VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-02-2014
Ran by Comfor (administrator) on COMFOR-PC on 10-02-2014 19:27:40
Running from C:\Users\Comfor\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
(AVG) C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesService32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(AVG) C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesApp32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe
(RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(BitTorrent Inc.) C:\Program Files\uTorrent\uTorrent.exe
(Yontoo LLC) C:\Users\Comfor\AppData\Roaming\Yontoo\YontooDesktop.exe
(Badoo) C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
(SqueakyChocolate, LLC) C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Alexey ILJIN) C:\Program Files\Translate Client\translateclient.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Conduit Ltd.) C:\Users\Comfor\AppData\Local\NativeMessaging\CT3072253\1_0_0_10\TBMessagingHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7711264 2009-08-18] (Realtek Semiconductor)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [417792 2009-11-10] (Apple Inc.)
HKLM\...\Run: [SmartSoft PDF Printer Agent] - C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe [62856 2010-10-14] ()
HKLM\...\Run: [TkBellExe] - c:\program files\real\realplayer\Update\realsched.exe [296056 2012-05-19] (RealNetworks, Inc.)
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [Namedate] - C:\nezmeskej\nezmeskej.exe [924160 2011-08-11] (Petr Mazánek (www.nezmeskej.cz, info@nezmeskej.cz, +420608702180))
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [ALLUpdate] - C:\Program Files\OpenSubtitlesPlayer\ALLUpdate.exe [1064448 2011-08-17] ()
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [802136 2013-06-25] (BitTorrent Inc.)
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [Yontoo Desktop] - C:\Users\Comfor\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-06] (Yontoo LLC)
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [Badoo Desktop] - C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [1067232 2012-12-24] (Badoo)
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [TBHostSupport] - "C:\Windows\system32\Rundll32.exe" "C:\Users\Comfor\AppData\Local\TBHostSupport\TBHostSupport_0.dll",DLLRunTBHostSupportPlugin <===== ATTENTION
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [Advanced SystemCare 7] - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-09] (IObit)
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [UpdateChecker] - C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe [7168 2013-11-09] (SqueakyChocolate, LLC)
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [NextLive] - C:\Windows\system32\rundll32.exe "C:\Users\Comfor\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe [814472 2013-06-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\MountPoints2: {74b8fbee-0f4b-11df-82ec-00241d3fae49} - I:\Launcher.exe
AppInit_DLLs: c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll => File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x09F27A627B5DCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=1197 ... 241d3fae49
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP50
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... nkId=69157
URLSearchHook: HKLM - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
URLSearchHook: HKCU - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
SearchScopes: HKCU - bProtectorDefaultScope {F26AE35E-2B63-44FE-A252-6E72849DDCFB}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 241d3fae49
SearchScopes: HKCU - {22395ABA-C683-48AD-951D-551C2D09F220} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {A6452A64-B474-4659-9991-D2DEAD026201} URL = http://search.conduit.com/ResultsExt.as ... =CT3072253
SearchScopes: HKCU - {D477054F-B896-4F7A-B580-5465BA108A4C} URL = http://websearch.ask.com/redirect?clien ... CA10AEAB43
BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\OpenSubtitlesPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
BHO: SmileysWeLoveToolbar - {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} - C:\Program Files\Smileys We Love Toolbar for IE\adxloader.dll ()
BHO: No Name - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKLM - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - SmileysWeLove - {CF0F43AB-9C23-4D7B-8040-201B82844854} - C:\Program Files\Smileys We Love Toolbar for IE\adxloader.dll ()
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - uTorrentControl2 Toolbar - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36

FireFox:
========
FF ProfilePath: C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default
FF user.js: detected! => C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\user.js
FF NewTab: hxxp://www.delta-search.com/?affID=119776&babs ... 241d3fae49
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Delta Search
FF Homepage: hxxp://isearch.babylon.com/?affID=119776&babsrc=HP_ss_gr&mntrId=a45be2cf00000000000000241d3fae49
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.4.53 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.4.53 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.775 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.4.53 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: NitroPDF - C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\Extensions\ascsurfingprotection@iobit.com [2014-01-16]
FF Extension: Babylon - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\Extensions\ffxtlbr@babylon.com [2012-02-12]
FF Extension: Iplex to ALLPlayer - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\Extensions\IplextoALL@ALLPlayer.org [2012-02-12]
FF Extension: Yontoo - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\Extensions\plugin@yontoo.com [2013-03-09]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-10-21]
FF Extension: uTorrentControl2 Community Toolbar - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\Extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} [2012-05-05]
FF Extension: FreeHDSport.TV - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\Extensions\freehdsport@freehdsport.tv.xpi [2013-03-09]
FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi [2014-01-16]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-13]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010-12-31]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-11-29]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-11-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-05]

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (NPObject) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.3_0\NPObject.dll No File
CHR Plugin: (Conduit Chrome Approve TB Plugin) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.19.11_0\plugins/ChromeApproveTBPlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (FreeHDSport.TV) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok [2013-03-09]
CHR Extension: (YouTube) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-26]
CHR Extension: (Delta Toolbar) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-03-09]
CHR Extension: (Free Smileys & Emoticons) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl [2014-01-16]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2010-04-18]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-05]
CHR Extension: (Peněženka Google) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (uTorrentControl2) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc [2012-05-12]
CHR Extension: (Gmail) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-26]
CHR HKLM\...\Chrome\Extension: [bgnnidmnbdkmhfkjgdnngciimpdgohok] - C:\Program Files\LSHunter.TV\stv12.crx [2013-03-09]
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Comfor\AppData\Roaming\BabSolution\CR\Delta.crx [2013-03-09]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-11-08]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2014-01-16]
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files\Yontoo\YontooLayers.crx [2014-01-16]
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Comfor\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-04-17]
CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Comfor\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-04-17]

