Logfile of random's system information tool 1.09 (written by random/random)
Run by Jana at 2012-11-01 23:52:35
Microsoft Windows 7 Home Premium
System drive C: has 51 GB (43%) free of 119 GB
Total RAM: 4061 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:52:44, on 1. 11. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17115)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ost
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ost&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: {A777FC6F-16C6-4C2A-AACB-BCDF73762F78} - - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: tmchlang.lnk = C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O15 - Trusted Zone: http://*.alipay.com
O15 - Trusted Zone: http://*.alisoft.com
O15 - Trusted Zone: http://*.taobao.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9269 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
taskeng.exe {B7334D83-6070-43CC-B63E-6577E4070A7C}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\svchost.exe -k secsvcs
"taskhost.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\explorer.exe"
"C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe" /firstrun
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "https://www.dropbox.com/tray_login?i=38 ... 6&cl=en_US"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4804.1.2069017021\1405449707" --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2202 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4804.3.1373780803\2047579972" --lang=sk --ignored=" --type=renderer " /prefetch:13
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/NewTabButton/default/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="4804.15.1652618675\220152910" /prefetch:3
"C:\Program Files (x86)\uTorrent\uTorrent.exe" "magnet:?xt=urn:btih:88d8226523f4a012defafe5e61ee9749b807bd6a&dn=Worms+Revolution-FLT&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.publicbt.com%3A80&tr=udp%3A%2F%2Ftracker.istole.it%3A6969&tr=udp%3A%2F%2Ftracker.ccc.de%3A80"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6d642380-72e0-4929-b725-8996ad562216 -SystemEventPortName:HostProcess-acbc5fdc-bf12-489f-8576-3288bc2896d6 -IoCancelEventPortName:HostProcess-d299cb34-fc6b-4dd0-90ef-df5785c408b2 -NonStateChangingEventPortName:HostProcess-2c84cee8-a475-4c30-bbcf-bf08b73cd2f1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fedf6494-bf4f-4add-9d26-ab45f87cb490
C:\Windows\system32\AUDIODG.EXE 0x5bc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/NewTabButton/default/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="4804.32.1677613822\316502527" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/NewTabButton/default/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="4804.34.73962033\1563343694" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe28_ Global\UsGthrCtrlFltPipeMssGthrPipe28 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"D:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default
prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8, {8b86149f-01fb-4842-9dd8-4d7eb02fd055}:0.22.0, {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6, battlefieldheroespatcher@ea.com:5.0.67.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... 2.0.0.4&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npww.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npww.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
fcmdSrchost.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\
battlefieldheroespatcher@ea.com
engine@conduit.com
{800b5000-a755-47e1-992b-48a1c1357f07}
{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\searchplugins\
daemon-search.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-10-30 1502288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-10-30 1502288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04 843712]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\AsScrProlog.exe [2009-11-03 72248]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-11-03 3054136]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AutoCAD Startup Accelerator.lnk - C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe
FancyStart daemon.lnk - C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe
tmchlang.lnk - C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2012-11-01 23:52:36 ----D---- C:\Program Files\trend micro
2012-11-01 23:52:35 ----D---- C:\rsit
2012-11-01 22:03:25 ----D---- C:\Users\Jana\AppData\Roaming\Dropbox
2012-11-01 22:00:28 ----D---- C:\Phenomedia AG
2012-11-01 21:05:26 ----D---- C:\Users\Jana\AppData\Roaming\GRETECH
2012-11-01 20:57:58 ----D---- C:\Program Files (x86)\GRETECH
2012-11-01 19:01:00 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2012-11-01 17:38:42 ----D---- C:\Program Files\CCleaner
2012-10-11 09:28:26 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-11 09:28:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-10-11 09:28:25 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-10-11 09:28:25 ----A---- C:\Windows\system32\winsrv.dll
2012-10-11 09:28:25 ----A---- C:\Windows\system32\kernel32.dll
2012-10-11 09:28:25 ----A---- C:\Windows\system32\conhost.exe
2012-10-11 09:28:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 09:28:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-11 09:28:24 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 09:28:24 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-11 09:28:24 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 09:28:24 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-10-11 09:28:24 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-10-11 09:28:24 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-10-11 09:28:24 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-10-11 09:28:24 ----A---- C:\Windows\system32\wow64win.dll
2012-10-11 09:28:24 ----A---- C:\Windows\system32\wow64cpu.dll
2012-10-11 09:28:24 ----A---- C:\Windows\system32\wow64.dll
2012-10-11 09:28:24 ----A---- C:\Windows\system32\ntvdm64.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-11 09:28:22 ----A---- C:\Windows\SYSWOW64\user.exe
2012-10-11 09:28:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-11 09:28:08 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-10-11 09:28:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-10-11 09:28:06 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-11 09:28:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-10-11 09:28:04 ----A---- C:\Windows\system32\wintrust.dll
2012-10-11 09:27:44 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-10-11 09:27:44 ----A---- C:\Windows\system32\tzres.dll
2012-10-11 09:27:31 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-10-11 09:27:31 ----A---- C:\Windows\system32\kerberos.dll
2012-10-11 09:27:05 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-10-11 09:27:05 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-10-11 09:27:05 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-10-11 09:27:05 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-11 09:27:05 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-11 09:27:05 ----A---- C:\Windows\system32\crypt32.dll
======List of files/folders modified in the last 1 month======
2012-11-01 23:52:40 ----D---- C:\Windows\Temp
2012-11-01 23:52:36 ----RD---- C:\Program Files
2012-11-01 23:44:49 ----D---- C:\Users\Jana\AppData\Roaming\Skype
2012-11-01 23:44:47 ----D---- C:\Users\Jana\AppData\Roaming\uTorrent
2012-11-01 22:00:28 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-01 22:00:23 ----SHD---- C:\System Volume Information
2012-11-01 21:59:48 ----D---- C:\Windows\system32\config
2012-11-01 21:59:41 ----D---- C:\Windows\winsxs
2012-11-01 21:09:48 ----D---- C:\Windows\Logs
2012-11-01 21:07:41 ----SHD---- C:\Windows\Installer
2012-11-01 21:07:37 ----SHD---- C:\Config.Msi
2012-11-01 20:58:08 ----D---- C:\Windows\SysWOW64
2012-11-01 20:57:58 ----RD---- C:\Program Files (x86)
2012-11-01 20:26:21 ----D---- C:\Windows\Microsoft.NET
2012-11-01 20:13:24 ----AD---- C:\ProgramData\Temp
2012-11-01 19:37:31 ----D---- C:\Users\Jana\AppData\Roaming\Farm Mania 2
2012-11-01 19:08:25 ----D---- C:\Windows\System32
2012-11-01 19:08:25 ----D---- C:\Windows\inf
2012-11-01 19:08:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-01 19:04:20 ----D---- C:\Windows\system32\Tasks
2012-11-01 19:03:46 ----A---- C:\Windows\system32\acovcnt.exe
2012-11-01 19:01:46 ----D---- C:\Windows\system32\DriverStore
2012-11-01 19:01:46 ----D---- C:\Windows\system32\drivers
2012-11-01 19:01:02 ----D---- C:\Windows\system32\catroot
2012-11-01 18:58:48 ----D---- C:\Windows
2012-11-01 18:28:16 ----D---- C:\Program Files (x86)\Google
2012-11-01 18:26:04 ----D---- C:\Windows\Tasks
2012-11-01 18:18:07 ----A---- C:\Windows\system32\ServiceFilter.ini
2012-11-01 18:10:18 ----D---- C:\ProgramData\Adobe
2012-11-01 18:10:15 ----D---- C:\Program Files (x86)\Common Files
2012-11-01 18:10:15 ----D---- C:\Program Files (x86)\Adobe
2012-11-01 18:01:41 ----D---- C:\Program Files\Google
2012-11-01 17:58:35 ----D---- C:\Users\Jana\AppData\Roaming\DAEMON Tools Lite
2012-11-01 17:58:32 ----D---- C:\Windows\Panther
2012-11-01 17:58:32 ----D---- C:\Windows\ModemLogs
2012-11-01 17:58:32 ----D---- C:\Windows\Minidump
2012-11-01 17:58:32 ----D---- C:\Windows\debug
2012-11-01 17:55:33 ----D---- C:\Users\Jana\AppData\Roaming\ChromePlus
2012-11-01 17:51:52 ----RSD---- C:\Windows\assembly
2012-11-01 17:51:32 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-01 17:48:36 ----DC---- C:\Windows\system32\DRVSTORE
2012-11-01 17:44:25 ----D---- C:\Program Files (x86)\Webteh
2012-11-01 17:43:20 ----D---- C:\ProgramData\CyberLink
2012-11-01 17:43:20 ----D---- C:\Program Files (x86)\CyberLink
2012-11-01 17:40:07 ----D---- C:\Windows\system32\catroot2
2012-11-01 17:36:16 ----D---- C:\ProgramData\Google
2012-11-01 17:10:27 ----SD---- C:\ProgramData\Microsoft
2012-11-01 17:10:27 ----D---- C:\Program Files (x86)\Microsoft
2012-11-01 17:02:48 ----D---- C:\Program Files (x86)\PokerStars
2012-11-01 16:57:39 ----HD---- C:\ProgramData
2012-11-01 16:49:22 ----D---- C:\Windows\system32\NDF
2012-10-30 23:50:59 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-10-30 23:50:30 ----A---- C:\Windows\system32\aswBoot.exe
2012-10-24 19:44:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-23 19:12:01 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-18 19:15:28 ----D---- C:\Users\Jana\AppData\Roaming\VSO
2012-10-18 18:14:50 ----D---- C:\Windows\rescache
2012-10-18 15:07:16 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-10-18 15:07:15 ----D---- C:\Windows\system32\sk-SK
2012-10-18 15:07:14 ----D---- C:\Windows\AppPatch
2012-10-11 09:58:30 ----A---- C:\Windows\system32\MRT.exe
2012-10-11 09:57:30 ----D---- C:\ProgramData\Microsoft Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-09 55296]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2008-05-02 8704]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2008-05-02 8704]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-15 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-01 116648]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-02-28 77944]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-14 1436424]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-01 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-23 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-20 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
poprosim o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: poprosim o kontrolu logu
Zdravím. 
Vydrž minutku, na logu se intenzivně pracuje.
Vydrž minutku, na logu se intenzivně pracuje.
-
-
- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: poprosim o kontrolu logu
Aktualizuj MS Internet Explorer na poslední verzi. I když používáš prohlížeč Google Chrome, aktualizace řeší spoustu problémů i v systému samotném. Potom stáhni AdwCleaner - http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulož jej nejlépe na Plochu.
- Ukonči všechny programy!!
- Spusť AdwCleaner.
- Pokud používáš operační systém Windows Vista či Windows 7, klikni na AdwCleaner pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Klikni na [Search].
- Proběhne scan a pak se objeví log, který bude případně uložen na systémovém disku jako AdwCleaner[R?].txt - ten mi sem vlož.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: poprosim o kontrolu logu
# AdwCleaner v2.006 - Logfile created 11/02/2012 at 13:14:54
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Jana - JK-ASUS
# Boot Mode : Normal
# Running from : D:\Downloads\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\searchplugins\daemon-search.xml
File Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\searchplugins\icqplugin.xml
File Found : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Found : C:\Program Files (x86)\ICQ6Toolbar
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\Users\Jana\AppData\Local\Conduit
Folder Found : C:\Users\Jana\AppData\LocalLow\Conduit
Folder Found : C:\Users\Jana\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Jana\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\Conduit
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\ConduitCommon
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\ConduitEngine
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\CT2786678
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\engine@conduit.com
***** [Registry] *****
Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKU\S-1-5-21-675917271-2835206629-2704416999-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKU\S-1-5-21-675917271-2835206629-2704416999-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-675917271-2835206629-2704416999-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKU\S-1-5-21-675917271-2835206629-2704416999-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.7600.16385
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.facemoods.com/?a=ost
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ost&s={searchTerms}&f=4
-\\ Mozilla Firefox v16.0.1 (sk)
Profile name : default
File : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\prefs.js
Found : user_pref("CT2786678..clientLogIsEnabled", true);
Found : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
Found : user_pref("CT2786678.CTID", "CT2786678");
Found : user_pref("CT2786678.CurrentServerDate", "1-11-2012");
Found : user_pref("CT2786678.DialogsAlignMode", "LTR");
Found : user_pref("CT2786678.DialogsGetterLastCheckTime", "Wed Oct 31 2012 19:32:01 GMT+0100");
Found : user_pref("CT2786678.DownloadReferralCookieData", "");
Found : user_pref("CT2786678.EMailNotifierPollDate", "Tue Jul 19 2011 08:18:46 GMT+0200");
Found : user_pref("CT2786678.FeedLastCount5690698542593514850", 474);
Found : user_pref("CT2786678.FeedPollDate2429156812186649977", "Mon Jul 18 2011 07:59:44 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813040823546", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813130095866", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813224203613", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813230837251", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813454291735", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813729834876", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813860870021", "Mon Jul 18 2011 07:59:44 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156814264681793", "Mon Jul 18 2011 07:59:43 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156814863075366", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156815257761081", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Found : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Found : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Found : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Found : user_pref("CT2786678.FirstServerDate", "15-7-2011");
Found : user_pref("CT2786678.FirstTime", true);
Found : user_pref("CT2786678.FirstTimeFF3", true);
Found : user_pref("CT2786678.FixPageNotFoundErrors", false);
Found : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2786678.HasUserGlobalKeys", true);
Found : user_pref("CT2786678.HomePageProtectorEnabled", false);
Found : user_pref("CT2786678.Initialize", true);
Found : user_pref("CT2786678.InitializeCommonPrefs", true);
Found : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2786678.InstallationType", "UnknownIntegration");
Found : user_pref("CT2786678.InstalledDate", "Fri Jul 15 2011 09:00:24 GMT+0200");
Found : user_pref("CT2786678.IsAlertDBUpdated", true);
Found : user_pref("CT2786678.IsGrouping", false);
Found : user_pref("CT2786678.IsInitSetupIni", true);
Found : user_pref("CT2786678.IsMulticommunity", false);
Found : user_pref("CT2786678.IsOpenThankYouPage", true);
Found : user_pref("CT2786678.IsOpenUninstallPage", false);
Found : user_pref("CT2786678.LanguagePackLastCheckTime", "Thu Nov 01 2012 20:53:25 GMT+0100");
Found : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2786678.LastLogin_3.12.0.7", "Sat Apr 28 2012 09:25:32 GMT+0200");
Found : user_pref("CT2786678.LastLogin_3.12.2.3", "Mon Jun 04 2012 18:27:11 GMT+0200");
Found : user_pref("CT2786678.LastLogin_3.13.0.6", "Wed Jul 18 2012 14:11:33 GMT+0200");
Found : user_pref("CT2786678.LastLogin_3.14.1.0", "Tue Aug 28 2012 00:25:34 GMT+0200");
Found : user_pref("CT2786678.LastLogin_3.15.1.0", "Thu Nov 01 2012 20:53:25 GMT+0100");
Found : user_pref("CT2786678.LastLogin_3.5.0.12", "Mon Aug 01 2011 23:52:41 GMT+0200");
Found : user_pref("CT2786678.LatestVersion", "3.14.1.0");
Found : user_pref("CT2786678.Locale", "en");
Found : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Found : user_pref("CT2786678.MCDetectTooltipShow", false);
Found : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Found : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2786678.OriginalFirstVersion", "3.5.0.12");
Found : user_pref("CT2786678.SearchBoxWidth", 100);
Found : user_pref("CT2786678.SearchEngineBeforeUnload", "DAEMON Search");
Found : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
Found : user_pref("CT2786678.SearchInNewTabEnabled", true);
Found : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Thu Nov 01 2012 20:53:24 GMT+0100");
Found : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2786678.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2786678.SearchProtectorEnabled", false);
Found : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2786678.ServiceMapLastCheckTime", "Thu Nov 01 2012 20:53:24 GMT+0100");
Found : user_pref("CT2786678.SettingsLastCheckTime", "Thu Nov 01 2012 20:53:24 GMT+0100");
Found : user_pref("CT2786678.SettingsLastUpdate", "1351096591");
Found : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Fri Jul 15 2011 09:00:17 GMT+0200");
Found : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246786978");
Found : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Found : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2786678.UserID", "UN15429324560742930");
Found : user_pref("CT2786678.ValidationData_Toolbar", 2);
Found : user_pref("CT2786678.WeatherNetwork", "");
Found : user_pref("CT2786678.WeatherPollDate", "Tue Jul 19 2011 08:18:48 GMT+0200");
Found : user_pref("CT2786678.WeatherUnit", "C");
Found : user_pref("CT2786678.alertChannelId", "1178763");
Found : user_pref("CT2786678.approveUntrustedApps", false);
Found : user_pref("CT2786678.backendstorage.url_history", "687474703A2F2F7777772E66616365626F6F6B2E636F6D2F7[...]
Found : user_pref("CT2786678.backendstorage.url_history_time", "31333130393730353639333436");
Found : user_pref("CT2786678.components.1000034", false);
Found : user_pref("CT2786678.components.1000080", false);
Found : user_pref("CT2786678.components.1000234", false);
Found : user_pref("CT2786678.components.129295698017012804", false);
Found : user_pref("CT2786678.components.129309485163350924", false);
Found : user_pref("CT2786678.components.129309489763975460", false);
Found : user_pref("CT2786678.components.129315411424256896", false);
Found : user_pref("CT2786678.components.129513460540910967", false);
Found : user_pref("CT2786678.components.129526967958500204", false);
Found : user_pref("CT2786678.components.5690698542593514850", false);
Found : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Mon Aug 01 2011 23:52:42 GMT+0200");
Found : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2786678.initDone", true);
Found : user_pref("CT2786678.isAppTrackingManagerOn", true);
Found : user_pref("CT2786678.myStuffEnabled", true);
Found : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,111,1000234,12929569801701[...]
Found : user_pref("CT2786678.revertSettingsEnabled", true);
Found : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Found : user_pref("CT2786678.testingCtid", "");
Found : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Thu Nov 01 2012 20:53:25 GMT+0100");
Found : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Mon Aug 01 2011 23:52:42 GMT+0200");
Found : user_pref("CT2786678.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/SK", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"d63[...]
Found : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Found : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Jana\\AppData\\Roaming\\Mozilla\\Fi[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2786678");
Found : user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2786678");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Jul 15 2011 09:00:21 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Aug 01 2011 01:54:38 GMT+0200");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Aug 01 2011 22:05:42 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "4361075a-3c21-45fd-934b-de422c39669c");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Jul 18 2011 13:16:44 GMT+0200");
Found : user_pref("CommunityToolbar.globalUserId", "4b448430-d144-4ecc-bc59-51f79ef66e5e");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Aug 01 2011 23:52:4[...]
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Aug 01 2011 23:52:50 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Aug 01 2011 23:52:42 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "79cbd93b-8075-4b1d-9bc7-39e5462e8858");
Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sun Jul 31 2011 18:12:38 GMT+0200");
Found : user_pref("ConduitEngine.CTID", "ConduitEngine");
Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sun Jul 31 2011 16:55:52 GMT+0200");
Found : user_pref("ConduitEngine.FirstServerDate", "07/15/2011 10");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
Found : user_pref("ConduitEngine.InstalledDate", "Fri Jul 15 2011 09:00:19 GMT+0200");
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", false);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Mon Aug 01 2011 22:05:43 GMT+0200");
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Found : user_pref("ConduitEngine.UserID", "UN45349061526094579");
Found : user_pref("ConduitEngine.engineLocale", "sk");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Found : user_pref("ConduitEngine.usagesFlag", 2);
Found : user_pref("browser.search.defaultenginename", "Facemoods Search");
Found : user_pref("browser.search.selectedEngine", "Facemoods Search");
Found : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Found : user_pref("extensions.facemoods.aflt", "_#ost");
Found : user_pref("extensions.facemoods.firstRun", false);
Found : user_pref("extensions.facemoods.lastActv", "20");
Found : user_pref("extensions.ffxtlbr@Facemoods.com.install-event-fired", true);
Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="[...]
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.8] : homepage = "hxxp://start.facemoods.com/?a=ost",
Found [l.1507] : homepage = "hxxp://start.facemoods.com/?a=ost",
*************************
AdwCleaner[R1].txt - [23820 octets] - [02/11/2012 13:14:06]
AdwCleaner[R2].txt - [23762 octets] - [02/11/2012 13:14:54]
########## EOF - C:\AdwCleaner[R2].txt - [23823 octets] ##########
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Jana - JK-ASUS
# Boot Mode : Normal
# Running from : D:\Downloads\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\searchplugins\daemon-search.xml
File Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\searchplugins\icqplugin.xml
File Found : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Found : C:\Program Files (x86)\ICQ6Toolbar
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\Users\Jana\AppData\Local\Conduit
Folder Found : C:\Users\Jana\AppData\LocalLow\Conduit
Folder Found : C:\Users\Jana\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Jana\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\Conduit
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\ConduitCommon
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\ConduitEngine
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\CT2786678
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Folder Found : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\engine@conduit.com
***** [Registry] *****
Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKU\S-1-5-21-675917271-2835206629-2704416999-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKU\S-1-5-21-675917271-2835206629-2704416999-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-675917271-2835206629-2704416999-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKU\S-1-5-21-675917271-2835206629-2704416999-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.7600.16385
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.facemoods.com/?a=ost
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ost&s={searchTerms}&f=4
-\\ Mozilla Firefox v16.0.1 (sk)
Profile name : default
File : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\prefs.js
Found : user_pref("CT2786678..clientLogIsEnabled", true);
Found : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
Found : user_pref("CT2786678.CTID", "CT2786678");
Found : user_pref("CT2786678.CurrentServerDate", "1-11-2012");
Found : user_pref("CT2786678.DialogsAlignMode", "LTR");
Found : user_pref("CT2786678.DialogsGetterLastCheckTime", "Wed Oct 31 2012 19:32:01 GMT+0100");
Found : user_pref("CT2786678.DownloadReferralCookieData", "");
Found : user_pref("CT2786678.EMailNotifierPollDate", "Tue Jul 19 2011 08:18:46 GMT+0200");
Found : user_pref("CT2786678.FeedLastCount5690698542593514850", 474);
Found : user_pref("CT2786678.FeedPollDate2429156812186649977", "Mon Jul 18 2011 07:59:44 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813040823546", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813130095866", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813224203613", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813230837251", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813454291735", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813729834876", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156813860870021", "Mon Jul 18 2011 07:59:44 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156814264681793", "Mon Jul 18 2011 07:59:43 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156814863075366", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedPollDate2429156815257761081", "Mon Jul 18 2011 07:59:42 GMT+0200");
Found : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Found : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Found : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Found : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Found : user_pref("CT2786678.FirstServerDate", "15-7-2011");
Found : user_pref("CT2786678.FirstTime", true);
Found : user_pref("CT2786678.FirstTimeFF3", true);
Found : user_pref("CT2786678.FixPageNotFoundErrors", false);
Found : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2786678.HasUserGlobalKeys", true);
Found : user_pref("CT2786678.HomePageProtectorEnabled", false);
Found : user_pref("CT2786678.Initialize", true);
Found : user_pref("CT2786678.InitializeCommonPrefs", true);
Found : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2786678.InstallationType", "UnknownIntegration");
Found : user_pref("CT2786678.InstalledDate", "Fri Jul 15 2011 09:00:24 GMT+0200");
Found : user_pref("CT2786678.IsAlertDBUpdated", true);
Found : user_pref("CT2786678.IsGrouping", false);
Found : user_pref("CT2786678.IsInitSetupIni", true);
Found : user_pref("CT2786678.IsMulticommunity", false);
Found : user_pref("CT2786678.IsOpenThankYouPage", true);
Found : user_pref("CT2786678.IsOpenUninstallPage", false);
Found : user_pref("CT2786678.LanguagePackLastCheckTime", "Thu Nov 01 2012 20:53:25 GMT+0100");
Found : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2786678.LastLogin_3.12.0.7", "Sat Apr 28 2012 09:25:32 GMT+0200");
Found : user_pref("CT2786678.LastLogin_3.12.2.3", "Mon Jun 04 2012 18:27:11 GMT+0200");
Found : user_pref("CT2786678.LastLogin_3.13.0.6", "Wed Jul 18 2012 14:11:33 GMT+0200");
Found : user_pref("CT2786678.LastLogin_3.14.1.0", "Tue Aug 28 2012 00:25:34 GMT+0200");
Found : user_pref("CT2786678.LastLogin_3.15.1.0", "Thu Nov 01 2012 20:53:25 GMT+0100");
Found : user_pref("CT2786678.LastLogin_3.5.0.12", "Mon Aug 01 2011 23:52:41 GMT+0200");
Found : user_pref("CT2786678.LatestVersion", "3.14.1.0");
Found : user_pref("CT2786678.Locale", "en");
Found : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Found : user_pref("CT2786678.MCDetectTooltipShow", false);
Found : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Found : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2786678.OriginalFirstVersion", "3.5.0.12");
Found : user_pref("CT2786678.SearchBoxWidth", 100);
Found : user_pref("CT2786678.SearchEngineBeforeUnload", "DAEMON Search");
Found : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
Found : user_pref("CT2786678.SearchInNewTabEnabled", true);
Found : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Thu Nov 01 2012 20:53:24 GMT+0100");
Found : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2786678.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2786678.SearchProtectorEnabled", false);
Found : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2786678.ServiceMapLastCheckTime", "Thu Nov 01 2012 20:53:24 GMT+0100");
Found : user_pref("CT2786678.SettingsLastCheckTime", "Thu Nov 01 2012 20:53:24 GMT+0100");
Found : user_pref("CT2786678.SettingsLastUpdate", "1351096591");
Found : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Fri Jul 15 2011 09:00:17 GMT+0200");
Found : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246786978");
Found : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Found : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2786678.UserID", "UN15429324560742930");
Found : user_pref("CT2786678.ValidationData_Toolbar", 2);
Found : user_pref("CT2786678.WeatherNetwork", "");
Found : user_pref("CT2786678.WeatherPollDate", "Tue Jul 19 2011 08:18:48 GMT+0200");
Found : user_pref("CT2786678.WeatherUnit", "C");
Found : user_pref("CT2786678.alertChannelId", "1178763");
Found : user_pref("CT2786678.approveUntrustedApps", false);
Found : user_pref("CT2786678.backendstorage.url_history", "687474703A2F2F7777772E66616365626F6F6B2E636F6D2F7[...]
Found : user_pref("CT2786678.backendstorage.url_history_time", "31333130393730353639333436");
Found : user_pref("CT2786678.components.1000034", false);
Found : user_pref("CT2786678.components.1000080", false);
Found : user_pref("CT2786678.components.1000234", false);
Found : user_pref("CT2786678.components.129295698017012804", false);
Found : user_pref("CT2786678.components.129309485163350924", false);
Found : user_pref("CT2786678.components.129309489763975460", false);
Found : user_pref("CT2786678.components.129315411424256896", false);
Found : user_pref("CT2786678.components.129513460540910967", false);
Found : user_pref("CT2786678.components.129526967958500204", false);
Found : user_pref("CT2786678.components.5690698542593514850", false);
Found : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Mon Aug 01 2011 23:52:42 GMT+0200");
Found : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2786678.initDone", true);
Found : user_pref("CT2786678.isAppTrackingManagerOn", true);
Found : user_pref("CT2786678.myStuffEnabled", true);
Found : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,111,1000234,12929569801701[...]
Found : user_pref("CT2786678.revertSettingsEnabled", true);
Found : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Found : user_pref("CT2786678.testingCtid", "");
Found : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Thu Nov 01 2012 20:53:25 GMT+0100");
Found : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Mon Aug 01 2011 23:52:42 GMT+0200");
Found : user_pref("CT2786678.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/SK", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"d63[...]
Found : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Found : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Jana\\AppData\\Roaming\\Mozilla\\Fi[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2786678");
Found : user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2786678");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Jul 15 2011 09:00:21 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Aug 01 2011 01:54:38 GMT+0200");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Aug 01 2011 22:05:42 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "4361075a-3c21-45fd-934b-de422c39669c");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Jul 18 2011 13:16:44 GMT+0200");
Found : user_pref("CommunityToolbar.globalUserId", "4b448430-d144-4ecc-bc59-51f79ef66e5e");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Aug 01 2011 23:52:4[...]
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Aug 01 2011 23:52:50 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Aug 01 2011 23:52:42 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "79cbd93b-8075-4b1d-9bc7-39e5462e8858");
Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sun Jul 31 2011 18:12:38 GMT+0200");
Found : user_pref("ConduitEngine.CTID", "ConduitEngine");
Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sun Jul 31 2011 16:55:52 GMT+0200");
Found : user_pref("ConduitEngine.FirstServerDate", "07/15/2011 10");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
Found : user_pref("ConduitEngine.InstalledDate", "Fri Jul 15 2011 09:00:19 GMT+0200");
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", false);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Mon Aug 01 2011 22:05:43 GMT+0200");
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Found : user_pref("ConduitEngine.UserID", "UN45349061526094579");
Found : user_pref("ConduitEngine.engineLocale", "sk");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Found : user_pref("ConduitEngine.usagesFlag", 2);
Found : user_pref("browser.search.defaultenginename", "Facemoods Search");
Found : user_pref("browser.search.selectedEngine", "Facemoods Search");
Found : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Found : user_pref("extensions.facemoods.aflt", "_#ost");
Found : user_pref("extensions.facemoods.firstRun", false);
Found : user_pref("extensions.facemoods.lastActv", "20");
Found : user_pref("extensions.ffxtlbr@Facemoods.com.install-event-fired", true);
Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="[...]
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.8] : homepage = "hxxp://start.facemoods.com/?a=ost",
Found [l.1507] : homepage = "hxxp://start.facemoods.com/?a=ost",
*************************
AdwCleaner[R1].txt - [23820 octets] - [02/11/2012 13:14:06]
AdwCleaner[R2].txt - [23762 octets] - [02/11/2012 13:14:54]
########## EOF - C:\AdwCleaner[R2].txt - [23823 octets] ##########
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: poprosim o kontrolu logu
No tam toho je... 
Takže provedeme opravy.
A dáme si další scan.
Stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
Takže provedeme opravy.
- Spusť AdwCleaner znovu.
- Pokud používáš operační systém Windows Vista či Windows 7, klikni na AdwCleaner pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Klikni na [Delete].
- PC provede opravu, restartuje se a vytvoří log C:\AdwCleaner [S1].txt - jeho obsah mi sem zase vlož.
A dáme si další scan.
Stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukonči všechny programy!
- Spusť RogueKiller. Pokud používáš operační systém Windows Vista či Windows 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Počkej, než program dokončí Prescan.
- Potom klikni na tlačítko [Prohledat] a počkej, až prohlídka proběhne.
- Klikni na tlačítko [Zpráva] - otevře se log, ten mi sem vlož.
- Detailní postup včetně obrázků najdeš zde: http://forum.viry.cz/viewtopic.php?f=24&t=120452
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: poprosim o kontrolu logu
Takze prvy log:
# AdwCleaner v2.006 - Logfile created 11/02/2012 at 21:49:54
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Jana - JK-ASUS
# Boot Mode : Normal
# Running from : D:\Downloads\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\searchplugins\icqplugin.xml
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Users\Jana\AppData\Local\Conduit
Folder Deleted : C:\Users\Jana\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jana\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Jana\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\Conduit
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\ConduitCommon
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\ConduitEngine
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\CT2786678
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\engine@conduit.com
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.7600.16385
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.facemoods.com/?a=ost --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ost&s={searchTerms}&f=4 --> hxxp://www.google.com
-\\ Mozilla Firefox v16.0.1 (sk)
Profile name : default
File : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\prefs.js
Deleted : user_pref("CT2786678..clientLogIsEnabled", true);
Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
Deleted : user_pref("CT2786678.CTID", "CT2786678");
Deleted : user_pref("CT2786678.CurrentServerDate", "1-11-2012");
Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Wed Oct 31 2012 19:32:01 GMT+0100");
Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");
Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Tue Jul 19 2011 08:18:46 GMT+0200");
Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 474);
Deleted : user_pref("CT2786678.FeedPollDate2429156812186649977", "Mon Jul 18 2011 07:59:44 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813040823546", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813130095866", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813224203613", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813230837251", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813454291735", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813729834876", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813860870021", "Mon Jul 18 2011 07:59:44 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156814264681793", "Mon Jul 18 2011 07:59:43 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156814863075366", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156815257761081", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Deleted : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Deleted : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Deleted : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Deleted : user_pref("CT2786678.FirstServerDate", "15-7-2011");
Deleted : user_pref("CT2786678.FirstTime", true);
Deleted : user_pref("CT2786678.FirstTimeFF3", true);
Deleted : user_pref("CT2786678.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);
Deleted : user_pref("CT2786678.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2786678.Initialize", true);
Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);
Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2786678.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2786678.InstalledDate", "Fri Jul 15 2011 09:00:24 GMT+0200");
Deleted : user_pref("CT2786678.IsAlertDBUpdated", true);
Deleted : user_pref("CT2786678.IsGrouping", false);
Deleted : user_pref("CT2786678.IsInitSetupIni", true);
Deleted : user_pref("CT2786678.IsMulticommunity", false);
Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);
Deleted : user_pref("CT2786678.IsOpenUninstallPage", false);
Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Thu Nov 01 2012 20:53:25 GMT+0100");
Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2786678.LastLogin_3.12.0.7", "Sat Apr 28 2012 09:25:32 GMT+0200");
Deleted : user_pref("CT2786678.LastLogin_3.12.2.3", "Mon Jun 04 2012 18:27:11 GMT+0200");
Deleted : user_pref("CT2786678.LastLogin_3.13.0.6", "Wed Jul 18 2012 14:11:33 GMT+0200");
Deleted : user_pref("CT2786678.LastLogin_3.14.1.0", "Tue Aug 28 2012 00:25:34 GMT+0200");
Deleted : user_pref("CT2786678.LastLogin_3.15.1.0", "Thu Nov 01 2012 20:53:25 GMT+0100");
Deleted : user_pref("CT2786678.LastLogin_3.5.0.12", "Mon Aug 01 2011 23:52:41 GMT+0200");
Deleted : user_pref("CT2786678.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2786678.Locale", "en");
Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2786678.MCDetectTooltipShow", false);
Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2786678.OriginalFirstVersion", "3.5.0.12");
Deleted : user_pref("CT2786678.SearchBoxWidth", 100);
Deleted : user_pref("CT2786678.SearchEngineBeforeUnload", "DAEMON Search");
Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Thu Nov 01 2012 20:53:24 GMT+0100");
Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2786678.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2786678.SearchProtectorEnabled", false);
Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Thu Nov 01 2012 20:53:24 GMT+0100");
Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Thu Nov 01 2012 20:53:24 GMT+0100");
Deleted : user_pref("CT2786678.SettingsLastUpdate", "1351096591");
Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Fri Jul 15 2011 09:00:17 GMT+0200");
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246786978");
Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2786678.UserID", "UN15429324560742930");
Deleted : user_pref("CT2786678.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2786678.WeatherNetwork", "");
Deleted : user_pref("CT2786678.WeatherPollDate", "Tue Jul 19 2011 08:18:48 GMT+0200");
Deleted : user_pref("CT2786678.WeatherUnit", "C");
Deleted : user_pref("CT2786678.alertChannelId", "1178763");
Deleted : user_pref("CT2786678.approveUntrustedApps", false);
Deleted : user_pref("CT2786678.backendstorage.url_history", "687474703A2F2F7777772E66616365626F6F6B2E636F6D2F7[...]
Deleted : user_pref("CT2786678.backendstorage.url_history_time", "31333130393730353639333436");
Deleted : user_pref("CT2786678.components.1000034", false);
Deleted : user_pref("CT2786678.components.1000080", false);
Deleted : user_pref("CT2786678.components.1000234", false);
Deleted : user_pref("CT2786678.components.129295698017012804", false);
Deleted : user_pref("CT2786678.components.129309485163350924", false);
Deleted : user_pref("CT2786678.components.129309489763975460", false);
Deleted : user_pref("CT2786678.components.129315411424256896", false);
Deleted : user_pref("CT2786678.components.129513460540910967", false);
Deleted : user_pref("CT2786678.components.129526967958500204", false);
Deleted : user_pref("CT2786678.components.5690698542593514850", false);
Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Mon Aug 01 2011 23:52:42 GMT+0200");
Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2786678.initDone", true);
Deleted : user_pref("CT2786678.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2786678.myStuffEnabled", true);
Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,111,1000234,12929569801701[...]
Deleted : user_pref("CT2786678.revertSettingsEnabled", true);
Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2786678.testingCtid", "");
Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Thu Nov 01 2012 20:53:25 GMT+0100");
Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Mon Aug 01 2011 23:52:42 GMT+0200");
Deleted : user_pref("CT2786678.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/SK", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"d63[...]
Deleted : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Jana\\AppData\\Roaming\\Mozilla\\Fi[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2786678");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2786678");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Jul 15 2011 09:00:21 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Aug 01 2011 01:54:38 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Aug 01 2011 22:05:42 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "4361075a-3c21-45fd-934b-de422c39669c");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Jul 18 2011 13:16:44 GMT+0200");
Deleted : user_pref("CommunityToolbar.globalUserId", "4b448430-d144-4ecc-bc59-51f79ef66e5e");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Aug 01 2011 23:52:4[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Aug 01 2011 23:52:50 GMT+020[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Aug 01 2011 23:52:42 GMT+0200");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "79cbd93b-8075-4b1d-9bc7-39e5462e8858");
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sun Jul 31 2011 18:12:38 GMT+0200");
Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sun Jul 31 2011 16:55:52 GMT+0200");
Deleted : user_pref("ConduitEngine.FirstServerDate", "07/15/2011 10");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
Deleted : user_pref("ConduitEngine.InstalledDate", "Fri Jul 15 2011 09:00:19 GMT+0200");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", false);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Mon Aug 01 2011 22:05:43 GMT+0200");
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Deleted : user_pref("ConduitEngine.UserID", "UN45349061526094579");
Deleted : user_pref("ConduitEngine.engineLocale", "sk");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("ConduitEngine.usagesFlag", 2);
Deleted : user_pref("browser.search.defaultenginename", "Facemoods Search");
Deleted : user_pref("browser.search.selectedEngine", "Facemoods Search");
Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Deleted : user_pref("extensions.facemoods.aflt", "_#ost");
Deleted : user_pref("extensions.facemoods.firstRun", false);
Deleted : user_pref("extensions.facemoods.lastActv", "20");
Deleted : user_pref("extensions.ffxtlbr@Facemoods.com.install-event-fired", true);
Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="[...]
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted [l.8] : homepage = "hxxp://start.facemoods.com/?a=ost",
Deleted [l.1507] : homepage = "hxxp://start.facemoods.com/?a=ost",
*************************
AdwCleaner[R1].txt - [23820 octets] - [02/11/2012 13:14:06]
AdwCleaner[R2].txt - [23881 octets] - [02/11/2012 13:14:54]
AdwCleaner[S1].txt - [23797 octets] - [02/11/2012 21:49:54]
########## EOF - C:\AdwCleaner[S1].txt - [23858 octets] ##########
Druhy log:
RogueKiller V8.2.1 [10/29/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operačný systém: Windows 7 (6.1.7600 ) 64 bits version
Spustené v : Normálny režim
Užívateľ : Jana [Práva Správcu]
Režim : Kontrola -- Dátum : 11/02/2012 21:57:30
¤¤¤ Škodlivé procesy : 0 ¤¤¤
¤¤¤ Záznamy Registrov : 4 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NÁJDENÉ
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ
¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤
¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤
¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] 9a8129f734b50260a43667de35cff74f
[BSP] ba7218981e13a587b0937e6cd93cfb0a : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 14998 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30717952 | Size: 119231 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 274904280 | Size: 342706 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončené : << RKreport[1].txt >>
RKreport[1].txt
# AdwCleaner v2.006 - Logfile created 11/02/2012 at 21:49:54
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Jana - JK-ASUS
# Boot Mode : Normal
# Running from : D:\Downloads\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\searchplugins\icqplugin.xml
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Users\Jana\AppData\Local\Conduit
Folder Deleted : C:\Users\Jana\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jana\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Jana\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\Conduit
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\ConduitCommon
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\ConduitEngine
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\CT2786678
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Folder Deleted : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\engine@conduit.com
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.7600.16385
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.facemoods.com/?a=ost --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ost&s={searchTerms}&f=4 --> hxxp://www.google.com
-\\ Mozilla Firefox v16.0.1 (sk)
Profile name : default
File : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\prefs.js
Deleted : user_pref("CT2786678..clientLogIsEnabled", true);
Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
Deleted : user_pref("CT2786678.CTID", "CT2786678");
Deleted : user_pref("CT2786678.CurrentServerDate", "1-11-2012");
Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Wed Oct 31 2012 19:32:01 GMT+0100");
Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");
Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Tue Jul 19 2011 08:18:46 GMT+0200");
Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 474);
Deleted : user_pref("CT2786678.FeedPollDate2429156812186649977", "Mon Jul 18 2011 07:59:44 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813040823546", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813130095866", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813224203613", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813230837251", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813454291735", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813729834876", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156813860870021", "Mon Jul 18 2011 07:59:44 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156814264681793", "Mon Jul 18 2011 07:59:43 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156814863075366", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedPollDate2429156815257761081", "Mon Jul 18 2011 07:59:42 GMT+0200");
Deleted : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Deleted : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Deleted : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Deleted : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Deleted : user_pref("CT2786678.FirstServerDate", "15-7-2011");
Deleted : user_pref("CT2786678.FirstTime", true);
Deleted : user_pref("CT2786678.FirstTimeFF3", true);
Deleted : user_pref("CT2786678.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);
Deleted : user_pref("CT2786678.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2786678.Initialize", true);
Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);
Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2786678.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2786678.InstalledDate", "Fri Jul 15 2011 09:00:24 GMT+0200");
Deleted : user_pref("CT2786678.IsAlertDBUpdated", true);
Deleted : user_pref("CT2786678.IsGrouping", false);
Deleted : user_pref("CT2786678.IsInitSetupIni", true);
Deleted : user_pref("CT2786678.IsMulticommunity", false);
Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);
Deleted : user_pref("CT2786678.IsOpenUninstallPage", false);
Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Thu Nov 01 2012 20:53:25 GMT+0100");
Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2786678.LastLogin_3.12.0.7", "Sat Apr 28 2012 09:25:32 GMT+0200");
Deleted : user_pref("CT2786678.LastLogin_3.12.2.3", "Mon Jun 04 2012 18:27:11 GMT+0200");
Deleted : user_pref("CT2786678.LastLogin_3.13.0.6", "Wed Jul 18 2012 14:11:33 GMT+0200");
Deleted : user_pref("CT2786678.LastLogin_3.14.1.0", "Tue Aug 28 2012 00:25:34 GMT+0200");
Deleted : user_pref("CT2786678.LastLogin_3.15.1.0", "Thu Nov 01 2012 20:53:25 GMT+0100");
Deleted : user_pref("CT2786678.LastLogin_3.5.0.12", "Mon Aug 01 2011 23:52:41 GMT+0200");
Deleted : user_pref("CT2786678.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2786678.Locale", "en");
Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2786678.MCDetectTooltipShow", false);
Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2786678.OriginalFirstVersion", "3.5.0.12");
Deleted : user_pref("CT2786678.SearchBoxWidth", 100);
Deleted : user_pref("CT2786678.SearchEngineBeforeUnload", "DAEMON Search");
Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Thu Nov 01 2012 20:53:24 GMT+0100");
Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2786678.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2786678.SearchProtectorEnabled", false);
Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Thu Nov 01 2012 20:53:24 GMT+0100");
Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Thu Nov 01 2012 20:53:24 GMT+0100");
Deleted : user_pref("CT2786678.SettingsLastUpdate", "1351096591");
Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Fri Jul 15 2011 09:00:17 GMT+0200");
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246786978");
Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2786678.UserID", "UN15429324560742930");
Deleted : user_pref("CT2786678.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2786678.WeatherNetwork", "");
Deleted : user_pref("CT2786678.WeatherPollDate", "Tue Jul 19 2011 08:18:48 GMT+0200");
Deleted : user_pref("CT2786678.WeatherUnit", "C");
Deleted : user_pref("CT2786678.alertChannelId", "1178763");
Deleted : user_pref("CT2786678.approveUntrustedApps", false);
Deleted : user_pref("CT2786678.backendstorage.url_history", "687474703A2F2F7777772E66616365626F6F6B2E636F6D2F7[...]
Deleted : user_pref("CT2786678.backendstorage.url_history_time", "31333130393730353639333436");
Deleted : user_pref("CT2786678.components.1000034", false);
Deleted : user_pref("CT2786678.components.1000080", false);
Deleted : user_pref("CT2786678.components.1000234", false);
Deleted : user_pref("CT2786678.components.129295698017012804", false);
Deleted : user_pref("CT2786678.components.129309485163350924", false);
Deleted : user_pref("CT2786678.components.129309489763975460", false);
Deleted : user_pref("CT2786678.components.129315411424256896", false);
Deleted : user_pref("CT2786678.components.129513460540910967", false);
Deleted : user_pref("CT2786678.components.129526967958500204", false);
Deleted : user_pref("CT2786678.components.5690698542593514850", false);
Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Mon Aug 01 2011 23:52:42 GMT+0200");
Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2786678.initDone", true);
Deleted : user_pref("CT2786678.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2786678.myStuffEnabled", true);
Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,111,1000234,12929569801701[...]
Deleted : user_pref("CT2786678.revertSettingsEnabled", true);
Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2786678.testingCtid", "");
Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Thu Nov 01 2012 20:53:25 GMT+0100");
Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Mon Aug 01 2011 23:52:42 GMT+0200");
Deleted : user_pref("CT2786678.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/SK", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"d63[...]
Deleted : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Jana\\AppData\\Roaming\\Mozilla\\Fi[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2786678");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2786678");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Jul 15 2011 09:00:21 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Aug 01 2011 01:54:38 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Aug 01 2011 22:05:42 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "4361075a-3c21-45fd-934b-de422c39669c");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Jul 18 2011 13:16:44 GMT+0200");
Deleted : user_pref("CommunityToolbar.globalUserId", "4b448430-d144-4ecc-bc59-51f79ef66e5e");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Aug 01 2011 23:52:4[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Aug 01 2011 23:52:50 GMT+020[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Aug 01 2011 23:52:42 GMT+0200");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "79cbd93b-8075-4b1d-9bc7-39e5462e8858");
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sun Jul 31 2011 18:12:38 GMT+0200");
Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sun Jul 31 2011 16:55:52 GMT+0200");
Deleted : user_pref("ConduitEngine.FirstServerDate", "07/15/2011 10");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
Deleted : user_pref("ConduitEngine.InstalledDate", "Fri Jul 15 2011 09:00:19 GMT+0200");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", false);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Mon Aug 01 2011 22:05:43 GMT+0200");
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Deleted : user_pref("ConduitEngine.UserID", "UN45349061526094579");
Deleted : user_pref("ConduitEngine.engineLocale", "sk");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Aug 01 2011 22:05:43 GMT+0200");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("ConduitEngine.usagesFlag", 2);
Deleted : user_pref("browser.search.defaultenginename", "Facemoods Search");
Deleted : user_pref("browser.search.selectedEngine", "Facemoods Search");
Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Deleted : user_pref("extensions.facemoods.aflt", "_#ost");
Deleted : user_pref("extensions.facemoods.firstRun", false);
Deleted : user_pref("extensions.facemoods.lastActv", "20");
Deleted : user_pref("extensions.ffxtlbr@Facemoods.com.install-event-fired", true);
Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="[...]
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted [l.8] : homepage = "hxxp://start.facemoods.com/?a=ost",
Deleted [l.1507] : homepage = "hxxp://start.facemoods.com/?a=ost",
*************************
AdwCleaner[R1].txt - [23820 octets] - [02/11/2012 13:14:06]
AdwCleaner[R2].txt - [23881 octets] - [02/11/2012 13:14:54]
AdwCleaner[S1].txt - [23797 octets] - [02/11/2012 21:49:54]
########## EOF - C:\AdwCleaner[S1].txt - [23858 octets] ##########
Druhy log:
RogueKiller V8.2.1 [10/29/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operačný systém: Windows 7 (6.1.7600 ) 64 bits version
Spustené v : Normálny režim
Užívateľ : Jana [Práva Správcu]
Režim : Kontrola -- Dátum : 11/02/2012 21:57:30
¤¤¤ Škodlivé procesy : 0 ¤¤¤
¤¤¤ Záznamy Registrov : 4 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NÁJDENÉ
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ
¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤
¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤
¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] 9a8129f734b50260a43667de35cff74f
[BSP] ba7218981e13a587b0937e6cd93cfb0a : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 14998 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30717952 | Size: 119231 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 274904280 | Size: 342706 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončené : << RKreport[1].txt >>
RKreport[1].txt
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: poprosim o kontrolu logu
Takže provedeme opravy.
- Ukonči všechny programy!
- Spusť RogueKiller. Pokud používáš operační systém Windows Vista či Windows 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Počkej, než program dokončí Prescan.
- Zvol možnost [Prohledat] a počkej, až prohlídka proběhne.
- V záložce Registry nech všechny nálezy označeny.
- Klikni na tlačítko [Smazat] a následně na [Zpráva] - otevře se log, ten mi sem vlož.
A hoď mi sem prosím nový aktuální log ze RSITu ať vidím, co se povedlo a co zatím ne.--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: poprosim o kontrolu logu
RogueKiller V8.2.1 [10/29/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operačný systém: Windows 7 (6.1.7600 ) 64 bits version
Spustené v : Normálny režim
Užívateľ : Jana [Práva Správcu]
Režim : Odebrať -- Dátum : 11/03/2012 16:30:09
¤¤¤ Škodlivé procesy : 0 ¤¤¤
¤¤¤ Záznamy Registrov : 6 ¤¤¤
[Services][BLACKLIST] HKLM\[...]\ControlSet001\Services\pfmfs_76A (system32\Drivers\pfmfs_76A.sys) -> VYMAZANÉ
[Services][BLACKLIST] HKLM\[...]\ControlSet002\Services\pfmfs_76A (system32\Drivers\pfmfs_76A.sys) -> VYMAZANÉ
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NAHRADENÉ (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NAHRADENÉ (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRADENÉ (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRADENÉ (0)
¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤
¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤
¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] 9a8129f734b50260a43667de35cff74f
[BSP] ba7218981e13a587b0937e6cd93cfb0a : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 14998 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30717952 | Size: 119231 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 274904280 | Size: 342706 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončené : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jana at 2012-11-03 16:31:29
Microsoft Windows 7 Home Premium
System drive C: has 51 GB (42%) free of 119 GB
Total RAM: 4061 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:31:35, on 3. 11. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17115)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files\trend micro\Jana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: {A777FC6F-16C6-4C2A-AACB-BCDF73762F78} - - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: tmchlang.lnk = C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O15 - Trusted Zone: http://*.alipay.com
O15 - Trusted Zone: http://*.alisoft.com
O15 - Trusted Zone: http://*.taobao.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8968 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
taskhost.exe USER
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {98AF4CFF-EA40-4DA0-B187-0A02B916F9C3}
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
ATKOSD.exe
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4956.1.1453562986\1914454386" --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2202 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4956.4.1765352106\804869420" --lang=sk --ignored=" --type=renderer " /prefetch:13
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/NewTabButton/default/OmniboxDisallowInlineHQP/DisallowInline/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="4956.13.1958336647\1842935274" /prefetch:3
"taskhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/NewTabButton/default/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="4956.142.958587489\1424770603" /prefetch:3
C:\Windows\system32\AUDIODG.EXE 0x3d8
"D:\Downloads\RogueKiller.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Jana\Desktop\RKreport[3].txt
taskeng.exe {C540323B-F7AD-433F-AEC2-251B831BC3AC}
"D:\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default
prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8, {8b86149f-01fb-4842-9dd8-4d7eb02fd055}:0.22.0, {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6, battlefieldheroespatcher@ea.com:5.0.67.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npww.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npww.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
fcmdSrchost.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\
battlefieldheroespatcher@ea.com
{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-10-30 1502288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-10-30 1502288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04 843712]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\AsScrProlog.exe [2009-11-03 72248]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-11-03 3054136]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AutoCAD Startup Accelerator.lnk - C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe
FancyStart daemon.lnk - C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe
tmchlang.lnk - C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2012-11-03 00:15:01 ----D---- C:\ProgramData\DAEMON Tools Pro
2012-11-02 22:14:43 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2012-11-02 22:14:42 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2012-11-02 22:14:42 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-11-02 22:14:40 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2012-11-02 22:14:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2012-11-02 22:14:40 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-11-02 22:14:40 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-11-02 22:14:39 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2012-11-02 22:14:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-11-02 22:14:37 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2012-11-02 22:14:37 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-11-02 22:14:36 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2012-11-02 22:14:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2012-11-02 22:14:36 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-11-02 22:14:36 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-11-02 22:14:35 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2012-11-02 22:14:35 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-11-02 22:14:34 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2012-11-02 22:14:34 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2012-11-02 22:14:34 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-11-02 22:14:34 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-11-02 22:14:33 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-11-02 22:14:33 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-11-02 22:14:33 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-11-02 22:14:33 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-11-02 22:14:32 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-11-02 22:14:32 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-11-02 22:14:31 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2012-11-02 22:14:31 ----A---- C:\Windows\system32\xinput1_3.dll
2012-11-02 22:14:30 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2012-11-02 22:14:30 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-11-02 22:14:29 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2012-11-02 22:14:29 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2012-11-02 22:14:29 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-11-02 22:14:29 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-11-02 22:14:27 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2012-11-02 22:14:27 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-11-02 22:14:26 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2012-11-02 22:14:26 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2012-11-02 22:14:26 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-11-02 22:14:26 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-11-02 22:14:25 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2012-11-02 22:14:25 ----A---- C:\Windows\system32\d3dx10.dll
2012-11-02 22:14:22 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2012-11-02 22:14:22 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2012-11-02 22:14:22 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-11-02 22:14:22 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-11-02 22:14:21 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2012-11-02 22:14:21 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-11-02 22:14:20 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2012-11-02 22:14:20 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-11-02 22:14:19 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2012-11-02 22:14:19 ----A---- C:\Windows\system32\xinput1_2.dll
2012-11-02 22:14:18 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2012-11-02 22:14:18 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2012-11-02 22:14:18 ----A---- C:\Windows\system32\xinput1_1.dll
2012-11-02 22:14:18 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-11-02 22:14:16 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2012-11-02 22:14:16 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-11-02 22:14:04 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2012-11-02 22:14:04 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2012-11-02 22:14:04 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-11-02 22:14:04 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-11-02 22:14:03 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2012-11-02 22:14:03 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-11-02 22:14:01 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2012-11-02 22:14:01 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-11-02 22:13:57 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2012-11-02 22:13:57 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-11-02 22:13:55 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2012-11-02 22:13:55 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-11-02 22:13:53 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2012-11-02 22:13:53 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-11-02 22:10:51 ----D---- C:\Program Files (x86)\Worms Revolution
2012-11-02 22:04:33 ----A---- C:\Windows\SYSWOW64\pfmsyshost.exe
2012-11-02 22:04:33 ----A---- C:\Windows\SYSWOW64\pfmshx_76A.dll
2012-11-02 22:04:33 ----A---- C:\Windows\SYSWOW64\pfmhost.exe
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmzipfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmsocketfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmshx_76A.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmshellfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmredirfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmramfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmpfolderfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmmosaicfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmisofs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\pftest.exe
2012-11-02 22:04:33 ----A---- C:\Windows\pfolder.exe
2012-11-02 22:04:32 ----D---- C:\Program Files\Pismo File Mount Audit Package
2012-11-02 22:04:32 ----A---- C:\Windows\SYSWOW64\ptdllrun1.exe
2012-11-02 22:04:32 ----A---- C:\Windows\SYSWOW64\pfmapi_76A.dll
2012-11-02 22:04:32 ----A---- C:\Windows\system32\ptdllrun1.exe
2012-11-02 22:04:32 ----A---- C:\Windows\system32\pfmapi_76A.dll
2012-11-02 22:04:32 ----A---- C:\Windows\system32\drivers\pfmfs_76A.sys
2012-11-02 22:04:32 ----A---- C:\Windows\pfmsyshost.exe
2012-11-02 22:04:32 ----A---- C:\Windows\pfmstat.exe
2012-11-02 22:04:32 ----A---- C:\Windows\pfm-license-auditpackage.txt
2012-11-02 22:04:32 ----A---- C:\Windows\pfmhost.exe
2012-11-02 22:04:32 ----A---- C:\Windows\pfm.exe
2012-11-02 21:49:54 ----A---- C:\AdwCleaner[S1].txt
2012-11-02 13:14:54 ----A---- C:\AdwCleaner[R2].txt
2012-11-02 13:14:06 ----A---- C:\AdwCleaner[R1].txt
2012-11-01 23:52:36 ----D---- C:\Program Files\trend micro
2012-11-01 23:52:35 ----D---- C:\rsit
2012-11-01 22:03:25 ----D---- C:\Users\Jana\AppData\Roaming\Dropbox
2012-11-01 22:00:28 ----D---- C:\Phenomedia AG
2012-11-01 21:05:26 ----D---- C:\Users\Jana\AppData\Roaming\GRETECH
2012-11-01 20:57:58 ----D---- C:\Program Files (x86)\GRETECH
2012-11-01 19:01:00 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2012-11-01 17:38:42 ----D---- C:\Program Files\CCleaner
2012-10-11 09:28:26 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-11 09:28:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-10-11 09:28:25 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-10-11 09:28:25 ----A---- C:\Windows\system32\winsrv.dll
2012-10-11 09:28:25 ----A---- C:\Windows\system32\kernel32.dll
2012-10-11 09:28:25 ----A---- C:\Windows\system32\conhost.exe
2012-10-11 09:28:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 09:28:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-11 09:28:24 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 09:28:24 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-11 09:28:24 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 09:28:24 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-10-11 09:28:24 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-10-11 09:28:24 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-10-11 09:28:24 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-10-11 09:28:24 ----A---- C:\Windows\system32\wow64win.dll
2012-10-11 09:28:24 ----A---- C:\Windows\system32\wow64cpu.dll
2012-10-11 09:28:24 ----A---- C:\Windows\system32\wow64.dll
2012-10-11 09:28:24 ----A---- C:\Windows\system32\ntvdm64.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-11 09:28:22 ----A---- C:\Windows\SYSWOW64\user.exe
2012-10-11 09:28:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-11 09:28:08 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-10-11 09:28:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-10-11 09:28:06 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-11 09:28:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-10-11 09:28:04 ----A---- C:\Windows\system32\wintrust.dll
2012-10-11 09:27:44 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-10-11 09:27:44 ----A---- C:\Windows\system32\tzres.dll
2012-10-11 09:27:31 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-10-11 09:27:31 ----A---- C:\Windows\system32\kerberos.dll
2012-10-11 09:27:05 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-10-11 09:27:05 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-10-11 09:27:05 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-10-11 09:27:05 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-11 09:27:05 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-11 09:27:05 ----A---- C:\Windows\system32\crypt32.dll
======List of files/folders modified in the last 1 month======
2012-11-03 16:31:35 ----D---- C:\Windows\Temp
2012-11-03 16:17:46 ----D---- C:\Users\Jana\AppData\Roaming\Skype
2012-11-03 14:32:23 ----A---- C:\Windows\system32\acovcnt.exe
2012-11-03 13:05:00 ----D---- C:\Windows\Prefetch
2012-11-03 12:53:23 ----D---- C:\Windows\system32\config
2012-11-03 12:53:18 ----D---- C:\Windows\winsxs
2012-11-03 12:29:39 ----D---- C:\Windows
2012-11-03 00:53:26 ----D---- C:\Windows\Logs
2012-11-03 00:53:01 ----SHD---- C:\System Volume Information
2012-11-03 00:15:01 ----HD---- C:\ProgramData
2012-11-03 00:06:15 ----D---- C:\Users\Jana\AppData\Roaming\uTorrent
2012-11-02 23:02:16 ----D---- C:\Windows\inf
2012-11-02 22:16:46 ----RD---- C:\Program Files (x86)
2012-11-02 22:16:06 ----D---- C:\Program Files (x86)\Movie Subtitles Searcher
2012-11-02 22:14:44 ----D---- C:\Windows\SysWOW64
2012-11-02 22:14:43 ----D---- C:\Windows\System32
2012-11-02 22:14:16 ----RSD---- C:\Windows\assembly
2012-11-02 22:12:57 ----SHD---- C:\Windows\Installer
2012-11-02 22:12:57 ----SHD---- C:\Config.Msi
2012-11-02 22:04:32 ----RD---- C:\Program Files
2012-11-02 22:04:32 ----D---- C:\Windows\system32\drivers
2012-11-02 21:55:00 ----A---- C:\Windows\system32\AutoRunFilter.ini
2012-11-02 21:51:56 ----D---- C:\Windows\system32\Tasks
2012-11-02 15:38:28 ----AD---- C:\ProgramData\Temp
2012-11-02 14:12:21 ----D---- C:\Users\Jana\AppData\Roaming\Farm Mania 2
2012-11-01 22:00:28 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-01 20:26:21 ----D---- C:\Windows\Microsoft.NET
2012-11-01 19:08:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-01 19:01:46 ----D---- C:\Windows\system32\DriverStore
2012-11-01 19:01:02 ----D---- C:\Windows\system32\catroot
2012-11-01 18:28:16 ----D---- C:\Program Files (x86)\Google
2012-11-01 18:26:04 ----D---- C:\Windows\Tasks
2012-11-01 18:18:07 ----A---- C:\Windows\system32\ServiceFilter.ini
2012-11-01 18:10:18 ----D---- C:\ProgramData\Adobe
2012-11-01 18:10:15 ----D---- C:\Program Files (x86)\Common Files
2012-11-01 18:10:15 ----D---- C:\Program Files (x86)\Adobe
2012-11-01 18:01:41 ----D---- C:\Program Files\Google
2012-11-01 17:58:35 ----D---- C:\Users\Jana\AppData\Roaming\DAEMON Tools Lite
2012-11-01 17:58:32 ----D---- C:\Windows\Panther
2012-11-01 17:58:32 ----D---- C:\Windows\ModemLogs
2012-11-01 17:58:32 ----D---- C:\Windows\Minidump
2012-11-01 17:58:32 ----D---- C:\Windows\debug
2012-11-01 17:55:33 ----D---- C:\Users\Jana\AppData\Roaming\ChromePlus
2012-11-01 17:51:32 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-01 17:48:36 ----DC---- C:\Windows\system32\DRVSTORE
2012-11-01 17:43:20 ----D---- C:\ProgramData\CyberLink
2012-11-01 17:40:07 ----D---- C:\Windows\system32\catroot2
2012-11-01 17:36:16 ----D---- C:\ProgramData\Google
2012-11-01 17:10:27 ----SD---- C:\ProgramData\Microsoft
2012-11-01 17:10:27 ----D---- C:\Program Files (x86)\Microsoft
2012-11-01 16:49:22 ----D---- C:\Windows\system32\NDF
2012-10-30 23:50:59 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-10-30 23:50:30 ----A---- C:\Windows\system32\aswBoot.exe
2012-10-24 19:44:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-23 19:12:01 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-18 19:15:28 ----D---- C:\Users\Jana\AppData\Roaming\VSO
2012-10-18 18:14:50 ----D---- C:\Windows\rescache
2012-10-18 15:07:16 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-10-18 15:07:15 ----D---- C:\Windows\system32\sk-SK
2012-10-18 15:07:14 ----D---- C:\Windows\AppPatch
2012-10-11 09:58:30 ----A---- C:\Windows\system32\MRT.exe
2012-10-11 09:57:30 ----D---- C:\ProgramData\Microsoft Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-09 55296]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2008-05-02 8704]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2008-05-02 8704]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-15 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-01 116648]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-02-28 77944]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-14 1436424]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-01 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-23 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-20 1255736]
-----------------EOF-----------------
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operačný systém: Windows 7 (6.1.7600 ) 64 bits version
Spustené v : Normálny režim
Užívateľ : Jana [Práva Správcu]
Režim : Odebrať -- Dátum : 11/03/2012 16:30:09
¤¤¤ Škodlivé procesy : 0 ¤¤¤
¤¤¤ Záznamy Registrov : 6 ¤¤¤
[Services][BLACKLIST] HKLM\[...]\ControlSet001\Services\pfmfs_76A (system32\Drivers\pfmfs_76A.sys) -> VYMAZANÉ
[Services][BLACKLIST] HKLM\[...]\ControlSet002\Services\pfmfs_76A (system32\Drivers\pfmfs_76A.sys) -> VYMAZANÉ
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NAHRADENÉ (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NAHRADENÉ (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRADENÉ (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRADENÉ (0)
¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤
¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤
¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] 9a8129f734b50260a43667de35cff74f
[BSP] ba7218981e13a587b0937e6cd93cfb0a : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 14998 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30717952 | Size: 119231 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 274904280 | Size: 342706 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončené : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jana at 2012-11-03 16:31:29
Microsoft Windows 7 Home Premium
System drive C: has 51 GB (42%) free of 119 GB
Total RAM: 4061 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:31:35, on 3. 11. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17115)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files\trend micro\Jana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: {A777FC6F-16C6-4C2A-AACB-BCDF73762F78} - - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: tmchlang.lnk = C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O15 - Trusted Zone: http://*.alipay.com
O15 - Trusted Zone: http://*.alisoft.com
O15 - Trusted Zone: http://*.taobao.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8968 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
taskhost.exe USER
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {98AF4CFF-EA40-4DA0-B187-0A02B916F9C3}
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
ATKOSD.exe
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4956.1.1453562986\1914454386" --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2202 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4956.4.1765352106\804869420" --lang=sk --ignored=" --type=renderer " /prefetch:13
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/NewTabButton/default/OmniboxDisallowInlineHQP/DisallowInline/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="4956.13.1958336647\1842935274" /prefetch:3
"taskhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/NewTabButton/default/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="4956.142.958587489\1424770603" /prefetch:3
C:\Windows\system32\AUDIODG.EXE 0x3d8
"D:\Downloads\RogueKiller.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Jana\Desktop\RKreport[3].txt
taskeng.exe {C540323B-F7AD-433F-AEC2-251B831BC3AC}
"D:\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default
prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8, {8b86149f-01fb-4842-9dd8-4d7eb02fd055}:0.22.0, {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6, battlefieldheroespatcher@ea.com:5.0.67.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npww.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npww.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
fcmdSrchost.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\sucdfvup.default\extensions\
battlefieldheroespatcher@ea.com
{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-10-30 1502288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-10-30 1502288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04 843712]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\AsScrProlog.exe [2009-11-03 72248]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-11-03 3054136]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AutoCAD Startup Accelerator.lnk - C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe
FancyStart daemon.lnk - C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe
tmchlang.lnk - C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2012-11-03 00:15:01 ----D---- C:\ProgramData\DAEMON Tools Pro
2012-11-02 22:14:43 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2012-11-02 22:14:42 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2012-11-02 22:14:42 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-11-02 22:14:40 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2012-11-02 22:14:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2012-11-02 22:14:40 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-11-02 22:14:40 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-11-02 22:14:39 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2012-11-02 22:14:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-11-02 22:14:37 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2012-11-02 22:14:37 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-11-02 22:14:36 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2012-11-02 22:14:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2012-11-02 22:14:36 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-11-02 22:14:36 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-11-02 22:14:35 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2012-11-02 22:14:35 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-11-02 22:14:34 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2012-11-02 22:14:34 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2012-11-02 22:14:34 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-11-02 22:14:34 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-11-02 22:14:33 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-11-02 22:14:33 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-11-02 22:14:33 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-11-02 22:14:33 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-11-02 22:14:32 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-11-02 22:14:32 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-11-02 22:14:31 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2012-11-02 22:14:31 ----A---- C:\Windows\system32\xinput1_3.dll
2012-11-02 22:14:30 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2012-11-02 22:14:30 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-11-02 22:14:29 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2012-11-02 22:14:29 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2012-11-02 22:14:29 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-11-02 22:14:29 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-11-02 22:14:27 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2012-11-02 22:14:27 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-11-02 22:14:26 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2012-11-02 22:14:26 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2012-11-02 22:14:26 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-11-02 22:14:26 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-11-02 22:14:25 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2012-11-02 22:14:25 ----A---- C:\Windows\system32\d3dx10.dll
2012-11-02 22:14:22 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2012-11-02 22:14:22 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2012-11-02 22:14:22 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-11-02 22:14:22 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-11-02 22:14:21 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2012-11-02 22:14:21 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-11-02 22:14:20 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2012-11-02 22:14:20 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-11-02 22:14:19 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2012-11-02 22:14:19 ----A---- C:\Windows\system32\xinput1_2.dll
2012-11-02 22:14:18 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2012-11-02 22:14:18 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2012-11-02 22:14:18 ----A---- C:\Windows\system32\xinput1_1.dll
2012-11-02 22:14:18 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-11-02 22:14:16 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2012-11-02 22:14:16 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-11-02 22:14:04 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2012-11-02 22:14:04 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2012-11-02 22:14:04 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-11-02 22:14:04 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-11-02 22:14:03 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2012-11-02 22:14:03 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-11-02 22:14:01 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2012-11-02 22:14:01 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-11-02 22:13:57 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2012-11-02 22:13:57 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-11-02 22:13:55 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2012-11-02 22:13:55 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-11-02 22:13:53 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2012-11-02 22:13:53 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-11-02 22:10:51 ----D---- C:\Program Files (x86)\Worms Revolution
2012-11-02 22:04:33 ----A---- C:\Windows\SYSWOW64\pfmsyshost.exe
2012-11-02 22:04:33 ----A---- C:\Windows\SYSWOW64\pfmshx_76A.dll
2012-11-02 22:04:33 ----A---- C:\Windows\SYSWOW64\pfmhost.exe
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmzipfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmsocketfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmshx_76A.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmshellfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmredirfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmramfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmpfolderfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmmosaicfs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\system32\pfmisofs.dll
2012-11-02 22:04:33 ----A---- C:\Windows\pftest.exe
2012-11-02 22:04:33 ----A---- C:\Windows\pfolder.exe
2012-11-02 22:04:32 ----D---- C:\Program Files\Pismo File Mount Audit Package
2012-11-02 22:04:32 ----A---- C:\Windows\SYSWOW64\ptdllrun1.exe
2012-11-02 22:04:32 ----A---- C:\Windows\SYSWOW64\pfmapi_76A.dll
2012-11-02 22:04:32 ----A---- C:\Windows\system32\ptdllrun1.exe
2012-11-02 22:04:32 ----A---- C:\Windows\system32\pfmapi_76A.dll
2012-11-02 22:04:32 ----A---- C:\Windows\system32\drivers\pfmfs_76A.sys
2012-11-02 22:04:32 ----A---- C:\Windows\pfmsyshost.exe
2012-11-02 22:04:32 ----A---- C:\Windows\pfmstat.exe
2012-11-02 22:04:32 ----A---- C:\Windows\pfm-license-auditpackage.txt
2012-11-02 22:04:32 ----A---- C:\Windows\pfmhost.exe
2012-11-02 22:04:32 ----A---- C:\Windows\pfm.exe
2012-11-02 21:49:54 ----A---- C:\AdwCleaner[S1].txt
2012-11-02 13:14:54 ----A---- C:\AdwCleaner[R2].txt
2012-11-02 13:14:06 ----A---- C:\AdwCleaner[R1].txt
2012-11-01 23:52:36 ----D---- C:\Program Files\trend micro
2012-11-01 23:52:35 ----D---- C:\rsit
2012-11-01 22:03:25 ----D---- C:\Users\Jana\AppData\Roaming\Dropbox
2012-11-01 22:00:28 ----D---- C:\Phenomedia AG
2012-11-01 21:05:26 ----D---- C:\Users\Jana\AppData\Roaming\GRETECH
2012-11-01 20:57:58 ----D---- C:\Program Files (x86)\GRETECH
2012-11-01 19:01:00 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2012-11-01 17:38:42 ----D---- C:\Program Files\CCleaner
2012-10-11 09:28:26 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-11 09:28:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-10-11 09:28:25 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-10-11 09:28:25 ----A---- C:\Windows\system32\winsrv.dll
2012-10-11 09:28:25 ----A---- C:\Windows\system32\kernel32.dll
2012-10-11 09:28:25 ----A---- C:\Windows\system32\conhost.exe
2012-10-11 09:28:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 09:28:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-11 09:28:24 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 09:28:24 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-11 09:28:24 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 09:28:24 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-10-11 09:28:24 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-10-11 09:28:24 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-10-11 09:28:24 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-10-11 09:28:24 ----A---- C:\Windows\system32\wow64win.dll
2012-10-11 09:28:24 ----A---- C:\Windows\system32\wow64cpu.dll
2012-10-11 09:28:24 ----A---- C:\Windows\system32\wow64.dll
2012-10-11 09:28:24 ----A---- C:\Windows\system32\ntvdm64.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 09:28:23 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 09:28:22 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-11 09:28:22 ----A---- C:\Windows\SYSWOW64\user.exe
2012-10-11 09:28:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-11 09:28:08 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-10-11 09:28:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-10-11 09:28:06 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-11 09:28:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-10-11 09:28:04 ----A---- C:\Windows\system32\wintrust.dll
2012-10-11 09:27:44 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-10-11 09:27:44 ----A---- C:\Windows\system32\tzres.dll
2012-10-11 09:27:31 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-10-11 09:27:31 ----A---- C:\Windows\system32\kerberos.dll
2012-10-11 09:27:05 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-10-11 09:27:05 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-10-11 09:27:05 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-10-11 09:27:05 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-11 09:27:05 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-11 09:27:05 ----A---- C:\Windows\system32\crypt32.dll
======List of files/folders modified in the last 1 month======
2012-11-03 16:31:35 ----D---- C:\Windows\Temp
2012-11-03 16:17:46 ----D---- C:\Users\Jana\AppData\Roaming\Skype
2012-11-03 14:32:23 ----A---- C:\Windows\system32\acovcnt.exe
2012-11-03 13:05:00 ----D---- C:\Windows\Prefetch
2012-11-03 12:53:23 ----D---- C:\Windows\system32\config
2012-11-03 12:53:18 ----D---- C:\Windows\winsxs
2012-11-03 12:29:39 ----D---- C:\Windows
2012-11-03 00:53:26 ----D---- C:\Windows\Logs
2012-11-03 00:53:01 ----SHD---- C:\System Volume Information
2012-11-03 00:15:01 ----HD---- C:\ProgramData
2012-11-03 00:06:15 ----D---- C:\Users\Jana\AppData\Roaming\uTorrent
2012-11-02 23:02:16 ----D---- C:\Windows\inf
2012-11-02 22:16:46 ----RD---- C:\Program Files (x86)
2012-11-02 22:16:06 ----D---- C:\Program Files (x86)\Movie Subtitles Searcher
2012-11-02 22:14:44 ----D---- C:\Windows\SysWOW64
2012-11-02 22:14:43 ----D---- C:\Windows\System32
2012-11-02 22:14:16 ----RSD---- C:\Windows\assembly
2012-11-02 22:12:57 ----SHD---- C:\Windows\Installer
2012-11-02 22:12:57 ----SHD---- C:\Config.Msi
2012-11-02 22:04:32 ----RD---- C:\Program Files
2012-11-02 22:04:32 ----D---- C:\Windows\system32\drivers
2012-11-02 21:55:00 ----A---- C:\Windows\system32\AutoRunFilter.ini
2012-11-02 21:51:56 ----D---- C:\Windows\system32\Tasks
2012-11-02 15:38:28 ----AD---- C:\ProgramData\Temp
2012-11-02 14:12:21 ----D---- C:\Users\Jana\AppData\Roaming\Farm Mania 2
2012-11-01 22:00:28 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-01 20:26:21 ----D---- C:\Windows\Microsoft.NET
2012-11-01 19:08:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-01 19:01:46 ----D---- C:\Windows\system32\DriverStore
2012-11-01 19:01:02 ----D---- C:\Windows\system32\catroot
2012-11-01 18:28:16 ----D---- C:\Program Files (x86)\Google
2012-11-01 18:26:04 ----D---- C:\Windows\Tasks
2012-11-01 18:18:07 ----A---- C:\Windows\system32\ServiceFilter.ini
2012-11-01 18:10:18 ----D---- C:\ProgramData\Adobe
2012-11-01 18:10:15 ----D---- C:\Program Files (x86)\Common Files
2012-11-01 18:10:15 ----D---- C:\Program Files (x86)\Adobe
2012-11-01 18:01:41 ----D---- C:\Program Files\Google
2012-11-01 17:58:35 ----D---- C:\Users\Jana\AppData\Roaming\DAEMON Tools Lite
2012-11-01 17:58:32 ----D---- C:\Windows\Panther
2012-11-01 17:58:32 ----D---- C:\Windows\ModemLogs
2012-11-01 17:58:32 ----D---- C:\Windows\Minidump
2012-11-01 17:58:32 ----D---- C:\Windows\debug
2012-11-01 17:55:33 ----D---- C:\Users\Jana\AppData\Roaming\ChromePlus
2012-11-01 17:51:32 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-01 17:48:36 ----DC---- C:\Windows\system32\DRVSTORE
2012-11-01 17:43:20 ----D---- C:\ProgramData\CyberLink
2012-11-01 17:40:07 ----D---- C:\Windows\system32\catroot2
2012-11-01 17:36:16 ----D---- C:\ProgramData\Google
2012-11-01 17:10:27 ----SD---- C:\ProgramData\Microsoft
2012-11-01 17:10:27 ----D---- C:\Program Files (x86)\Microsoft
2012-11-01 16:49:22 ----D---- C:\Windows\system32\NDF
2012-10-30 23:50:59 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-10-30 23:50:30 ----A---- C:\Windows\system32\aswBoot.exe
2012-10-24 19:44:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-23 19:12:01 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-18 19:15:28 ----D---- C:\Users\Jana\AppData\Roaming\VSO
2012-10-18 18:14:50 ----D---- C:\Windows\rescache
2012-10-18 15:07:16 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-10-18 15:07:15 ----D---- C:\Windows\system32\sk-SK
2012-10-18 15:07:14 ----D---- C:\Windows\AppPatch
2012-10-11 09:58:30 ----A---- C:\Windows\system32\MRT.exe
2012-10-11 09:57:30 ----D---- C:\ProgramData\Microsoft Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-09 55296]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2008-05-02 8704]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2008-05-02 8704]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-15 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-01 116648]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-02-28 77944]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-14 1436424]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-01 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-23 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-20 1255736]
-----------------EOF-----------------
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: poprosim o kontrolu logu
Pořád nemáš zaktualizovaný ten Internet Explorer! A taky si nainstaluj Windows 7 Service Pack 1 - obojí řeší spoustu problému v systému!--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: poprosim o kontrolu logu
Ospravedlnujem sa za neskorsiu odpoved.
Tieto dve aktualizacie mi na tomto pc nejdu nainstalovat. VYhadzuje to chyby 80073701 a 800F081E.
Netusite co to moze byt? Na webe som sa docital ze to moze byt problem so slovenskou lokalizaciou. Fitix tool nepomohol.
Tieto dve aktualizacie mi na tomto pc nejdu nainstalovat. VYhadzuje to chyby 80073701 a 800F081E.
Netusite co to moze byt? Na webe som sa docital ze to moze byt problem so slovenskou lokalizaciou. Fitix tool nepomohol.
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: poprosim o kontrolu logu
Tak to netuším. Zavolám sem kolegu, snad ho něco napadne.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: poprosim o kontrolu logu
Zdravim 
Omlouvam se za zpozdeni, nejak jsem to uplne zazdil
Co zkusit kontaktovat technickou podporu microsoftu, ti by meli vedte co s tim a pripadne mohou primo nejaky FitIt napsat jen pro Vas...
Omlouvam se za zpozdeni, nejak jsem to uplne zazdil
Co zkusit kontaktovat technickou podporu microsoftu, ti by meli vedte co s tim a pripadne mohou primo nejaky FitIt napsat jen pro Vas...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: poprosim o kontrolu logu
14 dní žádná odpověď, takže si to tu dovolím zamknout. 
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: poprosim o kontrolu logu
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?