Preventivka

Zpráva

Lukass_cze · #1 Příspěvek od **Lukass_cze** » 19 pro 2012 22:53

Ještě, všiml sem si, že i když není na PC nic zapnuté, tak RAMky jedou na 50%.. Má 4Gb takže je to docela divné..

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uzivatel at 2012-12-19 22:48:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 255 GB (42%) free of 610 GB
Total RAM: 3327 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:48:43, on 19.12.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Exetender_298] "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - (no CLSID) - (no file)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11328 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files\Alwil Software\Avast5\afwServ.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2344
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8298fe79-a5d9-45a7-b55a-bd00cb01cbfa -SystemEventPortName:HostProcess-8bcc1204-6228-4cb9-a472-ab065ac433a8 -IoCancelEventPortName:HostProcess-164cfb7d-a7dc-47be-9966-a4f4b2f4cb25 -NonStateChangingEventPortName:HostProcess-56b49678-8095-4cb1-9da5-6e7f2715879e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e3ca3eb4-b770-41f5-b3e2-83ba1980c7f1 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
taskeng.exe {154E1594-380B-438D-B085-43AE38524C48}
"C:\Windows\explorer.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5568.1.2016296170\157071101" --gpu-vendor-id=0x1002 --gpu-device-id=0x9498 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.880.0.0 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/7/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="5568.2.585685564\872008238" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/7/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="5568.3.1940941236\1289406244" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5568.4.1116632903\1410233983" --lang=cs --ignored=" --type=renderer " /prefetch:13
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/7/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="5568.8.103903111\1277963703" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/7/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="5568.9.2123271130\2020396133" /prefetch:3
"C:\Users\Uzivatel\Desktop\Udržba PC\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3279554059-404718991-3174698938-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3279554059-404718991-3174698938-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-06-30 545192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-06-30 193456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-10-17 1521352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-10-17 1521352]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"VDownloader"=C:\Program Files\VDownloader\VDownloader.exe [2012-09-27 881664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2012-09-24 490880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Uzivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-09 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-11-09 17877168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files (x86)\steam\steam.exe [2012-12-04 1354736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~2\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-07-03 4273976]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2012-10-17 1573576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 115200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 2 months======

2012-12-13 14:53:43 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-12-13 14:53:43 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-12-13 14:53:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-12-13 14:53:43 ----A---- C:\Windows\system32\mshtmled.dll
2012-12-13 14:53:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-12-13 14:53:42 ----A---- C:\Windows\SYSWOW64\url.dll
2012-12-13 14:53:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-12-13 14:53:42 ----A---- C:\Windows\system32\url.dll
2012-12-13 14:53:42 ----A---- C:\Windows\system32\ieUnatt.exe
2012-12-13 14:53:42 ----A---- C:\Windows\system32\ieui.dll
2012-12-13 14:53:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-12-13 14:53:41 ----A---- C:\Windows\system32\urlmon.dll
2012-12-13 14:53:41 ----A---- C:\Windows\system32\msfeeds.dll
2012-12-13 14:53:41 ----A---- C:\Windows\system32\jscript9.dll
2012-12-13 14:53:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-12-13 14:53:40 ----A---- C:\Windows\system32\wininet.dll
2012-12-13 14:53:40 ----A---- C:\Windows\system32\jsproxy.dll
2012-12-13 14:53:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-12-13 14:53:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-12-13 14:53:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-12-13 14:53:39 ----A---- C:\Windows\system32\vbscript.dll
2012-12-13 14:53:39 ----A---- C:\Windows\system32\jscript.dll
2012-12-13 14:53:39 ----A---- C:\Windows\system32\iertutil.dll
2012-12-13 14:53:38 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-12-13 14:53:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-12-13 14:53:35 ----A---- C:\Windows\system32\mshtml.dll
2012-12-13 14:53:34 ----A---- C:\Windows\system32\ieframe.dll
2012-12-13 14:53:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-12-12 16:11:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-12-12 16:11:01 ----A---- C:\Windows\system32\tzres.dll
2012-12-12 16:10:55 ----A---- C:\Windows\system32\win32k.sys
2012-12-12 16:10:53 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-12 16:10:53 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-12 16:10:53 ----A---- C:\Windows\system32\atmlib.dll
2012-12-12 16:10:53 ----A---- C:\Windows\system32\atmfd.dll
2012-12-12 16:10:46 ----A---- C:\Windows\system32\winsrv.dll
2012-12-12 16:10:46 ----A---- C:\Windows\system32\KernelBase.dll
2012-12-12 16:10:46 ----A---- C:\Windows\system32\kernel32.dll
2012-12-12 16:10:46 ----A---- C:\Windows\system32\conhost.exe
2012-12-12 16:10:45 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-12-12 16:10:45 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-12-12 16:10:44 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-12-12 16:10:44 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-12-12 16:10:44 ----A---- C:\Windows\system32\wow64win.dll
2012-12-12 16:10:44 ----A---- C:\Windows\system32\wow64cpu.dll
2012-12-12 16:10:44 ----A---- C:\Windows\system32\wow64.dll
2012-12-12 16:10:44 ----A---- C:\Windows\system32\ntvdm64.dll
2012-12-12 16:10:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-12 16:10:43 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-12-12 16:10:43 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 16:10:40 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-12-12 16:10:40 ----A---- C:\Windows\SYSWOW64\user.exe
2012-12-12 16:10:30 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2012-12-12 16:10:30 ----A---- C:\Windows\system32\dpnet.dll
2012-12-09 15:21:24 ----D---- C:\Poker
2012-12-08 23:03:17 ----D---- C:\Crash
2012-12-07 23:53:44 ----D---- C:\Program Files (x86)\PANDORA.TV
2012-12-02 19:46:42 ----D---- C:\Program Files (x86)\uTorrent
2012-12-02 18:05:27 ----D---- C:\Users\Uzivatel\AppData\Roaming\OBS
2012-12-02 18:05:22 ----D---- C:\Program Files (x86)\OBS
2012-12-01 23:09:29 ----D---- C:\ProgramData\Orbit
2012-12-01 22:19:49 ----D---- C:\Program Files (x86)\Far Cry 3
2012-12-01 10:41:46 ----A---- C:\out.txt
2012-12-01 10:41:00 ----D---- C:\Users\Uzivatel\AppData\Roaming\Ulozto File Manager
2012-11-30 17:09:39 ----D---- C:\Program Files (x86)\Stardock
2012-11-26 18:42:39 ----D---- C:\Program Files (x86)\Prime95
2012-11-26 18:03:55 ----D---- C:\Program Files (x86)\AMD APP
2012-11-26 17:56:48 ----D---- C:\Windows\SYSWOW64\RTCOM
2012-11-26 17:56:25 ----A---- C:\Windows\system32\SRSWOW64.dll
2012-11-26 17:56:25 ----A---- C:\Windows\system32\SRSTSX64.dll
2012-11-26 17:56:19 ----A---- C:\Windows\system32\RtPgEx64.dll
2012-11-26 17:56:18 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2012-11-26 17:56:18 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2012-11-26 17:56:17 ----A---- C:\Windows\system32\RtkCfg64.dll
2012-11-26 17:56:16 ----A---- C:\Windows\system32\RtkApi64.dll
2012-11-26 17:56:16 ----A---- C:\Windows\system32\RTEEP64A.dll
2012-11-26 17:56:16 ----A---- C:\Windows\system32\RTEEL64A.dll
2012-11-26 17:56:15 ----A---- C:\Windows\system32\RTEEG64A.dll
2012-11-26 17:56:15 ----A---- C:\Windows\system32\RTEED64A.dll
2012-11-26 17:56:15 ----A---- C:\Windows\system32\RTCOM64.dll
2012-11-26 17:56:15 ----A---- C:\Windows\system32\RP3DHT64.dll
2012-11-26 17:56:14 ----A---- C:\Windows\system32\RP3DAA64.dll
2012-11-26 17:56:14 ----A---- C:\Windows\system32\RCoInst64.dll
2012-11-26 17:56:03 ----A---- C:\Windows\system32\FMAPO64.dll
2012-11-26 17:56:00 ----A---- C:\Windows\system32\AERTAR64.dll
2012-11-26 17:56:00 ----A---- C:\Windows\system32\AERTAC64.dll
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RtPCEE4.DAT
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RtPCEE3.DAT
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RtHdatEx.dat
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RTHDAEQ1.dat
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RTEQEX3.dat
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RTEQEX2.dat
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RTEQEX1.dat
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RTEQEX0.dat
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RTConvEQ.dat
2012-11-25 21:47:15 ----A---- C:\Windows\system32\drivers\rtkhdaud.dat
2012-11-25 21:47:07 ----A---- C:\Windows\system32\RtkAPO64.dll
2012-11-25 21:10:17 ----A---- C:\Windows\system32\RtNicProp64.dll
2012-11-25 21:10:16 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2012-11-25 21:09:43 ----A---- C:\Windows\Language_trs.ini
2012-11-25 20:54:42 ----D---- C:\Users\Uzivatel\AppData\Roaming\Smart PC Solutions
2012-11-25 20:54:40 ----D---- C:\Program Files (x86)\Smart PC Solutions
2012-11-25 18:07:40 ----D---- C:\swsetup
2012-11-25 17:32:07 ----D---- C:\Program Files\Easeware
2012-11-25 17:15:16 ----D---- C:\Users\Uzivatel\AppData\Roaming\Easeware
2012-11-25 13:08:57 ----D---- C:\Users\Uzivatel\AppData\Roaming\Theta
2012-11-25 12:53:34 ----D---- C:\Hry
2012-11-24 01:16:32 ----D---- C:\Users\Uzivatel\AppData\Roaming\VDownloader
2012-11-24 01:16:01 ----A---- C:\Program Files\Common Files\WinPcapNmap.exe
2012-11-24 01:15:57 ----D---- C:\Program Files\VDownloader
2012-11-24 01:07:47 ----D---- C:\ProgramData\PSafe
2012-11-24 01:07:38 ----RA---- C:\Windows\system32\drivers\360FltOEM.sys
2012-11-18 21:01:05 ----D---- C:\Program Files (x86)\EASEUS
2012-11-17 23:13:06 ----D---- C:\Users\Uzivatel\AppData\Roaming\Need for Speed World
2012-11-15 21:11:58 ----D---- C:\Users\Uzivatel\AppData\Roaming\ManyCam
2012-11-15 21:11:53 ----D---- C:\Program Files (x86)\ManyCam
2012-11-14 11:54:01 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-14 11:54:01 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-14 11:54:01 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-14 11:45:36 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-14 11:45:36 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-14 11:45:35 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-14 11:45:35 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-14 11:45:34 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-14 11:45:34 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-14 11:45:33 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-14 09:29:30 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2012-11-14 09:29:30 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2012-11-14 09:29:30 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-14 09:29:30 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-14 09:29:17 ----A---- C:\Windows\system32\iisRtl.dll
2012-11-14 09:29:14 ----A---- C:\Windows\SYSWOW64\iisRtl.dll
2012-11-14 09:29:14 ----A---- C:\Windows\system32\admwprox.dll
2012-11-14 09:29:13 ----A---- C:\Windows\SYSWOW64\admwprox.dll
2012-11-14 09:29:11 ----A---- C:\Windows\SYSWOW64\iisreset.exe
2012-11-14 09:29:11 ----A---- C:\Windows\system32\iisreset.exe
2012-11-14 09:29:11 ----A---- C:\Windows\system32\ahadmin.dll
2012-11-14 09:29:10 ----A---- C:\Windows\SYSWOW64\wamregps.dll
2012-11-14 09:29:10 ----A---- C:\Windows\SYSWOW64\ahadmin.dll
2012-11-14 09:29:10 ----A---- C:\Windows\system32\wamregps.dll
2012-11-14 09:29:10 ----A---- C:\Windows\system32\iisrstap.dll
2012-11-14 09:29:09 ----A---- C:\Windows\SYSWOW64\iisrstap.dll
2012-11-14 09:29:06 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2012-11-14 09:29:06 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2012-11-14 09:29:06 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-11-14 09:29:06 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-14 09:29:06 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-14 09:29:06 ----A---- C:\Windows\system32\ncsi.dll
2012-11-14 09:29:06 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-14 09:29:06 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-14 09:29:05 ----A---- C:\Windows\SYSWOW64\netevent.dll
2012-11-14 09:29:05 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-14 09:29:05 ----A---- C:\Windows\system32\netevent.dll
2012-11-14 09:29:05 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-14 09:28:46 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-14 09:28:46 ----A---- C:\Windows\system32\synceng.dll
2012-11-11 19:44:38 ----D---- C:\Program Files (x86)\Rockstar Games
2012-11-11 11:39:52 ----D---- C:\ProgramData\SplitMediaLabs
2012-11-10 14:44:25 ----A---- C:\Windows\system32\rdpudd.dll
2012-11-10 14:44:25 ----A---- C:\Windows\system32\rdpcorets.dll
2012-11-10 14:44:24 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2012-11-10 14:44:24 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2012-11-10 14:44:24 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2012-11-10 14:44:24 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2012-11-10 14:44:24 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2012-11-10 14:44:24 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2012-11-10 14:44:24 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2012-11-10 14:44:24 ----A---- C:\Windows\system32\wksprtPS.dll
2012-11-10 14:44:24 ----A---- C:\Windows\system32\wksprt.exe
2012-11-10 14:44:24 ----A---- C:\Windows\system32\TSWbPrxy.exe
2012-11-10 14:44:24 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-10 14:44:24 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-10 14:44:24 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2012-11-10 14:44:24 ----A---- C:\Windows\system32\tsgqec.dll
2012-11-10 14:44:24 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2012-11-10 14:44:24 ----A---- C:\Windows\system32\rdpendp_winip.dll
2012-11-10 14:44:24 ----A---- C:\Windows\system32\mstscax.dll
2012-11-10 14:44:24 ----A---- C:\Windows\system32\mstsc.exe
2012-11-10 14:44:24 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2012-11-10 14:44:24 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2012-11-10 14:44:24 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2012-11-10 14:44:24 ----A---- C:\Windows\system32\aaclient.dll
2012-11-10 14:43:31 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-11-10 14:43:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-11-10 14:43:31 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-11-10 14:43:31 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-11-10 14:43:31 ----A---- C:\Windows\system32\schannel.dll
2012-11-10 14:43:31 ----A---- C:\Windows\system32\ncrypt.dll
2012-11-10 14:43:31 ----A---- C:\Windows\system32\lsasrv.dll
2012-11-10 14:43:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-11-10 14:43:31 ----A---- C:\Windows\system32\drivers\cng.sys
2012-11-10 14:42:36 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-11-10 14:42:36 ----A---- C:\Windows\system32\qdvd.dll
2012-11-09 21:42:08 ----D---- C:\Users\Uzivatel\AppData\Roaming\IObit
2012-10-31 20:05:45 ----D---- C:\Program Files (x86)\SpeedFan
2012-10-29 15:23:24 ----D---- C:\Program Files (x86)\Ask.com
2012-10-29 15:15:38 ----D---- C:\2808f17e08b68cdcc8
2012-10-29 15:13:10 ----D---- C:\ProgramData\Ask
2012-10-29 15:12:59 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-10-25 15:33:03 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client