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
S2 gupdate1ca67a83b1110db; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-11-17] (Google Inc.)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 NitroReaderDriverReadSpool2; C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [196912 2011-06-21] (Nitro PDF Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesService32.exe [1741624 2013-12-18] (AVG)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [35640 2013-12-18] (AVG)
S2 Yontoo Desktop Updater; C:\Users\Comfor\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-06] (Yontoo LLC)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [X]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R0 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 AswRdr; C:\Windows\system32\Drivers\AswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [177864 2013-08-30] ()
S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [27672 2007-08-20] (EnTech Taiwan)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-10 19:27 - 2014-02-10 19:28 - 00030247 _____ () C:\Users\Comfor\Desktop\FRST.txt
2014-02-10 19:26 - 2014-02-10 19:26 - 00112640 _____ (forum.viry.cz) C:\Users\Comfor\Desktop\FRSTLauncher.exe
2014-02-10 19:26 - 2014-02-10 19:26 - 00029696 _____ () C:\Users\Comfor\AppData\Local\MSGBOX.EXE
2014-02-10 19:26 - 2014-02-10 19:26 - 00015327 _____ () C:\Users\Comfor\Desktop\LM.bat
2014-02-10 19:22 - 2014-02-10 19:27 - 00000000 ____D () C:\FRST
2014-02-10 19:21 - 2014-02-10 19:21 - 01139200 _____ (Farbar) C:\Users\Comfor\Desktop\FRST.exe
2014-02-05 22:15 - 2014-02-05 22:27 - 691994575 _____ () C:\Users\Comfor\Downloads\czmswin_16_part_3_720.wmv
2014-02-05 22:14 - 2014-02-05 22:23 - 723221695 _____ () C:\Users\Comfor\Downloads\czmswin_16_part_2_720.wmv
2014-02-05 22:14 - 2014-02-05 22:14 - 00013748 _____ () C:\Users\Comfor\Downloads\[CzT]SwingersAkce_16_3_dil_CzechMegaSwinger_.torrent
2014-02-05 22:14 - 2014-02-05 22:14 - 00013748 _____ () C:\Users\Comfor\Downloads\[CzT]SwingersAkce_16_3_dil_CzechMegaSwinger_ (1).torrent
2014-02-05 22:11 - 2014-02-05 22:13 - 00014348 _____ () C:\Users\Comfor\Downloads\[CzT]SwingersAkce_16_2_dil.torrent
2014-02-03 21:42 - 2014-02-03 21:44 - 00000000 ____D () C:\Users\Comfor\Downloads\Czech Mega Swingers 17
2014-02-03 21:41 - 2014-02-03 21:41 - 00018501 _____ () C:\Users\Comfor\Downloads\[CzT]Czech_Mega_Swingers_17_2013_CZ_.torrent
2014-02-03 21:40 - 2014-02-03 22:00 - 615570963 _____ () C:\Users\Comfor\Downloads\czmswin_16_part_1_720.wmv
2014-02-03 21:40 - 2014-02-03 21:40 - 00012308 _____ () C:\Users\Comfor\Downloads\[CzT]SwingersAkce_16_1_dil_720p_.torrent
2014-01-17 20:31 - 2014-01-17 20:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-17 20:31 - 2014-01-17 20:31 - 00000000 _____ () C:\Windows\setupact.log
2014-01-17 20:29 - 2013-12-18 09:38 - 00035640 _____ (AVG) C:\Windows\system32\uxtuneup.dll
2014-01-17 20:29 - 2013-12-18 09:38 - 00025400 _____ (AVG) C:\Windows\system32\authuitu.dll
2014-01-17 16:29 - 2014-01-17 16:29 - 00005498 _____ () C:\Windows\PFRO.log
2014-01-17 16:28 - 2014-01-17 16:28 - 46379008 _____ () C:\Windows\system32\config\software.iodefrag.bak
2014-01-17 16:28 - 2014-01-17 16:28 - 38453248 _____ () C:\Windows\system32\config\components.iodefrag.bak
2014-01-17 16:28 - 2014-01-17 16:28 - 00229376 _____ () C:\Windows\system32\config\default.iodefrag.bak
2014-01-17 16:28 - 2014-01-17 16:28 - 00057344 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2014-01-17 16:28 - 2014-01-17 16:28 - 00028672 _____ () C:\Windows\system32\config\security.iodefrag.bak
2014-01-17 16:28 - 2014-01-17 16:28 - 00000000 _____ () C:\asc_rdflag
2014-01-16 20:40 - 2013-06-27 18:05 - 00024384 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2014-01-16 19:36 - 2014-01-16 19:36 - 45760512 _____ () C:\Windows\system32\config\software.iobit
2014-01-16 19:36 - 2014-01-16 19:36 - 38453248 _____ () C:\Windows\system32\config\components.iobit
2014-01-16 19:36 - 2014-01-16 19:36 - 00229376 _____ () C:\Windows\system32\config\default.iobit
2014-01-16 19:36 - 2014-01-16 19:36 - 00057344 _____ () C:\Windows\system32\config\sam.iobit
2014-01-16 19:36 - 2014-01-16 19:36 - 00028672 _____ () C:\Windows\system32\config\security.iobit
2014-01-16 19:23 - 2014-02-10 18:44 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\newnext.me
2014-01-16 19:23 - 2014-01-16 19:24 - 00000000 ____D () C:\Users\Comfor\AppData\Local\Mobogenie
2014-01-16 19:23 - 2014-01-16 19:23 - 00000000 ____D () C:\Users\Comfor\Documents\Mobogenie
2014-01-16 19:23 - 2014-01-16 19:23 - 00000000 ____D () C:\Users\Comfor\AppData\Local\genienext
2014-01-16 19:23 - 2014-01-16 19:23 - 00000000 ____D () C:\Users\Comfor\AppData\Local\cache
2014-01-16 19:23 - 2014-01-16 19:23 - 00000000 ____D () C:\Users\Comfor\.android
2014-01-16 19:23 - 2014-01-16 19:23 - 00000000 _____ () C:\Users\Comfor\daemonprocess.txt
2014-01-16 19:22 - 2014-01-16 19:24 - 00000000 ____D () C:\Program Files\Mobogenie
2014-01-16 19:21 - 2014-01-16 19:21 - 00000000 ____D () C:\Program Files\SqueakyChocolate
2014-01-16 19:20 - 2014-01-16 19:21 - 00000000 ____D () C:\Program Files\Smileys We Love Toolbar for IE
2014-01-16 19:20 - 2014-01-16 19:20 - 00000000 ____D () C:\Users\Comfor\Documents\Add-in Express
2014-01-16 19:19 - 2014-01-16 19:19 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\Apple Computer
2014-01-16 19:18 - 2014-01-16 19:18 - 00001036 _____ () C:\Users\Comfor\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-01-16 19:18 - 2014-01-16 19:18 - 00001012 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-01-16 19:18 - 2014-01-16 19:18 - 00000000 ____D () C:\ProgramData\ProductData
2014-01-16 19:18 - 2014-01-16 19:18 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-16 19:18 - 2013-12-18 09:38 - 00036152 _____ (AVG) C:\Windows\system32\TURegOpt.exe
2014-01-16 19:17 - 2014-01-31 07:52 - 00001992 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-01-16 19:17 - 2014-01-17 20:29 - 00000000 ____D () C:\Program Files\AVG PC TuneUp 2014
2014-01-16 19:17 - 2014-01-16 19:20 - 00000000 ____D () C:\ProgramData\IObit
2014-01-16 19:17 - 2014-01-16 19:18 - 00000000 ____D () C:\Program Files\IObit
2014-01-16 19:17 - 2014-01-16 19:17 - 00001846 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
2014-01-16 19:17 - 2014-01-16 19:17 - 00001832 _____ () C:\Users\Public\Desktop\AVG údržba 1 kliknutím.lnk
2014-01-16 19:17 - 2014-01-16 19:17 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\AVG
2014-01-16 19:16 - 2014-01-17 20:32 - 00000000 ____D () C:\ProgramData\AVG
2014-01-16 19:16 - 2014-01-16 19:19 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\IObit
2014-01-16 19:16 - 2014-01-16 19:16 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-01-16 19:14 - 2014-01-16 19:15 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\rmi

==================== One Month Modified Files and Folders =======

2014-02-10 19:28 - 2014-02-10 19:27 - 00030247 _____ () C:\Users\Comfor\Desktop\FRST.txt
2014-02-10 19:27 - 2014-02-10 19:22 - 00000000 ____D () C:\FRST
2014-02-10 19:26 - 2014-02-10 19:26 - 00112640 _____ (forum.viry.cz) C:\Users\Comfor\Desktop\FRSTLauncher.exe
2014-02-10 19:26 - 2014-02-10 19:26 - 00029696 _____ () C:\Users\Comfor\AppData\Local\MSGBOX.EXE
2014-02-10 19:26 - 2014-02-10 19:26 - 00015327 _____ () C:\Users\Comfor\Desktop\LM.bat
2014-02-10 19:24 - 2009-11-08 15:40 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\uTorrent
2014-02-10 19:21 - 2014-02-10 19:21 - 01139200 _____ (Farbar) C:\Users\Comfor\Desktop\FRST.exe
2014-02-10 19:03 - 2009-11-17 18:22 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-10 18:48 - 2008-01-21 02:35 - 01073758 _____ () C:\Windows\WindowsUpdate.log
2014-02-10 18:44 - 2014-01-16 19:23 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\newnext.me
2014-02-10 18:44 - 2013-03-09 16:27 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\Yontoo
2014-02-10 18:44 - 2010-08-22 22:11 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\translateclient
2014-02-10 18:42 - 2009-11-17 18:22 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-10 18:42 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-10 18:42 - 2006-11-02 13:47 - 00004016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-10 18:42 - 2006-11-02 13:47 - 00004016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-10 17:25 - 2006-11-02 14:01 - 00032560 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-08 10:04 - 2009-11-03 19:49 - 00002671 _____ () C:\Users\Comfor\Desktop\Microsoft Word.lnk
2014-02-05 23:26 - 2009-09-16 11:58 - 00231936 _____ () C:\Users\Comfor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-05 22:27 - 2014-02-05 22:15 - 691994575 _____ () C:\Users\Comfor\Downloads\czmswin_16_part_3_720.wmv
2014-02-05 22:23 - 2014-02-05 22:14 - 723221695 _____ () C:\Users\Comfor\Downloads\czmswin_16_part_2_720.wmv
2014-02-05 22:14 - 2014-02-05 22:14 - 00013748 _____ () C:\Users\Comfor\Downloads\[CzT]SwingersAkce_16_3_dil_CzechMegaSwinger_.torrent
2014-02-05 22:14 - 2014-02-05 22:14 - 00013748 _____ () C:\Users\Comfor\Downloads\[CzT]SwingersAkce_16_3_dil_CzechMegaSwinger_ (1).torrent
2014-02-05 22:13 - 2014-02-05 22:11 - 00014348 _____ () C:\Users\Comfor\Downloads\[CzT]SwingersAkce_16_2_dil.torrent
2014-02-03 22:00 - 2014-02-03 21:40 - 615570963 _____ () C:\Users\Comfor\Downloads\czmswin_16_part_1_720.wmv
2014-02-03 21:44 - 2014-02-03 21:42 - 00000000 ____D () C:\Users\Comfor\Downloads\Czech Mega Swingers 17
2014-02-03 21:41 - 2014-02-03 21:41 - 00018501 _____ () C:\Users\Comfor\Downloads\[CzT]Czech_Mega_Swingers_17_2013_CZ_.torrent
2014-02-03 21:40 - 2014-02-03 21:40 - 00012308 _____ () C:\Users\Comfor\Downloads\[CzT]SwingersAkce_16_1_dil_720p_.torrent
2014-01-31 07:52 - 2014-01-16 19:17 - 00001992 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-01-19 18:51 - 2009-12-13 20:59 - 00000000 ____D () C:\Users\Comfor\Desktop\radim
2014-01-19 10:08 - 2012-12-22 22:58 - 00000000 ____D () C:\Users\Comfor\Desktop\Simpsonovi
2014-01-17 22:21 - 2012-05-05 13:12 - 00000000 ____D () C:\Users\Comfor\AppData\Local\Conduit
2014-01-17 20:32 - 2014-01-16 19:16 - 00000000 ____D () C:\ProgramData\AVG
2014-01-17 20:31 - 2014-01-17 20:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-17 20:31 - 2014-01-17 20:31 - 00000000 _____ () C:\Windows\setupact.log
2014-01-17 20:29 - 2014-01-16 19:17 - 00000000 ____D () C:\Program Files\AVG PC TuneUp 2014
2014-01-17 16:44 - 2009-09-11 13:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-17 16:43 - 2013-08-16 07:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-17 16:36 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-17 16:29 - 2014-01-17 16:29 - 00005498 _____ () C:\Windows\PFRO.log
2014-01-17 16:28 - 2014-01-17 16:28 - 46379008 _____ () C:\Windows\system32\config\software.iodefrag.bak
2014-01-17 16:28 - 2014-01-17 16:28 - 38453248 _____ () C:\Windows\system32\config\components.iodefrag.bak
2014-01-17 16:28 - 2014-01-17 16:28 - 00229376 _____ () C:\Windows\system32\config\default.iodefrag.bak
2014-01-17 16:28 - 2014-01-17 16:28 - 00057344 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2014-01-17 16:28 - 2014-01-17 16:28 - 00028672 _____ () C:\Windows\system32\config\security.iodefrag.bak
2014-01-17 16:28 - 2014-01-17 16:28 - 00000000 _____ () C:\asc_rdflag
2014-01-17 16:28 - 2009-09-16 10:45 - 00000000 ____D () C:\Users\Comfor
2014-01-16 20:40 - 2013-11-26 17:41 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2014-01-16 20:39 - 2009-09-25 20:01 - 00000000 ____D () C:\Windows\Minidump
2014-01-16 20:39 - 2009-09-11 13:38 - 00000000 ____D () C:\Windows\Panther
2014-01-16 19:52 - 2010-10-16 12:22 - 00000000 ____D () C:\Program Files\PDFCreator
2014-01-16 19:36 - 2014-01-16 19:36 - 45760512 _____ () C:\Windows\system32\config\software.iobit
2014-01-16 19:36 - 2014-01-16 19:36 - 38453248 _____ () C:\Windows\system32\config\components.iobit
2014-01-16 19:36 - 2014-01-16 19:36 - 00229376 _____ () C:\Windows\system32\config\default.iobit
2014-01-16 19:36 - 2014-01-16 19:36 - 00057344 _____ () C:\Windows\system32\config\sam.iobit
2014-01-16 19:36 - 2014-01-16 19:36 - 00028672 _____ () C:\Windows\system32\config\security.iobit
2014-01-16 19:24 - 2014-01-16 19:23 - 00000000 ____D () C:\Users\Comfor\AppData\Local\Mobogenie
2014-01-16 19:24 - 2014-01-16 19:22 - 00000000 ____D () C:\Program Files\Mobogenie
2014-01-16 19:23 - 2014-01-16 19:23 - 00000000 ____D () C:\Users\Comfor\Documents\Mobogenie
2014-01-16 19:23 - 2014-01-16 19:23 - 00000000 ____D () C:\Users\Comfor\AppData\Local\genienext
2014-01-16 19:23 - 2014-01-16 19:23 - 00000000 ____D () C:\Users\Comfor\AppData\Local\cache
2014-01-16 19:23 - 2014-01-16 19:23 - 00000000 ____D () C:\Users\Comfor\.android
2014-01-16 19:23 - 2014-01-16 19:23 - 00000000 _____ () C:\Users\Comfor\daemonprocess.txt
2014-01-16 19:21 - 2014-01-16 19:21 - 00000000 ____D () C:\Program Files\SqueakyChocolate
2014-01-16 19:21 - 2014-01-16 19:20 - 00000000 ____D () C:\Program Files\Smileys We Love Toolbar for IE
2014-01-16 19:20 - 2014-01-16 19:20 - 00000000 ____D () C:\Users\Comfor\Documents\Add-in Express
2014-01-16 19:20 - 2014-01-16 19:17 - 00000000 ____D () C:\ProgramData\IObit
2014-01-16 19:19 - 2014-01-16 19:19 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\Apple Computer
2014-01-16 19:19 - 2014-01-16 19:16 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\IObit
2014-01-16 19:18 - 2014-01-16 19:18 - 00001036 _____ () C:\Users\Comfor\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-01-16 19:18 - 2014-01-16 19:18 - 00001012 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-01-16 19:18 - 2014-01-16 19:18 - 00000000 ____D () C:\ProgramData\ProductData
2014-01-16 19:18 - 2014-01-16 19:18 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-16 19:18 - 2014-01-16 19:17 - 00000000 ____D () C:\Program Files\IObit
2014-01-16 19:17 - 2014-01-16 19:17 - 00001846 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
2014-01-16 19:17 - 2014-01-16 19:17 - 00001832 _____ () C:\Users\Public\Desktop\AVG údržba 1 kliknutím.lnk
2014-01-16 19:17 - 2014-01-16 19:17 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\AVG
2014-01-16 19:16 - 2014-01-16 19:16 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-01-16 19:16 - 2011-12-18 09:56 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\OpenCandy
2014-01-16 19:15 - 2014-01-16 19:14 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\rmi

Files to move or delete:
====================
C:\ProgramData\ezsid.dat

Some content of TEMP:
====================
C:\Users\Comfor\AppData\Local\Temp\setup.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-10 18:49

==================== End Of Log ============================

Zdravím!
Doporučuji odinstalovat AdvancedSystemCare. Důvod: http://forum.viry.cz/viewtopic.php?f=14 ... ilit=iobit .

Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Users\Comfor\AppData\Roaming\Yontoo
C:\Program Files\Ask.com
C:\ProgramData\Badoo
C:\Program Files\McAfee Security Scan
C:\Users\Comfor\AppData\Local\NativeMessaging
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKLM\...\Run: [] - [X]
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [Yontoo Desktop] - C:\Users\Comfor\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-06] (Yontoo LLC)
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [Badoo Desktop] - C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [1067232 2012-12-24] (Badoo)
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\MountPoints2: {74b8fbee-0f4b-11df-82ec-00241d3fae49} - I:\Launcher.exe
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=1197 ... 241d3fae49
URLSearchHook: HKLM - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
URLSearchHook: HKCU - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
SearchScopes: HKCU - bProtectorDefaultScope {F26AE35E-2B63-44FE-A252-6E72849DDCFB}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 241d3fae49
SearchScopes: HKCU - {22395ABA-C683-48AD-951D-551C2D09F220} URL = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
SearchScopes: HKCU - {A6452A64-B474-4659-9991-D2DEAD026201} URL = http://search.conduit.com/ResultsExt.as ... =CT3072253
SearchScopes: HKCU - {D477054F-B896-4F7A-B580-5465BA108A4C} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ444YYCZ&apn_uid=6B581695-7E78-4346-B931-10F7205BDB19&apn_sauid=D17A7EF0-5FC2-4E80-9F3C-F1CA10AEAB43
C:\Program Files\pdfforge Toolbar
BHO: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
C:\Program Files\pdfforge Toolbar
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: No Name - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKLM - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - SmileysWeLove - {CF0F43AB-9C23-4D7B-8040-201B82844854} - C:\Program Files\Smileys We Love Toolbar for IE\adxloader.dll ()
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - uTorrentControl2 Toolbar - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
FF ProfilePath: C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default
FF user.js: detected! => C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\user.js
FF NewTab: hxxp://www.delta-search.com/?affID=1197 ... 241d3fae49
FF SearchEngineOrder.1: Delta Search
FF Homepage: hxxp://isearch.babylon.com/?affID=11977 ... 241d3fae49
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: Babylon - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\Extensions\ffxtlbr@babylon.com [2012-02-12]
FF Extension: Yontoo - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\Extensions\plugin@yontoo.com [2013-03-09]
CHR Plugin: (Conduit Chrome Approve TB Plugin) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.19.11_0\plugins/ChromeApproveTBPlugin.dll No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
S2 Yontoo Desktop Updater; C:\Users\Comfor\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-06] (Yontoo LLC)
C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
C:\Users\Comfor\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Snad je to ono:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-02-2014
Ran by Comfor at 2014-02-10 20:24:30 Run:2
Running from C:\Users\Comfor\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
C:\Users\Comfor\AppData\Roaming\Yontoo
C:\Program Files\Ask.com
C:\ProgramData\Badoo
C:\Program Files\McAfee Security Scan
C:\Users\Comfor\AppData\Local\NativeMessaging
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKLM\...\Run: [] - [X]
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [Yontoo Desktop] - C:\Users\Comfor\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-06] (Yontoo LLC)
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\Run: [Badoo Desktop] - C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [1067232 2012-12-24] (Badoo)
HKU\S-1-5-21-761075100-1063118794-438648706-1000\...\MountPoints2: {74b8fbee-0f4b-11df-82ec-00241d3fae49} - I:\Launcher.exe
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=1197 ... 241d3fae49
URLSearchHook: HKLM - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
URLSearchHook: HKCU - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
SearchScopes: HKCU - bProtectorDefaultScope {F26AE35E-2B63-44FE-A252-6E72849DDCFB}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 241d3fae49
SearchScopes: HKCU - {22395ABA-C683-48AD-951D-551C2D09F220} URL = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
SearchScopes: HKCU - {A6452A64-B474-4659-9991-D2DEAD026201} URL = http://search.conduit.com/ResultsExt.as ... =CT3072253
SearchScopes: HKCU - {D477054F-B896-4F7A-B580-5465BA108A4C} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ444YYCZ&apn_uid=6B581695-7E78-4346-B931-10F7205BDB19&apn_sauid=D17A7EF0-5FC2-4E80-9F3C-F1CA10AEAB43
C:\Program Files\pdfforge Toolbar
BHO: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
C:\Program Files\pdfforge Toolbar
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: No Name - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKLM - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - SmileysWeLove - {CF0F43AB-9C23-4D7B-8040-201B82844854} - C:\Program Files\Smileys We Love Toolbar for IE\adxloader.dll ()
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - uTorrentControl2 Toolbar - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
FF ProfilePath: C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default
FF user.js: detected! => C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\user.js
FF NewTab: hxxp://www.delta-search.com/?affID=1197 ... 241d3fae49
FF SearchEngineOrder.1: Delta Search
FF Homepage: hxxp://isearch.babylon.com/?affID=11977 ... 241d3fae49
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: Babylon - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\Extensions\ffxtlbr@babylon.com [2012-02-12]
FF Extension: Yontoo - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\Extensions\plugin@yontoo.com [2013-03-09]
CHR Plugin: (Conduit Chrome Approve TB Plugin) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.19.11_0\plugins/ChromeApproveTBPlugin.dll No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
S2 Yontoo Desktop Updater; C:\Users\Comfor\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-06] (Yontoo LLC)
C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
C:\Users\Comfor\AppData\Local\Temp
End
*****************

"C:\Users\Comfor\AppData\Roaming\Yontoo" directory move:

C:\Users\Comfor\AppData\Roaming\Yontoo\PlugIns.cache => Moved successfully.
C:\Users\Comfor\AppData\Roaming\Yontoo\YontooDesktop.exe => Moved successfully.
C:\Users\Comfor\AppData\Roaming\Yontoo\dat\Desktop.OS.dll => Moved successfully.
C:\Users\Comfor\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll => Moved successfully.
C:\Users\Comfor\AppData\Roaming\Yontoo\dat\HealthMonitor.dat => Moved successfully.
C:\Users\Comfor\AppData\Roaming\Yontoo\dat\HeartBeat.dat => Moved successfully.

Smazal pouze něco. Dejte ještě log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 .

Logfile of random's system information tool 1.09 (written by random/random)
Run by Comfor at 2014-02-10 20:35:28
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 1 GB (0%) free of 469 GB
Total RAM: 3070 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:35:45, on 10.2.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesApp32.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files\Translate Client\translateclient.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\cmd.exe
C:\Users\Comfor\AppData\Local\NativeMessaging\CT3072253\1_0_0_10\TBMessagingHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Comfor\Desktop\FRST.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Comfor\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Comfor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... nkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (file missing)
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\OPENSU~1\Iplex\IPLEXT~1.DLL
O2 - BHO: SmileysWeLoveToolbar - {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} - C:\Program Files\Smileys We Love Toolbar for IE\adxloader.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SmartSoft PDF Printer Agent] C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Namedate] C:\nezmeskej\nezmeskej.exe s s
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\OpenSubtitlesPlayer\ALLUpdate.exe" "sleep"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [TBHostSupport] "C:\Windows\system32\Rundll32.exe" "C:\Users\Comfor\AppData\Local\TBHostSupport\TBHostSupport_0.dll",DLLRunTBHostSupportPlugin
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [UpdateChecker] C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe
O4 - HKCU\..\Run: [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\Comfor\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Translate Client.lnk = C:\Program Files\Translate Client\translateclient.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate1ca67a83b1110db) (gupdate1ca67a83b1110db) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesService32.exe

--
End of file - 9946 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default

prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, pdfforge@mybrowserbar.com:4.6, wtxpcom@mybrowserbar.com:4.6, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31, ffxtlbr@babylon.com:1.2.0, IplextoALL@ALLPlayer.org:0.1.0, {687578b9-7132-4a7a-80e4-30ee31099e03}:3.12.0.8, wrc@avast.com:7.0.1426, {97E22097-9A2F-45b1-8DAF-36AD648C7EF4}:15.0.4, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3"
prefs.js - "browser.startup.homepage" - "http://isearch.babylon.com/?affID=11977 ... 241d3fae49"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775]
"Description"=6.0.12.775
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIQTScriptablePlugin.xpt
nsjsrealplayerplugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
nprpplugin.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\extensions\
ascsurfingprotection@iobit.com
IplextoALL@ALLPlayer.org
{20a82645-c095-46ed-80e3-08825760534b}
{687578b9-7132-4a7a-80e4-30ee31099e03}

C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\searchplugins\
babylon.xml
BrowserProtect.xml
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-16 752448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-19 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-11-25 665408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
IplexToALLPlayer - C:\PROGRA~1\OPENSU~1\Iplex\IPLEXT~1.DLL [2011-02-09 400384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}]
SmileysWeLoveToolbar - C:\Program Files\Smileys We Love Toolbar for IE\adxloader.dll [2013-12-03 528384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-18 7711264]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
"SmartSoft PDF Printer Agent"=C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe [2010-10-14 62856]
"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2012-05-19 296056]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Namedate"=C:\nezmeskej\nezmeskej.exe [2011-08-11 924160]
"ALLUpdate"=C:\Program Files\OpenSubtitlesPlayer\ALLUpdate.exe [2011-08-17 1064448]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2013-06-25 802136]
"TBHostSupport"=C:\Users\Comfor\AppData\Local\TBHostSupport\TBHostSupport_0.dll [2013-12-19 480032]
"Advanced SystemCare 7"=C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2013-12-09 2285344]
"UpdateChecker"=C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe [2013-11-09 7168]
"NextLive"=C:\Users\Comfor\AppData\Roaming\newnext.me\nengine.dll [2013-11-14 1283584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe [2013-06-12 814472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Translate Client.lnk - C:\Program Files\Translate Client\translateclient.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"MSVideo8"=VfWWDM32.dll
"msacm.divxa32"=msaud32_divx.acm
"vidc.XVID"=xvidvfw.dll
"msacm.vorbis"=vorbis.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-10 19:22:58 ----D---- C:\FRST
2014-01-17 20:29:42 ----A---- C:\Windows\system32\authuitu.dll
2014-01-17 20:29:36 ----A---- C:\Windows\system32\uxtuneup.dll
2014-01-16 20:40:48 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2014-01-16 19:23:36 ----D---- C:\Users\Comfor\AppData\Roaming\newnext.me
2014-01-16 19:22:18 ----D---- C:\Program Files\Mobogenie
2014-01-16 19:21:35 ----D---- C:\Program Files\SqueakyChocolate
2014-01-16 19:20:44 ----D---- C:\Program Files\Smileys We Love Toolbar for IE
2014-01-16 19:19:07 ----D---- C:\Users\Comfor\AppData\Roaming\Apple Computer
2014-01-16 19:18:39 ----D---- C:\ProgramData\ProductData
2014-01-16 19:18:02 ----A---- C:\Windows\system32\TURegOpt.exe
2014-01-16 19:17:59 ----D---- C:\ProgramData\IObit
2014-01-16 19:17:35 ----D---- C:\Users\Comfor\AppData\Roaming\AVG
2014-01-16 19:17:16 ----D---- C:\Program Files\AVG PC TuneUp 2014
2014-01-16 19:17:06 ----D---- C:\Program Files\IObit
2014-01-16 19:16:14 ----D---- C:\ProgramData\AVG
2014-01-16 19:16:11 ----D---- C:\Users\Comfor\AppData\Roaming\IObit
2014-01-16 19:16:04 ----HD---- C:\ProgramData\Common Files
2014-01-16 19:14:50 ----D---- C:\Users\Comfor\AppData\Roaming\rmi

======List of files/folders modified in the last 1 month======

2014-02-10 20:35:46 ----D---- C:\Windows\Temp
2014-02-10 20:35:45 ----D---- C:\Windows\Prefetch
2014-02-10 20:35:37 ----D---- C:\Program Files\trend micro
2014-02-10 20:33:15 ----D---- C:\Users\Comfor\AppData\Roaming\uTorrent
2014-02-10 20:29:05 ----HD---- C:\ProgramData
2014-02-10 20:29:01 ----RD---- C:\Program Files
2014-02-10 19:23:02 ----D---- C:\Windows
2014-02-10 19:10:07 ----SHD---- C:\Windows\Installer
2014-02-10 18:44:21 ----D---- C:\Users\Comfor\AppData\Roaming\translateclient
2014-02-10 12:30:32 ----SHD---- C:\System Volume Information
2014-01-21 18:24:48 ----D---- C:\Windows\system32\catroot2
2014-01-17 21:43:55 ----D---- C:\Windows\system32\Tasks
2014-01-17 20:31:04 ----D---- C:\Windows\inf
2014-01-17 20:29:42 ----D---- C:\Windows\System32
2014-01-17 16:44:55 ----D---- C:\ProgramData\Microsoft Help
2014-01-17 16:43:50 ----D---- C:\Windows\system32\MRT
2014-01-17 16:37:10 ----D---- C:\Windows\Debug
2014-01-17 16:36:59 ----A---- C:\Windows\system32\mrt.exe
2014-01-17 16:29:41 ----D---- C:\Windows\system32\config
2014-01-16 20:39:20 ----D---- C:\Windows\Panther
2014-01-16 20:39:18 ----D---- C:\Windows\Minidump
2014-01-16 20:39:18 ----D---- C:\Windows\Logs
2014-01-16 19:52:03 ----D---- C:\Program Files\PDFCreator
2014-01-16 19:16:36 ----D---- C:\Users\Comfor\AppData\Roaming\OpenCandy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-07 21576]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 49376]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 177864]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2013-08-30 49760]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 770344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 369584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 56080]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 66336]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-04-29 4491776]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-18 2752352]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-11-10 135680]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesDriver32.sys [2013-09-18 12320]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2007-08-20 27672]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-04-29 176128]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2; C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [2011-06-21 196912]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesService32.exe [2013-12-18 1741624]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe [2013-12-16 247968]
S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.3.124.0\BBSvc.exe [2013-12-16 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca67a83b1110db;Služba Google Update (gupdate1ca67a83b1110db); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-17 133104]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-17 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-07 194032]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe []

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\McAfee Security Scan
C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
C:\Program Files\Smileys We Love Toolbar for IE
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}]

:services
BBUpdate
BBSvc

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Comfor at 2014-02-10 22:19:06
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 2 GB (1%) free of 469 GB
Total RAM: 3070 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:20:05, on 10.2.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Translate Client\translateclient.exe
C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesApp32.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Comfor\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Users\Comfor\Desktop\RSIT (1).exe
C:\Program Files\trend micro\Comfor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... nkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\OPENSU~1\Iplex\IPLEXT~1.DLL
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SmartSoft PDF Printer Agent] C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Namedate] C:\nezmeskej\nezmeskej.exe s s
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\OpenSubtitlesPlayer\ALLUpdate.exe" "sleep"
O4 - HKCU\..\Run: [TBHostSupport] "C:\Windows\system32\Rundll32.exe" "C:\Users\Comfor\AppData\Local\TBHostSupport\TBHostSupport_0.dll",DLLRunTBHostSupportPlugin
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [UpdateChecker] C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe
O4 - HKCU\..\Run: [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\Comfor\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [uTorrent] C:\Users\Comfor\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Translate Client.lnk = C:\Program Files\Translate Client\translateclient.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate1ca67a83b1110db) (gupdate1ca67a83b1110db) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesService32.exe

--
End of file - 8127 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default

prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, pdfforge@mybrowserbar.com:4.6, wtxpcom@mybrowserbar.com:4.6, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31, ffxtlbr@babylon.com:1.2.0, IplextoALL@ALLPlayer.org:0.1.0, {687578b9-7132-4a7a-80e4-30ee31099e03}:3.12.0.8, wrc@avast.com:7.0.1426, {97E22097-9A2F-45b1-8DAF-36AD648C7EF4}:15.0.4, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3"
prefs.js - "browser.startup.homepage" - "http://isearch.babylon.com/?affID=11977 ... 241d3fae49"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775]
"Description"=6.0.12.775
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIQTScriptablePlugin.xpt
nsjsrealplayerplugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
nprpplugin.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\extensions\
ascsurfingprotection@iobit.com
IplextoALL@ALLPlayer.org
{20a82645-c095-46ed-80e3-08825760534b}
{687578b9-7132-4a7a-80e4-30ee31099e03}

C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\kn6rs3m6.default\searchplugins\
babylon.xml
BrowserProtect.xml
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-16 752448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-11-25 665408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
IplexToALLPlayer - C:\PROGRA~1\OPENSU~1\Iplex\IPLEXT~1.DLL [2011-02-09 400384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-18 7711264]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
"SmartSoft PDF Printer Agent"=C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe [2010-10-14 62856]
"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2012-05-19 296056]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Namedate"=C:\nezmeskej\nezmeskej.exe [2011-08-11 924160]
"ALLUpdate"=C:\Program Files\OpenSubtitlesPlayer\ALLUpdate.exe [2011-08-17 1064448]
"TBHostSupport"=C:\Users\Comfor\AppData\Local\TBHostSupport\TBHostSupport_0.dll [2013-12-19 480032]
"Advanced SystemCare 7"=C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2013-12-09 2285344]
"UpdateChecker"=C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe [2013-11-09 7168]
"NextLive"=C:\Users\Comfor\AppData\Roaming\newnext.me\nengine.dll [2013-11-14 1283584]
"uTorrent"=C:\Users\Comfor\AppData\Roaming\uTorrent\uTorrent.exe [2014-02-10 905296]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Translate Client.lnk - C:\Program Files\Translate Client\translateclient.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"MSVideo8"=VfWWDM32.dll
"msacm.divxa32"=msaud32_divx.acm
"vidc.XVID"=xvidvfw.dll
"msacm.vorbis"=vorbis.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-10 22:05:22 ----D---- C:\_OTM
2014-02-10 19:22:58 ----D---- C:\FRST
2014-01-17 20:29:42 ----A---- C:\Windows\system32\authuitu.dll
2014-01-17 20:29:36 ----A---- C:\Windows\system32\uxtuneup.dll
2014-01-16 20:40:48 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2014-01-16 19:23:36 ----D---- C:\Users\Comfor\AppData\Roaming\newnext.me
2014-01-16 19:22:18 ----D---- C:\Program Files\Mobogenie
2014-01-16 19:21:35 ----D---- C:\Program Files\SqueakyChocolate
2014-01-16 19:19:07 ----D---- C:\Users\Comfor\AppData\Roaming\Apple Computer
2014-01-16 19:18:39 ----D---- C:\ProgramData\ProductData
2014-01-16 19:18:02 ----A---- C:\Windows\system32\TURegOpt.exe
2014-01-16 19:17:59 ----D---- C:\ProgramData\IObit
2014-01-16 19:17:35 ----D---- C:\Users\Comfor\AppData\Roaming\AVG
2014-01-16 19:17:16 ----D---- C:\Program Files\AVG PC TuneUp 2014
2014-01-16 19:17:06 ----D---- C:\Program Files\IObit
2014-01-16 19:16:14 ----D---- C:\ProgramData\AVG
2014-01-16 19:16:11 ----D---- C:\Users\Comfor\AppData\Roaming\IObit
2014-01-16 19:16:04 ----HD---- C:\ProgramData\Common Files
2014-01-16 19:14:50 ----D---- C:\Users\Comfor\AppData\Roaming\rmi

======List of files/folders modified in the last 1 month======

2014-02-10 22:20:01 ----D---- C:\Windows\Temp
2014-02-10 22:19:18 ----D---- C:\Program Files\trend micro
2014-02-10 22:18:59 ----D---- C:\Windows\Prefetch
2014-02-10 22:16:10 ----D---- C:\Users\Comfor\AppData\Roaming\uTorrent
2014-02-10 22:16:02 ----D---- C:\Program Files\uTorrent
2014-02-10 22:14:38 ----D---- C:\Users\Comfor\AppData\Roaming\translateclient
2014-02-10 22:05:25 ----D---- C:\Windows\Tasks
2014-02-10 22:05:24 ----RD---- C:\Program Files
2014-02-10 21:32:31 ----SHD---- C:\$Recycle.Bin
2014-02-10 20:41:43 ----SHD---- C:\System Volume Information
2014-02-10 20:29:05 ----HD---- C:\ProgramData
2014-02-10 19:23:02 ----D---- C:\Windows
2014-02-10 19:10:07 ----SHD---- C:\Windows\Installer
2014-01-21 18:24:48 ----D---- C:\Windows\system32\catroot2
2014-01-17 21:43:55 ----D---- C:\Windows\system32\Tasks
2014-01-17 20:31:04 ----D---- C:\Windows\inf
2014-01-17 20:29:42 ----D---- C:\Windows\System32
2014-01-17 16:44:55 ----D---- C:\ProgramData\Microsoft Help
2014-01-17 16:43:50 ----D---- C:\Windows\system32\MRT
2014-01-17 16:37:10 ----D---- C:\Windows\Debug
2014-01-17 16:36:59 ----A---- C:\Windows\system32\mrt.exe
2014-01-17 16:29:41 ----D---- C:\Windows\system32\config
2014-01-16 20:39:20 ----D---- C:\Windows\Panther
2014-01-16 20:39:18 ----D---- C:\Windows\Minidump
2014-01-16 20:39:18 ----D---- C:\Windows\Logs
2014-01-16 19:52:03 ----D---- C:\Program Files\PDFCreator
2014-01-16 19:16:36 ----D---- C:\Users\Comfor\AppData\Roaming\OpenCandy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-07 21576]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 49376]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 177864]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2013-08-30 49760]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 770344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 369584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 56080]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 66336]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-04-29 4491776]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-18 2752352]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-11-10 135680]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesDriver32.sys [2013-09-18 12320]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2007-08-20 27672]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-04-29 176128]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2; C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [2011-06-21 196912]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesService32.exe [2013-12-18 1741624]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca67a83b1110db;Služba Google Update (gupdate1ca67a83b1110db); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-17 133104]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-17 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-07 194032]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe []

-----------------EOF-----------------

Máte příliš málo volného místa na disku. Přesuňte některá svá data na jiné úložiště, příp. odinstalujte nepoužívané programy. Log je již OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu