8miy9847.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\PROGRA~1\AVASTS~1\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\MSI_1\Data aplikací\Mozilla\Firefox\Profiles\8miy9847.default\extensions\
battlefieldheroespatcher@ea.com
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

C:\Documents and Settings\MSI_1\Data aplikací\Mozilla\Firefox\Profiles\8miy9847.default\searchplugins\
askcom.xml
askcomsearch.xml
conduit.xml
search-safer.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-20 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-03-19 4529272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo2.dll [2012-11-06 183112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-20 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo2.dll [2012-11-06 183112]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-06-18 67584]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-04-21 335872]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
""= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-04-15 3012816]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"gbrspcontrol"=C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2013-04-17 1851088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"uTorrent"=D:\uTorrent.exe [2013-04-19 802136]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2012-08-03 1086376]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Start GeekBuddy.lnk - C:\Program Files\Comodo\GeekBuddy\launcher.exe
VIA RAID TOOL.lnk - C:\Program Files\VIA\RAID\raid_tool.exe

C:\Documents and Settings\MSI_1\Nabídka Start\Programy\Po spuštění
Registration IL-2 Sturmovik Series

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-03-12 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Warcraft III\Warcraft III.exe"="D:\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"D:\uTorrent.exe"="D:\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Return to Castle Wolfenstein\WolfMP.exe"="C:\Program Files\Return to Castle Wolfenstein\WolfMP.exe:*:Disabled:WolfMP"
"C:\Alien Arena 7_50\crx.exe"="C:\Alien Arena 7_50\crx.exe:*:Enabled:crx"
"D:\Programy\World_of_Tanks_closed_Beta\WorldOfTanks.exe"="D:\Programy\World_of_Tanks_closed_Beta\WorldOfTanks.exe:*:Enabled:World of Tanks"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\UT2003Demo\System\UT2003.exe"="C:\UT2003Demo\System\UT2003.exe:*:Disabled:UT2003"
"D:\World_of_Tanks_closed_Beta\WorldOfTanks.exe"="D:\World_of_Tanks_closed_Beta\WorldOfTanks.exe:*:Enabled:World of Tanks"
"D:\World_of_Tanks_closed_Beta\WOTLauncher.exe"="D:\World_of_Tanks_closed_Beta\WOTLauncher.exe:*:Enabled:World of Tanks Launcher"
"D:\World_of_Tanks\WorldOfTanks.exe"="D:\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks"
"D:\World_of_Tanks\WOTLauncher.exe"="D:\World_of_Tanks\WOTLauncher.exe:*:Enabled:World of Tanks Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe"="C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe:127.0.0.1/255.255.255.255:Enabled:GeekBuddy RSP"
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FFDS"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

======List of files/folders created in the last 1 month======

2013-04-24 17:28:52 ----D---- C:\rsit
2013-04-24 17:28:52 ----D---- C:\Program Files\trend micro
2013-04-19 18:01:43 ----A---- C:\WINDOWS\system32\certsentry.dll
2013-04-17 20:20:32 ----D---- C:\Program Files\Common Files\COMODO
2013-04-17 20:19:04 ----SHD---- C:\Config.Msi
2013-04-15 13:43:08 ----D---- C:\Program Files\VS Revo Group
2013-04-15 13:33:49 ----A---- C:\WINDOWS\wininit.ini
2013-04-15 13:07:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-04-15 13:07:05 ----A---- C:\WINDOWS\system32\sdnclean.exe
2013-04-15 13:06:58 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2013-04-15 12:05:23 ----A---- C:\WINDOWS\system32\drivers\sfi.dat
2013-04-15 12:03:15 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Shared Space
2013-04-15 12:00:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\COMODO
2013-04-15 12:00:05 ----D---- C:\Program Files\Comodo
2013-04-15 12:00:03 ----A---- C:\WINDOWS\system32\gdiplus.dll
2013-04-15 11:59:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo Downloader
2013-04-15 11:45:11 ----A---- C:\WINDOWS\AvastEmUpdate.ini
2013-04-15 11:41:53 ----A---- C:\WINDOWS\avastSS.scr
2013-04-15 11:41:27 ----D---- C:\Program Files\AVAST Software
2013-04-15 11:40:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-04-15 11:33:27 ----D---- C:\WINDOWS\pss
2013-04-12 12:06:55 ----D---- C:\Program Files\Mozilla Firefox
2013-04-12 08:19:24 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 month======

2013-04-24 17:28:52 ----RD---- C:\Program Files
2013-04-24 17:28:40 ----D---- C:\WINDOWS\Prefetch
2013-04-24 17:14:05 ----D---- C:\Program Files\WinZip
2013-04-24 17:13:49 ----D---- C:\WINDOWS\Temp
2013-04-24 17:09:17 ----D---- C:\WINDOWS\system32\CatRoot2
2013-04-24 08:32:59 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-04-24 08:32:53 ----D---- C:\Documents and Settings\MSI_1\Data aplikací\uTorrent
2013-04-24 08:32:45 ----D---- C:\Documents and Settings\MSI_1\Data aplikací\Skype
2013-04-23 21:11:01 ----D---- C:\Program Files\The KMPlayer
2013-04-20 07:19:19 ----D---- C:\WINDOWS\system32
2013-04-19 20:14:52 ----D---- C:\WINDOWS\system32\config
2013-04-19 18:15:12 ----SHD---- C:\WINDOWS\Installer
2013-04-17 20:20:32 ----D---- C:\Program Files\Common Files
2013-04-16 13:02:49 ----D---- C:\WINDOWS
2013-04-15 19:38:37 ----A---- C:\WINDOWS\system32\guard32.dll
2013-04-15 19:38:37 ----A---- C:\WINDOWS\system32\cmdcsr.dll
2013-04-15 19:38:25 ----A---- C:\WINDOWS\system32\cmdvrt32.dll
2013-04-15 19:38:24 ----A---- C:\WINDOWS\system32\cmdkbd32.dll
2013-04-15 16:52:50 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2013-04-15 13:07:28 ----SD---- C:\WINDOWS\Tasks
2013-04-15 13:07:14 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-04-15 13:02:21 ----D---- C:\WINDOWS\Minidump
2013-04-15 13:00:24 ----D---- C:\Program Files\Messenger
2013-04-15 12:09:09 ----D---- C:\WINDOWS\system32\drivers
2013-04-15 12:09:04 ----HD---- C:\WINDOWS\inf
2013-04-15 11:42:27 ----D---- C:\WINDOWS\WinSxS
2013-04-15 11:25:22 ----A---- C:\WINDOWS\wincmd.ini
2013-04-14 21:08:32 ----D---- C:\Documents and Settings\MSI_1\Data aplikací\vlc
2013-04-14 07:06:46 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-12 08:19:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-04-12 08:19:24 ----RD---- C:\Program Files\Skype
2013-04-11 08:23:11 ----A---- C:\WINDOWS\NeroDigital.ini
2013-04-11 05:57:21 ----D---- C:\Documents and Settings\MSI_1\Data aplikací\PriceGong
2013-04-04 10:30:14 ----D---- C:\Documents and Settings\MSI_1\Data aplikací\ICQ
2013-03-31 07:57:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2013-04-18 99392]
R0 Vax347b;Vax347b; C:\WINDOWS\system32\DRIVERS\Vax347b.sys [2005-04-25 159616]
R0 Vax347s;Vax347s; C:\WINDOWS\System32\Drivers\Vax347s.sys [2004-04-30 5248]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2004-05-18 74112]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdK8;AMD Athlon64 Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2003-11-07 35328]
R1 CFRMD;CFRMD; C:\WINDOWS\system32\DRIVERS\CFRMD.sys [2012-09-03 36112]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2013-04-15 18528]
R1 cmdGuard;COMODO Internet Security Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2013-04-15 592384]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2013-04-15 32816]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\WINDOWS\system32\DRIVERS\thdudf.sys [2010-04-30 66944]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-06-21 626204]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-03-13 2870784]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-07-16 70400]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\MSI_1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-03-12 532480]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files\Common Files\COMODO\launcher_service.exe [2013-04-17 70344]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-04-15 4443912]
R2 GeekBuddyRSP;GeekBuddyRSP Service; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2013-04-17 1851088]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-03-12 593920]
S2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2013-04-19 2074760]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-12 136176]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-03-20 170912]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-08-12 75136]
S2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
S2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-03-19 3289208]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-04-15 127184]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-12 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Mc_Murphy]

Zdravím.

Vydrž minutku, na logu se intenzivně pracuje.

[Mc_Murphy]

Odinstaluj Spybot - Search & Destroy - bude se Ti tlouct s COMODO Internet Security.
Pokud to jde, odinstaluj také uTorrentBar Toolbar - zdržovačka.


Až to všechno provedeš, tak stáhni AdwCleaner - http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulož jej nejlépe na Plochu.
• Ukonči všechny programy!!
• Spusť AdwCleaner.
• Klikni na [Delete].
• Proběhne scan a pak se objeví log, který bude případně uložen na systémovém disku jako C:\AdwCleaner [S1].txt - jeho obsah mi sem vlož.

[jacktenrek]

# AdwCleaner v2.202 - Log vytvooen 24/04/2013 v 18:08:27
# Aktualizováno 23/04/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : MSI_1 - MSI
# Spuštin systém : Normální
# Spuštino z : D:\Stažené soubory\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\Ask
Složka Vymazáno : C:\Documents and Settings\MSI_1\Data aplikací\Mozilla\Firefox\Profiles\8miy9847.default\Conduit
Složka Vymazáno : C:\Documents and Settings\MSI_1\Data aplikací\Mozilla\Firefox\Profiles\8miy9847.default\ConduitCommon
Složka Vymazáno : C:\Documents and Settings\MSI_1\Data aplikací\Mozilla\Firefox\Profiles\8miy9847.default\CT2786678
Složka Vymazáno : C:\Documents and Settings\MSI_1\Data aplikací\Mozilla\Firefox\Profiles\8miy9847.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Složka Vymazáno : C:\Documents and Settings\MSI_1\Data aplikací\Mozilla\Firefox\Profiles\8miy9847.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Složka Vymazáno : C:\Documents and Settings\MSI_1\Data aplikací\PriceGong
Složka Vymazáno : C:\Documents and Settings\MSI_1\Local Settings\Data aplikací\APN
Složka Vymazáno : C:\Documents and Settings\MSI_1\Local Settings\Data aplikací\Conduit
Složka Vymazáno : C:\Documents and Settings\MSI_1\Local Settings\Data aplikací\ConduitEngine
Složka Vymazáno : C:\Program Files\Conduit
Složka Vymazáno : C:\Program Files\ChatZum Toolbar
Složka Vymazáno : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Soubor Vymazáno : C:\Documents and Settings\MSI_1\Data aplikací\Mozilla\Firefox\Profiles\8miy9847.default\searchplugins\Askcom.xml
Soubor Vymazáno : C:\Documents and Settings\MSI_1\Data aplikací\Mozilla\Firefox\Profiles\8miy9847.default\searchplugins\askcomsearch.xml
Soubor Vymazáno : C:\Documents and Settings\MSI_1\Data aplikací\Mozilla\Firefox\Profiles\8miy9847.default\searchplugins\Conduit.xml
Soubor Vymazáno : C:\Documents and Settings\MSI_1\Data aplikací\Mozilla\Firefox\Profiles\8miy9847.default\searchplugins\search-safer.xml
Soubor Vymazáno : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Klíe Vymazáno : HKCU\Software\APN
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\Ask.com
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\ChatZum Toolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKCU\Software\PriceGong
Klíe Vymazáno : HKCU\Software\SmartBar
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKLM\Software\APN
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Conduit.Engine
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\ChatZum Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ChatZum Toolbar
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Software

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.chatzum.com/ --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.chatzum.com/ --> hxxp://www.google.com

-\\ Mozilla Firefox v20.0.1 (cs)

Soubor : C:\Documents and Settings\MSI_1\Data aplikací\Mozilla\Firefox\Profiles\8miy9847.default\prefs.js

Vymazáno : user_pref("CT2786678..clientLogIsEnabled", false);
Vymazáno : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Vymazáno : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Vymazáno : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Vymazáno : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Vymazáno : user_pref("CT2786678.AppTrackingLastCheckTime", "Sat Aug 11 2012 07:30:33 GMT+0200");
Vymazáno : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
Vymazáno : user_pref("CT2786678.BrowserCompStateIsOpen_130067977588633691", true);
Vymazáno : user_pref("CT2786678.BrowserCompStateIsOpen_1359634298000", true);
Vymazáno : user_pref("CT2786678.CTID", "CT2786678");
Vymazáno : user_pref("CT2786678.CurrentServerDate", "24-4-2013");
Vymazáno : user_pref("CT2786678.DSChangedManually", false);
Vymazáno : user_pref("CT2786678.DSInstall", true);
Vymazáno : user_pref("CT2786678.DSProtectChoice", true);
Vymazáno : user_pref("CT2786678.DSProtectCount", 1);
Vymazáno : user_pref("CT2786678.DialogsAlignMode", "LTR");
Vymazáno : user_pref("CT2786678.DialogsGetterLastCheckTime", "Tue Apr 23 2013 18:53:07 GMT+0200");
Vymazáno : user_pref("CT2786678.DownloadReferralCookieData", "");
Vymazáno : user_pref("CT2786678.EMailNotifierPollDate", "Thu Jul 26 2012 06:20:59 GMT+0200");
Vymazáno : user_pref("CT2786678.FeedLastCount5690698542593514850", 412);
Vymazáno : user_pref("CT2786678.FeedPollDate2429156812186649977", "Thu Jul 26 2012 06:21:01 GMT+0200");
Vymazáno : user_pref("CT2786678.FeedPollDate2429156813040823546", "Thu Jul 26 2012 06:21:00 GMT+0200");
Vymazáno : user_pref("CT2786678.FeedPollDate2429156813130095866", "Thu Jul 26 2012 06:20:59 GMT+0200");
Vymazáno : user_pref("CT2786678.FeedPollDate2429156813224203613", "Thu Jul 26 2012 06:20:59 GMT+0200");
Vymazáno : user_pref("CT2786678.FeedPollDate2429156813230837251", "Thu Jul 26 2012 06:21:00 GMT+0200");
Vymazáno : user_pref("CT2786678.FeedPollDate2429156813454291735", "Thu Jul 26 2012 06:21:00 GMT+0200");
Vymazáno : user_pref("CT2786678.FeedPollDate2429156813729834876", "Thu Jul 26 2012 06:20:59 GMT+0200");
Vymazáno : user_pref("CT2786678.FeedPollDate2429156813860870021", "Thu Jul 26 2012 06:21:01 GMT+0200");
Vymazáno : user_pref("CT2786678.FeedPollDate2429156814264681793", "Thu Jul 26 2012 06:21:01 GMT+0200");
Vymazáno : user_pref("CT2786678.FeedPollDate2429156814863075366", "Thu Jul 26 2012 06:21:00 GMT+0200");
Vymazáno : user_pref("CT2786678.FeedPollDate2429156815257761081", "Thu Jul 26 2012 06:20:59 GMT+0200");
Vymazáno : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Vymazáno : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Vymazáno : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Vymazáno : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Vymazáno : user_pref("CT2786678.FirstServerDate", "26-7-2012");
Vymazáno : user_pref("CT2786678.FirstTime", true);
Vymazáno : user_pref("CT2786678.FirstTimeFF3", true);
Vymazáno : user_pref("CT2786678.FirstTimeHiddenVer", true);
Vymazáno : user_pref("CT2786678.FixPageNotFoundErrors", true);
Vymazáno : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Vymazáno : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Vymazáno : user_pref("CT2786678.HPInstall", false);
Vymazáno : user_pref("CT2786678.HPProtectChoice", true);
Vymazáno : user_pref("CT2786678.HPProtectCount", 17);
Vymazáno : user_pref("CT2786678.HasUserGlobalKeys", true);
Vymazáno : user_pref("CT2786678.HomePageProtectorEnabled", false);
Vymazáno : user_pref("CT2786678.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
Vymazáno : user_pref("CT2786678.Initialize", true);
Vymazáno : user_pref("CT2786678.InitializeCommonPrefs", true);
Vymazáno : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Vymazáno : user_pref("CT2786678.InstallationType", "Unknown");
Vymazáno : user_pref("CT2786678.InstalledDate", "Thu Jul 26 2012 06:21:14 GMT+0200");
Vymazáno : user_pref("CT2786678.IsAlertDBUpdated", true);
Vymazáno : user_pref("CT2786678.IsGrouping", false);
Vymazáno : user_pref("CT2786678.IsInitSetupIni", true);
Vymazáno : user_pref("CT2786678.IsMulticommunity", false);
Vymazáno : user_pref("CT2786678.IsOpenThankYouPage", true);
Vymazáno : user_pref("CT2786678.IsOpenUninstallPage", true);
Vymazáno : user_pref("CT2786678.IsProtectorsInit", true);
Vymazáno : user_pref("CT2786678.LanguagePackLastCheckTime", "Wed Apr 24 2013 05:42:12 GMT+0200");
Vymazáno : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Vymazáno : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Vymazáno : user_pref("CT2786678.LastLogin_3.14.1.0", "Mon Aug 27 2012 05:08:39 GMT+0200");
Vymazáno : user_pref("CT2786678.LastLogin_3.15.1.0", "Mon Mar 04 2013 18:36:43 GMT+0100");
Vymazáno : user_pref("CT2786678.LastLogin_3.18.0.7", "Wed Apr 24 2013 17:15:11 GMT+0200");
Vymazáno : user_pref("CT2786678.LatestVersion", "3.18.0.7");
Vymazáno : user_pref("CT2786678.Locale", "en");
Vymazáno : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Vymazáno : user_pref("CT2786678.MCDetectTooltipShow", false);
Vymazáno : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Vymazáno : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Vymazáno : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Vymazáno : user_pref("CT2786678.OriginalFirstVersion", "3.14.1.0");
Vymazáno : user_pref("CT2786678.SHRINK_TOOLBAR", 1);
Vymazáno : user_pref("CT2786678.SearchBoxWidth", 100);
Vymazáno : user_pref("CT2786678.SearchCaption", "uTorrentBar Customized Web Search");
Vymazáno : user_pref("CT2786678.SearchEngineBeforeUnload", "uTorrentBar Customized Web Search");
Vymazáno : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Vymazáno : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
Vymazáno : user_pref("CT2786678.SearchInNewTabEnabled", true);
Vymazáno : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Vymazáno : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Wed Apr 24 2013 05:42:11 GMT+0200");
Vymazáno : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Vymazáno : user_pref("CT2786678.SearchProtectorEnabled", true);
Vymazáno : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
Vymazáno : user_pref("CT2786678.SendProtectorDataViaLogin", true);
Vymazáno : user_pref("CT2786678.ServiceMapLastCheckTime", "Wed Apr 24 2013 05:42:11 GMT+0200");
Vymazáno : user_pref("CT2786678.SettingsLastCheckTime", "Wed Apr 24 2013 17:15:10 GMT+0200");
Vymazáno : user_pref("CT2786678.SettingsLastUpdate", "1366812775");
Vymazáno : user_pref("CT2786678.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13");
Vymazáno : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Vymazáno : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Sat Sep 29 2012 22:08:35 GMT+0200");
Vymazáno : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1331805997");
Vymazáno : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Vymazáno : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Vymazáno : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Vymazáno : user_pref("CT2786678.UserID", "UN90518017524397084");
Vymazáno : user_pref("CT2786678.ValidationData_Search", 2);
Vymazáno : user_pref("CT2786678.ValidationData_Toolbar", 2);
Vymazáno : user_pref("CT2786678.WeatherNetwork", "");
Vymazáno : user_pref("CT2786678.WeatherPollDate", "Thu Jul 26 2012 06:49:58 GMT+0200");
Vymazáno : user_pref("CT2786678.WeatherUnit", "C");
Vymazáno : user_pref("CT2786678.alertChannelId", "1178763");
Vymazáno : user_pref("CT2786678.approveUntrustedApps", false);
Vymazáno : user_pref("CT2786678.backendstorage.cbcountry_001", "435A");
Vymazáno : user_pref("CT2786678.backendstorage.cbfirsttime", "546875204A756C20323620323031322030363A32313A30342[...]
Vymazáno : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Vymazáno : user_pref("CT2786678.backendstorage.url_history0001", "68747470733A2F2F6164646F6E732E6D6F7A696C6C612[...]
Vymazáno : user_pref("CT2786678.components.1000034", false);
Vymazáno : user_pref("CT2786678.components.1000234", false);
Vymazáno : user_pref("CT2786678.components.129309485163350924", false);
Vymazáno : user_pref("CT2786678.components.129309489763975460", false);
Vymazáno : user_pref("CT2786678.components.129315411424256896", false);
Vymazáno : user_pref("CT2786678.components.129526967958500204", false);
Vymazáno : user_pref("CT2786678.components.129579220236217502", false);
Vymazáno : user_pref("CT2786678.components.129789450454597254", false);
Vymazáno : user_pref("CT2786678.components.5690698542593514850", false);
Vymazáno : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Vymazáno : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Sat Oct 06 2012 07:23:00 GMT+0200");
Vymazáno : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Vymazáno : user_pref("CT2786678.initDone", true);
Vymazáno : user_pref("CT2786678.isAppTrackingManagerOn", false);
Vymazáno : user_pref("CT2786678.myStuffEnabled", true);
Vymazáno : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Vymazáno : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Vymazáno : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Vymazáno : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Vymazáno : user_pref("CT2786678.navigateToUrlOnSearch", false);
Vymazáno : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129789450454597254[...]
Vymazáno : user_pref("CT2786678.revertSettingsEnabled", true);
Vymazáno : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Vymazáno : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Vymazáno : user_pref("CT2786678.testingCtid", "");
Vymazáno : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Wed Apr 24 2013 05:42:12 GMT+0200");
Vymazáno : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Wed Sep 26 2012 05:45:09 GMT+0200");
Vymazáno : user_pref("CT2786678.usagesFlag", 2);
Vymazáno : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentBar Customized Web Search");
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/CZ", "\"0\"[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"59d[...]
Vymazáno : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\MSI_1\\Data aplika[...]
Vymazáno : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");
Vymazáno : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Vymazáno : user_pref("CommunityToolbar.ToolbarsList", "CT2786678");
Vymazáno : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678");
Vymazáno : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678");
Vymazáno : user_pref("CommunityToolbar.globalUserId", "f9e22735-5bf7-457e-b860-fee5bf8ee827");
Vymazáno : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Vymazáno : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Vymazáno : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2786678");
Vymazáno : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Oct 05 2012 11:47:3[...]
Vymazáno : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Vymazáno : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Vymazáno : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Oct 07 2012 07:23:09 GMT+020[...]
Vymazáno : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Vymazáno : user_pref("CommunityToolbar.notifications.locale", "en");
Vymazáno : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Vymazáno : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Oct 07 2012 07:23:00 GMT+0200");
Vymazáno : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Vymazáno : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Vymazáno : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Vymazáno : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Vymazáno : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Vymazáno : user_pref("CommunityToolbar.notifications.userId", "faa2551f-5695-4eea-9f3f-f485e05a0809");
Vymazáno : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Vymazáno : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Vymazáno : user_pref("browser.newtab.url", "search.chatzum.com");
Vymazáno : user_pref("browser.search.defaultengine", "Ask.com Search");
Vymazáno : user_pref("browser.search.defaultenginename", "Ask.com Search");
Vymazáno : user_pref("browser.search.defaultthis.engineName", "uTorrentBar Customized Web Search");
Vymazáno : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&Sea[...]
Vymazáno : user_pref("browser.search.order.1", "Ask.com Search");
Vymazáno : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Vymazáno : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
Vymazáno : user_pref("extensions.asktb.apn_dbr", "ff_18.0");
Vymazáno : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Vymazáno : user_pref("extensions.asktb.cbid", "^U3");
Vymazáno : user_pref("extensions.asktb.config-updated", true);
Vymazáno : user_pref("extensions.asktb.cr-o", "100000027cr");
Vymazáno : user_pref("extensions.asktb.crumb", "2013.01.17+07.10.48-toolbar003iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibG[...]
Vymazáno : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Vymazáno : user_pref("extensions.asktb.displaybehavior", "");
Vymazáno : user_pref("extensions.asktb.displaytext", "");
Vymazáno : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^CZ");
Vymazáno : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Vymazáno : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
Vymazáno : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Vymazáno : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Vymazáno : user_pref("extensions.asktb.ff19-config-first-run", "true");
Vymazáno : user_pref("extensions.asktb.fresh-install", false);
Vymazáno : user_pref("extensions.asktb.guid", "4612EDD9-ED46-4F81-9126-6CC8FDDDECFA");
Vymazáno : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Vymazáno : user_pref("extensions.asktb.if", "su");
Vymazáno : user_pref("extensions.asktb.keyword-toggled-in-session", false);
Vymazáno : user_pref("extensions.asktb.l", "dis");
Vymazáno : user_pref("extensions.asktb.last-config-req", "1366018198995");
Vymazáno : user_pref("extensions.asktb.locale", "en_EU");
Vymazáno : user_pref("extensions.asktb.location", "Prague,Czech Republic");
Vymazáno : user_pref("extensions.asktb.lstation", "");
Vymazáno : user_pref("extensions.asktb.new-tab-opt-out", true);
Vymazáno : user_pref("extensions.asktb.news-native-on", true);
Vymazáno : user_pref("extensions.asktb.o", "100000027");
Vymazáno : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Vymazáno : user_pref("extensions.asktb.pstate", "");
Vymazáno : user_pref("extensions.asktb.qsrc", "2871");
Vymazáno : user_pref("extensions.asktb.r", "19");
Vymazáno : user_pref("extensions.asktb.sa", "YES");
Vymazáno : user_pref("extensions.asktb.saguid", "9D0722BF-3017-49C9-8D01-B43926286D40");
Vymazáno : user_pref("extensions.asktb.search-suggestions-enabled", true);
Vymazáno : user_pref("extensions.asktb.silent-upgrade", true);
Vymazáno : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Vymazáno : user_pref("extensions.asktb.socialmini-first", true);
Vymazáno : user_pref("extensions.asktb.socialmini-interval", "1200000");
Vymazáno : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Vymazáno : user_pref("extensions.asktb.socialmini-max-items", "30");
Vymazáno : user_pref("extensions.asktb.socialmini-native-on", true);
Vymazáno : user_pref("extensions.asktb.socialmini-speed", "10000");
Vymazáno : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Vymazáno : user_pref("extensions.asktb.themeid", "");
Vymazáno : user_pref("extensions.asktb.timeinstalled", "1.2.2013 17:50:44");
Vymazáno : user_pref("extensions.asktb.to", "");
Vymazáno : user_pref("extensions.asktb.v", "3.15.15.100013");
Vymazáno : user_pref("extensions.asktb.version", "5.15.15.36191");
Vymazáno : user_pref("extensions.asktb.volume", "");
Vymazáno : user_pref("id_chatzum.firstlaunch", "0");
Vymazáno : user_pref("id_chatzum.guid", "%7B42236BB7-9526-9D52-C454-DAAC6969373B%7D");
Vymazáno : user_pref("id_chatzum.hiddenvisual", 0);
Vymazáno : user_pref("id_chatzum.openSearchEngineName", "Search%20Safer");
Vymazáno : user_pref("id_chatzum.popupblockedcnt", "2");
Vymazáno : user_pref("id_chatzum.searchengine", "uTorrentBar%20Customized%20Web%20Search");
Vymazáno : user_pref("id_chatzum.variables.SVar1", "%13");
Vymazáno : user_pref("id_chatzum.variables.SVar10", "%13");
Vymazáno : user_pref("id_chatzum.variables.SVar2", "%13");
Vymazáno : user_pref("id_chatzum.variables.SVar3", "%13");
Vymazáno : user_pref("id_chatzum.variables.SVar4", "%13");
Vymazáno : user_pref("id_chatzum.variables.SVar5", "%13");
Vymazáno : user_pref("id_chatzum.variables.SVar6", "%13");
Vymazáno : user_pref("id_chatzum.variables.SVar7", "%13");
Vymazáno : user_pref("id_chatzum.variables.SVar8", "%13");
Vymazáno : user_pref("id_chatzum.variables.SVar9", "%13");
Vymazáno : user_pref("id_chatzum.variables.Var1", "0");
Vymazáno : user_pref("id_chatzum.variables.Var10", "0");
Vymazáno : user_pref("id_chatzum.variables.Var2", "0");
Vymazáno : user_pref("id_chatzum.variables.Var3", "0");
Vymazáno : user_pref("id_chatzum.variables.Var4", "0");
Vymazáno : user_pref("id_chatzum.variables.Var5", "0");
Vymazáno : user_pref("id_chatzum.variables.Var6", "0");
Vymazáno : user_pref("id_chatzum.variables.Var7", "0");
Vymazáno : user_pref("id_chatzum.variables.Var8", "0");
Vymazáno : user_pref("id_chatzum.variables.Var9", "0");
Vymazáno : user_pref("id_chatzum_installed_version", "1.0.17");
Vymazáno : user_pref("id_chatzum_tabpage", "hxxp%3A//searchsafer.com/");
Vymazáno : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=2&q=[...]

*************************

AdwCleaner[S1].txt - [26606 octets] - [24/04/2013 18:08:27]

########## EOF - C:\AdwCleaner[S1].txt - [26667 octets] ##########

[Mc_Murphy]

Háááfo toho tam bylo.


Stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ulož jej nejlépe na Plochu.
• Ukonči všechny programy!
• Spusť RogueKiller.
• Počkej, než program dokončí Prescan.
• Potom klikni na tlačítko [Prohledat] a počkej, až prohlídka proběhne.
• Klikni na tlačítko [Zpráva] - otevře se log, ten mi sem vlož.
• Detailní postup včetně obrázků najdeš zde: http://forum.viry.cz/viewtopic.php?f=24&t=120452

[jacktenrek]

zde je

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : MSI_1 [Práva správce]
Mód : Kontrola -- Datum : 04/25/2013 10:56:44
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] jre-7u21-windows-i586-iftw.exe -- C:\Documents and Settings\MSI_1\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{B7EBF420-4778-41DE-B723-D8358EE7DA7B} : NameServer (8.26.56.26,156.154.70.22) -> NALEZENO
[DNS] HKLM\[...]\ControlSet003\Services\Tcpip\Interfaces\{B7EBF420-4778-41DE-B723-D8358EE7DA7B} : NameServer (8.26.56.26,156.154.70.22) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[45] : NtCreatePagingFile @ 0x805A0F3C -> HOOKED (Vax347b.sys @ 0xB9F81C70)
SSDT[241] : NtSetSystemPowerState @ 0x80649B56 -> HOOKED (Vax347b.sys @ 0xB9F8D4F0)
_INLINE_ : NtCreatePagingFile -> HOOKED (Vax347b.sys @ 0xB9F96544)

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST380817 AS SCSI Disk Device +++++
--- User ---
[MBR] a43d5e6fb8ee35ab6fdffa2552cc5737
[BSP] 728a198d76ead5bff2198e23d8534984 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 26309 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 53882010 | Size: 49999 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_04252013_02d1056.txt >>
RKreport[1]_S_04252013_02d1056.txt

[Mc_Murphy]

Tyto dva DNS servery - 8.26.56.26 a 156.154.70.22 - máš nastaveny úmyslně?

[jacktenrek]

Není to přímo můj komp.. je na těch adresách něco špatně ?

[Mc_Murphy]

A čí to je přímo komp? Jsou to DNS servery někde v USA.

[Mc_Murphy]

Tady se asi taky nebude nic řešit, co?!