======List of files/folders modified in the last 2 months======

2012-12-19 22:48:44 ----D---- C:\Windows\Prefetch
2012-12-19 22:48:42 ----D---- C:\Windows\Temp
2012-12-19 22:48:41 ----D---- C:\Program Files\trend micro
2012-12-19 22:48:35 ----D---- C:\rsit
2012-12-19 22:39:31 ----RD---- C:\Users
2012-12-19 22:26:01 ----D---- C:\Users\Uzivatel\AppData\Roaming\TS3Client
2012-12-19 21:55:23 ----D---- C:\Windows\SysWOW64
2012-12-19 21:55:19 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-12-19 20:09:50 ----D---- C:\Users\Uzivatel\AppData\Roaming\Skype
2012-12-19 13:03:55 ----D---- C:\Windows\system32\config
2012-12-17 20:18:45 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-12-16 10:27:06 ----SHD---- C:\Windows\Installer
2012-12-16 10:27:06 ----SHD---- C:\Config.Msi
2012-12-14 05:47:51 ----D---- C:\Users\Uzivatel\AppData\Roaming\uTorrent
2012-12-14 05:44:49 ----D---- C:\Program Files (x86)\JDownloader
2012-12-14 00:00:00 ----D---- C:\Windows\rescache
2012-12-13 23:23:50 ----D---- C:\Windows\winsxs
2012-12-13 23:19:44 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-12-13 23:19:44 ----D---- C:\Windows\system32\cs-CZ
2012-12-13 23:19:44 ----D---- C:\Windows\System32
2012-12-13 23:19:43 ----D---- C:\Windows\SYSWOW64\migration
2012-12-13 23:19:43 ----D---- C:\Windows\system32\migration
2012-12-13 23:19:43 ----D---- C:\Windows\AppPatch
2012-12-13 23:19:43 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-13 23:19:42 ----D---- C:\Program Files\Internet Explorer
2012-12-13 21:33:29 ----D---- C:\Windows\inf
2012-12-13 21:33:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-13 14:55:40 ----D---- C:\Windows\debug
2012-12-13 14:55:37 ----A---- C:\Windows\system32\MRT.exe
2012-12-13 14:55:32 ----D---- C:\ProgramData\Microsoft Help
2012-12-13 14:53:56 ----D---- C:\Windows\system32\catroot2
2012-12-13 14:53:56 ----D---- C:\Windows\system32\catroot
2012-12-12 20:10:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-12-09 17:45:46 ----D---- C:\Program Files (x86)\Origin
2012-12-09 12:24:34 ----D---- C:\Program Files (x86)\Steam
2012-12-08 23:02:27 ----RSD---- C:\Windows\assembly
2012-12-08 23:02:16 ----D---- C:\Windows
2012-12-08 23:01:59 ----D---- C:\Windows\Logs
2012-12-08 20:42:28 ----D---- C:\Windows\system32\NDF
2012-12-08 19:59:29 ----D---- C:\Users\Uzivatel\AppData\Roaming\.minecraft
2012-12-07 23:53:44 ----RD---- C:\Program Files (x86)
2012-12-07 23:53:37 ----D---- C:\Program Files (x86)\The KMPlayer
2012-12-06 21:42:24 ----D---- C:\Windows\system32\Tasks
2012-12-05 10:49:47 ----RD---- C:\Program Files
2012-12-05 10:49:47 ----D---- C:\Windows\system32\drivers
2012-12-05 10:49:40 ----D---- C:\Games
2012-12-05 10:16:54 ----D---- C:\ProgramData\IObit
2012-12-03 13:37:12 ----D---- C:\Users\Uzivatel\AppData\Roaming\vlc
2012-12-01 23:09:29 ----HD---- C:\ProgramData
2012-11-30 17:15:18 ----D---- C:\Program Files (x86)\Directx
2012-11-28 20:35:15 ----D---- C:\Counter-Strike 1.6
2012-11-26 18:03:46 ----D---- C:\Windows\system32\DriverStore
2012-11-26 18:02:04 ----D---- C:\AMD
2012-11-26 17:59:49 ----HD---- C:\Program Files (x86)\Temp
2012-11-26 17:55:58 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-26 17:49:36 ----D---- C:\Windows\SYSWOW64\directx
2012-11-26 17:48:37 ----SD---- C:\ProgramData\Microsoft
2012-11-26 17:48:24 ----D---- C:\Program Files (x86)\Microsoft
2012-11-26 17:47:54 ----HD---- C:\Windows\msdownld.tmp
2012-11-26 16:21:38 ----AD---- C:\ProgramData\TEMP
2012-11-25 23:21:07 ----SHD---- C:\System Volume Information
2012-11-25 22:33:08 ----D---- C:\ProgramData\Skype
2012-11-25 22:33:03 ----RD---- C:\Program Files (x86)\Skype
2012-11-25 22:33:03 ----D---- C:\Program Files (x86)\Common Files
2012-11-25 21:10:16 ----D---- C:\Program Files (x86)\Realtek
2012-11-25 18:09:09 ----D---- C:\Program Files (x86)\ATI Technologies
2012-11-24 22:59:52 ----D---- C:\Program Files (x86)\Electronic Arts
2012-11-24 01:16:01 ----D---- C:\Program Files\Common Files
2012-11-24 01:15:38 ----D---- C:\Program Files (x86)\VDownloader
2012-11-17 14:36:01 ----D---- C:\ProgramData\Electronic Arts
2012-11-14 22:01:38 ----D---- C:\Windows\Microsoft.NET
2012-11-14 15:43:47 ----D---- C:\Windows\SYSWOW64\inetsrv
2012-11-14 15:43:47 ----D---- C:\Windows\system32\wbem
2012-11-14 15:43:47 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-11-14 15:43:46 ----D---- C:\Windows\system32\inetsrv
2012-11-14 15:43:39 ----RSD---- C:\Windows\Fonts
2012-11-14 11:44:55 ----A---- C:\Windows\win.ini
2012-11-11 09:58:34 ----D---- C:\ProgramData\Adobe
2012-11-11 01:49:02 ----D---- C:\Windows\SYSWOW64\wbem
2012-11-11 01:49:02 ----D---- C:\Windows\SYSWOW64\en-US
2012-11-11 01:49:01 ----D---- C:\Windows\system32\en-US
2012-11-11 01:49:01 ----D---- C:\Windows\system32\drivers\en-US
2012-11-11 01:49:01 ----D---- C:\Windows\PolicyDefinitions
2012-11-10 14:48:11 ----SH---- C:\Program Files (x86)\desktop.ini
2012-11-09 21:44:39 ----D---- C:\Windows\Tasks
2012-11-09 21:42:02 ----D---- C:\Program Files (x86)\IObit
2012-11-09 20:29:11 ----D---- C:\ProgramData\Origin
2012-11-09 20:28:35 ----D---- C:\Users\Uzivatel\AppData\Roaming\Origin
2012-11-07 19:07:14 ----D---- C:\Windows\twain_32
2012-10-29 15:12:59 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2010-06-28 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2012-07-03 266776]
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2009-09-24 23304]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-17 503352]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2012-07-03 142128]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-07-03 19600]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-07-03 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-07-03 958400]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-07-03 355856]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-07-03 59728]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-07-03 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-02-16 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-02-16 43680]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-28 9980416]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-28 309248]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 27136]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-28 9980416]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2009-09-24 27776]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
S3 EagleX64;EagleX64; C:\Windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2009-08-26 30344]
S3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-10 19456]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-11-11 136264]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-11-10 57856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [2010-11-01 14544]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-12 1026432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-28 204288]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-07-03 44808]
R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2012-07-03 133912]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2006-10-26 335872]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-06-09 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-06-19 3048136]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-04 136176]
S2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 250808]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-04 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-12-05 541168]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 20 pro 2012 10:34

Zdravím.

Vydrž minutku, na logu se intenzivně pracuje. Obrázek

#3 Příspěvek od **Mc_Murphy** » 20 pro 2012 10:37

Doporučuji svižně odinstalovat Advanced SystemCare 6 a následně i vše od IObit. Jsou to čínské šmejdy, které hledají nesmyslné a neexistující problémy. Tvůrci software ukradli databázi havěti jiné renomované společnosti a účinek na PC je spíše nulový až negativní.

Dále, pokud je tam najdeš, tak v nabídce Přidat nebo odebrat programy odinstaluj tyto toolbary:

Ask Toolbar a Bing Bar.

Toolbary (lišty prohlížečů) jsou veliká "zdržovadla" systému a v případě například Ask.com Toolbar, Conduit Engine a dalších se dá hovořit už i o havěti.

Až to všechno provedeš, tak stáhni AdwCleaner - http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulož jej nejlépe na Plochu.
Ukonči všechny programy!!
Spusť AdwCleaner.
Pokud používáš operační systém Windows Vista či Windows 7, klikni na AdwCleaner pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Klikni na [Search].
Proběhne scan a pak se objeví log, který bude případně uložen na systémovém disku jako AdwCleaner[R?].txt - ten mi sem vlož.

Lukass_cze · #4 Příspěvek od **Lukass_cze** » 20 pro 2012 11:01

O Advanced SystemCare 6 sem už slyšel.. Ale opravil mi úplně celý systém a dost se mi hodí to monitorování výkonu. Takže nevím jestli odinstalovat nebo ne. A nepoužívám ho na skeny. A ještě Game Booster. Myslím že je taky od IObitu. Ten mám taky popřípadě odinstalovat?

Ask Toolbar mi odinstalovat nejde. Píše mi že mám spuštěný IE i když je všechno vypnuté. Conduit Engine přes Přidat nebo odinstalovat programy vůbec nereaguje. Bing bar sem odinstaloval.

Nevěděl jsem, jestli mám i přes to zapnout ten AdwCleaner.

#5 Příspěvek od **Mc_Murphy** » 20 pro 2012 13:41

Jako je to Tvoje věc, ale já bych to odpálil všechno do pryč. Ono se Ti to může jen nakrásně zdát, že Ti ASC systém opravil, ale nemusí tomu až tak být. Já bych si to do PC nikdy nepustil. Je to na Tobě.
A slavný Game Booster - nejsem si jistý, jestli něco opravdu "boostuje" - pro mě platí to samé jako v předešlém případě. Volba je Tvoje.

Co se týče Ask Toolbaru, zkus jen restartovat PC a dát ho ihned po naběhnutí odinstalovat. Když nepůjde, nevadí, odpálíme ho jinak a Ty jdi na další krok.

Až to provedeš, vrhni se na ten AdwCleaner.

Lukass_cze · #6 Příspěvek od **Lukass_cze** » 20 pro 2012 18:56

# AdwCleaner v2.101 - Logfile created 12/20/2012 at 18:53:26
# Updated 16/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Uzivatel - STEFKOVY
# Boot Mode : Normal
# Running from : C:\Users\Uzivatel\Desktop\Udržba PC\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\user.js
File Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\searchplugins\Askcom.xml
File Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\searchplugins\Conduit.xml
File Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\searchplugins\icqplugin.xml
File Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\searchplugins\SweetIm.xml
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\ConduitEngine
Folder Found : C:\Program Files (x86)\Windows Searchqu Toolbar
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Premium
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Uzivatel\AppData\Local\APN
Folder Found : C:\Users\Uzivatel\AppData\Local\Conduit
Folder Found : C:\Users\Uzivatel\AppData\Local\Ilivid Player
Folder Found : C:\Users\Uzivatel\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Uzivatel\AppData\LocalLow\Conduit
Folder Found : C:\Users\Uzivatel\AppData\LocalLow\ConduitEngine
Folder Found : C:\Users\Uzivatel\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Uzivatel\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Uzivatel\AppData\LocalLow\searchquband
Folder Found : C:\Users\Uzivatel\AppData\Roaming\kikin
Folder Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\Conduit
Folder Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\ConduitCommon
Folder Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\CT2247187
Folder Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}
Folder Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\extensions\toolbar@ask.com
Folder Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\SweetPacksToolbarData
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Folder Found : C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}

***** [Registry] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\searchqutb
Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Found : HKCU\Software\AppDataLow\Software\Softonic-Eng7
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\Software\Bandoo
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\GamePlayLabs
Key Found : HKLM\Software\ilivid
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{85ACB728-75CA-4FBB-B76C-46B9E5F76FDB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\Softonic-Eng7
Key Found : HKLM\Software\SweetIM
Key Found : HKLM\Software\VDownloader\OpenCandy
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaoahhbmfiopgbablmbaehhfjfbgob
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89D939A9-3AF2-40C9-949D-374B5AB90560}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Software
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\S-1-5-21-3279554059-404718991-3174698938-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-3279554059-404718991-3174698938-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-3279554059-404718991-3174698938-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKU\S-1-5-21-3279554059-404718991-3174698938-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com

-\\ Mozilla Firefox v [Unable to get version]

Profile name : default
File : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\prefs.js

Found : user_pref("CT2247187..clientLogIsEnabled", false);
Found : user_pref("CT2247187..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2247187..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2247187.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2247187.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2247187.AppTrackingLastCheckTime", "Sun Jun 10 2012 13:15:59 GMT+0200");
Found : user_pref("CT2247187.BrowserCompStateIsOpen_129666192279313208", true);
Found : user_pref("CT2247187.BrowserCompStateIsOpen_129737852131523932", true);
Found : user_pref("CT2247187.CT2247187", "CT2247187");
Found : user_pref("CT2247187.CurrentServerDate", "13-9-2012");
Found : user_pref("CT2247187.DSChangedManually", false);
Found : user_pref("CT2247187.DSInstall", true);
Found : user_pref("CT2247187.DialogsAlignMode", "LTR");
Found : user_pref("CT2247187.DialogsGetterLastCheckTime", "Thu Sep 13 2012 15:15:47 GMT+0200");
Found : user_pref("CT2247187.DownloadReferralCookieData", "");
Found : user_pref("CT2247187.EMailNotifierPollDate", "Mon Jun 11 2012 12:45:53 GMT+0200");
Found : user_pref("CT2247187.FirstServerDate", "5-6-2012");
Found : user_pref("CT2247187.FirstTime", true);
Found : user_pref("CT2247187.FirstTimeFF3", true);
Found : user_pref("CT2247187.FirstTimeHiddenVer", true);
Found : user_pref("CT2247187.FixPageNotFoundErrors", true);
Found : user_pref("CT2247187.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2247187.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2247187.HPChangedManually", false);
Found : user_pref("CT2247187.HPInstall", true);
Found : user_pref("CT2247187.HasUserGlobalKeys", true);
Found : user_pref("CT2247187.HomePageProtectorEnabled", false);
Found : user_pref("CT2247187.HomepageBeforeUnload", "hxxp://home.sweetim.com/?st=1");
Found : user_pref("CT2247187.Initialize", true);
Found : user_pref("CT2247187.InitializeCommonPrefs", true);
Found : user_pref("CT2247187.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2247187.InstallationType", "Unknown");
Found : user_pref("CT2247187.InstalledDate", "Tue Jun 05 2012 18:01:16 GMT+0200");
Found : user_pref("CT2247187.InvalidateCache", false);
Found : user_pref("CT2247187.IsAlertDBUpdated", true);
Found : user_pref("CT2247187.IsGrouping", false);
Found : user_pref("CT2247187.IsInitSetupIni", true);
Found : user_pref("CT2247187.IsMulticommunity", false);
Found : user_pref("CT2247187.IsOpenThankYouPage", true);
Found : user_pref("CT2247187.IsOpenUninstallPage", true);
Found : user_pref("CT2247187.IsProtectorsInit", true);
Found : user_pref("CT2247187.LanguagePackLastCheckTime", "Thu Sep 13 2012 15:15:48 GMT+0200");
Found : user_pref("CT2247187.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2247187.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2247187.LastLogin_3.13.0.6", "Sun Jul 15 2012 15:08:58 GMT+0200");
Found : user_pref("CT2247187.LastLogin_3.14.1.0", "Thu Sep 13 2012 15:15:46 GMT+0200");
Found : user_pref("CT2247187.LatestVersion", "3.14.1.0");
Found : user_pref("CT2247187.Locale", "en");
Found : user_pref("CT2247187.MAX_NUMBER_OF_ALERTS_129666192279313208", "1_1339361581437");
Found : user_pref("CT2247187.MCDetectTooltipHeight", "83");
Found : user_pref("CT2247187.MCDetectTooltipShow", false);
Found : user_pref("CT2247187.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2247187.MCDetectTooltipWidth", "295");
Found : user_pref("CT2247187.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2247187.OriginalFirstVersion", "3.13.0.6");
Found : user_pref("CT2247187.RadioIsPodcast", false);
Found : user_pref("CT2247187.RadioLastCheckTime", "Sun Jun 10 2012 13:15:58 GMT+0200");
Found : user_pref("CT2247187.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2247187.RadioLastUpdateServer", "128929877726170000");
Found : user_pref("CT2247187.RadioMediaID", "10957728");
Found : user_pref("CT2247187.RadioMediaType", "Media Player");
Found : user_pref("CT2247187.RadioMenuSelectedID", "EBRadioMenu_CT224718710957728");
Found : user_pref("CT2247187.RadioShrinkedFromSetup", false);
Found : user_pref("CT2247187.RadioStationName", "Rap%20(Uncensored)");
Found : user_pref("CT2247187.RadioStationURL", "hxxp://www.1club.fm/go/tunein.aspx?station=raw");
Found : user_pref("CT2247187.SavedHomepage", "hxxp://home.sweetim.com");
Found : user_pref("CT2247187.SearchCaption", "Mario Forever Customized Web Search");
Found : user_pref("CT2247187.SearchEngineBeforeUnload", "SweetIM Search");
Found : user_pref("CT2247187.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2247187.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT224[...]
Found : user_pref("CT2247187.SearchInNewTabEnabled", true);
Found : user_pref("CT2247187.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2247187.SearchInNewTabLastCheckTime", "Thu Sep 13 2012 15:15:46 GMT+0200");
Found : user_pref("CT2247187.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2247187.SearchProtectorEnabled", true);
Found : user_pref("CT2247187.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2247187.SendProtectorDataViaLogin", true);
Found : user_pref("CT2247187.ServiceMapLastCheckTime", "Thu Sep 13 2012 15:15:46 GMT+0200");
Found : user_pref("CT2247187.SettingsLastCheckTime", "Thu Sep 13 2012 15:15:45 GMT+0200");
Found : user_pref("CT2247187.SettingsLastUpdate", "1347288122");
Found : user_pref("CT2247187.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2247187&SearchSource=13");
Found : user_pref("CT2247187.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2247187.ThirdPartyComponentsLastCheck", "Tue Jun 05 2012 18:01:05 GMT+0200");
Found : user_pref("CT2247187.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2247187.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2247187.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2247187");
Found : user_pref("CT2247187.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2247187.UserID", "UN68559325745594452");
Found : user_pref("CT2247187.ValidationData_Toolbar", 0);
Found : user_pref("CT2247187.WeatherNetwork", "");
Found : user_pref("CT2247187.WeatherPollDate", "Mon Jun 11 2012 12:46:37 GMT+0200");
Found : user_pref("CT2247187.WeatherUnit", "C");
Found : user_pref("CT2247187.alertChannelId", "644679");
Found : user_pref("CT2247187.approveUntrustedApps", false);
Found : user_pref("CT2247187.backendstorage.activationstep", "35");
Found : user_pref("CT2247187.backendstorage.cbcountry_000", "435A");
Found : user_pref("CT2247187.backendstorage.cbfirsttime", "547565204A756E20303520323031322031383A30313A32362[...]
Found : user_pref("CT2247187.backendstorage.firstrun", "31333338393132303738313434");
Found : user_pref("CT2247187.backendstorage.loadtimes", "3330");
Found : user_pref("CT2247187.backendstorage.shoppingapp.gk.exipres", "467269204A756E20313520323031322032303A[...]
Found : user_pref("CT2247187.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Found : user_pref("CT2247187.backendstorage.uniqueid", "36303331323135373945373942424531");
Found : user_pref("CT2247187.backendstorage.url_history0001", "68747470733A2F2F7777772E66616365626F6F6B2E636[...]
Found : user_pref("CT2247187.components.1000034", true);
Found : user_pref("CT2247187.components.1000234", true);
Found : user_pref("CT2247187.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2247187.globalFirstTimeInfoLastCheckTime", "Tue Jun 05 2012 18:01:09 GMT+0200");
Found : user_pref("CT2247187.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2247187.initDone", true);
Found : user_pref("CT2247187.isAppTrackingManagerOn", true);
Found : user_pref("CT2247187.isFirstRadioInstallation", false);
Found : user_pref("CT2247187.myStuffEnabled", true);
Found : user_pref("CT2247187.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2247187.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2247187.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2247187.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2247187.navigateToUrlOnSearch", false);
Found : user_pref("CT2247187.revertSettingsEnabled", true);
Found : user_pref("CT2247187.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2247187.searchProtectorEnableByLogin", true);
Found : user_pref("CT2247187.testingCtid", "");
Found : user_pref("CT2247187.toolbarAppMetaDataLastCheckTime", "Thu Sep 13 2012 15:15:47 GMT+0200");
Found : user_pref("CT2247187.toolbarContextMenuLastCheckTime", "Tue Jun 05 2012 18:01:16 GMT+0200");
Found : user_pref("CT2247187.usagesFlag", 2);
Found : user_pref("CT2304157..clientLogIsEnabled", false);
Found : user_pref("CT2304157..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2304157..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2304157.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2304157.AppTrackingLastCheckTime", "Wed Feb 22 2012 21:52:01 GMT+0100");
Found : user_pref("CT2304157.BrowserCompStateIsOpen_1000515", true);
Found : user_pref("CT2304157.CT2304157", "CT2304157");
Found : user_pref("CT2304157.CurrentServerDate", "6-3-2012");
Found : user_pref("CT2304157.DialogsAlignMode", "LTR");
Found : user_pref("CT2304157.DialogsGetterLastCheckTime", "Mon Mar 05 2012 16:08:30 GMT+0100");
Found : user_pref("CT2304157.DownloadReferralCookieData", "");
Found : user_pref("CT2304157.FeedLastCount129078895246717929", 27);
Found : user_pref("CT2304157.FeedLastCount129095439763593837", 0);
Found : user_pref("CT2304157.FeedPollDate129078895250311712", "Tue Mar 06 2012 14:20:22 GMT+0100");
Found : user_pref("CT2304157.FeedPollDate129095439763593837", "Tue Mar 06 2012 14:40:22 GMT+0100");
Found : user_pref("CT2304157.FeedPollDate129604942912022444", "Tue Mar 06 2012 14:40:22 GMT+0100");
Found : user_pref("CT2304157.FeedTTL129078895250311712", 40);
Found : user_pref("CT2304157.FirstServerDate", "5-9-2011");
Found : user_pref("CT2304157.FirstTime", true);
Found : user_pref("CT2304157.FirstTimeFF3", true);
Found : user_pref("CT2304157.FixPageNotFoundErrors", true);
Found : user_pref("CT2304157.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2304157.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2304157.HasUserGlobalKeys", true);
Found : user_pref("CT2304157.HomePageProtectorEnabled", false);
Found : user_pref("CT2304157.Initialize", true);
Found : user_pref("CT2304157.InitializeCommonPrefs", true);
Found : user_pref("CT2304157.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2304157.InstallationType", "Unknown");
Found : user_pref("CT2304157.InstalledDate", "Mon Sep 05 2011 16:42:09 GMT+0200");
Found : user_pref("CT2304157.IsAlertDBUpdated", true);
Found : user_pref("CT2304157.IsGrouping", false);
Found : user_pref("CT2304157.IsInitSetupIni", true);
Found : user_pref("CT2304157.IsMulticommunity", false);
Found : user_pref("CT2304157.IsOpenThankYouPage", true);
Found : user_pref("CT2304157.IsOpenUninstallPage", true);
Found : user_pref("CT2304157.IsProtectorsInit", true);
Found : user_pref("CT2304157.LanguagePackLastCheckTime", "Tue Mar 06 2012 11:40:20 GMT+0100");
Found : user_pref("CT2304157.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2304157.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2304157.LastLogin_3.6.0.10", "Tue Mar 06 2012 11:40:21 GMT+0100");
Found : user_pref("CT2304157.LatestVersion", "3.10.0.1");
Found : user_pref("CT2304157.Locale", "en");
Found : user_pref("CT2304157.MCDetectTooltipHeight", "83");
Found : user_pref("CT2304157.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2304157.MCDetectTooltipWidth", "295");
Found : user_pref("CT2304157.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2304157.OriginalFirstVersion", "3.6.0.10");
Found : user_pref("CT2304157.SavedHomepage", "hxxp://www.searchqu.com/406");
Found : user_pref("CT2304157.SearchEngineBeforeUnload", "Yahoo");
Found : user_pref("CT2304157.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2304157.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT230[...]
Found : user_pref("CT2304157.SearchInNewTabEnabled", true);
Found : user_pref("CT2304157.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2304157.SearchInNewTabLastCheckTime", "Tue Mar 06 2012 11:40:19 GMT+0100");
Found : user_pref("CT2304157.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2304157.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2304157.SearchProtectorEnabled", false);
Found : user_pref("CT2304157.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2304157.ServiceMapLastCheckTime", "Tue Mar 06 2012 11:40:20 GMT+0100");
Found : user_pref("CT2304157.SettingsLastCheckTime", "Tue Mar 06 2012 11:40:19 GMT+0100");
Found : user_pref("CT2304157.SettingsLastUpdate", "1326723880");
Found : user_pref("CT2304157.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2304157.ThirdPartyComponentsLastCheck", "Thu Feb 23 2012 22:14:52 GMT+0100");
Found : user_pref("CT2304157.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT2304157.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2304157.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2304157");
Found : user_pref("CT2304157.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2304157.UserID", "UN83951842333103956");
Found : user_pref("CT2304157.ValidationData_Search", 2);
Found : user_pref("CT2304157.ValidationData_Toolbar", 2);
Found : user_pref("CT2304157.alertChannelId", "700614");
Found : user_pref("CT2304157.backendstorage.2304157a129604967990223179000000paramsgk2", "7B22757064617465526[...]
Found : user_pref("CT2304157.components.1000515", true);
Found : user_pref("CT2304157.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2304157.globalFirstTimeInfoLastCheckTime", "Mon Feb 27 2012 18:31:20 GMT+0100");
Found : user_pref("CT2304157.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2304157.initDone", true);
Found : user_pref("CT2304157.isAppTrackingManagerOn", true);
Found : user_pref("CT2304157.myStuffEnabled", true);
Found : user_pref("CT2304157.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2304157.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2304157.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2304157.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2304157.oldAppsList", "128883653123969059,128883653123969060,111,128883659132094175,129[...]
Found : user_pref("CT2304157.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2304157.searchProtectorEnableByLogin", true);
Found : user_pref("CT2304157.testingCtid", "");
Found : user_pref("CT2304157.toolbarAppMetaDataLastCheckTime", "Tue Mar 06 2012 11:40:20 GMT+0100");
Found : user_pref("CT2304157.toolbarContextMenuLastCheckTime", "Wed Feb 22 2012 21:51:47 GMT+0100");
Found : user_pref("CT2304157.undefined", "Mon Sep 12 2011 07:01:04 GMT+0200");
Found : user_pref("CT2304157.usagesFlag", 2);
Found : user_pref("CT2786678..clientLogIsEnabled", true);
Found : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2786678.AppTrackingLastCheckTime", "Wed Feb 22 2012 21:52:01 GMT+0100");
Found : user_pref("CT2786678.BrowserCompStateIsOpen_129575151151403741", true);
Found : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
Found : user_pref("CT2786678.CTID", "CT2786678");
Found : user_pref("CT2786678.CurrentServerDate", "6-3-2012");
Found : user_pref("CT2786678.DialogsAlignMode", "LTR");
Found : user_pref("CT2786678.DialogsGetterLastCheckTime", "Mon Mar 05 2012 16:08:30 GMT+0100");
Found : user_pref("CT2786678.DownloadReferralCookieData", "");
Found : user_pref("CT2786678.EMailNotifierPollDate", "Tue Mar 06 2012 14:50:25 GMT+0100");
Found : user_pref("CT2786678.FeedLastCount5690698542593514850", 501);
Found : user_pref("CT2786678.FeedPollDate2429156812186649977", "Tue Mar 06 2012 14:40:22 GMT+0100");
Found : user_pref("CT2786678.FeedPollDate2429156813040823546", "Tue Mar 06 2012 14:40:22 GMT+0100");
Found : user_pref("CT2786678.FeedPollDate2429156813130095866", "Tue Mar 06 2012 14:40:22 GMT+0100");
Found : user_pref("CT2786678.FeedPollDate2429156813224203613", "Tue Mar 06 2012 14:40:22 GMT+0100");
Found : user_pref("CT2786678.FeedPollDate2429156813230837251", "Tue Mar 06 2012 14:40:22 GMT+0100");
Found : user_pref("CT2786678.FeedPollDate2429156813454291735", "Tue Mar 06 2012 14:40:22 GMT+0100");
Found : user_pref("CT2786678.FeedPollDate2429156813729834876", "Tue Mar 06 2012 14:40:22 GMT+0100");
Found : user_pref("CT2786678.FeedPollDate2429156813860870021", "Tue Mar 06 2012 14:40:23 GMT+0100");
Found : user_pref("CT2786678.FeedPollDate2429156814264681793", "Tue Mar 06 2012 14:40:22 GMT+0100");
Found : user_pref("CT2786678.FeedPollDate2429156814863075366", "Tue Mar 06 2012 14:40:22 GMT+0100");
Found : user_pref("CT2786678.FeedPollDate2429156815257761081", "Tue Mar 06 2012 14:40:22 GMT+0100");
Found : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Found : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Found : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Found : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Found : user_pref("CT2786678.FirstServerDate", "23-6-2011");
Found : user_pref("CT2786678.FirstTime", true);
Found : user_pref("CT2786678.FirstTimeFF3", true);
Found : user_pref("CT2786678.FixPageNotFoundErrors", false);
Found : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2786678.HasUserGlobalKeys", true);
Found : user_pref("CT2786678.HomePageProtectorEnabled", false);
Found : user_pref("CT2786678.Initialize", true);
Found : user_pref("CT2786678.InitializeCommonPrefs", true);
Found : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2786678.InstallationType", "UnknownIntegration");
Found : user_pref("CT2786678.InstalledDate", "Thu Jun 23 2011 20:08:38 GMT+0200");
Found : user_pref("CT2786678.IsAlertDBUpdated", true);
Found : user_pref("CT2786678.IsGrouping", false);
Found : user_pref("CT2786678.IsMulticommunity", false);
Found : user_pref("CT2786678.IsOpenThankYouPage", true);
Found : user_pref("CT2786678.IsOpenUninstallPage", false);
Found : user_pref("CT2786678.LanguagePackLastCheckTime", "Tue Mar 06 2012 11:40:22 GMT+0100");
Found : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2786678.LastLogin_3.3.3.2", "Thu Jul 14 2011 14:15:09 GMT+0200");
Found : user_pref("CT2786678.LastLogin_3.5.0.12", "Mon Aug 15 2011 14:15:01 GMT+0200");
Found : user_pref("CT2786678.LastLogin_3.6.0.10", "Thu Sep 22 2011 13:58:52 GMT+0200");
Found : user_pref("CT2786678.LastLogin_3.7.0.6", "Tue Nov 08 2011 15:59:25 GMT+0100");
Found : user_pref("CT2786678.LastLogin_3.8.0.8", "Tue Dec 06 2011 16:28:04 GMT+0100");
Found : user_pref("CT2786678.LastLogin_3.8.1.0", "Wed Jan 11 2012 15:32:42 GMT+0100");
Found : user_pref("CT2786678.LastLogin_3.9.0.3", "Tue Mar 06 2012 11:40:22 GMT+0100");
Found : user_pref("CT2786678.LatestVersion", "3.9.0.3");
Found : user_pref("CT2786678.Locale", "en");
Found : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Found : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Found : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2786678.SavedHomepage", "hxxp://www.searchqu.com/406");
Found : user_pref("CT2786678.SearchEngineBeforeUnload", "XfireXO Customized Web Search");
Found : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
Found : user_pref("CT2786678.SearchInNewTabEnabled", true);
Found : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Tue Mar 06 2012 11:40:21 GMT+0100");
Found : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2786678.SearchProtectorEnabled", false);
Found : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2786678.ServiceMapLastCheckTime", "Tue Mar 06 2012 11:40:21 GMT+0100");
Found : user_pref("CT2786678.SettingsLastCheckTime", "Tue Mar 06 2012 11:40:20 GMT+0100");
Found : user_pref("CT2786678.SettingsLastUpdate", "1326994324");
Found : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Tue Feb 14 2012 22:25:21 GMT+0100");
Found : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Found : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2786678.UserID", "UN93775986886830896");
Found : user_pref("CT2786678.ValidationData_Toolbar", 2);
Found : user_pref("CT2786678.WeatherNetwork", "");
Found : user_pref("CT2786678.WeatherPollDate", "Tue Mar 06 2012 14:40:37 GMT+0100");
Found : user_pref("CT2786678.WeatherUnit", "C");
Found : user_pref("CT2786678.alertChannelId", "1178763");
Found : user_pref("CT2786678.approveUntrustedApps", false);
Found : user_pref("CT2786678.backendstorage./9b+7e+x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e,x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e-x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e.x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e/x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e06cg5el8:", "6E6D706F736E74767370");
Found : user_pref("CT2786678.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473767579747A7C7976242F4B4947[...]
Found : user_pref("CT2786678.backendstorage./9b+7e0x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e1x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e2x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e3x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e4x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e5x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e6x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e7x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e8x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e9x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e:x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e;x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e<x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e=x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e>x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e?x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7e@x305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7eax305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Found : user_pref("CT2786678.backendstorage./9b+7ebx305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7ecx305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7edx305", "2423");
Found : user_pref("CT2786678.backendstorage./9b+7etx305", "2423");
Found : user_pref("CT2786678.backendstorage./9b-0?3g>d", "693B6B4042426E6F7A4544777B207D4A4978257B227E7E2A53[...]
Found : user_pref("CT2786678.backendstorage./9b-0?3g@6:5;", "");
Found : user_pref("CT2786678.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Found : user_pref("CT2786678.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Found : user_pref("CT2786678.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484776213F3E484F4E4D464[...]
Found : user_pref("CT2786678.backendstorage./9b5ba==9cjag", "396D6972726D75457A7048467B7978794A207B7952");
Found : user_pref("CT2786678.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D706F6F7375717775757579");
Found : user_pref("CT2786678.backendstorage./9b9643g3/9e", "6A");
Found : user_pref("CT2786678.backendstorage./9b<:222h64<", "393F352F3E");
Found : user_pref("CT2786678.backendstorage./9b=+03eh8h8j?:", "4443");
Found : user_pref("CT2786678.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Found : user_pref("CT2786678.backendstorage./9b?b0d:8aj62<h", "6D");
Found : user_pref("CT2786678.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Found : user_pref("CT2786678.backendstorage.cb_firstuse0100", "31");
Found : user_pref("CT2786678.backendstorage.cbfirsttime", "5765642053657020323820323031312031343A32333A31382[...]
Found : user_pref("CT2786678.backendstorage.pairingkey", "41433439394245433933314632443535364246393442413636[...]
Found : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Found : user_pref("CT2786678.backendstorage.url_history", "687474703A2F2F7777772E66616365626F6F6B2E636F6D2F3[...]
Found : user_pref("CT2786678.backendstorage.url_history0001", "68747470733A2F2F7777772E66616365626F6F6B2E636[...]
Found : user_pref("CT2786678.backendstorage.uttorrents", "7B226275696C64223A32353133302C226C6162656C223A5B5D[...]
Found : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Mon Feb 27 2012 18:31:21 GMT+0100");
Found : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2786678.initDone", true);
Found : user_pref("CT2786678.isAppTrackingManagerOn", true);
Found : user_pref("CT2786678.myStuffEnabled", true);
Found : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129295698017012804[...]
Found : user_pref("CT2786678.revertSettingsEnabled", true);
Found : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Found : user_pref("CT2786678.testingCtid", "");
Found : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Tue Mar 06 2012 11:40:22 GMT+0100");
Found : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Wed Feb 29 2012 21:54:26 GMT+0100");
Found : user_pref("CT2786678.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2304157&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "XfireXO Customized Web Search,Mario Forever Customi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2247187/CT2247187[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2304157/CT2304157[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/CZ", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/644679/640541/CZ", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/700614/696475/CZ", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2247187", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2304157", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2247187",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2304157",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2304157&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2786678&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"029[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/21817319.xml", "\"181b39f68d190f50804[...]
Found : user_pref("CommunityToolbar.EngineOwner", "");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Uzivatel\\AppData\\Roaming\\Mozilla[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://www.xfire.com/toolbar/activityreport/", "280x[...]
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://www.xfire.com/toolbar/gamehistory", "300x421"[...]
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://www.xfire.com/toolbar/screenshots/", "345x512[...]
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://dts.search-results.com/sr?src=ffb[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2786678,CT2304157,CT2247187");
Found : user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2786678,CT2304157,CT2247187");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2304157,CT2247187");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Jun 23 2011 20:08:39 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Jul 13 2011 15:23:28 GMT+0200");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jul 14 2011 07:57:42 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "6f122854-520f-40fa-b37f-5ac51554e454");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Mar 06 2012 11:40:21 GMT+0100");
Found : user_pref("CommunityToolbar.globalUserId", "1ebe6372-10eb-4dd2-a031-160261c28882");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2247187");
Found : user_pref("CommunityToolbar.killedEngine", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Jun 05 2012 22:53:0[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Jun 11 2012 11:11:15 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Jun 11 2012 11:11:05 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "627be031-61f2-4b81-8f32-d1154dab7728");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://home.sweetim.com");
Found : user_pref("CommunityToolbar.originalSearchEngine", "SweetIM Search");
Found : user_pref("CommunityToolbar.twitter.user_21817319.LastCheckTime", "Tue Mar 06 2012 14:40:37 GMT+0100[...]
Found : user_pref("CommunityToolbar.undefined", "");
Found : user_pref("browser.search.defaultenginename", "SweetIM Search");
Found : user_pref("browser.search.defaultthis.engineName", "Mario Forever Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&Sea[...]
Found : user_pref("browser.search.selectedEngine", "SweetIM Search");
Found : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112555&tt=060612_7_");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "124dd0f6000000000000e0cb4e584bd3");
Found : user_pref("extensions.BabylonToolbar_i.id", "124dd0f6000000000000e0cb4e584bd3");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15502");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1712:23:36");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Found : user_pref("extensions.asktb.abar-war-timeout", "4000");
Found : user_pref("extensions.asktb.apn_dbr", "cr_18.0.1025.142");
Found : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Found : user_pref("extensions.asktb.cbid", "^A17");
Found : user_pref("extensions.asktb.config-updated", false);
Found : user_pref("extensions.asktb.cr-o", "1955cr");
Found : user_pref("extensions.asktb.crumb", "2012.04.04+03.16.23-toolbar009iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibG[...]
Found : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Found : user_pref("extensions.asktb.displaybehavior", "");
Found : user_pref("extensions.asktb.displaytext", "");
Found : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^CZ");
Found : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Found : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
Found : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Found : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.icq.com/search/afe_results.php?[...]
Found : user_pref("extensions.asktb.guid", "2333e6d2-feb3-42d3-b79f-ba45bf9e5198");
Found : user_pref("extensions.asktb.hpr", "YES");
Found : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Found : user_pref("extensions.asktb.if", "first");
Found : user_pref("extensions.asktb.l", "dis");
Found : user_pref("extensions.asktb.last-config-req", "1333978272626");
Found : user_pref("extensions.asktb.locale", "en_EU");
Found : user_pref("extensions.asktb.location", "Prague,Czech Republic");
Found : user_pref("extensions.asktb.lstation", "");
Found : user_pref("extensions.asktb.new-tab-enabled", true);
Found : user_pref("extensions.asktb.o", "1955");
Found : user_pref("extensions.asktb.pstate", "");
Found : user_pref("extensions.asktb.qsrc", "2871");
Found : user_pref("extensions.asktb.sa", "YES");
Found : user_pref("extensions.asktb.saguid", "0D16E1DE-791A-4824-8E33-F48FC7B96A77");
Found : user_pref("extensions.asktb.search-suggestions-enabled", true);
Found : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Found : user_pref("extensions.asktb.socialmini-first", true);
Found : user_pref("extensions.asktb.socialmini-interval", "1200000");
Found : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Found : user_pref("extensions.asktb.socialmini-max-items", "30");
Found : user_pref("extensions.asktb.socialmini-native-on", true);
Found : user_pref("extensions.asktb.socialmini-speed", "10000");
Found : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Found : user_pref("extensions.asktb.themeid", "");
Found : user_pref("extensions.asktb.timeinstalled", "4.4.2012 12:16:48");
Found : user_pref("extensions.asktb.to", "");
Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.1&q=");
Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Found : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.html")[...]
Found : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Found : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Found : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.mode.debug", "false");
Found : user_pref("sweetim.toolbar.prad.initialized_by_rc", "true");
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Found : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "");
Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Mario Forever Customized Web Se[...]
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT22[...]
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=[...]
Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Found : user_pref("sweetim.toolbar.scripts.0.enable", "true");
Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "false");
Found : user_pref("sweetim.toolbar.scripts.1.callback", "");
Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "");
Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_predict_include_script");
Found : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_prad");
Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Found : user_pref("sweetim.toolbar.searchguard.enable", "true");
Found : user_pref("sweetim.toolbar.simapp_id", "{4D126039-AF27-11E1-89F3-E0CB4E584BD3}");
Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.12] : homepage = "hxxp://www.ask.com/?l=dis&o=1955cr&gct=hp"
Found [l.57] : icon_url = "hxxp://www.ask.com/favicon.ico",
Found [l.60] : keyword = "ask.com",
Found [l.63] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=1955&locale=en_EU&apn_uid=2333e6d2-feb3-42d3-b79f-ba45bf9e5198&apn_ptnrs=%5EA17&apn_sauid=0D16E1DE-791A-4824-8E33-F48FC7B96A77&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}",
Found [l.64] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}"
Found [l.1587] : homepage = "hxxp://www.ask.com/?l=dis&o=1955cr&gct=hp",

*************************

AdwCleaner[R1].txt - [61154 octets] - [20/12/2012 18:53:26]

########## EOF - C:\AdwCleaner[R1].txt - [61215 octets] ##########

Je zajímavé že tam toho mám hodně od mozilly. Už sem ji odinstaloval.. A co s těma Ramkama?

#7 Příspěvek od **Mc_Murphy** » 20 pro 2012 19:21

Nóóó, zodpovědně zaliskané!

Zajímavé, že tohle ten Tvůj slavný Advanced System Care nevyčistil, viď?

Provedeme opravy.

Spusť AdwCleaner znovu.
Pokud používáš operační systém Windows Vista či Windows 7, klikni na AdwCleaner pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Klikni na [Delete].
PC provede opravu, restartuje se a vytvoří log C:\AdwCleaner [S1].txt - jeho obsah mi sem zase vlož.

Dále stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ulož jej nejlépe na Plochu.
Ukonči všechny programy!
Spusť RogueKiller. Pokud používáš operační systém Windows Vista či Windows 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Počkej, než program dokončí Prescan.
Potom klikni na tlačítko [Prohledat] a počkej, až prohlídka proběhne.
Klikni na tlačítko [Zpráva] - otevře se log, ten mi sem vlož.
Detailní postup včetně obrázků najdeš zde: http://forum.viry.cz/viewtopic.php?f=24&t=120452

Lukass_cze · #8 Příspěvek od **Lukass_cze** » 20 pro 2012 20:49

V Advanced System Care sem scan nikdy naspustil..

# AdwCleaner v2.101 - Logfile created 12/20/2012 at 20:26:41
# Updated 16/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Uzivatel - STEFKOVY
# Boot Mode : Normal
# Running from : C:\Users\Uzivatel\Desktop\Udržba PC\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\searchplugins\SweetIm.xml
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\Windows Searchqu Toolbar
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Uzivatel\AppData\Local\APN
Folder Deleted : C:\Users\Uzivatel\AppData\Local\Conduit
Folder Deleted : C:\Users\Uzivatel\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Uzivatel\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Uzivatel\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Uzivatel\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Uzivatel\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Uzivatel\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Uzivatel\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Uzivatel\AppData\Roaming\kikin
Folder Deleted : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\Conduit
Folder Deleted : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\ConduitCommon
Folder Deleted : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\CT2247187
Folder Deleted : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}
Folder Deleted : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Deleted : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\extensions\toolbar@ask.com
Folder Deleted : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\SweetPacksToolbarData
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Folder Deleted : C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutb
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Softonic-Eng7
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\Bandoo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\GamePlayLabs
Key Deleted : HKLM\Software\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{85ACB728-75CA-4FBB-B76C-46B9E5F76FDB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Softonic-Eng7
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\Software\VDownloader\OpenCandy
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaoahhbmfiopgbablmbaehhfjfbgob
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89D939A9-3AF2-40C9-949D-374B5AB90560}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com --> hxxp://www.google.com

-\\ Mozilla Firefox v [Unable to get version]

Profile name : default
File : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\prefs.js

C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\rnz2xf75.default\user.js ... Deleted !

Deleted : user_pref("CT2247187..clientLogIsEnabled", false);
Deleted : user_pref("CT2247187..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2247187..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2247187.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2247187.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2247187.AppTrackingLastCheckTime", "Sun Jun 10 2012 13:15:59 GMT+0200");
Deleted : user_pref("CT2247187.BrowserCompStateIsOpen_129666192279313208", true);
Deleted : user_pref("CT2247187.BrowserCompStateIsOpen_129737852131523932", true);
Deleted : user_pref("CT2247187.CT2247187", "CT2247187");
Deleted : user_pref("CT2247187.CurrentServerDate", "13-9-2012");
Deleted : user_pref("CT2247187.DSChangedManually", false);
Deleted : user_pref("CT2247187.DSInstall", true);
Deleted : user_pref("CT2247187.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2247187.DialogsGetterLastCheckTime", "Thu Sep 13 2012 15:15:47 GMT+0200");
Deleted : user_pref("CT2247187.DownloadReferralCookieData", "");
Deleted : user_pref("CT2247187.EMailNotifierPollDate", "Mon Jun 11 2012 12:45:53 GMT+0200");
Deleted : user_pref("CT2247187.FirstServerDate", "5-6-2012");
Deleted : user_pref("CT2247187.FirstTime", true);
Deleted : user_pref("CT2247187.FirstTimeFF3", true);
Deleted : user_pref("CT2247187.FirstTimeHiddenVer", true);
Deleted : user_pref("CT2247187.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2247187.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2247187.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2247187.HPChangedManually", false);
Deleted : user_pref("CT2247187.HPInstall", true);
Deleted : user_pref("CT2247187.HasUserGlobalKeys", true);
Deleted : user_pref("CT2247187.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2247187.HomepageBeforeUnload", "hxxp://home.sweetim.com/?st=1");
Deleted : user_pref("CT2247187.Initialize", true);
Deleted : user_pref("CT2247187.InitializeCommonPrefs", true);
Deleted : user_pref("CT2247187.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2247187.InstallationType", "Unknown");
Deleted : user_pref("CT2247187.InstalledDate", "Tue Jun 05 2012 18:01:16 GMT+0200");
Deleted : user_pref("CT2247187.InvalidateCache", false);
Deleted : user_pref("CT2247187.IsAlertDBUpdated", true);
Deleted : user_pref("CT2247187.IsGrouping", false);
Deleted : user_pref("CT2247187.IsInitSetupIni", true);
Deleted : user_pref("CT2247187.IsMulticommunity", false);
Deleted : user_pref("CT2247187.IsOpenThankYouPage", true);
Deleted : user_pref("CT2247187.IsOpenUninstallPage", true);
Deleted : user_pref("CT2247187.IsProtectorsInit", true);
Deleted : user_pref("CT2247187.LanguagePackLastCheckTime", "Thu Sep 13 2012 15:15:48 GMT+0200");
Deleted : user_pref("CT2247187.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2247187.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2247187.LastLogin_3.13.0.6", "Sun Jul 15 2012 15:08:58 GMT+0200");
Deleted : user_pref("CT2247187.LastLogin_3.14.1.0", "Thu Sep 13 2012 15:15:46 GMT+0200");
Deleted : user_pref("CT2247187.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2247187.Locale", "en");
Deleted : user_pref("CT2247187.MAX_NUMBER_OF_ALERTS_129666192279313208", "1_1339361581437");
Deleted : user_pref("CT2247187.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2247187.MCDetectTooltipShow", false);
Deleted : user_pref("CT2247187.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2247187.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2247187.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2247187.OriginalFirstVersion", "3.13.0.6");
Deleted : user_pref("CT2247187.RadioIsPodcast", false);
Deleted : user_pref("CT2247187.RadioLastCheckTime", "Sun Jun 10 2012 13:15:58 GMT+0200");
Deleted : user_pref("CT2247187.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2247187.RadioLastUpdateServer", "128929877726170000");
Deleted : user_pref("CT2247187.RadioMediaID", "10957728");
Deleted : user_pref("CT2247187.RadioMediaType", "Media Player");
Deleted : user_pref("CT2247187.RadioMenuSelectedID", "EBRadioMenu_CT224718710957728");
Deleted : user_pref("CT2247187.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2247187.RadioStationName", "Rap%20(Uncensored)");
Deleted : user_pref("CT2247187.RadioStationURL", "hxxp://www.1club.fm/go/tunein.aspx?station=raw");
Deleted : user_pref("CT2247187.SavedHomepage", "hxxp://home.sweetim.com");
Deleted : user_pref("CT2247187.SearchCaption", "Mario Forever Customized Web Search");
Deleted : user_pref("CT2247187.SearchEngineBeforeUnload", "SweetIM Search");
Deleted : user_pref("CT2247187.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2247187.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT224[...]
Deleted : user_pref("CT2247187.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2247187.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2247187.SearchInNewTabLastCheckTime", "Thu Sep 13 2012 15:15:46 GMT+0200");
Deleted : user_pref("CT2247187.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2247187.SearchProtectorEnabled", true);
Deleted : user_pref("CT2247187.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2247187.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2247187.ServiceMapLastCheckTime", "Thu Sep 13 2012 15:15:46 GMT+0200");
Deleted : user_pref("CT2247187.SettingsLastCheckTime", "Thu Sep 13 2012 15:15:45 GMT+0200");
Deleted : user_pref("CT2247187.SettingsLastUpdate", "1347288122");
Deleted : user_pref("CT2247187.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2247187&SearchSource=13");
Deleted : user_pref("CT2247187.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2247187.ThirdPartyComponentsLastCheck", "Tue Jun 05 2012 18:01:05 GMT+0200");
Deleted : user_pref("CT2247187.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2247187.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2247187.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2247187");
Deleted : user_pref("CT2247187.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2247187.UserID", "UN68559325745594452");
Deleted : user_pref("CT2247187.ValidationData_Toolbar", 0);
Deleted : user_pref("CT2247187.WeatherNetwork", "");
Deleted : user_pref("CT2247187.WeatherPollDate", "Mon Jun 11 2012 12:46:37 GMT+0200");
Deleted : user_pref("CT2247187.WeatherUnit", "C");
Deleted : user_pref("CT2247187.alertChannelId", "644679");
Deleted : user_pref("CT2247187.approveUntrustedApps", false);
Deleted : user_pref("CT2247187.backendstorage.activationstep", "35");
Deleted : user_pref("CT2247187.backendstorage.cbcountry_000", "435A");
Deleted : user_pref("CT2247187.backendstorage.cbfirsttime", "547565204A756E20303520323031322031383A30313A32362[...]
Deleted : user_pref("CT2247187.backendstorage.firstrun", "31333338393132303738313434");
Deleted : user_pref("CT2247187.backendstorage.loadtimes", "3330");
Deleted : user_pref("CT2247187.backendstorage.shoppingapp.gk.exipres", "467269204A756E20313520323031322032303A[...]
Deleted : user_pref("CT2247187.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Deleted : user_pref("CT2247187.backendstorage.uniqueid", "36303331323135373945373942424531");
Deleted : user_pref("CT2247187.backendstorage.url_history0001", "68747470733A2F2F7777772E66616365626F6F6B2E636[...]
Deleted : user_pref("CT2247187.components.1000034", true);
Deleted : user_pref("CT2247187.components.1000234", true);
Deleted : user_pref("CT2247187.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2247187.globalFirstTimeInfoLastCheckTime", "Tue Jun 05 2012 18:01:09 GMT+0200");
Deleted : user_pref("CT2247187.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2247187.initDone", true);
Deleted : user_pref("CT2247187.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2247187.isFirstRadioInstallation", false);
Deleted : user_pref("CT2247187.myStuffEnabled", true);
Deleted : user_pref("CT2247187.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2247187.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2247187.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2247187.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2247187.navigateToUrlOnSearch", false);
Deleted : user_pref("CT2247187.revertSettingsEnabled", true);
Deleted : user_pref("CT2247187.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2247187.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2247187.testingCtid", "");
Deleted : user_pref("CT2247187.toolbarAppMetaDataLastCheckTime", "Thu Sep 13 2012 15:15:47 GMT+0200");
Deleted : user_pref("CT2247187.toolbarContextMenuLastCheckTime", "Tue Jun 05 2012 18:01:16 GMT+0200");
Deleted : user_pref("CT2247187.usagesFlag", 2);
Deleted : user_pref("CT2304157..clientLogIsEnabled", false);
Deleted : user_pref("CT2304157..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2304157..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2304157.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2304157.AppTrackingLastCheckTime", "Wed Feb 22 2012 21:52:01 GMT+0100");
Deleted : user_pref("CT2304157.BrowserCompStateIsOpen_1000515", true);
Deleted : user_pref("CT2304157.CT2304157", "CT2304157");
Deleted : user_pref("CT2304157.CurrentServerDate", "6-3-2012");
Deleted : user_pref("CT2304157.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2304157.DialogsGetterLastCheckTime", "Mon Mar 05 2012 16:08:30 GMT+0100");
Deleted : user_pref("CT2304157.DownloadReferralCookieData", "");
Deleted : user_pref("CT2304157.FeedLastCount129078895246717929", 27);
Deleted : user_pref("CT2304157.FeedLastCount129095439763593837", 0);
Deleted : user_pref("CT2304157.FeedPollDate129078895250311712", "Tue Mar 06 2012 14:20:22 GMT+0100");
Deleted : user_pref("CT2304157.FeedPollDate129095439763593837", "Tue Mar 06 2012 14:40:22 GMT+0100");
Deleted : user_pref("CT2304157.FeedPollDate129604942912022444", "Tue Mar 06 2012 14:40:22 GMT+0100");
Deleted : user_pref("CT2304157.FeedTTL129078895250311712", 40);
Deleted : user_pref("CT2304157.FirstServerDate", "5-9-2011");
Deleted : user_pref("CT2304157.FirstTime", true);
Deleted : user_pref("CT2304157.FirstTimeFF3", true);
Deleted : user_pref("CT2304157.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2304157.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2304157.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2304157.HasUserGlobalKeys", true);
Deleted : user_pref("CT2304157.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2304157.Initialize", true);
Deleted : user_pref("CT2304157.InitializeCommonPrefs", true);
Deleted : user_pref("CT2304157.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2304157.InstallationType", "Unknown");
Deleted : user_pref("CT2304157.InstalledDate", "Mon Sep 05 2011 16:42:09 GMT+0200");
Deleted : user_pref("CT2304157.IsAlertDBUpdated", true);
Deleted : user_pref("CT2304157.IsGrouping", false);
Deleted : user_pref("CT2304157.IsInitSetupIni", true);
Deleted : user_pref("CT2304157.IsMulticommunity", false);
Deleted : user_pref("CT2304157.IsOpenThankYouPage", true);
Deleted : user_pref("CT2304157.IsOpenUninstallPage", true);
Deleted : user_pref("CT2304157.IsProtectorsInit", true);
Deleted : user_pref("CT2304157.LanguagePackLastCheckTime", "Tue Mar 06 2012 11:40:20 GMT+0100");
Deleted : user_pref("CT2304157.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2304157.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2304157.LastLogin_3.6.0.10", "Tue Mar 06 2012 11:40:21 GMT+0100");
Deleted : user_pref("CT2304157.LatestVersion", "3.10.0.1");
Deleted : user_pref("CT2304157.Locale", "en");
Deleted : user_pref("CT2304157.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2304157.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2304157.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2304157.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2304157.OriginalFirstVersion", "3.6.0.10");
Deleted : user_pref("CT2304157.SavedHomepage", "hxxp://www.searchqu.com/406");
Deleted : user_pref("CT2304157.SearchEngineBeforeUnload", "Yahoo");
Deleted : user_pref("CT2304157.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2304157.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT230[...]
Deleted : user_pref("CT2304157.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2304157.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2304157.SearchInNewTabLastCheckTime", "Tue Mar 06 2012 11:40:19 GMT+0100");
Deleted : user_pref("CT2304157.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2304157.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2304157.SearchProtectorEnabled", false);
Deleted : user_pref("CT2304157.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2304157.ServiceMapLastCheckTime", "Tue Mar 06 2012 11:40:20 GMT+0100");
Deleted : user_pref("CT2304157.SettingsLastCheckTime", "Tue Mar 06 2012 11:40:19 GMT+0100");
Deleted : user_pref("CT2304157.SettingsLastUpdate", "1326723880");
Deleted : user_pref("CT2304157.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2304157.ThirdPartyComponentsLastCheck", "Thu Feb 23 2012 22:14:52 GMT+0100");
Deleted : user_pref("CT2304157.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2304157.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2304157.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2304157");
Deleted : user_pref("CT2304157.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2304157.UserID", "UN83951842333103956");
Deleted : user_pref("CT2304157.ValidationData_Search", 2);
Deleted : user_pref("CT2304157.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2304157.alertChannelId", "700614");
Deleted : user_pref("CT2304157.backendstorage.2304157a129604967990223179000000paramsgk2", "7B22757064617465526[...]
Deleted : user_pref("CT2304157.components.1000515", true);
Deleted : user_pref("CT2304157.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2304157.globalFirstTimeInfoLastCheckTime", "Mon Feb 27 2012 18:31:20 GMT+0100");
Deleted : user_pref("CT2304157.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2304157.initDone", true);
Deleted : user_pref("CT2304157.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2304157.myStuffEnabled", true);
Deleted : user_pref("CT2304157.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2304157.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2304157.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2304157.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2304157.oldAppsList", "128883653123969059,128883653123969060,111,128883659132094175,129[...]
Deleted : user_pref("CT2304157.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2304157.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2304157.testingCtid", "");
Deleted : user_pref("CT2304157.toolbarAppMetaDataLastCheckTime", "Tue Mar 06 2012 11:40:20 GMT+0100");
Deleted : user_pref("CT2304157.toolbarContextMenuLastCheckTime", "Wed Feb 22 2012 21:51:47 GMT+0100");
Deleted : user_pref("CT2304157.undefined", "Mon Sep 12 2011 07:01:04 GMT+0200");
Deleted : user_pref("CT2304157.usagesFlag", 2);
Deleted : user_pref("CT2786678..clientLogIsEnabled", true);
Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2786678.AppTrackingLastCheckTime", "Wed Feb 22 2012 21:52:01 GMT+0100");
Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129575151151403741", true);
Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
Deleted : user_pref("CT2786678.CTID", "CT2786678");
Deleted : user_pref("CT2786678.CurrentServerDate", "6-3-2012");
Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Mon Mar 05 2012 16:08:30 GMT+0100");
Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");
Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Tue Mar 06 2012 14:50:25 GMT+0100");
Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 501);
Deleted : user_pref("CT2786678.FeedPollDate2429156812186649977", "Tue Mar 06 2012 14:40:22 GMT+0100");
Deleted : user_pref("CT2786678.FeedPollDate2429156813040823546", "Tue Mar 06 2012 14:40:22 GMT+0100");
Deleted : user_pref("CT2786678.FeedPollDate2429156813130095866", "Tue Mar 06 2012 14:40:22 GMT+0100");
Deleted : user_pref("CT2786678.FeedPollDate2429156813224203613", "Tue Mar 06 2012 14:40:22 GMT+0100");
Deleted : user_pref("CT2786678.FeedPollDate2429156813230837251", "Tue Mar 06 2012 14:40:22 GMT+0100");
Deleted : user_pref("CT2786678.FeedPollDate2429156813454291735", "Tue Mar 06 2012 14:40:22 GMT+0100");
Deleted : user_pref("CT2786678.FeedPollDate2429156813729834876", "Tue Mar 06 2012 14:40:22 GMT+0100");
Deleted : user_pref("CT2786678.FeedPollDate2429156813860870021", "Tue Mar 06 2012 14:40:23 GMT+0100");
Deleted : user_pref("CT2786678.FeedPollDate2429156814264681793", "Tue Mar 06 2012 14:40:22 GMT+0100");
Deleted : user_pref("CT2786678.FeedPollDate2429156814863075366", "Tue Mar 06 2012 14:40:22 GMT+0100");
Deleted : user_pref("CT2786678.FeedPollDate2429156815257761081", "Tue Mar 06 2012 14:40:22 GMT+0100");
Deleted : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Deleted : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Deleted : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Deleted : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Deleted : user_pref("CT2786678.FirstServerDate", "23-6-2011");
Deleted : user_pref("CT2786678.FirstTime", true);
Deleted : user_pref("CT2786678.FirstTimeFF3", true);
Deleted : user_pref("CT2786678.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);
Deleted : user_pref("CT2786678.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2786678.Initialize", true);
Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);
Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2786678.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2786678.InstalledDate", "Thu Jun 23 2011 20:08:38 GMT+0200");
Deleted : user_pref("CT2786678.IsAlertDBUpdated", true);
Deleted : user_pref("CT2786678.IsGrouping", false);
Deleted : user_pref("CT2786678.IsMulticommunity", false);
Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);
Deleted : user_pref("CT2786678.IsOpenUninstallPage", false);
Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Tue Mar 06 2012 11:40:22 GMT+0100");
Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2786678.LastLogin_3.3.3.2", "Thu Jul 14 2011 14:15:09 GMT+0200");
Deleted : user_pref("CT2786678.LastLogin_3.5.0.12", "Mon Aug 15 2011 14:15:01 GMT+0200");
Deleted : user_pref("CT2786678.LastLogin_3.6.0.10", "Thu Sep 22 2011 13:58:52 GMT+0200");
Deleted : user_pref("CT2786678.LastLogin_3.7.0.6", "Tue Nov 08 2011 15:59:25 GMT+0100");
Deleted : user_pref("CT2786678.LastLogin_3.8.0.8", "Tue Dec 06 2011 16:28:04 GMT+0100");
Deleted : user_pref("CT2786678.LastLogin_3.8.1.0", "Wed Jan 11 2012 15:32:42 GMT+0100");
Deleted : user_pref("CT2786678.LastLogin_3.9.0.3", "Tue Mar 06 2012 11:40:22 GMT+0100");
Deleted : user_pref("CT2786678.LatestVersion", "3.9.0.3");
Deleted : user_pref("CT2786678.Locale", "en");
Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2786678.SavedHomepage", "hxxp://www.searchqu.com/406");
Deleted : user_pref("CT2786678.SearchEngineBeforeUnload", "XfireXO Customized Web Search");
Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Tue Mar 06 2012 11:40:21 GMT+0100");
Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2786678.SearchProtectorEnabled", false);
Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Tue Mar 06 2012 11:40:21 GMT+0100");
Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Tue Mar 06 2012 11:40:20 GMT+0100");
Deleted : user_pref("CT2786678.SettingsLastUpdate", "1326994324");
Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Tue Feb 14 2012 22:25:21 GMT+0100");
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2786678.UserID", "UN93775986886830896");
Deleted : user_pref("CT2786678.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2786678.WeatherNetwork", "");
Deleted : user_pref("CT2786678.WeatherPollDate", "Tue Mar 06 2012 14:40:37 GMT+0100");
Deleted : user_pref("CT2786678.WeatherUnit", "C");
Deleted : user_pref("CT2786678.alertChannelId", "1178763");
Deleted : user_pref("CT2786678.approveUntrustedApps", false);
Deleted : user_pref("CT2786678.backendstorage./9b+7e+x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e,x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e-x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e.x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e/x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e06cg5el8:", "6E6D706F736E74767370");
Deleted : user_pref("CT2786678.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473767579747A7C7976242F4B4947[...]
Deleted : user_pref("CT2786678.backendstorage./9b+7e0x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e1x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e2x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e3x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e4x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e5x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e6x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e7x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e8x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e9x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e:x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e;x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e<x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e=x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e>x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e?x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7e@x305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7eax305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Deleted : user_pref("CT2786678.backendstorage./9b+7ebx305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7ecx305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7edx305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b+7etx305", "2423");
Deleted : user_pref("CT2786678.backendstorage./9b-0?3g>d", "693B6B4042426E6F7A4544777B207D4A4978257B227E7E2A53[...]
Deleted : user_pref("CT2786678.backendstorage./9b-0?3g@6:5;", "");
Deleted : user_pref("CT2786678.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Deleted : user_pref("CT2786678.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Deleted : user_pref("CT2786678.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484776213F3E484F4E4D464[...]
Deleted : user_pref("CT2786678.backendstorage./9b5ba==9cjag", "396D6972726D75457A7048467B7978794A207B7952");
Deleted : user_pref("CT2786678.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D706F6F7375717775757579");
Deleted : user_pref("CT2786678.backendstorage./9b9643g3/9e", "6A");
Deleted : user_pref("CT2786678.backendstorage./9b<:222h64<", "393F352F3E");
Deleted : user_pref("CT2786678.backendstorage./9b=+03eh8h8j?:", "4443");
Deleted : user_pref("CT2786678.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Deleted : user_pref("CT2786678.backendstorage./9b?b0d:8aj62<h", "6D");
Deleted : user_pref("CT2786678.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Deleted : user_pref("CT2786678.backendstorage.cb_firstuse0100", "31");
Deleted : user_pref("CT2786678.backendstorage.cbfirsttime", "5765642053657020323820323031312031343A32333A31382[...]
Deleted : user_pref("CT2786678.backendstorage.pairingkey", "41433439394245433933314632443535364246393442413636[...]
Deleted : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Deleted : user_pref("CT2786678.backendstorage.url_history", "687474703A2F2F7777772E66616365626F6F6B2E636F6D2F3[...]
Deleted : user_pref("CT2786678.backendstorage.url_history0001", "68747470733A2F2F7777772E66616365626F6F6B2E636[...]
Deleted : user_pref("CT2786678.backendstorage.uttorrents", "7B226275696C64223A32353133302C226C6162656C223A5B5D[...]
Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Mon Feb 27 2012 18:31:21 GMT+0100");
Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2786678.initDone", true);
Deleted : user_pref("CT2786678.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2786678.myStuffEnabled", true);
Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129295698017012804[...]
Deleted : user_pref("CT2786678.revertSettingsEnabled", true);
Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2786678.testingCtid", "");
Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Tue Mar 06 2012 11:40:22 GMT+0100");
Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Wed Feb 29 2012 21:54:26 GMT+0100");
Deleted : user_pref("CT2786678.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2304157&Search[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "XfireXO Customized Web Search,Mario Forever Customi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2247187/CT2247187[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2304157/CT2304157[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/CZ", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/644679/640541/CZ", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/700614/696475/CZ", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2247187", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2304157", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2247187",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2304157",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2304157&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2786678&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"029[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/21817319.xml", "\"181b39f68d190f50804[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Uzivatel\\AppData\\Roaming\\Mozilla[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://www.xfire.com/toolbar/activityreport/", "280x[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://www.xfire.com/toolbar/gamehistory", "300x421"[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://www.xfire.com/toolbar/screenshots/", "345x512[...]
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://dts.search-results.com/sr?src=ffb[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2786678,CT2304157,CT2247187");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2786678,CT2304157,CT2247187");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2304157,CT2247187");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Jun 23 2011 20:08:39 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Jul 13 2011 15:23:28 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jul 14 2011 07:57:42 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "6f122854-520f-40fa-b37f-5ac51554e454");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Mar 06 2012 11:40:21 GMT+0100");
Deleted : user_pref("CommunityToolbar.globalUserId", "1ebe6372-10eb-4dd2-a031-160261c28882");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2247187");
Deleted : user_pref("CommunityToolbar.killedEngine", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Jun 05 2012 22:53:0[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Jun 11 2012 11:11:15 GMT+020[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Jun 11 2012 11:11:05 GMT+0200");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "627be031-61f2-4b81-8f32-d1154dab7728");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://home.sweetim.com");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "SweetIM Search");
Deleted : user_pref("CommunityToolbar.twitter.user_21817319.LastCheckTime", "Tue Mar 06 2012 14:40:37 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.undefined", "");
Deleted : user_pref("browser.search.defaultenginename", "SweetIM Search");
Deleted : user_pref("browser.search.defaultthis.engineName", "Mario Forever Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&Sea[...]
Deleted : user_pref("browser.search.selectedEngine", "SweetIM Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112555&tt=060612_7_");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "124dd0f6000000000000e0cb4e584bd3");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "124dd0f6000000000000e0cb4e584bd3");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15502");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1712:23:36");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Deleted : user_pref("extensions.asktb.abar-war-timeout", "4000");
Deleted : user_pref("extensions.asktb.apn_dbr", "cr_18.0.1025.142");
Deleted : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Deleted : user_pref("extensions.asktb.cbid", "^A17");
Deleted : user_pref("extensions.asktb.config-updated", false);
Deleted : user_pref("extensions.asktb.cr-o", "1955cr");
Deleted : user_pref("extensions.asktb.crumb", "2012.04.04+03.16.23-toolbar009iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibG[...]
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Deleted : user_pref("extensions.asktb.displaybehavior", "");
Deleted : user_pref("extensions.asktb.displaytext", "");
Deleted : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^CZ");
Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Deleted : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
Deleted : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.icq.com/search/afe_results.php?[...]
Deleted : user_pref("extensions.asktb.guid", "2333e6d2-feb3-42d3-b79f-ba45bf9e5198");
Deleted : user_pref("extensions.asktb.hpr", "YES");
Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Deleted : user_pref("extensions.asktb.if", "first");
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1333978272626");
Deleted : user_pref("extensions.asktb.locale", "en_EU");
Deleted : user_pref("extensions.asktb.location", "Prague,Czech Republic");
Deleted : user_pref("extensions.asktb.lstation", "");
Deleted : user_pref("extensions.asktb.new-tab-enabled", true);
Deleted : user_pref("extensions.asktb.o", "1955");
Deleted : user_pref("extensions.asktb.pstate", "");
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.sa", "YES");
Deleted : user_pref("extensions.asktb.saguid", "0D16E1DE-791A-4824-8E33-F48FC7B96A77");
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Deleted : user_pref("extensions.asktb.socialmini-first", true);
Deleted : user_pref("extensions.asktb.socialmini-interval", "1200000");
Deleted : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Deleted : user_pref("extensions.asktb.socialmini-max-items", "30");
Deleted : user_pref("extensions.asktb.socialmini-native-on", true);
Deleted : user_pref("extensions.asktb.socialmini-speed", "10000");
Deleted : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Deleted : user_pref("extensions.asktb.themeid", "");
Deleted : user_pref("extensions.asktb.timeinstalled", "4.4.2012 12:16:48");
Deleted : user_pref("extensions.asktb.to", "");
Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.1&q=");
Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.html")[...]
Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Deleted : user_pref("sweetim.toolbar.prad.initialized_by_rc", "true");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Mario Forever Customized Web Se[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT22[...]
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=[...]
Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "true");
Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "false");
Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_predict_include_script");
Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_prad");
Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "true");
Deleted : user_pref("sweetim.toolbar.simapp_id", "{4D126039-AF27-11E1-89F3-E0CB4E584BD3}");
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.12] : homepage = "hxxp://www.ask.com/?l=dis&o=1955cr&gct=hp"
Deleted [l.57] : icon_url = "hxxp://www.ask.com/favicon.ico",
Deleted [l.60] : keyword = "ask.com",
Deleted [l.63] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=1955&locale=en_EU&a[...]
Deleted [l.64] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]
Deleted [l.1587] : homepage = "hxxp://www.ask.com/?l=dis&o=1955cr&gct=hp",

*************************

AdwCleaner[R1].txt - [61249 octets] - [20/12/2012 18:53:26]
AdwCleaner[S1].txt - [61908 octets] - [20/12/2012 20:26:41]

########## EOF - C:\AdwCleaner[S1].txt - [61969 octets] ##########

RogueKiller V8.4.0 [Dec 20 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Uzivatel [Práva správce]
Mód : Kontrola -- Datum : 12/20/2012 20:47:29

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 34 ¤¤¤
[TASK][SUSP PATH] {0351A65D-022E-4ED7-891C-858E5B1F76C6} : C:\Users\Uzivatel\Desktop\REDALERT\_SETUP.EXE -> NALEZENO
[TASK][SUSP PATH] {068E8058-22FA-473D-8D95-F3F690215C87} : C:\Users\Uzivatel\Desktop\Worms Armagedon XP\WA.exe -> NALEZENO
[TASK][SUSP PATH] {09B86540-551F-4387-8D69-5AAD1847BC3E} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> NALEZENO
[TASK][SUSP PATH] {0F68E7FE-07CC-4302-874A-21482C1326BD} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> NALEZENO
[TASK][SUSP PATH] {16E3CDE0-4569-4764-BD1C-58C505698639} : C:\Users\Uzivatel\Desktop\REDALERT\RA.EXE -> NALEZENO
[TASK][SUSP PATH] {33CCD358-04AC-4074-9DC7-0B2EE9F49A45} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> NALEZENO
[TASK][SUSP PATH] {362AB0CC-D1F7-4ECE-92F1-4F5AA9176680} : C:\Users\Uzivatel\Desktop\theme hospital\DOSSETUP\SETUP.EXE -> NALEZENO
[TASK][SUSP PATH] {3B802C04-FBB5-4946-9719-AB9F98419889} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> NALEZENO
[TASK][SUSP PATH] {3FB0D915-C211-472B-AB33-6283A5B5D0F1} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> NALEZENO
[TASK][SUSP PATH] {5D4704C2-AC9A-4E6A-904F-4402DC84B777} : C:\Users\Uzivatel\Desktop\REDALERT\RA.EXE -> NALEZENO
[TASK][SUSP PATH] {5EAC506B-CBF5-4A9F-9D63-8B045F7B9F8B} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> NALEZENO
[TASK][SUSP PATH] {65277FE4-0E5F-488F-B508-D19DBADFE14A} : C:\Users\Uzivatel\Desktop\Worms Armagedon XP\WA.exe -> NALEZENO
[TASK][SUSP PATH] {722A1781-F2CA-445E-B956-CDC1A109AF9A} : C:\Users\Uzivatel\Desktop\REDALERT\RA.EXE -> NALEZENO
[TASK][SUSP PATH] {7E519A83-439E-4597-96EE-A4AEE80EB9A6} : C:\Users\Uzivatel\Desktop\REDALERT\RA.EXE -> NALEZENO
[TASK][SUSP PATH] {820135E9-428C-4675-8809-EEE678A3E14A} : C:\Users\Uzivatel\Desktop\theme hospital\DOS4GW.EXE -> NALEZENO
[TASK][SUSP PATH] {826D7925-F4BD-466C-9FAA-61B19B0487BE} : C:\Users\Uzivatel\Desktop\REDALERT\RA.EXE -> NALEZENO
[TASK][SUSP PATH] {8A0EDC24-E440-43F4-8BB0-EA6616EE0B59} : C:\Users\Uzivatel\Desktop\REDALERT\RA95.EXE -> NALEZENO
[TASK][SUSP PATH] {8D6BE108-6738-4469-8AEC-1B3AA2DAA8A5} : C:\Users\Uzivatel\Desktop\theme hospital\DOS4GW.EXE -> NALEZENO
[TASK][SUSP PATH] {9A041E38-4387-4ED0-B6C1-85713AD294DB} : C:\Users\Uzivatel\Desktop\theme hospital\DOSSETUP\SETUP.EXE -> NALEZENO
[TASK][SUSP PATH] {9E9AF88C-9A5F-4572-9F4B-ABB12E597E0A} : C:\Users\Uzivatel\Desktop\Worms Armagedon XP\WA.exe -> NALEZENO
[TASK][SUSP PATH] {CC9A8C63-F6BF-4D78-A6B8-58C7E025F519} : C:\Users\Uzivatel\Desktop\REDALERT\RA95.EXE -> NALEZENO
[TASK][SUSP PATH] {D3A5DBB0-D5A7-4DB9-A02E-70435F3B70BF} : C:\Users\Uzivatel\Desktop\REDALERT\RA.EXE -> NALEZENO
[TASK][SUSP PATH] {DC995767-FAD9-40E7-97F0-EAD1D0644F53} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> NALEZENO
[TASK][SUSP PATH] {DCEF3ECB-6D13-4562-ADEC-1C2F8BDE37E4} : C:\Users\Uzivatel\Desktop\Worms Armagedon XP\WA.exe -> NALEZENO
[TASK][SUSP PATH] {ECE7028A-5E2B-442B-B16E-99432BAE1D34} : C:\Users\Uzivatel\Desktop\theme hospital\DOS4GW.EXE -> NALEZENO
[TASK][SUSP PATH] {F7AE1AB7-4F06-4D06-9E62-F607FE3F936B} : C:\Users\Uzivatel\Desktop\REDALERT\_SETUP.EXE -> NALEZENO
[TASK][SUSP PATH] {FC3E5630-F2E0-47BD-9166-2799E3E03831} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> NALEZENO
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD6400AAKS-65A7B2 ATA Device +++++
--- User ---
[MBR] 2d378ad91a9ee2757111f42e5c6f82ae
[BSP] 24a5bc681ca8762fb1f867cd1c7de705 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 610378 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_12202012_02d2047.txt >>
RKreport[1]_S_12202012_02d2047.txt

#9 Příspěvek od **Mc_Murphy** » 21 pro 2012 13:42

Tak na co to máš?

Výborně, další kopa bordelu.

Takže provedeme opravy.

Ukonči všechny programy!
Spusť RogueKiller. Pokud používáš operační systém Windows Vista či Windows 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Počkej, než program dokončí Prescan.
Zvol možnost [Prohledat] a počkej, až prohlídka proběhne.
V záložce Registry nech všechny nálezy označeny.
Klikni na tlačítko [Smazat] a následně na [Zpráva] - otevře se log, ten mi sem vlož.
Pak ještě klikni na tlačítko [Oprava Hosts] a potom opět na [Zpráva] - otevře se další log, který mi sem také vlož.

A potom mi sem vlož nový aktuální log ze RSITu, abych viděl, co se povedlo a co zatím ne.

Lukass_cze · #10 Příspěvek od **Lukass_cze** » 21 pro 2012 18:04

Mám ho načištění RAM když něco potřebuju, a na ten tollbox..

RogueKiller V8.4.0 [Dec 20 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Uzivatel [Práva správce]
Mód : Odebrat -- Datum : 12/21/2012 17:58:51

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 34 ¤¤¤
[TASK][SUSP PATH] {0351A65D-022E-4ED7-891C-858E5B1F76C6} : C:\Users\Uzivatel\Desktop\REDALERT\_SETUP.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {068E8058-22FA-473D-8D95-F3F690215C87} : C:\Users\Uzivatel\Desktop\Worms Armagedon XP\WA.exe -> VYMAZÁNO
[TASK][SUSP PATH] {09B86540-551F-4387-8D69-5AAD1847BC3E} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {0F68E7FE-07CC-4302-874A-21482C1326BD} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {16E3CDE0-4569-4764-BD1C-58C505698639} : C:\Users\Uzivatel\Desktop\REDALERT\RA.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {33CCD358-04AC-4074-9DC7-0B2EE9F49A45} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {362AB0CC-D1F7-4ECE-92F1-4F5AA9176680} : C:\Users\Uzivatel\Desktop\theme hospital\DOSSETUP\SETUP.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {3B802C04-FBB5-4946-9719-AB9F98419889} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {3FB0D915-C211-472B-AB33-6283A5B5D0F1} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {5D4704C2-AC9A-4E6A-904F-4402DC84B777} : C:\Users\Uzivatel\Desktop\REDALERT\RA.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {5EAC506B-CBF5-4A9F-9D63-8B045F7B9F8B} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {65277FE4-0E5F-488F-B508-D19DBADFE14A} : C:\Users\Uzivatel\Desktop\Worms Armagedon XP\WA.exe -> VYMAZÁNO
[TASK][SUSP PATH] {722A1781-F2CA-445E-B956-CDC1A109AF9A} : C:\Users\Uzivatel\Desktop\REDALERT\RA.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {7E519A83-439E-4597-96EE-A4AEE80EB9A6} : C:\Users\Uzivatel\Desktop\REDALERT\RA.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {820135E9-428C-4675-8809-EEE678A3E14A} : C:\Users\Uzivatel\Desktop\theme hospital\DOS4GW.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {826D7925-F4BD-466C-9FAA-61B19B0487BE} : C:\Users\Uzivatel\Desktop\REDALERT\RA.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {8A0EDC24-E440-43F4-8BB0-EA6616EE0B59} : C:\Users\Uzivatel\Desktop\REDALERT\RA95.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {8D6BE108-6738-4469-8AEC-1B3AA2DAA8A5} : C:\Users\Uzivatel\Desktop\theme hospital\DOS4GW.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {9A041E38-4387-4ED0-B6C1-85713AD294DB} : C:\Users\Uzivatel\Desktop\theme hospital\DOSSETUP\SETUP.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {9E9AF88C-9A5F-4572-9F4B-ABB12E597E0A} : C:\Users\Uzivatel\Desktop\Worms Armagedon XP\WA.exe -> VYMAZÁNO
[TASK][SUSP PATH] {CC9A8C63-F6BF-4D78-A6B8-58C7E025F519} : C:\Users\Uzivatel\Desktop\REDALERT\RA95.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {D3A5DBB0-D5A7-4DB9-A02E-70435F3B70BF} : C:\Users\Uzivatel\Desktop\REDALERT\RA.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {DC995767-FAD9-40E7-97F0-EAD1D0644F53} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {DCEF3ECB-6D13-4562-ADEC-1C2F8BDE37E4} : C:\Users\Uzivatel\Desktop\Worms Armagedon XP\WA.exe -> VYMAZÁNO
[TASK][SUSP PATH] {ECE7028A-5E2B-442B-B16E-99432BAE1D34} : C:\Users\Uzivatel\Desktop\theme hospital\DOS4GW.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {F7AE1AB7-4F06-4D06-9E62-F607FE3F936B} : C:\Users\Uzivatel\Desktop\REDALERT\_SETUP.EXE -> VYMAZÁNO
[TASK][SUSP PATH] {FC3E5630-F2E0-47BD-9166-2799E3E03831} : C:\Users\Uzivatel\Desktop\theme hospital\SETUP.EXE -> VYMAZÁNO
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD6400AAKS-65A7B2 ATA Device +++++
--- User ---
[MBR] 2d378ad91a9ee2757111f42e5c6f82ae
[BSP] 24a5bc681ca8762fb1f867cd1c7de705 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 610378 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_D_12212012_02d1758.txt >>
RKreport[1]_D_12212012_02d1758.txt

RogueKiller V8.4.0 [Dec 20 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Uzivatel [Práva správce]
Mód : Oprava HOSTS -- Datum : 12/21/2012 17:59:07

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Resetovaný HOSTS: ¤¤¤

Dokončeno : << RKreport[2]_H_12212012_02d1759.txt >>
RKreport[1]_D_12212012_02d1758.txt ; RKreport[2]_H_12212012_02d1759.txt

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uzivatel at 2012-12-21 18:00:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 270 GB (44%) free of 610 GB
Total RAM: 3327 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:00:21, on 21.12.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\trend micro\Uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Exetender_298] "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - (no CLSID) - (no file)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9854 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files\Alwil Software\Avast5\afwServ.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
WLIDSvcM.exe 2264
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-178a751d-159f-48b7-bb97-3d10baba468e -SystemEventPortName:HostProcess-c0bc252a-2c02-4c21-95b3-6b817bb0ab7a -IoCancelEventPortName:HostProcess-9ffc15d5-cec4-47ef-bb18-a26cc91d0472 -NonStateChangingEventPortName:HostProcess-4ace41bf-583d-45eb-8624-32a0dd4e77ec -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4acbaeab-e124-4b16-ad3d-e4783ea7c387 -DeviceGroupId:WpdFsGroup
atieclxx
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
taskeng.exe {DF0783B4-F864-4CFB-B3CD-870B23503FC3}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Uzivatel\Desktop\Udržba PC\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe22_ Global\UsGthrCtrlFltPipeMssGthrPipe22 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3279554059-404718991-3174698938-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3279554059-404718991-3174698938-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-06-30 545192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-06-30 193456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"VDownloader"=C:\Program Files\VDownloader\VDownloader.exe [2012-09-27 881664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2012-09-24 490880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Uzivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-09 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-11-09 17877168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files (x86)\steam\steam.exe [2012-12-04 1354736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~2\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-07-03 4273976]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
""= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 115200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-12-21 07:24:12 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-21 07:24:12 ----A---- C:\Windows\system32\atmlib.dll
2012-12-21 07:24:11 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-21 07:24:11 ----A---- C:\Windows\system32\atmfd.dll
2012-12-20 20:26:41 ----A---- C:\AdwCleaner[S1].txt
2012-12-20 18:53:26 ----A---- C:\AdwCleaner[R1].txt
2012-12-13 14:53:43 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-12-13 14:53:43 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-12-13 14:53:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-12-13 14:53:43 ----A---- C:\Windows\system32\mshtmled.dll
2012-12-13 14:53:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-12-13 14:53:42 ----A---- C:\Windows\SYSWOW64\url.dll
2012-12-13 14:53:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-12-13 14:53:42 ----A---- C:\Windows\system32\url.dll
2012-12-13 14:53:42 ----A---- C:\Windows\system32\ieUnatt.exe
2012-12-13 14:53:42 ----A---- C:\Windows\system32\ieui.dll
2012-12-13 14:53:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-12-13 14:53:41 ----A---- C:\Windows\system32\urlmon.dll
2012-12-13 14:53:41 ----A---- C:\Windows\system32\msfeeds.dll
2012-12-13 14:53:41 ----A---- C:\Windows\system32\jscript9.dll
2012-12-13 14:53:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-12-13 14:53:40 ----A---- C:\Windows\system32\wininet.dll
2012-12-13 14:53:40 ----A---- C:\Windows\system32\jsproxy.dll
2012-12-13 14:53:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-12-13 14:53:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-12-13 14:53:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-12-13 14:53:39 ----A---- C:\Windows\system32\vbscript.dll
2012-12-13 14:53:39 ----A---- C:\Windows\system32\jscript.dll
2012-12-13 14:53:39 ----A---- C:\Windows\system32\iertutil.dll
2012-12-13 14:53:38 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-12-13 14:53:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-12-13 14:53:35 ----A---- C:\Windows\system32\mshtml.dll
2012-12-13 14:53:34 ----A---- C:\Windows\system32\ieframe.dll
2012-12-13 14:53:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-12-12 16:11:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-12-12 16:11:01 ----A---- C:\Windows\system32\tzres.dll
2012-12-12 16:10:55 ----A---- C:\Windows\system32\win32k.sys
2012-12-12 16:10:46 ----A---- C:\Windows\system32\winsrv.dll
2012-12-12 16:10:46 ----A---- C:\Windows\system32\KernelBase.dll
2012-12-12 16:10:46 ----A---- C:\Windows\system32\kernel32.dll
2012-12-12 16:10:46 ----A---- C:\Windows\system32\conhost.exe
2012-12-12 16:10:45 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-12-12 16:10:45 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-12-12 16:10:44 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-12-12 16:10:44 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-12-12 16:10:44 ----A---- C:\Windows\system32\wow64win.dll
2012-12-12 16:10:44 ----A---- C:\Windows\system32\wow64cpu.dll
2012-12-12 16:10:44 ----A---- C:\Windows\system32\wow64.dll
2012-12-12 16:10:44 ----A---- C:\Windows\system32\ntvdm64.dll
2012-12-12 16:10:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-12 16:10:43 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-12-12 16:10:43 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 16:10:42 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-12-12 16:10:41 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 16:10:40 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-12-12 16:10:40 ----A---- C:\Windows\SYSWOW64\user.exe
2012-12-12 16:10:30 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2012-12-12 16:10:30 ----A---- C:\Windows\system32\dpnet.dll
2012-12-09 15:21:24 ----D---- C:\Poker
2012-12-08 23:03:17 ----D---- C:\Crash
2012-12-07 23:53:44 ----D---- C:\Program Files (x86)\PANDORA.TV
2012-12-02 19:46:42 ----D---- C:\Program Files (x86)\uTorrent
2012-12-02 18:05:27 ----D---- C:\Users\Uzivatel\AppData\Roaming\OBS
2012-12-02 18:05:22 ----D---- C:\Program Files (x86)\OBS
2012-12-01 23:09:29 ----D---- C:\ProgramData\Orbit
2012-12-01 22:19:49 ----D---- C:\Program Files (x86)\Far Cry 3
2012-12-01 10:41:46 ----A---- C:\out.txt
2012-12-01 10:41:00 ----D---- C:\Users\Uzivatel\AppData\Roaming\Ulozto File Manager
2012-11-30 17:09:39 ----D---- C:\Program Files (x86)\Stardock
2012-11-26 18:42:39 ----D---- C:\Program Files (x86)\Prime95
2012-11-26 18:03:55 ----D---- C:\Program Files (x86)\AMD APP
2012-11-26 17:56:48 ----D---- C:\Windows\SYSWOW64\RTCOM
2012-11-26 17:56:25 ----A---- C:\Windows\system32\SRSWOW64.dll
2012-11-26 17:56:25 ----A---- C:\Windows\system32\SRSTSX64.dll
2012-11-26 17:56:19 ----A---- C:\Windows\system32\RtPgEx64.dll
2012-11-26 17:56:18 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2012-11-26 17:56:18 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2012-11-26 17:56:17 ----A---- C:\Windows\system32\RtkCfg64.dll
2012-11-26 17:56:16 ----A---- C:\Windows\system32\RtkApi64.dll
2012-11-26 17:56:16 ----A---- C:\Windows\system32\RTEEP64A.dll
2012-11-26 17:56:16 ----A---- C:\Windows\system32\RTEEL64A.dll
2012-11-26 17:56:15 ----A---- C:\Windows\system32\RTEEG64A.dll
2012-11-26 17:56:15 ----A---- C:\Windows\system32\RTEED64A.dll
2012-11-26 17:56:15 ----A---- C:\Windows\system32\RTCOM64.dll
2012-11-26 17:56:15 ----A---- C:\Windows\system32\RP3DHT64.dll
2012-11-26 17:56:14 ----A---- C:\Windows\system32\RP3DAA64.dll
2012-11-26 17:56:14 ----A---- C:\Windows\system32\RCoInst64.dll
2012-11-26 17:56:03 ----A---- C:\Windows\system32\FMAPO64.dll
2012-11-26 17:56:00 ----A---- C:\Windows\system32\AERTAR64.dll
2012-11-26 17:56:00 ----A---- C:\Windows\system32\AERTAC64.dll
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RtPCEE4.DAT
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RtPCEE3.DAT
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RtHdatEx.dat
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RTHDAEQ1.dat
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RTEQEX3.dat
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RTEQEX2.dat
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RTEQEX1.dat
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RTEQEX0.dat
2012-11-25 21:47:15 ----N---- C:\Windows\system32\drivers\RTConvEQ.dat
2012-11-25 21:47:15 ----A---- C:\Windows\system32\drivers\rtkhdaud.dat
2012-11-25 21:47:07 ----A---- C:\Windows\system32\RtkAPO64.dll
2012-11-25 21:10:17 ----A---- C:\Windows\system32\RtNicProp64.dll
2012-11-25 21:10:16 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2012-11-25 21:09:43 ----A---- C:\Windows\Language_trs.ini
2012-11-25 20:54:42 ----D---- C:\Users\Uzivatel\AppData\Roaming\Smart PC Solutions
2012-11-25 20:54:40 ----D---- C:\Program Files (x86)\Smart PC Solutions
2012-11-25 18:07:40 ----D---- C:\swsetup
2012-11-25 17:32:07 ----D---- C:\Program Files\Easeware
2012-11-25 17:15:16 ----D---- C:\Users\Uzivatel\AppData\Roaming\Easeware
2012-11-25 13:08:57 ----D---- C:\Users\Uzivatel\AppData\Roaming\Theta
2012-11-25 12:53:34 ----D---- C:\Hry
2012-11-24 01:16:32 ----D---- C:\Users\Uzivatel\AppData\Roaming\VDownloader
2012-11-24 01:16:01 ----A---- C:\Program Files\Common Files\WinPcapNmap.exe
2012-11-24 01:15:57 ----D---- C:\Program Files\VDownloader
2012-11-24 01:07:47 ----D---- C:\ProgramData\PSafe
2012-11-24 01:07:38 ----RA---- C:\Windows\system32\drivers\360FltOEM.sys

======List of files/folders modified in the last 1 month======

2012-12-21 18:00:21 ----D---- C:\Windows\Prefetch
2012-12-21 18:00:16 ----D---- C:\Program Files\trend micro
2012-12-21 18:00:15 ----D---- C:\Windows\Temp
2012-12-21 17:58:49 ----D---- C:\Windows\system32\Tasks
2012-12-21 17:56:31 ----D---- C:\Users\Uzivatel\AppData\Roaming\Skype
2012-12-21 17:56:23 ----D---- C:\Users\Uzivatel\AppData\Roaming\TS3Client
2012-12-21 17:30:53 ----D---- C:\Windows\SysWOW64
2012-12-21 17:30:48 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-12-21 10:24:12 ----D---- C:\Windows\System32
2012-12-21 10:24:12 ----D---- C:\Windows\inf
2012-12-21 10:24:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-21 09:34:17 ----D---- C:\Windows\system32\config
2012-12-21 09:20:40 ----D---- C:\Windows\winsxs
2012-12-21 07:24:15 ----D---- C:\Windows\system32\catroot2
2012-12-21 07:24:15 ----D---- C:\Windows\system32\catroot
2012-12-20 20:26:42 ----SHD---- C:\Windows\Installer
2012-12-20 20:26:42 ----RD---- C:\Program Files (x86)
2012-12-20 20:26:42 ----HD---- C:\ProgramData
2012-12-20 20:26:42 ----D---- C:\ProgramData\ICQ
2012-12-20 10:55:51 ----SHD---- C:\Config.Msi
2012-12-20 10:55:51 ----SD---- C:\ProgramData\Microsoft
2012-12-20 10:55:51 ----D---- C:\Program Files (x86)\Microsoft
2012-12-19 22:48:35 ----D---- C:\rsit
2012-12-19 22:39:31 ----RD---- C:\Users
2012-12-17 20:18:45 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-12-17 20:09:16 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2012-12-15 22:50:38 ----D---- C:\Program Files (x86)\SpeedFan
2012-12-14 05:47:51 ----D---- C:\Users\Uzivatel\AppData\Roaming\uTorrent
2012-12-14 05:44:49 ----D---- C:\Program Files (x86)\JDownloader
2012-12-14 00:00:00 ----D---- C:\Windows\rescache
2012-12-13 23:19:44 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-12-13 23:19:44 ----D---- C:\Windows\system32\cs-CZ
2012-12-13 23:19:43 ----D---- C:\Windows\SYSWOW64\migration
2012-12-13 23:19:43 ----D---- C:\Windows\system32\migration
2012-12-13 23:19:43 ----D---- C:\Windows\AppPatch
2012-12-13 23:19:43 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-13 23:19:42 ----D---- C:\Program Files\Internet Explorer
2012-12-13 14:55:40 ----D---- C:\Windows\debug
2012-12-13 14:55:37 ----A---- C:\Windows\system32\MRT.exe
2012-12-13 14:55:32 ----D---- C:\ProgramData\Microsoft Help
2012-12-12 20:10:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-12-09 17:45:46 ----D---- C:\Program Files (x86)\Origin
2012-12-09 12:24:34 ----D---- C:\Program Files (x86)\Steam
2012-12-08 23:02:27 ----RSD---- C:\Windows\assembly
2012-12-08 23:02:16 ----D---- C:\Windows
2012-12-08 23:01:59 ----D---- C:\Windows\Logs
2012-12-08 20:42:28 ----D---- C:\Windows\system32\NDF
2012-12-08 19:59:29 ----D---- C:\Users\Uzivatel\AppData\Roaming\.minecraft
2012-12-07 23:53:37 ----D---- C:\Program Files (x86)\The KMPlayer
2012-12-05 10:49:47 ----RD---- C:\Program Files
2012-12-05 10:49:47 ----D---- C:\Windows\system32\drivers
2012-12-05 10:49:40 ----D---- C:\Games
2012-12-05 10:16:54 ----D---- C:\ProgramData\IObit
2012-12-03 13:37:12 ----D---- C:\Users\Uzivatel\AppData\Roaming\vlc
2012-11-30 17:15:18 ----D---- C:\Program Files (x86)\Directx
2012-11-28 20:35:15 ----D---- C:\Counter-Strike 1.6
2012-11-26 18:03:46 ----D---- C:\Windows\system32\DriverStore
2012-11-26 18:02:04 ----D---- C:\AMD
2012-11-26 17:59:49 ----HD---- C:\Program Files (x86)\Temp
2012-11-26 17:55:58 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-26 17:49:36 ----D---- C:\Windows\SYSWOW64\directx
2012-11-26 17:47:54 ----HD---- C:\Windows\msdownld.tmp
2012-11-26 16:21:38 ----AD---- C:\ProgramData\TEMP
2012-11-25 23:21:07 ----SHD---- C:\System Volume Information
2012-11-25 22:33:08 ----D---- C:\ProgramData\Skype
2012-11-25 22:33:03 ----RD---- C:\Program Files (x86)\Skype
2012-11-25 22:33:03 ----D---- C:\Program Files (x86)\Common Files
2012-11-25 21:10:16 ----D---- C:\Program Files (x86)\Realtek
2012-11-25 18:09:09 ----D---- C:\Program Files (x86)\ATI Technologies
2012-11-24 22:59:52 ----D---- C:\Program Files (x86)\Electronic Arts
2012-11-24 01:16:01 ----D---- C:\Program Files\Common Files
2012-11-24 01:15:38 ----D---- C:\Program Files (x86)\VDownloader

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2010-06-28 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2012-07-03 266776]
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2009-09-24 23304]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-17 503352]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2012-07-03 142128]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-07-03 19600]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-07-03 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-07-03 958400]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-07-03 355856]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-07-03 59728]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-07-03 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-02-16 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-02-16 43680]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-28 9980416]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-28 309248]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 27136]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-28 9980416]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2009-09-24 27776]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
S3 EagleX64;EagleX64; C:\Windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2009-08-26 30344]
S3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-10 19456]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-11-11 136264]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-11-10 57856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [2010-11-01 14544]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-12 1026432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-28 204288]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-07-03 44808]
R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2012-07-03 133912]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-06-09 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-06-19 3048136]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-04 136176]
S2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2006-10-26 335872]
S2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 250808]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-04 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-12-05 541168]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#11 Příspěvek od **Mc_Murphy** » 21 pro 2012 19:14

No to je argument.

Takže fixni v HJT níže uvedené položky. Je toho víc, tak pečlivě a pokud možno všechno!

Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
Položky, které v seznamu nenajdeš, prostě přeskoč.
HJT najdeš zde: C:\Program Files\trend micro\Uzivatel.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O18 - Protocol: skype-ie-addon-data - (no CLSID) - (no file)
O18 - Protocol: wlpg - (no CLSID) - (no file)

Dále stáhni utilitu OTM z jednoho z těchto odkazů:

Ulož ji na Plochu a dvojklikem spusť.

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script (pouze zelená písmenka v bílém poli, včetně té dvojtečky před Commands!):

Kód: Vybrat vše

:Commands
[ClearAllRestorePoints]
[ResetHosts]
[Purity]
[EmptyTemp]
[EmptyFlash]

:Services
gupdate
gupdatem
PanService
Skype C2C Service
SkypeUpdate
AdobeFlashPlayerUpdateSvc
McComponentHostService

:Files
C:\Users\Uzivatel\AppData\Local\Facebook
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3279554059-404718991-3174698938-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3279554059-404718991-3174698938-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:Reg
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=-
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"=-
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\*.clonewarsadventures.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\*.freerealms.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\*.soe.com]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\*.sony.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
""=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"=-

Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\

Lukass_cze · #12 Příspěvek od **Lukass_cze** » 21 pro 2012 23:34

All processes killed
========== COMMANDS ==========

Error creating restore point.
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56478 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56478 bytes

User: Public

User: Uzivatel
->Temp folder emptied: 2179854917 bytes
->Temporary Internet Files folder emptied: 13762236 bytes
->Java cache emptied: 337034 bytes
->FireFox cache emptied: 71978776 bytes
->Google Chrome cache emptied: 388891082 bytes
->Flash cache emptied: 57778 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11656526 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 9509739 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 763 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36097883 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 558 bytes
RecycleBin emptied: 33933119061 bytes

Total Files Cleaned = 34 948,00 mb

[EMPTYFLASH]

User: All Users

User: AppData

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: DefaultAppPool
->Flash cache emptied: 0 bytes

User: Public

User: Uzivatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service PanService stopped successfully!
Service PanService deleted successfully!
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service McComponentHostService stopped successfully!
Service McComponentHostService deleted successfully!
========== FILES ==========
C:\Users\Uzivatel\AppData\Local\Facebook\Video\Common\fb#3aac68zswkglfcsrsa0xx80a0kdnutihhoyaqrj-p1xvuah6vqoox8nwoj7cfaiz8dcia folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Video\Common\fb#3aac5no-ze3jjzkfnogu9ebgbxu0rdna3egxajpl3yjqm_4ua_82raer1yzqjzj5mj0s0 folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Video\Common\fb#3aac4vofvj24utllwrz4sfmctotskpvqdbak96a3pez19t6obbzlw22otmf3cndjemdhw folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Video\Common folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Video folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Update\Manifest\Initial folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Update\Manifest folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Update\Download folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Update\1.2.205.0 folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Update folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Messenger\fbmessenger.cache\Local Storage folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Messenger\fbmessenger.cache\AppCache folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Messenger\fbmessenger.cache folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Messenger\2.1.4590.0\locales folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Messenger\2.1.4590.0 folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\Messenger folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook\CrashReports folder moved successfully.
C:\Users\Uzivatel\AppData\Local\Facebook folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAA04.tmp folder moved successfully.
C:\Windows\Installer\MSI2CE.tmp moved successfully.
C:\Windows\Installer\MSI31C7.tmp- folder moved successfully.
C:\Windows\Installer\MSI450C.tmp- folder moved successfully.
C:\Windows\Installer\MSI54F7.tmp- folder moved successfully.
C:\Windows\Installer\MSI6096.tmp- folder moved successfully.
C:\Windows\Installer\MSI656C.tmp- folder moved successfully.
C:\Windows\Installer\MSI6BC3.tmp moved successfully.
C:\Windows\Installer\MSI6F97.tmp- folder moved successfully.
C:\Windows\Installer\MSI6FD7.tmp- folder moved successfully.
C:\Windows\Installer\MSI7FE5.tmp- folder moved successfully.
C:\Windows\Installer\MSI8644.tmp moved successfully.
C:\Windows\Installer\MSI97FB.tmp- folder moved successfully.
C:\Windows\Installer\MSIB39E.tmp- folder moved successfully.
C:\Windows\Installer\MSIBEC8.tmp moved successfully.
C:\Windows\Installer\MSIC01A.tmp- folder moved successfully.
C:\Windows\Installer\MSIC300.tmp- folder moved successfully.
C:\Windows\Installer\MSIC7EA.tmp- folder moved successfully.
C:\Windows\Installer\MSICD36.tmp- folder moved successfully.
C:\Windows\Installer\MSID08F.tmp- folder moved successfully.
C:\Windows\Installer\MSID37D.tmp- folder moved successfully.
C:\Windows\Installer\MSID641.tmp- folder moved successfully.
C:\Windows\Installer\MSIE340.tmp- folder moved successfully.
C:\Windows\Installer\MSIEBCF.tmp- folder moved successfully.
C:\Windows\Installer\MSIEDDA.tmp- folder moved successfully.
C:\Windows\Installer\MSIF6E1.tmp moved successfully.
C:\Windows\Installer\MSIF762.tmp- folder moved successfully.
C:\Windows\Installer\MSIFEC0.tmp- folder moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3279554059-404718991-3174698938-1000Core.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3279554059-404718991-3174698938-1000UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\*.clonewarsadventures.com\ not found.
Invalid CLSID key: *.clonewarsadventures.com
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\*.freerealms.com\ not found.
Invalid CLSID key: *.freerealms.com
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\*.soe.com\ not found.
Invalid CLSID key: *.soe.com
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\*.sony.com\ not found.
Invalid CLSID key: *.sony.com
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 6 deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 12212012_231638

Files moved on Reboot...
C:\Users\Uzivatel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#13 Příspěvek od **Mc_Murphy** » 22 pro 2012 14:09

OK, OTM provedlo, co mělo.

Jak je na tom počítač teď? Můžu po sobě uklidit a hotovo?

Lukass_cze · #14 Příspěvek od **Lukass_cze** » 22 pro 2012 15:36

jj je to lepší.. Ale pořád by mě zajímalo proč mi windows 7 žere skoro 40% RAMky.. Neexistuje něco jak si je "vytaktovat"?

#15 Příspěvek od **Mc_Murphy** » 23 pro 2012 10:24

Nevím. Nic nebezpečného ani "žravého" v logu vidět není. Musel by ses podívat ve Správci úloh, který z procesů si té RAMky nejvíce bere. Takhle se to vyřešit nedá.
Pokud běží jen systémové a nezbytné věci, ničím to nevytaktuješ. Maximálě tak neustálým šťouráním se v tom a používáním "zázračných zrychlovacích" utilit to ještě více zpomalíš.

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stáhni a spusť.
Pro potvrzení volby mačkej A, Enter.
Po použití utilitu smaž ručně.
Antiviry mohou tuto utilitu chybně označit jako vir - jedná se o falešný poplach - takže v pohodě stáhni (případně vypni při stahování antivir)!

OTC http://oldtimer.geekstogo.com/OTC.exe

Stáhni a spusť.
Klikni na CleanUp a potvrď YES.
Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

Stáhni a spusť.
Klikni na Start a potvrď OK.
Program uklidí a může (nemusí) restartovat PC.
Po použití utilitu smaž ručně.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

Panel čistič
Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

Panel registry
Klikni na Hledej problémy.
Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

Panel nástroje
Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

VIRY.CZ

Preventivka

Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka