Zdravím, dostal sa mi do rúk PC od známych tak poprosím pre istotu o jednu preventívnu kontrolu.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2013-01-29 10:49:17
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 5 GB (11%) free of 40 GB
Total RAM: 511 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:53:01, on 29. 1. 2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\All Users\Application Data\Easybits GO\EasyBitsGO.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/facesmooch3/{ ... 229381B9C9}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 5232 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT24750 ... hSource=13"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.7, {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1, engine@conduit.com:3.2.5.2, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.2191, {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://slirsredirect.search.aol.com/sli ... pab&query="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\
"{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"=C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat
C:\Program Files\Mozilla Firefox\plugins\
npnul32.dll
npwachk.dll
C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
avg-secure-search.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\extensions\
engine@conduit.com
{0b38152b-1b20-484d-a11f-5e04a9b0661f}
{20a82645-c095-46ed-80e3-08825760534b}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\searchplugins\
conduit.xml
search.xml
winamp-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-08-13 938104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2012-06-24 1417336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-09-06 16262656]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-07-31 2596984]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\SYSTEM32\Ati2evxx.dll [2006-03-17 61440]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:Diagnostika AVG 2012"
"C:\Program Files\AVG\AVG2012\avgemcx.exe"="C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
======List of files/folders created in the last 2 months======
2013-01-29 10:49:19 ----D---- C:\Program Files\trend micro
2013-01-29 10:49:17 ----D---- C:\rsit
======List of files/folders modified in the last 2 months======
2013-01-29 10:49:19 ----D---- C:\Program Files
2013-01-29 10:48:51 ----D---- C:\Documents and Settings\All Users\Application Data\Easybits GO
2013-01-29 10:47:50 ----D---- C:\WINDOWS\Prefetch
2013-01-29 10:40:22 ----D---- C:\WINDOWS
2013-01-29 10:32:20 ----D---- C:\Program Files\Winamp
2013-01-29 10:32:20 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2013-01-29 10:32:18 ----D---- C:\WINDOWS\Temp
2013-01-29 10:32:18 ----D---- C:\WINDOWS\system32
2013-01-29 10:29:33 ----D---- C:\Program Files\Google
2013-01-29 10:29:33 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2013-01-29 10:29:31 ----SHD---- C:\WINDOWS\Installer
2013-01-29 10:28:51 ----D---- C:\Documents and Settings\Administrator\Application Data\go
2013-01-29 10:27:24 ----D---- C:\WINDOWS\system32\CatRoot2
2013-01-29 10:25:09 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-01-29 10:24:35 ----D---- C:\Documents and Settings\Administrator\Application Data\Toolbar4
2013-01-29 10:21:50 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData
2013-01-26 17:25:59 ----D---- C:\WINDOWS\system32\drivers\AVG
2013-01-23 08:50:38 ----A---- C:\WINDOWS\NeroDigital.ini
2013-01-17 19:44:57 ----HD---- C:\Config.Msi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 9728]
R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-02-23 11264]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2012-07-26 237408]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2012-08-24 301920]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-08-22 35712]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-17 1520640]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-09-06 4377600]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 RkPavproc1;RkPavproc1; \??\C:\WINDOWS\system32\drivers\RkPavproc1.sys []
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8192su.sys [2010-03-10 602912]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-03-17 405504]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2006-04-10 241664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2012-08-13 5167736]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-06 135664]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-06 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Poprosím o preventívku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Poprosím o preventívku
Zdravim 
Trvate na antiviru AVG - u nas neni moc obliben - vysoka zatez systemu, slabsi detekce 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Trvate na antiviru AVG - u nas neni moc obliben - vysoka zatez systemu, slabsi detekce Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Search
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosím o preventívku
Ako som spomínal, počítač nieje môj, ale v takomto prípade určite dám na nejakú radu a vymením ho za nejaký spoľahlivejší.
Prikladám log:
# AdwCleaner v2.109 - Logfile created 01/29/2013 at 14:05:46
# Updated 26/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Administrator - SONIA-6328FE16E
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\searchplugins\Conduit.xml
File Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\searchplugins\search.xml
File Found : C:\Program Files\Mozilla Firefox\.autoreg
File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\WINDOWS\system32\conduitEngine.tmp
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\Conduit
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\ConduitEngine
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\CT2475029
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\extensions\engine@conduit.com
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\WinampToolbarData
Folder Found : C:\Documents and Settings\Administrator\Application Data\PriceGong
Folder Found : C:\Documents and Settings\Administrator\Application Data\Toolbar4
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\MyAshampoo
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\MyAshampoo
***** [Registry] *****
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\MyAshampoo
Key Found : HKCU\Toolbar
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4248808F-E7C1-47E4-A957-CE6B4EAA6ED8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D7EF2110-8FB4-49D9-AB84-D874A6F4544E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1ED5C3-6AD7-4A1F-BDB9-49F85B32D754}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D313427-3CC6-4FE9-B2D8-A4721285938E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyAshampoo Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7EF2110-8FB4-49D9-AB84-D874A6F4544E}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar
Key Found : HKLM\Software\MyAshampoo
Key Found : HKU\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKU\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKU\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
***** [Internet Browsers] *****
-\\ Internet Explorer v6.0.2900.2180
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2475029
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/facesmooch3/{D0C5043 ... 229381B9C9}
-\\ Mozilla Firefox v3.6.13 (sk)
File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\prefs.js
Found : user_pref("CT2475029..clientLogIsEnabled", true);
Found : user_pref("CT2475029..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2475029..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2475029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2475029.CT2481020.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481024.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481025.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481029.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481031.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481032.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481033.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481034.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481035.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481037.CommunityChanged", true);
Found : user_pref("CT2475029.CTID", "ct2481020");
Found : user_pref("CT2475029.CommunitiesChangesLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central E[...]
Found : user_pref("CT2475029.CommunityChanged", true);
Found : user_pref("CT2475029.CurrentServerDate", "10-3-2011");
Found : user_pref("CT2475029.DialogsAlignMode", "LTR");
Found : user_pref("CT2475029.DownloadDomainsCheckInterval", "168");
Found : user_pref("CT2475029.DownloadDomainsListLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central [...]
Found : user_pref("CT2475029.DownloadDomainsListLastServerUpdateTime", "1201073583");
Found : user_pref("CT2475029.DownloadReferralCookieData", "");
Found : user_pref("CT2475029.EMailNotifierPollDate", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe Stan[...]
Found : user_pref("CT2475029.FeedPollDate129076849370150342", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076850042182211", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076850596400916", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076850791868756", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076852434375419", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076853083906444", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076854010937606", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076855068438037", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076855340312884", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076855597344292", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076855883906472", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076856408281730", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076856723281882", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076856982969262", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076857229219583", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076857478587121", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076858014837073", "Thu Mar 10 2011 20:39:11 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129132307482029379", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129132307482029381", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129132307482029382", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129133095459686870", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129133095459686871", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129137437659687146", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129137437659687147", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129137437659687148", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214602500", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214602506", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214602512", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214602518", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214602524", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214602530", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603404", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603410", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603416", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603422", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603428", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603434", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603440", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603446", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603452", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603458", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603464", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603470", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603476", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603482", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603488", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603494", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758786", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758792", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758798", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758804", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758810", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758816", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758822", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758828", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758834", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758840", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758846", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758852", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758858", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758864", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758870", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758876", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758882", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758888", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758894", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758900", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758906", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758912", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758918", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758924", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758930", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758936", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758942", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758948", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758954", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758960", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedTTL129076850596400916", 5);
Found : user_pref("CT2475029.FeedTTL129076850791868756", 5);
Found : user_pref("CT2475029.FeedTTL129076855068438037", 2);
Found : user_pref("CT2475029.FeedTTL129076856723281882", 5);
Found : user_pref("CT2475029.FeedTTL129076857229219583", 30);
Found : user_pref("CT2475029.FeedTTL129132307482029379", 40);
Found : user_pref("CT2475029.FeedTTL129132307482029381", 40);
Found : user_pref("CT2475029.FeedTTL129132307482029382", 40);
Found : user_pref("CT2475029.FeedTTL129133095459686870", 40);
Found : user_pref("CT2475029.FeedTTL129133095459686871", 40);
Found : user_pref("CT2475029.FeedTTL129137437659687146", 40);
Found : user_pref("CT2475029.FeedTTL129137437659687147", 40);
Found : user_pref("CT2475029.FeedTTL129137437659687148", 40);
Found : user_pref("CT2475029.FeedTTL129255180214602500", 15);
Found : user_pref("CT2475029.FeedTTL129255180214602512", 2);
Found : user_pref("CT2475029.FeedTTL129255180214602518", 5);
Found : user_pref("CT2475029.FeedTTL129255180214602524", 5);
Found : user_pref("CT2475029.FeedTTL129255180214603416", 15);
Found : user_pref("CT2475029.FeedTTL129255180214603428", 60);
Found : user_pref("CT2475029.FeedTTL129255180214603482", 60);
Found : user_pref("CT2475029.FeedTTL129255180214603488", 15);
Found : user_pref("CT2475029.FeedTTL129255180214603494", 2);
Found : user_pref("CT2475029.FeedTTL129255180214758786", 5);
Found : user_pref("CT2475029.FeedTTL129255180214758798", 30);
Found : user_pref("CT2475029.FeedTTL129255180214758804", 30);
Found : user_pref("CT2475029.FeedTTL129255180214758810", 2);
Found : user_pref("CT2475029.FeedTTL129255180214758828", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758840", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758846", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758852", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758870", 1440);
Found : user_pref("CT2475029.FeedTTL129255180214758900", 10);
Found : user_pref("CT2475029.FeedTTL129255180214758918", 5);
Found : user_pref("CT2475029.FirstServerDate", "1-3-2011");
Found : user_pref("CT2475029.FirstTime", true);
Found : user_pref("CT2475029.FirstTimeFF3", true);
Found : user_pref("CT2475029.FixPageNotFoundErrors", true);
Found : user_pref("CT2475029.GroupingLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe Stan[...]
Found : user_pref("CT2475029.GroupingLastErrorCode", "");
Found : user_pref("CT2475029.GroupingLastResponse", true);
Found : user_pref("CT2475029.GroupingLastServerUpdateTime", "129440248069300000");
Found : user_pref("CT2475029.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2475029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2475029.HasUserGlobalKeys", true);
Found : user_pref("CT2475029.Initialize", true);
Found : user_pref("CT2475029.InitializeCommonPrefs", true);
Found : user_pref("CT2475029.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2475029.InstallationId", "MyAshampoo.exe");
Found : user_pref("CT2475029.InstallationType", "ConduitIntegration");
Found : user_pref("CT2475029.InstalledDate", "Tue Mar 01 2011 19:40:56 GMT+0100 (Central Europe Standard Tim[...]
Found : user_pref("CT2475029.IsGrouping", true);
Found : user_pref("CT2475029.IsMulticommunity", true);
Found : user_pref("CT2475029.IsOpenThankYouPage", false);
Found : user_pref("CT2475029.IsOpenUninstallPage", true);
Found : user_pref("CT2475029.LanguagePackLastCheckTime", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Europe [...]
Found : user_pref("CT2475029.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2475029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2475029.LastLogin_3.2.5.2", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe Standard[...]
Found : user_pref("CT2475029.LatestVersion", "3.2.5.2");
Found : user_pref("CT2475029.Locale", "en");
Found : user_pref("CT2475029.MCDetectTooltipHeight", "83");
Found : user_pref("CT2475029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2475029.MCDetectTooltipWidth", "295");
Found : user_pref("CT2475029.RadioIsPodcast", false);
Found : user_pref("CT2475029.RadioMediaID", "9962");
Found : user_pref("CT2475029.RadioMediaType", "Media Player");
Found : user_pref("CT2475029.RadioMenuSelectedID", "EBRadioMenu_CT24750299962");
Found : user_pref("CT2475029.RadioStationName", "California%20Rock");
Found : user_pref("CT2475029.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT2475029.SavedHomepage", "hxxp://www.bigseekpro.com/facesmooch3/{D0C50431-9638-4D8C-892C[...]
Found : user_pref("CT2475029.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2475029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT247[...]
Found : user_pref("CT2475029.SearchInNewTabEnabled", true);
Found : user_pref("CT2475029.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2475029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2475029.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2475029.ServiceMapLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe St[...]
Found : user_pref("CT2475029.SettingsLastCheckTime", "Tue Mar 01 2011 19:40:55 GMT+0100 (Central Europe Stan[...]
Found : user_pref("CT2475029.SettingsLastUpdate", "1298807963");
Found : user_pref("CT2475029.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2475029.ThirdPartyComponentsLastCheck", "Tue Mar 01 2011 19:40:55 GMT+0100 (Central Eur[...]
Found : user_pref("CT2475029.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2475029.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Found : user_pref("CT2475029.UserID", "UN78518497592878111");
Found : user_pref("CT2475029.WeatherNetwork", "");
Found : user_pref("CT2475029.WeatherPollDate", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Europe Standard T[...]
Found : user_pref("CT2475029.WeatherUnit", "C");
Found : user_pref("CT2475029.backendstorage._fb_dailyactivity", "31323939373835393530343936");
Found : user_pref("CT2475029.backendstorage._fb_lifetimesent", "54525545");
Found : user_pref("CT2475029.backendstorage.facebook_ctid_connect_send", "73656E646564");
Found : user_pref("CT2475029.ct2481020.DialogsAlignMode", "LTR");
Found : user_pref("CT2475029.ct2481020.FeedLastCount129076858299680990", 717);
Found : user_pref("CT2475029.ct2481020.GroupingInvalidateCache", false);
Found : user_pref("CT2475029.ct2481020.GroupingLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central E[...]
Found : user_pref("CT2475029.ct2481020.GroupingLastErrorCode", "");
Found : user_pref("CT2475029.ct2481020.GroupingLastResponse", true);
Found : user_pref("CT2475029.ct2481020.GroupingLastServerUpdateTime", "129440252824830000");
Found : user_pref("CT2475029.ct2481020.InvalidateCache", false);
Found : user_pref("CT2475029.ct2481020.LanguagePackLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Centr[...]
Found : user_pref("CT2475029.ct2481020.Locale", "de");
Found : user_pref("CT2475029.ct2481020.RadioLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Euro[...]
Found : user_pref("CT2475029.ct2481020.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2475029.ct2481020.RadioLastUpdateServer", "3");
Found : user_pref("CT2475029.ct2481020.SearchInNewTabLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Cen[...]
Found : user_pref("CT2475029.ct2481020.SettingsLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central E[...]
Found : user_pref("CT2475029.ct2481020.SettingsLastUpdate", "1299544006");
Found : user_pref("CT2475029.ct2481020.ThirdPartyComponentsLastCheck", "Tue Mar 01 2011 19:40:56 GMT+0100 (C[...]
Found : user_pref("CT2475029.ct2481020.ThirdPartyComponentsLastUpdate", "1255348257");
Found : user_pref("CT2475029.ct2481020.toolbarAppMetaDataLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 [...]
Found : user_pref("CT2475029.ct2481020.toolbarContextMenuLastCheckTime", "Tue Mar 01 2011 19:40:59 GMT+0100 [...]
Found : user_pref("CT2475029.myStuffEnabled", true);
Found : user_pref("CT2475029.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2475029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2475029.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2475029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2475029.testingCtid", "");
Found : user_pref("CT2475029.toolbarAppMetaDataLastCheckTime", "Tue Mar 01 2011 19:40:56 GMT+0100 (Central E[...]
Found : user_pref("CT2475029.toolbarContextMenuLastCheckTime", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central E[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/868510/864310/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874426/870225/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874430/870228/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874431/870229/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874435/870233/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874437/870235/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874438/870236/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874439/870237/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874440/870238/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874441/870239/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874443/870241/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2475029", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2481020", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2475029/CT2475029[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2481020/CT2475029[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"634[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"5a1fccace73ec67a98ee[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"a17d55dc9a5edc83407[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"8ae66c8f7baf0a6cf38[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"8618807907b9a026074[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"7137d8697fbb81580d2[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"0ae56666626d6cd2db4[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/759251.xml", "\"66c39eae4d0a9200efc5f[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"ef5296a8a49ff850ac94a[...]
Found : user_pref("CommunityToolbar.EngineOwner", "CT2475029");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "myashampoo");
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2475029");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "myashampoo");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://slirsredirect.search.aol.com/slir[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2475029");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2475029");
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Mar 10 2011 20:39:07 GMT+0100 (Centr[...]
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 0);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Mar 10 2011 20:39:07 GMT+0100 (Central E[...]
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "9d17df37-24d0-4d4a-b878-75c5154771bd");
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2475029");
Found : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100 [...]
Found : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_759251.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100 ([...]
Found : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100 ([...]
Found : user_pref("ConduitEngine.FirstServerDate", "03/01/2011 21");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Tue Mar 01 2011 19:40:55 GMT+0100 (Central Europe Standard[...]
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eur[...]
Found : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Europe Stan[...]
Found : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Europe [...]
Found : user_pref("ConduitEngine.UserID", "UN40628178199054318");
Found : user_pref("ConduitEngine.engineLocale", "sk");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Centr[...]
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Found : user_pref("browser.search.defaultthis.engineName", "MyAshampoo Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&Sea[...]
Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2475029&SearchSource=13");
Found : user_pref("keyword.URL", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&invocati[...]
Found : user_pref("winamp_toolbar.buttons.layout", "skins_btn_wa;plugins_btn_wa;shout_btn_wa;video_btn_wa;ai[...]
Found : user_pref("winamp_toolbar.firsttime.showwindow", false);
Found : user_pref("winamp_toolbar.install.lastTbVersion", "5.6.12.1");
Found : user_pref("winamp_toolbar.metrics.activestampdate", "10");
Found : user_pref("winamp_toolbar.metrics.activestampmonth", "2");
Found : user_pref("winamp_toolbar.metrics.activestampyear", "2011");
Found : user_pref("winamp_toolbar.metrics.originalDate", "24");
Found : user_pref("winamp_toolbar.metrics.originalHours", "24");
Found : user_pref("winamp_toolbar.metrics.originalMinutes", "41");
Found : user_pref("winamp_toolbar.metrics.originalMonth", "12");
Found : user_pref("winamp_toolbar.metrics.originalSeconds", "25");
Found : user_pref("winamp_toolbar.metrics.originalYear", "2010");
Found : user_pref("winamp_toolbar.search.populateoncomplete", false);
Found : user_pref("winamp_toolbar.search.searchtype", "web");
Found : user_pref("winamp_toolbar.search.source", "tb50ffwinamp");
Found : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");
Found : user_pref("winamp_toolbar.upgrade.showwindow", false);
Found : user_pref("winamp_toolbar.winamp.appversion", "1");
Found : user_pref("winamp_toolbar.winamp.artist", "");
Found : user_pref("winamp_toolbar.winamp.title", "-999999");
Found : user_pref("winamp_toolbar.winamp.tracklength", "-999999");
Found : user_pref("winamp_toolbar.winamp.tracktime", "-999999");
Found : user_pref("winamp_toolbar.winamp.volume", "105");
-\\ Google Chrome v24.0.1312.56
File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
Found [l.48] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
Found [l.51] : keyword = "isearch.avg.com",
Found [l.54] : search_url = "hxxp://isearch.avg.com/search?cid={AD95F935-8FBC-4FE3-AAF2-3CC1E13EF689}&mid=657b3936438b47d1b1bad151b59b47ee-c0f84bb1c1cc2e004cb1e2d98999755fb55dfeb3&lang=sk&ds=AVG&pr=fr&d=&v=&sap=dsp&q={searchTerms}",
*************************
AdwCleaner[R1].txt - [40677 octets] - [29/01/2013 14:05:46]
########## EOF - C:\AdwCleaner[R1].txt - [40738 octets] ##########
Prikladám log:
# AdwCleaner v2.109 - Logfile created 01/29/2013 at 14:05:46
# Updated 26/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Administrator - SONIA-6328FE16E
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\searchplugins\Conduit.xml
File Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\searchplugins\search.xml
File Found : C:\Program Files\Mozilla Firefox\.autoreg
File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\WINDOWS\system32\conduitEngine.tmp
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\Conduit
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\ConduitEngine
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\CT2475029
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\extensions\engine@conduit.com
Folder Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\WinampToolbarData
Folder Found : C:\Documents and Settings\Administrator\Application Data\PriceGong
Folder Found : C:\Documents and Settings\Administrator\Application Data\Toolbar4
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\MyAshampoo
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\MyAshampoo
***** [Registry] *****
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\MyAshampoo
Key Found : HKCU\Toolbar
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4248808F-E7C1-47E4-A957-CE6B4EAA6ED8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D7EF2110-8FB4-49D9-AB84-D874A6F4544E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1ED5C3-6AD7-4A1F-BDB9-49F85B32D754}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D313427-3CC6-4FE9-B2D8-A4721285938E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyAshampoo Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7EF2110-8FB4-49D9-AB84-D874A6F4544E}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar
Key Found : HKLM\Software\MyAshampoo
Key Found : HKU\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKU\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKU\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
***** [Internet Browsers] *****
-\\ Internet Explorer v6.0.2900.2180
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2475029
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/facesmooch3/{D0C5043 ... 229381B9C9}
-\\ Mozilla Firefox v3.6.13 (sk)
File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\prefs.js
Found : user_pref("CT2475029..clientLogIsEnabled", true);
Found : user_pref("CT2475029..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2475029..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2475029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2475029.CT2481020.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481024.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481025.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481029.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481031.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481032.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481033.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481034.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481035.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481037.CommunityChanged", true);
Found : user_pref("CT2475029.CTID", "ct2481020");
Found : user_pref("CT2475029.CommunitiesChangesLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central E[...]
Found : user_pref("CT2475029.CommunityChanged", true);
Found : user_pref("CT2475029.CurrentServerDate", "10-3-2011");
Found : user_pref("CT2475029.DialogsAlignMode", "LTR");
Found : user_pref("CT2475029.DownloadDomainsCheckInterval", "168");
Found : user_pref("CT2475029.DownloadDomainsListLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central [...]
Found : user_pref("CT2475029.DownloadDomainsListLastServerUpdateTime", "1201073583");
Found : user_pref("CT2475029.DownloadReferralCookieData", "");
Found : user_pref("CT2475029.EMailNotifierPollDate", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe Stan[...]
Found : user_pref("CT2475029.FeedPollDate129076849370150342", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076850042182211", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076850596400916", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076850791868756", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076852434375419", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076853083906444", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076854010937606", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076855068438037", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076855340312884", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076855597344292", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076855883906472", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076856408281730", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076856723281882", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076856982969262", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076857229219583", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076857478587121", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129076858014837073", "Thu Mar 10 2011 20:39:11 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129132307482029379", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129132307482029381", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129132307482029382", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129133095459686870", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129133095459686871", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129137437659687146", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129137437659687147", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129137437659687148", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214602500", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214602506", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214602512", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214602518", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214602524", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214602530", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603404", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603410", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603416", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603422", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603428", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603434", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603440", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603446", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603452", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603458", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603464", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603470", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603476", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603482", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603488", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214603494", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758786", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758792", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758798", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758804", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758810", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758816", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758822", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758828", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758834", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758840", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758846", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758852", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758858", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758864", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758870", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758876", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758882", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758888", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758894", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758900", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758906", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758912", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758918", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758924", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758930", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758936", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758942", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758948", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758954", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedPollDate129255180214758960", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Found : user_pref("CT2475029.FeedTTL129076850596400916", 5);
Found : user_pref("CT2475029.FeedTTL129076850791868756", 5);
Found : user_pref("CT2475029.FeedTTL129076855068438037", 2);
Found : user_pref("CT2475029.FeedTTL129076856723281882", 5);
Found : user_pref("CT2475029.FeedTTL129076857229219583", 30);
Found : user_pref("CT2475029.FeedTTL129132307482029379", 40);
Found : user_pref("CT2475029.FeedTTL129132307482029381", 40);
Found : user_pref("CT2475029.FeedTTL129132307482029382", 40);
Found : user_pref("CT2475029.FeedTTL129133095459686870", 40);
Found : user_pref("CT2475029.FeedTTL129133095459686871", 40);
Found : user_pref("CT2475029.FeedTTL129137437659687146", 40);
Found : user_pref("CT2475029.FeedTTL129137437659687147", 40);
Found : user_pref("CT2475029.FeedTTL129137437659687148", 40);
Found : user_pref("CT2475029.FeedTTL129255180214602500", 15);
Found : user_pref("CT2475029.FeedTTL129255180214602512", 2);
Found : user_pref("CT2475029.FeedTTL129255180214602518", 5);
Found : user_pref("CT2475029.FeedTTL129255180214602524", 5);
Found : user_pref("CT2475029.FeedTTL129255180214603416", 15);
Found : user_pref("CT2475029.FeedTTL129255180214603428", 60);
Found : user_pref("CT2475029.FeedTTL129255180214603482", 60);
Found : user_pref("CT2475029.FeedTTL129255180214603488", 15);
Found : user_pref("CT2475029.FeedTTL129255180214603494", 2);
Found : user_pref("CT2475029.FeedTTL129255180214758786", 5);
Found : user_pref("CT2475029.FeedTTL129255180214758798", 30);
Found : user_pref("CT2475029.FeedTTL129255180214758804", 30);
Found : user_pref("CT2475029.FeedTTL129255180214758810", 2);
Found : user_pref("CT2475029.FeedTTL129255180214758828", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758840", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758846", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758852", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758870", 1440);
Found : user_pref("CT2475029.FeedTTL129255180214758900", 10);
Found : user_pref("CT2475029.FeedTTL129255180214758918", 5);
Found : user_pref("CT2475029.FirstServerDate", "1-3-2011");
Found : user_pref("CT2475029.FirstTime", true);
Found : user_pref("CT2475029.FirstTimeFF3", true);
Found : user_pref("CT2475029.FixPageNotFoundErrors", true);
Found : user_pref("CT2475029.GroupingLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe Stan[...]
Found : user_pref("CT2475029.GroupingLastErrorCode", "");
Found : user_pref("CT2475029.GroupingLastResponse", true);
Found : user_pref("CT2475029.GroupingLastServerUpdateTime", "129440248069300000");
Found : user_pref("CT2475029.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2475029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2475029.HasUserGlobalKeys", true);
Found : user_pref("CT2475029.Initialize", true);
Found : user_pref("CT2475029.InitializeCommonPrefs", true);
Found : user_pref("CT2475029.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2475029.InstallationId", "MyAshampoo.exe");
Found : user_pref("CT2475029.InstallationType", "ConduitIntegration");
Found : user_pref("CT2475029.InstalledDate", "Tue Mar 01 2011 19:40:56 GMT+0100 (Central Europe Standard Tim[...]
Found : user_pref("CT2475029.IsGrouping", true);
Found : user_pref("CT2475029.IsMulticommunity", true);
Found : user_pref("CT2475029.IsOpenThankYouPage", false);
Found : user_pref("CT2475029.IsOpenUninstallPage", true);
Found : user_pref("CT2475029.LanguagePackLastCheckTime", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Europe [...]
Found : user_pref("CT2475029.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2475029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2475029.LastLogin_3.2.5.2", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe Standard[...]
Found : user_pref("CT2475029.LatestVersion", "3.2.5.2");
Found : user_pref("CT2475029.Locale", "en");
Found : user_pref("CT2475029.MCDetectTooltipHeight", "83");
Found : user_pref("CT2475029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2475029.MCDetectTooltipWidth", "295");
Found : user_pref("CT2475029.RadioIsPodcast", false);
Found : user_pref("CT2475029.RadioMediaID", "9962");
Found : user_pref("CT2475029.RadioMediaType", "Media Player");
Found : user_pref("CT2475029.RadioMenuSelectedID", "EBRadioMenu_CT24750299962");
Found : user_pref("CT2475029.RadioStationName", "California%20Rock");
Found : user_pref("CT2475029.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT2475029.SavedHomepage", "hxxp://www.bigseekpro.com/facesmooch3/{D0C50431-9638-4D8C-892C[...]
Found : user_pref("CT2475029.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2475029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT247[...]
Found : user_pref("CT2475029.SearchInNewTabEnabled", true);
Found : user_pref("CT2475029.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2475029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2475029.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2475029.ServiceMapLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe St[...]
Found : user_pref("CT2475029.SettingsLastCheckTime", "Tue Mar 01 2011 19:40:55 GMT+0100 (Central Europe Stan[...]
Found : user_pref("CT2475029.SettingsLastUpdate", "1298807963");
Found : user_pref("CT2475029.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2475029.ThirdPartyComponentsLastCheck", "Tue Mar 01 2011 19:40:55 GMT+0100 (Central Eur[...]
Found : user_pref("CT2475029.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2475029.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Found : user_pref("CT2475029.UserID", "UN78518497592878111");
Found : user_pref("CT2475029.WeatherNetwork", "");
Found : user_pref("CT2475029.WeatherPollDate", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Europe Standard T[...]
Found : user_pref("CT2475029.WeatherUnit", "C");
Found : user_pref("CT2475029.backendstorage._fb_dailyactivity", "31323939373835393530343936");
Found : user_pref("CT2475029.backendstorage._fb_lifetimesent", "54525545");
Found : user_pref("CT2475029.backendstorage.facebook_ctid_connect_send", "73656E646564");
Found : user_pref("CT2475029.ct2481020.DialogsAlignMode", "LTR");
Found : user_pref("CT2475029.ct2481020.FeedLastCount129076858299680990", 717);
Found : user_pref("CT2475029.ct2481020.GroupingInvalidateCache", false);
Found : user_pref("CT2475029.ct2481020.GroupingLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central E[...]
Found : user_pref("CT2475029.ct2481020.GroupingLastErrorCode", "");
Found : user_pref("CT2475029.ct2481020.GroupingLastResponse", true);
Found : user_pref("CT2475029.ct2481020.GroupingLastServerUpdateTime", "129440252824830000");
Found : user_pref("CT2475029.ct2481020.InvalidateCache", false);
Found : user_pref("CT2475029.ct2481020.LanguagePackLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Centr[...]
Found : user_pref("CT2475029.ct2481020.Locale", "de");
Found : user_pref("CT2475029.ct2481020.RadioLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Euro[...]
Found : user_pref("CT2475029.ct2481020.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2475029.ct2481020.RadioLastUpdateServer", "3");
Found : user_pref("CT2475029.ct2481020.SearchInNewTabLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Cen[...]
Found : user_pref("CT2475029.ct2481020.SettingsLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central E[...]
Found : user_pref("CT2475029.ct2481020.SettingsLastUpdate", "1299544006");
Found : user_pref("CT2475029.ct2481020.ThirdPartyComponentsLastCheck", "Tue Mar 01 2011 19:40:56 GMT+0100 (C[...]
Found : user_pref("CT2475029.ct2481020.ThirdPartyComponentsLastUpdate", "1255348257");
Found : user_pref("CT2475029.ct2481020.toolbarAppMetaDataLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 [...]
Found : user_pref("CT2475029.ct2481020.toolbarContextMenuLastCheckTime", "Tue Mar 01 2011 19:40:59 GMT+0100 [...]
Found : user_pref("CT2475029.myStuffEnabled", true);
Found : user_pref("CT2475029.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2475029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2475029.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2475029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2475029.testingCtid", "");
Found : user_pref("CT2475029.toolbarAppMetaDataLastCheckTime", "Tue Mar 01 2011 19:40:56 GMT+0100 (Central E[...]
Found : user_pref("CT2475029.toolbarContextMenuLastCheckTime", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central E[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/868510/864310/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874426/870225/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874430/870228/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874431/870229/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874435/870233/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874437/870235/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874438/870236/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874439/870237/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874440/870238/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874441/870239/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874443/870241/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2475029", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2481020", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2475029/CT2475029[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2481020/CT2475029[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"634[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"5a1fccace73ec67a98ee[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"a17d55dc9a5edc83407[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"8ae66c8f7baf0a6cf38[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"8618807907b9a026074[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"7137d8697fbb81580d2[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"0ae56666626d6cd2db4[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/759251.xml", "\"66c39eae4d0a9200efc5f[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"ef5296a8a49ff850ac94a[...]
Found : user_pref("CommunityToolbar.EngineOwner", "CT2475029");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "myashampoo");
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2475029");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "myashampoo");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://slirsredirect.search.aol.com/slir[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2475029");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2475029");
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Mar 10 2011 20:39:07 GMT+0100 (Centr[...]
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 0);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Mar 10 2011 20:39:07 GMT+0100 (Central E[...]
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "9d17df37-24d0-4d4a-b878-75c5154771bd");
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2475029");
Found : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100 [...]
Found : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_759251.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100 ([...]
Found : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100 ([...]
Found : user_pref("ConduitEngine.FirstServerDate", "03/01/2011 21");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Tue Mar 01 2011 19:40:55 GMT+0100 (Central Europe Standard[...]
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eur[...]
Found : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Europe Stan[...]
Found : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Europe [...]
Found : user_pref("ConduitEngine.UserID", "UN40628178199054318");
Found : user_pref("ConduitEngine.engineLocale", "sk");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Centr[...]
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Found : user_pref("browser.search.defaultthis.engineName", "MyAshampoo Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&Sea[...]
Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2475029&SearchSource=13");
Found : user_pref("keyword.URL", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&invocati[...]
Found : user_pref("winamp_toolbar.buttons.layout", "skins_btn_wa;plugins_btn_wa;shout_btn_wa;video_btn_wa;ai[...]
Found : user_pref("winamp_toolbar.firsttime.showwindow", false);
Found : user_pref("winamp_toolbar.install.lastTbVersion", "5.6.12.1");
Found : user_pref("winamp_toolbar.metrics.activestampdate", "10");
Found : user_pref("winamp_toolbar.metrics.activestampmonth", "2");
Found : user_pref("winamp_toolbar.metrics.activestampyear", "2011");
Found : user_pref("winamp_toolbar.metrics.originalDate", "24");
Found : user_pref("winamp_toolbar.metrics.originalHours", "24");
Found : user_pref("winamp_toolbar.metrics.originalMinutes", "41");
Found : user_pref("winamp_toolbar.metrics.originalMonth", "12");
Found : user_pref("winamp_toolbar.metrics.originalSeconds", "25");
Found : user_pref("winamp_toolbar.metrics.originalYear", "2010");
Found : user_pref("winamp_toolbar.search.populateoncomplete", false);
Found : user_pref("winamp_toolbar.search.searchtype", "web");
Found : user_pref("winamp_toolbar.search.source", "tb50ffwinamp");
Found : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");
Found : user_pref("winamp_toolbar.upgrade.showwindow", false);
Found : user_pref("winamp_toolbar.winamp.appversion", "1");
Found : user_pref("winamp_toolbar.winamp.artist", "");
Found : user_pref("winamp_toolbar.winamp.title", "-999999");
Found : user_pref("winamp_toolbar.winamp.tracklength", "-999999");
Found : user_pref("winamp_toolbar.winamp.tracktime", "-999999");
Found : user_pref("winamp_toolbar.winamp.volume", "105");
-\\ Google Chrome v24.0.1312.56
File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
Found [l.48] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
Found [l.51] : keyword = "isearch.avg.com",
Found [l.54] : search_url = "hxxp://isearch.avg.com/search?cid={AD95F935-8FBC-4FE3-AAF2-3CC1E13EF689}&mid=657b3936438b47d1b1bad151b59b47ee-c0f84bb1c1cc2e004cb1e2d98999755fb55dfeb3&lang=sk&ds=AVG&pr=fr&d=&v=&sap=dsp&q={searchTerms}",
*************************
AdwCleaner[R1].txt - [40677 octets] - [29/01/2013 14:05:46]
########## EOF - C:\AdwCleaner[R1].txt - [40738 octets] ##########
Re: Poprosím o preventívku
Avg je spise parodie na antivir 
Odinstalujte Avg Nainstalujte Avast Free (je tez zdarma, pouze jednou za rok jej bezplatne zaregistrujete) http://www.avast.com/cs-cz/free-antivirus-download Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Delete
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosím o preventívku
AVG je zmazaný, ale problém nastal keď som dal v AdwCleaner-i Delete, došlo to do určitého štádia a následne zmrzlo.
Re: Poprosím o preventívku
Zkuste jej zopakovat v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosím o preventívku
Vybehol mi log AdwCleaner [S2].txt
# AdwCleaner v2.109 - Logfile created 01/30/2013 at 10:06:40
# Updated 26/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Administrator - SONIA-6328FE16E
# Boot Mode : Safe mode with networking
# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Deleted on reboot : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
***** [Registry] *****
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
***** [Internet Browsers] *****
-\\ Internet Explorer v6.0.2900.2180
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2475029 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/facesmooch3/{D0C5043 ... 229381B9C9} --> hxxp://www.google.com
-\\ Mozilla Firefox v3.6.13 (sk)
File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\prefs.js
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\user.js ... Deleted !
Deleted : user_pref("CT2475029..clientLogIsEnabled", true);
Deleted : user_pref("CT2475029..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2475029..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2475029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2475029.CT2481020.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481024.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481025.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481029.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481031.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481032.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481033.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481034.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481035.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481037.CommunityChanged", true);
Deleted : user_pref("CT2475029.CTID", "ct2481020");
Deleted : user_pref("CT2475029.CommunitiesChangesLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central E[...]
Deleted : user_pref("CT2475029.CommunityChanged", true);
Deleted : user_pref("CT2475029.CurrentServerDate", "10-3-2011");
Deleted : user_pref("CT2475029.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2475029.DownloadDomainsCheckInterval", "168");
Deleted : user_pref("CT2475029.DownloadDomainsListLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central [...]
Deleted : user_pref("CT2475029.DownloadDomainsListLastServerUpdateTime", "1201073583");
Deleted : user_pref("CT2475029.DownloadReferralCookieData", "");
Deleted : user_pref("CT2475029.EMailNotifierPollDate", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe Stan[...]
Deleted : user_pref("CT2475029.FeedPollDate129076849370150342", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076850042182211", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076850596400916", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076850791868756", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076852434375419", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076853083906444", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076854010937606", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076855068438037", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076855340312884", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076855597344292", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076855883906472", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076856408281730", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076856723281882", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076856982969262", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076857229219583", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076857478587121", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076858014837073", "Thu Mar 10 2011 20:39:11 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129132307482029379", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129132307482029381", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129132307482029382", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129133095459686870", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129133095459686871", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129137437659687146", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129137437659687147", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129137437659687148", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602500", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602506", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602512", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602518", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602524", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602530", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603404", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603410", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603416", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603422", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603428", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603434", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603440", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603446", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603452", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603458", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603464", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603470", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603476", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603482", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603488", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603494", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758786", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758792", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758798", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758804", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758810", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758816", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758822", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758828", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758834", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758840", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758846", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758852", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758858", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758864", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758870", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758876", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758882", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758888", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758894", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758900", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758906", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758912", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758918", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758924", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758930", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758936", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758942", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758948", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758954", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758960", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedTTL129076850596400916", 5);
Deleted : user_pref("CT2475029.FeedTTL129076850791868756", 5);
Deleted : user_pref("CT2475029.FeedTTL129076855068438037", 2);
Deleted : user_pref("CT2475029.FeedTTL129076856723281882", 5);
Deleted : user_pref("CT2475029.FeedTTL129076857229219583", 30);
Deleted : user_pref("CT2475029.FeedTTL129132307482029379", 40);
Deleted : user_pref("CT2475029.FeedTTL129132307482029381", 40);
Deleted : user_pref("CT2475029.FeedTTL129132307482029382", 40);
Deleted : user_pref("CT2475029.FeedTTL129133095459686870", 40);
Deleted : user_pref("CT2475029.FeedTTL129133095459686871", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687146", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687147", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687148", 40);
Deleted : user_pref("CT2475029.FeedTTL129255180214602500", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214602512", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214602518", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214602524", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214603416", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214603428", 60);
Deleted : user_pref("CT2475029.FeedTTL129255180214603482", 60);
Deleted : user_pref("CT2475029.FeedTTL129255180214603488", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214603494", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214758786", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214758798", 30);
Deleted : user_pref("CT2475029.FeedTTL129255180214758804", 30);
Deleted : user_pref("CT2475029.FeedTTL129255180214758810", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214758828", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758840", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758846", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758852", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758870", 1440);
Deleted : user_pref("CT2475029.FeedTTL129255180214758900", 10);
Deleted : user_pref("CT2475029.FeedTTL129255180214758918", 5);
Deleted : user_pref("CT2475029.FirstServerDate", "1-3-2011");
Deleted : user_pref("CT2475029.FirstTime", true);
Deleted : user_pref("CT2475029.FirstTimeFF3", true);
Deleted : user_pref("CT2475029.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2475029.GroupingLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe Stan[...]
Deleted : user_pref("CT2475029.GroupingLastErrorCode", "");
Deleted : user_pref("CT2475029.GroupingLastResponse", true);
Deleted : user_pref("CT2475029.GroupingLastServerUpdateTime", "129440248069300000");
Deleted : user_pref("CT2475029.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2475029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2475029.HasUserGlobalKeys", true);
Deleted : user_pref("CT2475029.Initialize", true);
Deleted : user_pref("CT2475029.InitializeCommonPrefs", true);
Deleted : user_pref("CT2475029.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2475029.InstallationId", "MyAshampoo.exe");
Deleted : user_pref("CT2475029.InstallationType", "ConduitIntegration");
Deleted : user_pref("CT2475029.InstalledDate", "Tue Mar 01 2011 19:40:56 GMT+0100 (Central Europe Standard Tim[...]
Deleted : user_pref("CT2475029.IsGrouping", true);
Deleted : user_pref("CT2475029.IsMulticommunity", true);
Deleted : user_pref("CT2475029.IsOpenThankYouPage", false);
Deleted : user_pref("CT2475029.IsOpenUninstallPage", true);
Deleted : user_pref("CT2475029.LanguagePackLastCheckTime", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Europe [...]
Deleted : user_pref("CT2475029.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2475029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2475029.LastLogin_3.2.5.2", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe Standard[...]
Deleted : user_pref("CT2475029.LatestVersion", "3.2.5.2");
Deleted : user_pref("CT2475029.Locale", "en");
Deleted : user_pref("CT2475029.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2475029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2475029.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2475029.RadioIsPodcast", false);
Deleted : user_pref("CT2475029.RadioMediaID", "9962");
Deleted : user_pref("CT2475029.RadioMediaType", "Media Player");
Deleted : user_pref("CT2475029.RadioMenuSelectedID", "EBRadioMenu_CT24750299962");
Deleted : user_pref("CT2475029.RadioStationName", "California%20Rock");
Deleted : user_pref("CT2475029.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT2475029.SavedHomepage", "hxxp://www.bigseekpro.com/facesmooch3/{D0C50431-9638-4D8C-892C[...]
Deleted : user_pref("CT2475029.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2475029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT247[...]
Deleted : user_pref("CT2475029.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2475029.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2475029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2475029.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2475029.ServiceMapLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe St[...]
Deleted : user_pref("CT2475029.SettingsLastCheckTime", "Tue Mar 01 2011 19:40:55 GMT+0100 (Central Europe Stan[...]
Deleted : user_pref("CT2475029.SettingsLastUpdate", "1298807963");
Deleted : user_pref("CT2475029.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2475029.ThirdPartyComponentsLastCheck", "Tue Mar 01 2011 19:40:55 GMT+0100 (Central Eur[...]
Deleted : user_pref("CT2475029.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2475029.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Deleted : user_pref("CT2475029.UserID", "UN78518497592878111");
Deleted : user_pref("CT2475029.WeatherNetwork", "");
Deleted : user_pref("CT2475029.WeatherPollDate", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Europe Standard T[...]
Deleted : user_pref("CT2475029.WeatherUnit", "C");
Deleted : user_pref("CT2475029.backendstorage._fb_dailyactivity", "31323939373835393530343936");
Deleted : user_pref("CT2475029.backendstorage._fb_lifetimesent", "54525545");
Deleted : user_pref("CT2475029.backendstorage.facebook_ctid_connect_send", "73656E646564");
Deleted : user_pref("CT2475029.ct2481020.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2475029.ct2481020.FeedLastCount129076858299680990", 717);
Deleted : user_pref("CT2475029.ct2481020.GroupingInvalidateCache", false);
Deleted : user_pref("CT2475029.ct2481020.GroupingLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central E[...]
Deleted : user_pref("CT2475029.ct2481020.GroupingLastErrorCode", "");
Deleted : user_pref("CT2475029.ct2481020.GroupingLastResponse", true);
Deleted : user_pref("CT2475029.ct2481020.GroupingLastServerUpdateTime", "129440252824830000");
Deleted : user_pref("CT2475029.ct2481020.InvalidateCache", false);
Deleted : user_pref("CT2475029.ct2481020.LanguagePackLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Centr[...]
Deleted : user_pref("CT2475029.ct2481020.Locale", "de");
Deleted : user_pref("CT2475029.ct2481020.RadioLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Euro[...]
Deleted : user_pref("CT2475029.ct2481020.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2475029.ct2481020.RadioLastUpdateServer", "3");
Deleted : user_pref("CT2475029.ct2481020.SearchInNewTabLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Cen[...]
Deleted : user_pref("CT2475029.ct2481020.SettingsLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central E[...]
Deleted : user_pref("CT2475029.ct2481020.SettingsLastUpdate", "1299544006");
Deleted : user_pref("CT2475029.ct2481020.ThirdPartyComponentsLastCheck", "Tue Mar 01 2011 19:40:56 GMT+0100 (C[...]
Deleted : user_pref("CT2475029.ct2481020.ThirdPartyComponentsLastUpdate", "1255348257");
Deleted : user_pref("CT2475029.ct2481020.toolbarAppMetaDataLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 [...]
Deleted : user_pref("CT2475029.ct2481020.toolbarContextMenuLastCheckTime", "Tue Mar 01 2011 19:40:59 GMT+0100 [...]
Deleted : user_pref("CT2475029.myStuffEnabled", true);
Deleted : user_pref("CT2475029.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2475029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2475029.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2475029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2475029.testingCtid", "");
Deleted : user_pref("CT2475029.toolbarAppMetaDataLastCheckTime", "Tue Mar 01 2011 19:40:56 GMT+0100 (Central E[...]
Deleted : user_pref("CT2475029.toolbarContextMenuLastCheckTime", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central E[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/868510/864310/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874426/870225/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874430/870228/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874431/870229/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874435/870233/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874437/870235/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874438/870236/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874439/870237/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874440/870238/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874441/870239/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874443/870241/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2475029", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2481020", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2475029/CT2475029[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2481020/CT2475029[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"634[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"5a1fccace73ec67a98ee[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"a17d55dc9a5edc83407[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"8ae66c8f7baf0a6cf38[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"8618807907b9a026074[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"7137d8697fbb81580d2[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"0ae56666626d6cd2db4[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/759251.xml", "\"66c39eae4d0a9200efc5f[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"ef5296a8a49ff850ac94a[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2475029");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "myashampoo");
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2475029");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "myashampoo");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://slirsredirect.search.aol.com/slir[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2475029");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2475029");
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Mar 10 2011 20:39:07 GMT+0100 (Centr[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 0);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Mar 10 2011 20:39:07 GMT+0100 (Central E[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "9d17df37-24d0-4d4a-b878-75c5154771bd");
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2475029");
Deleted : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100 [...]
Deleted : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_759251.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100 ([...]
Deleted : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100 ([...]
Deleted : user_pref("ConduitEngine.FirstServerDate", "03/01/2011 21");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Tue Mar 01 2011 19:40:55 GMT+0100 (Central Europe Standard[...]
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eur[...]
Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Europe Stan[...]
Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Europe [...]
Deleted : user_pref("ConduitEngine.UserID", "UN40628178199054318");
Deleted : user_pref("ConduitEngine.engineLocale", "sk");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Centr[...]
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.defaultthis.engineName", "MyAshampoo Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&Sea[...]
Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2475029&SearchSource=13");
Deleted : user_pref("keyword.URL", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&invocati[...]
Deleted : user_pref("winamp_toolbar.buttons.layout", "skins_btn_wa;plugins_btn_wa;shout_btn_wa;video_btn_wa;ai[...]
Deleted : user_pref("winamp_toolbar.firsttime.showwindow", false);
Deleted : user_pref("winamp_toolbar.install.lastTbVersion", "5.6.12.1");
Deleted : user_pref("winamp_toolbar.metrics.activestampdate", "10");
Deleted : user_pref("winamp_toolbar.metrics.activestampmonth", "2");
Deleted : user_pref("winamp_toolbar.metrics.activestampyear", "2011");
Deleted : user_pref("winamp_toolbar.metrics.originalDate", "24");
Deleted : user_pref("winamp_toolbar.metrics.originalHours", "24");
Deleted : user_pref("winamp_toolbar.metrics.originalMinutes", "41");
Deleted : user_pref("winamp_toolbar.metrics.originalMonth", "12");
Deleted : user_pref("winamp_toolbar.metrics.originalSeconds", "25");
Deleted : user_pref("winamp_toolbar.metrics.originalYear", "2010");
Deleted : user_pref("winamp_toolbar.search.populateoncomplete", false);
Deleted : user_pref("winamp_toolbar.search.searchtype", "web");
Deleted : user_pref("winamp_toolbar.search.source", "tb50ffwinamp");
Deleted : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");
Deleted : user_pref("winamp_toolbar.upgrade.showwindow", false);
Deleted : user_pref("winamp_toolbar.winamp.appversion", "1");
Deleted : user_pref("winamp_toolbar.winamp.artist", "");
Deleted : user_pref("winamp_toolbar.winamp.title", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.tracklength", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.tracktime", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.volume", "105");
-\\ Google Chrome v24.0.1312.56
File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
Deleted [l.48] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
Deleted [l.51] : keyword = "isearch.avg.com",
Deleted [l.54] : search_url = "hxxp://isearch.avg.com/search?cid={AD95F935-8FBC-4FE3-AAF2-3CC1E13EF689}&mid=65[...]
*************************
AdwCleaner[R1].txt - [40808 octets] - [29/01/2013 14:05:46]
AdwCleaner[R2].txt - [40784 octets] - [29/01/2013 16:09:57]
AdwCleaner[R3].txt - [32970 octets] - [30/01/2013 10:06:19]
AdwCleaner[S1].txt - [2522 octets] - [29/01/2013 16:10:13]
AdwCleaner[S2].txt - [33672 octets] - [30/01/2013 10:06:40]
########## EOF - C:\AdwCleaner[S2].txt - [33733 octets] ##########
//AdwCleaner [S1].txt
# AdwCleaner v2.109 - Logfile created 01/30/2013 at 10:06:40
# Updated 26/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Administrator - SONIA-6328FE16E
# Boot Mode : Safe mode with networking
# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Deleted on reboot : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
***** [Registry] *****
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
***** [Internet Browsers] *****
-\\ Internet Explorer v6.0.2900.2180
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2475029 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/facesmooch3/{D0C5043 ... 229381B9C9} --> hxxp://www.google.com
-\\ Mozilla Firefox v3.6.13 (sk)
File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\prefs.js
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\user.js ... Deleted !
Deleted : user_pref("CT2475029..clientLogIsEnabled", true);
Deleted : user_pref("CT2475029..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2475029..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2475029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2475029.CT2481020.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481024.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481025.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481029.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481031.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481032.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481033.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481034.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481035.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481037.CommunityChanged", true);
Deleted : user_pref("CT2475029.CTID", "ct2481020");
Deleted : user_pref("CT2475029.CommunitiesChangesLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central E[...]
Deleted : user_pref("CT2475029.CommunityChanged", true);
Deleted : user_pref("CT2475029.CurrentServerDate", "10-3-2011");
Deleted : user_pref("CT2475029.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2475029.DownloadDomainsCheckInterval", "168");
Deleted : user_pref("CT2475029.DownloadDomainsListLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central [...]
Deleted : user_pref("CT2475029.DownloadDomainsListLastServerUpdateTime", "1201073583");
Deleted : user_pref("CT2475029.DownloadReferralCookieData", "");
Deleted : user_pref("CT2475029.EMailNotifierPollDate", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe Stan[...]
Deleted : user_pref("CT2475029.FeedPollDate129076849370150342", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076850042182211", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076850596400916", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076850791868756", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076852434375419", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076853083906444", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076854010937606", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076855068438037", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076855340312884", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076855597344292", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076855883906472", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076856408281730", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076856723281882", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076856982969262", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076857229219583", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076857478587121", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129076858014837073", "Thu Mar 10 2011 20:39:11 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129132307482029379", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129132307482029381", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129132307482029382", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129133095459686870", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129133095459686871", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129137437659687146", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129137437659687147", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129137437659687148", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602500", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602506", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602512", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602518", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602524", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602530", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603404", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603410", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603416", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603422", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603428", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603434", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603440", "Tue Mar 01 2011 19:40:57 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603446", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603452", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603458", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603464", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603470", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603476", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603482", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603488", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603494", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758786", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758792", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758798", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758804", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758810", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758816", "Tue Mar 01 2011 19:40:59 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758822", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758828", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758834", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758840", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758846", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758852", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758858", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758864", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758870", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758876", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758882", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758888", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758894", "Tue Mar 01 2011 19:41:00 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758900", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758906", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758912", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758918", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758924", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758930", "Tue Mar 01 2011 19:41:01 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758936", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758942", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758948", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758954", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758960", "Tue Mar 01 2011 19:41:02 GMT+0100 (Central Eu[...]
Deleted : user_pref("CT2475029.FeedTTL129076850596400916", 5);
Deleted : user_pref("CT2475029.FeedTTL129076850791868756", 5);
Deleted : user_pref("CT2475029.FeedTTL129076855068438037", 2);
Deleted : user_pref("CT2475029.FeedTTL129076856723281882", 5);
Deleted : user_pref("CT2475029.FeedTTL129076857229219583", 30);
Deleted : user_pref("CT2475029.FeedTTL129132307482029379", 40);
Deleted : user_pref("CT2475029.FeedTTL129132307482029381", 40);
Deleted : user_pref("CT2475029.FeedTTL129132307482029382", 40);
Deleted : user_pref("CT2475029.FeedTTL129133095459686870", 40);
Deleted : user_pref("CT2475029.FeedTTL129133095459686871", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687146", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687147", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687148", 40);
Deleted : user_pref("CT2475029.FeedTTL129255180214602500", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214602512", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214602518", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214602524", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214603416", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214603428", 60);
Deleted : user_pref("CT2475029.FeedTTL129255180214603482", 60);
Deleted : user_pref("CT2475029.FeedTTL129255180214603488", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214603494", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214758786", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214758798", 30);
Deleted : user_pref("CT2475029.FeedTTL129255180214758804", 30);
Deleted : user_pref("CT2475029.FeedTTL129255180214758810", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214758828", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758840", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758846", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758852", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758870", 1440);
Deleted : user_pref("CT2475029.FeedTTL129255180214758900", 10);
Deleted : user_pref("CT2475029.FeedTTL129255180214758918", 5);
Deleted : user_pref("CT2475029.FirstServerDate", "1-3-2011");
Deleted : user_pref("CT2475029.FirstTime", true);
Deleted : user_pref("CT2475029.FirstTimeFF3", true);
Deleted : user_pref("CT2475029.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2475029.GroupingLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe Stan[...]
Deleted : user_pref("CT2475029.GroupingLastErrorCode", "");
Deleted : user_pref("CT2475029.GroupingLastResponse", true);
Deleted : user_pref("CT2475029.GroupingLastServerUpdateTime", "129440248069300000");
Deleted : user_pref("CT2475029.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2475029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2475029.HasUserGlobalKeys", true);
Deleted : user_pref("CT2475029.Initialize", true);
Deleted : user_pref("CT2475029.InitializeCommonPrefs", true);
Deleted : user_pref("CT2475029.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2475029.InstallationId", "MyAshampoo.exe");
Deleted : user_pref("CT2475029.InstallationType", "ConduitIntegration");
Deleted : user_pref("CT2475029.InstalledDate", "Tue Mar 01 2011 19:40:56 GMT+0100 (Central Europe Standard Tim[...]
Deleted : user_pref("CT2475029.IsGrouping", true);
Deleted : user_pref("CT2475029.IsMulticommunity", true);
Deleted : user_pref("CT2475029.IsOpenThankYouPage", false);
Deleted : user_pref("CT2475029.IsOpenUninstallPage", true);
Deleted : user_pref("CT2475029.LanguagePackLastCheckTime", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central Europe [...]
Deleted : user_pref("CT2475029.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2475029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2475029.LastLogin_3.2.5.2", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe Standard[...]
Deleted : user_pref("CT2475029.LatestVersion", "3.2.5.2");
Deleted : user_pref("CT2475029.Locale", "en");
Deleted : user_pref("CT2475029.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2475029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2475029.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2475029.RadioIsPodcast", false);
Deleted : user_pref("CT2475029.RadioMediaID", "9962");
Deleted : user_pref("CT2475029.RadioMediaType", "Media Player");
Deleted : user_pref("CT2475029.RadioMenuSelectedID", "EBRadioMenu_CT24750299962");
Deleted : user_pref("CT2475029.RadioStationName", "California%20Rock");
Deleted : user_pref("CT2475029.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT2475029.SavedHomepage", "hxxp://www.bigseekpro.com/facesmooch3/{D0C50431-9638-4D8C-892C[...]
Deleted : user_pref("CT2475029.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2475029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT247[...]
Deleted : user_pref("CT2475029.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2475029.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2475029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2475029.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2475029.ServiceMapLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central Europe St[...]
Deleted : user_pref("CT2475029.SettingsLastCheckTime", "Tue Mar 01 2011 19:40:55 GMT+0100 (Central Europe Stan[...]
Deleted : user_pref("CT2475029.SettingsLastUpdate", "1298807963");
Deleted : user_pref("CT2475029.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2475029.ThirdPartyComponentsLastCheck", "Tue Mar 01 2011 19:40:55 GMT+0100 (Central Eur[...]
Deleted : user_pref("CT2475029.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2475029.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Deleted : user_pref("CT2475029.UserID", "UN78518497592878111");
Deleted : user_pref("CT2475029.WeatherNetwork", "");
Deleted : user_pref("CT2475029.WeatherPollDate", "Thu Mar 10 2011 20:39:10 GMT+0100 (Central Europe Standard T[...]
Deleted : user_pref("CT2475029.WeatherUnit", "C");
Deleted : user_pref("CT2475029.backendstorage._fb_dailyactivity", "31323939373835393530343936");
Deleted : user_pref("CT2475029.backendstorage._fb_lifetimesent", "54525545");
Deleted : user_pref("CT2475029.backendstorage.facebook_ctid_connect_send", "73656E646564");
Deleted : user_pref("CT2475029.ct2481020.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2475029.ct2481020.FeedLastCount129076858299680990", 717);
Deleted : user_pref("CT2475029.ct2481020.GroupingInvalidateCache", false);
Deleted : user_pref("CT2475029.ct2481020.GroupingLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central E[...]
Deleted : user_pref("CT2475029.ct2481020.GroupingLastErrorCode", "");
Deleted : user_pref("CT2475029.ct2481020.GroupingLastResponse", true);
Deleted : user_pref("CT2475029.ct2481020.GroupingLastServerUpdateTime", "129440252824830000");
Deleted : user_pref("CT2475029.ct2481020.InvalidateCache", false);
Deleted : user_pref("CT2475029.ct2481020.LanguagePackLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Centr[...]
Deleted : user_pref("CT2475029.ct2481020.Locale", "de");
Deleted : user_pref("CT2475029.ct2481020.RadioLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Euro[...]
Deleted : user_pref("CT2475029.ct2481020.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2475029.ct2481020.RadioLastUpdateServer", "3");
Deleted : user_pref("CT2475029.ct2481020.SearchInNewTabLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Cen[...]
Deleted : user_pref("CT2475029.ct2481020.SettingsLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 (Central E[...]
Deleted : user_pref("CT2475029.ct2481020.SettingsLastUpdate", "1299544006");
Deleted : user_pref("CT2475029.ct2481020.ThirdPartyComponentsLastCheck", "Tue Mar 01 2011 19:40:56 GMT+0100 (C[...]
Deleted : user_pref("CT2475029.ct2481020.ThirdPartyComponentsLastUpdate", "1255348257");
Deleted : user_pref("CT2475029.ct2481020.toolbarAppMetaDataLastCheckTime", "Thu Mar 10 2011 20:39:08 GMT+0100 [...]
Deleted : user_pref("CT2475029.ct2481020.toolbarContextMenuLastCheckTime", "Tue Mar 01 2011 19:40:59 GMT+0100 [...]
Deleted : user_pref("CT2475029.myStuffEnabled", true);
Deleted : user_pref("CT2475029.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2475029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2475029.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2475029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2475029.testingCtid", "");
Deleted : user_pref("CT2475029.toolbarAppMetaDataLastCheckTime", "Tue Mar 01 2011 19:40:56 GMT+0100 (Central E[...]
Deleted : user_pref("CT2475029.toolbarContextMenuLastCheckTime", "Tue Mar 01 2011 19:40:58 GMT+0100 (Central E[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/868510/864310/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874426/870225/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874430/870228/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874431/870229/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874435/870233/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874437/870235/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874438/870236/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874439/870237/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874440/870238/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874441/870239/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874443/870241/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2475029", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2481020", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2475029/CT2475029[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2481020/CT2475029[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"634[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"5a1fccace73ec67a98ee[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"a17d55dc9a5edc83407[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"8ae66c8f7baf0a6cf38[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"8618807907b9a026074[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"7137d8697fbb81580d2[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"0ae56666626d6cd2db4[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/759251.xml", "\"66c39eae4d0a9200efc5f[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"ef5296a8a49ff850ac94a[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2475029");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "myashampoo");
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2475029");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "myashampoo");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://slirsredirect.search.aol.com/slir[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2475029");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2475029");
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Mar 10 2011 20:39:07 GMT+0100 (Centr[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 0);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Mar 10 2011 20:39:07 GMT+0100 (Central E[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "9d17df37-24d0-4d4a-b878-75c5154771bd");
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2475029");
Deleted : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100 [...]
Deleted : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_759251.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100 ([...]
Deleted : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Tue Mar 01 2011 19:41:01 GMT+0100 ([...]
Deleted : user_pref("ConduitEngine.FirstServerDate", "03/01/2011 21");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Tue Mar 01 2011 19:40:55 GMT+0100 (Central Europe Standard[...]
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Eur[...]
Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Europe Stan[...]
Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Central Europe [...]
Deleted : user_pref("ConduitEngine.UserID", "UN40628178199054318");
Deleted : user_pref("ConduitEngine.engineLocale", "sk");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Mar 10 2011 20:39:09 GMT+0100 (Centr[...]
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.defaultthis.engineName", "MyAshampoo Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&Sea[...]
Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2475029&SearchSource=13");
Deleted : user_pref("keyword.URL", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&invocati[...]
Deleted : user_pref("winamp_toolbar.buttons.layout", "skins_btn_wa;plugins_btn_wa;shout_btn_wa;video_btn_wa;ai[...]
Deleted : user_pref("winamp_toolbar.firsttime.showwindow", false);
Deleted : user_pref("winamp_toolbar.install.lastTbVersion", "5.6.12.1");
Deleted : user_pref("winamp_toolbar.metrics.activestampdate", "10");
Deleted : user_pref("winamp_toolbar.metrics.activestampmonth", "2");
Deleted : user_pref("winamp_toolbar.metrics.activestampyear", "2011");
Deleted : user_pref("winamp_toolbar.metrics.originalDate", "24");
Deleted : user_pref("winamp_toolbar.metrics.originalHours", "24");
Deleted : user_pref("winamp_toolbar.metrics.originalMinutes", "41");
Deleted : user_pref("winamp_toolbar.metrics.originalMonth", "12");
Deleted : user_pref("winamp_toolbar.metrics.originalSeconds", "25");
Deleted : user_pref("winamp_toolbar.metrics.originalYear", "2010");
Deleted : user_pref("winamp_toolbar.search.populateoncomplete", false);
Deleted : user_pref("winamp_toolbar.search.searchtype", "web");
Deleted : user_pref("winamp_toolbar.search.source", "tb50ffwinamp");
Deleted : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");
Deleted : user_pref("winamp_toolbar.upgrade.showwindow", false);
Deleted : user_pref("winamp_toolbar.winamp.appversion", "1");
Deleted : user_pref("winamp_toolbar.winamp.artist", "");
Deleted : user_pref("winamp_toolbar.winamp.title", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.tracklength", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.tracktime", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.volume", "105");
-\\ Google Chrome v24.0.1312.56
File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
Deleted [l.48] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
Deleted [l.51] : keyword = "isearch.avg.com",
Deleted [l.54] : search_url = "hxxp://isearch.avg.com/search?cid={AD95F935-8FBC-4FE3-AAF2-3CC1E13EF689}&mid=65[...]
*************************
AdwCleaner[R1].txt - [40808 octets] - [29/01/2013 14:05:46]
AdwCleaner[R2].txt - [40784 octets] - [29/01/2013 16:09:57]
AdwCleaner[R3].txt - [32970 octets] - [30/01/2013 10:06:19]
AdwCleaner[S1].txt - [2522 octets] - [29/01/2013 16:10:13]
AdwCleaner[S2].txt - [33672 octets] - [30/01/2013 10:06:40]
########## EOF - C:\AdwCleaner[S2].txt - [33733 octets] ##########
//AdwCleaner [S1].txt
Kód: Vybrat vše
http://pastebin.com/ppLDv6VjRe: Poprosím o preventívku
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosím o preventívku
OTL.txt
OTL logfile created on: 30. 1. 2013 11:04:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy
511,23 Mb Total Physical Memory | 237,14 Mb Available Physical Memory | 46,39% Memory free
1,22 Gb Paging File | 0,71 Gb Available in Paging File | 57,94% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 3,79 Gb Free Space | 9,71% Space Free | Partition Type: NTFS
Drive D: | 53,71 Gb Total Space | 1,15 Gb Free Space | 2,14% Space Free | Partition Type: NTFS
Drive E: | 60,60 Gb Total Space | 45,20 Gb Free Space | 74,58% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: SONIA-6328FE16E | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.01.30 11:02:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2013.01.18 09:07:04 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2006.04.10 16:54:14 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2006.01.02 17:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2004.08.03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013.01.29 21:54:35 | 002,049,536 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13012903\algo.dll
MOD - [2013.01.29 11:27:44 | 002,049,024 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13012901\algo.dll
MOD - [2013.01.18 09:07:02 | 012,459,472 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
MOD - [2013.01.18 09:07:02 | 000,460,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppgooglenaclpluginchrome.dll
MOD - [2013.01.18 09:07:01 | 004,012,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
MOD - [2013.01.18 09:06:13 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll
MOD - [2010.10.30 13:23:24 | 011,797,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll
MOD - [2010.10.30 13:21:43 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
MOD - [2010.10.30 13:13:35 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
MOD - [2010.10.30 13:13:29 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
MOD - [2010.10.30 13:13:15 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
MOD - [2010.10.30 13:12:02 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
MOD - [2010.10.30 13:11:48 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
MOD - [2010.10.30 13:10:59 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2010.10.30 13:10:58 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2005.10.20 09:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005.10.20 09:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2004.08.03 23:56:44 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004.08.03 23:56:44 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.02.15 13:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2006.04.10 16:54:14 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)
SRV - [2006.03.03 20:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RkPavproc1.sys -- (RkPavproc1)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.03.10 12:28:40 | 000,602,912 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2006.09.06 09:04:12 | 004,377,600 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2006.08.22 06:36:56 | 000,035,712 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2006.03.17 10:24:09 | 001,520,640 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.02.23 04:39:06 | 000,011,264 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\xfilt.sys -- (xfilt)
DRV - [2006.02.23 04:38:32 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\videX32.sys -- (videX32)
DRV - [2005.10.20 15:30:00 | 000,011,264 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2005.10.18 14:01:38 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2004.08.13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.7
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.2191
FF - prefs.js..extensions.enabledItems: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.01.29 15:52:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.20 20:37:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.24 16:23:09 | 000,000,000 | ---D | M]
[2010.08.23 19:20:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2013.01.29 16:10:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\extensions
[2010.12.24 17:31:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.12.24 16:41:27 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\searchplugins\winamp-search.xml
[2011.11.04 21:19:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.11.04 22:59:17 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KC5FZ7KK.DEFAULT\EXTENSIONS\{0B38152B-1B20-484D-A11F-5E04A9B0661F}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KC5FZ7KK.DEFAULT\EXTENSIONS\{75656794-AB59-4712-BFBC-5D816D56F3BC}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KC5FZ7KK.DEFAULT\EXTENSIONS\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KC5FZ7KK.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2010.12.09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010.10.04 16:46:07 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2010.10.04 16:46:07 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2010.10.04 16:46:07 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2010.10.04 16:46:07 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2010.10.04 16:46:07 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2010.10.04 16:46:07 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml
========== Chrome ==========
CHR - homepage: http://www.google.com/
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={AD95 ... earchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2001.08.23 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 8.8.8.8 8.8.4.4 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE307DA3-12B1-42AC-9A30-EC86692B63AA}: DhcpNameServer = 192.168.2.1 8.8.8.8 8.8.4.4 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.08.29 22:21:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6a811a07-d712-11e0-912e-0018f37fae1d}\Shell - "" = Autorun
O33 - MountPoints2\{6a811a07-d712-11e0-912e-0018f37fae1d}\Shell\AutoRun\command - "" = G:\Install_Nokia_Ovi_Suite.exe
O33 - MountPoints2\{84b491fd-3476-11e0-901c-0018f37fae1d}\Shell\AutoRun\command - "" = USBManager.exe
O33 - MountPoints2\{84b491fd-3476-11e0-901c-0018f37fae1d}\Shell\open\command - "" = USBManager.exe
O33 - MountPoints2\{9fab52d5-1be9-11e0-8ff7-0018f37fae1d}\Shell\AutoRun\command - "" = J:\PMBP_Win.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2013.01.30 11:02:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013.01.29 15:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
[2013.01.29 15:53:35 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.01.29 15:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013.01.29 15:53:34 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.01.29 15:53:32 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.01.29 15:53:31 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.01.29 15:53:31 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.01.29 15:53:30 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2013.01.29 15:53:30 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2013.01.29 15:53:30 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2013.01.29 15:52:15 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.01.29 15:52:13 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.01.29 10:49:19 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.01.29 10:49:17 | 000,000,000 | ---D | C] -- C:\rsit
[2013.01.29 10:32:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2013.01.30 11:07:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.30 11:02:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013.01.30 10:57:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.30 10:08:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.01.30 10:08:10 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.30 10:07:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.01.29 15:53:35 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013.01.29 15:53:31 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.01.29 15:49:09 | 097,565,024 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\avast_free_antivirus_setup.exe
[2013.01.29 14:03:42 | 000,580,235 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
[2013.01.29 14:00:02 | 000,139,648 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.01.29 10:46:41 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\RSIT.exe
[2013.01.29 10:18:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.30 11:07:00 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.01.29 15:53:35 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013.01.29 15:53:32 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.01.29 15:44:14 | 097,565,024 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\avast_free_antivirus_setup.exe
[2013.01.29 14:03:38 | 000,580,235 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
[2013.01.29 14:00:02 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.01.29 10:46:38 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\RSIT.exe
[2012.10.13 08:58:36 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.08.29 22:43:41 | 000,192,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009.08.29 23:01:17 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010.04.16 16:36:48 | 001,506,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:20:33 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004.08.03 23:56:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011.03.01 18:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ashampoo
[2012.02.02 09:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVG2012
[2013.01.29 10:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\go
[2012.01.20 18:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Image Zone Express
[2012.02.02 08:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
[2011.03.01 18:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2013.01.29 15:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013.01.29 16:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2009.09.19 23:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Backup
[2012.02.02 09:37:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013.01.29 11:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2013.01.29 15:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
========== Purity Check ==========
========== Custom Scans ==========
< REATERESTOREPOINT >
[2009.08.29 22:19:30 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.08.29 22:25:23 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.02.06 12:43:58 | 000,000,920 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.02.06 12:43:59 | 000,000,924 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.01.29 15:53:32 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
< >
< >
< MD5 for: ATAPI.SYS >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 01:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\autochk.exe
[2004.08.03 23:56:48 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\system32\autochk.exe
[2004.08.03 23:56:48 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
[2004.08.03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004.08.03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\hal.dll
[2004.08.03 21:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\hal.dll
< MD5 for: SCECLI.DLL >
[2004.08.03 23:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.03 23:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.06 12:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008.04.14 01:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\services.exe
[2009.02.06 18:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.06 18:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\system32\services.exe
[2009.02.06 11:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2004.08.03 23:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\svchost.exe
[2004.08.03 23:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.03 23:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.03 23:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.03 23:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.03 23:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.03 23:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe
< >
< %systemroot%*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\b5a0d96b7c12dd2c0335206a1ae160ae\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\b5a0d96b7c12dd2c0335206a1ae160ae\download\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[4 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2011.03.01 18:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2013.01.29 15:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013.01.29 16:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2009.09.19 23:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Backup
[2012.02.02 09:37:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013.01.29 11:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2013.01.29 10:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009.10.16 22:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2013.01.29 15:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012.02.02 09:06:21 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009.09.19 23:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010.12.25 09:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2012.03.08 18:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2011.05.29 09:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype Extras
[2010.10.23 11:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2011.05.29 09:46:12 | 000,423,296 | ---- | M] (EasyBits Software AS) -- C:\Documents and Settings\All Users\Application Data\Easybits GO\EasyBitsGO.exe
[2011.05.29 09:46:12 | 000,014,208 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Easybits GO\ezShell64Run.exe
[2011.05.29 09:46:12 | 000,718,208 | ---- | M] (EasyBits Media) -- C:\Documents and Settings\All Users\Application Data\Easybits GO\Svc\GOUpdate.exe
[2011.01.05 20:16:58 | 000,523,440 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\gtb5F8.tmp.exe
< %APPDATA%\*. >
[2009.09.18 23:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2011.03.01 18:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ashampoo
[2009.08.29 23:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ATI
[2012.02.02 09:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVG2012
[2013.01.29 10:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\go
[2009.08.30 08:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Google
[2009.11.25 18:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\HP
[2009.08.29 22:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2012.01.20 18:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Image Zone Express
[2009.09.18 23:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2010.06.29 13:15:22 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2010.08.23 19:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
[2013.01.30 10:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Skype
[2011.05.29 08:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\skypePM
[2009.09.19 23:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\vlc
[2012.02.02 08:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2013.01.30 10:08:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.01.30 10:08:10 | 000,000,920 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.01.30 10:57:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.08.30 00:14:17 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.08.30 00:14:17 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.08.30 00:14:17 | 000,925,696 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.01.29 15:53:31 | 000,002,625 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2013.01.29 14:00:02 | 000,139,648 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2013.01.29 10:18:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.02.29 07:55:08 | 017,148,552 | R--- | M] (Skype Technologies S.A.)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.03 23:56:50 | 000,015,360 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2010.12.10 14:33:57 | 000,912,344 | ---- | M] (Mozilla Corporation) MD5=0E20A3213ED010FC4997D1EF48082ABC -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2004.08.03 23:56:52 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=E7484514C0464642BE7B4DC2689354C8 -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.01.18 09:07:04 | 001,248,208 | ---- | M] (Google Inc.) MD5=CEB132745142C85988317E9A4CA36B08 -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.01.30 11:07:00 | 000,000,512 | ---- | M] () MD5=D8DE784A4581B1134002BA9FE6ED66DF -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2013.01.29 15:56:15 | 000,009,216 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temp\_MEI31162\_win32sysloader.pyd
[2013.01.29 14:02:21 | 000,105,903 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\3LE4M5LW\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[2].js
[2013.01.30 10:09:40 | 000,000,753 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\ODA3K5Y3\AdLoader[1].htm
[2012.02.15 13:28:30 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.15 13:28:30 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.png
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2002.02.01 18:25:22 | 000,009,728 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\osloader.exe.mui
[2008.04.14 01:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\dmloader.dll
[2008.04.13 19:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\osloader.exe
[2008.04.13 19:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\osloader.ntd
[2004.08.03 23:56:44 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2004.08.03 23:56:44 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
< End of report >
Extres.txt
OTL Extras logfile created on: 30. 1. 2013 11:04:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy
511,23 Mb Total Physical Memory | 237,14 Mb Available Physical Memory | 46,39% Memory free
1,22 Gb Paging File | 0,71 Gb Available in Paging File | 57,94% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 3,79 Gb Free Space | 9,71% Space Free | Partition Type: NTFS
Drive D: | 53,71 Gb Total Space | 1,15 Gb Free Space | 2,14% Space Free | Partition Type: NTFS
Drive E: | 60,60 Gb Total Space | 45,20 Gb Free Space | 74,58% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: SONIA-6328FE16E | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Giga Ethernet Utility
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{71D4305B-56E6-4971-A799-FB7678A1D1A5}" = ASUS ATI Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7A21C722-F259-4976-B7AA-6658E5FDEDAF}" = Google Drive
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90437E5F-0A9E-4B63-AD8B-D232897D18BF}" = ATI Parental Control & Encoder
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F003CD43-85AF-4643-BC8D-3C170830827D}" = ATI Catalyst Control Center
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"AtcL1" = Attansic L1 Gigabit Ethernet Driver
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSNINST" = MSN
"Nero8Lite_is1" = Nero 8 Lite
"STANDARD" = Microsoft Office Standard 2007
"VLC media player" = VideoLAN VLC media player 0.8.6
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26. 1. 2012 14:22:43 | Computer Name = SONIA-6328FE16E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia vlc.exe, verzia 0.8.6.0, zablokovaný modul hungapp,
verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 1. 4. 2012 10:15:35 | Computer Name = SONIA-6328FE16E | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie hpqtra08.exe, verzia 70.0.170.0, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x00d1fad0.
[ System Events ]
Error - 27. 12. 2012 11:43:13 | Computer Name = SONIA-6328FE16E | Source = sr | ID = 1
Description = Pri spracovaní súboru „“ vo zväzku „HarddiskVolume1“ filtrom služby
Obnovovanie systému sa vyskytla neočakávaná chyba „0xC0000001“. Služba prestala
sledovať zväzok.
Error - 13. 1. 2013 2:51:54 | Computer Name = SONIA-6328FE16E | Source = sr | ID = 1
Description = Pri spracovaní súboru „“ vo zväzku „HarddiskVolume1“ filtrom služby
Obnovovanie systému sa vyskytla neočakávaná chyba „0xC0000001“. Služba prestala
sledovať zväzok.
Error - 18. 1. 2013 11:45:54 | Computer Name = SONIA-6328FE16E | Source = sr | ID = 1
Description = Pri spracovaní súboru „“ vo zväzku „HarddiskVolume1“ filtrom služby
Obnovovanie systému sa vyskytla neočakávaná chyba „0xC0000001“. Služba prestala
sledovať zväzok.
Error - 30. 1. 2013 5:05:50 | Computer Name = SONIA-6328FE16E | Source = DCOM | ID = 10005
Description = Server DCOM zistil chybu %1084 pri pokuse spustiť službu EventSystem
s argumentmi potrebnú na spustenie servera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 30. 1. 2013 5:07:11 | Computer Name = SONIA-6328FE16E | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: Aavmker4 asuskbnt aswSnx aswSP aswTdi Fips Processor
Error - 30. 1. 2013 5:07:11 | Computer Name = SONIA-6328FE16E | Source = DCOM | ID = 10005
Description = Server DCOM zistil chybu %1084 pri pokuse spustiť službu EventSystem
s argumentmi potrebnú na spustenie servera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
< End of report >
OTL logfile created on: 30. 1. 2013 11:04:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy
511,23 Mb Total Physical Memory | 237,14 Mb Available Physical Memory | 46,39% Memory free
1,22 Gb Paging File | 0,71 Gb Available in Paging File | 57,94% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 3,79 Gb Free Space | 9,71% Space Free | Partition Type: NTFS
Drive D: | 53,71 Gb Total Space | 1,15 Gb Free Space | 2,14% Space Free | Partition Type: NTFS
Drive E: | 60,60 Gb Total Space | 45,20 Gb Free Space | 74,58% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: SONIA-6328FE16E | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.01.30 11:02:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2013.01.18 09:07:04 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2006.04.10 16:54:14 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2006.01.02 17:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2004.08.03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013.01.29 21:54:35 | 002,049,536 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13012903\algo.dll
MOD - [2013.01.29 11:27:44 | 002,049,024 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13012901\algo.dll
MOD - [2013.01.18 09:07:02 | 012,459,472 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
MOD - [2013.01.18 09:07:02 | 000,460,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppgooglenaclpluginchrome.dll
MOD - [2013.01.18 09:07:01 | 004,012,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
MOD - [2013.01.18 09:06:13 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll
MOD - [2010.10.30 13:23:24 | 011,797,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll
MOD - [2010.10.30 13:21:43 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
MOD - [2010.10.30 13:13:35 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
MOD - [2010.10.30 13:13:29 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
MOD - [2010.10.30 13:13:15 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
MOD - [2010.10.30 13:12:02 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
MOD - [2010.10.30 13:11:48 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
MOD - [2010.10.30 13:10:59 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2010.10.30 13:10:58 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2005.10.20 09:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005.10.20 09:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2004.08.03 23:56:44 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004.08.03 23:56:44 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.02.15 13:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2006.04.10 16:54:14 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)
SRV - [2006.03.03 20:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RkPavproc1.sys -- (RkPavproc1)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.03.10 12:28:40 | 000,602,912 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2006.09.06 09:04:12 | 004,377,600 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2006.08.22 06:36:56 | 000,035,712 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2006.03.17 10:24:09 | 001,520,640 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.02.23 04:39:06 | 000,011,264 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\xfilt.sys -- (xfilt)
DRV - [2006.02.23 04:38:32 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\videX32.sys -- (videX32)
DRV - [2005.10.20 15:30:00 | 000,011,264 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2005.10.18 14:01:38 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2004.08.13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.7
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.2191
FF - prefs.js..extensions.enabledItems: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.01.29 15:52:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.20 20:37:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.24 16:23:09 | 000,000,000 | ---D | M]
[2010.08.23 19:20:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2013.01.29 16:10:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\extensions
[2010.12.24 17:31:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.12.24 16:41:27 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kc5fz7kk.default\searchplugins\winamp-search.xml
[2011.11.04 21:19:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.11.04 22:59:17 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KC5FZ7KK.DEFAULT\EXTENSIONS\{0B38152B-1B20-484D-A11F-5E04A9B0661F}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KC5FZ7KK.DEFAULT\EXTENSIONS\{75656794-AB59-4712-BFBC-5D816D56F3BC}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KC5FZ7KK.DEFAULT\EXTENSIONS\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KC5FZ7KK.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2010.12.09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010.10.04 16:46:07 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2010.10.04 16:46:07 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2010.10.04 16:46:07 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2010.10.04 16:46:07 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2010.10.04 16:46:07 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2010.10.04 16:46:07 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml
========== Chrome ==========
CHR - homepage: http://www.google.com/
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={AD95 ... earchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2001.08.23 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 8.8.8.8 8.8.4.4 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE307DA3-12B1-42AC-9A30-EC86692B63AA}: DhcpNameServer = 192.168.2.1 8.8.8.8 8.8.4.4 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.08.29 22:21:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6a811a07-d712-11e0-912e-0018f37fae1d}\Shell - "" = Autorun
O33 - MountPoints2\{6a811a07-d712-11e0-912e-0018f37fae1d}\Shell\AutoRun\command - "" = G:\Install_Nokia_Ovi_Suite.exe
O33 - MountPoints2\{84b491fd-3476-11e0-901c-0018f37fae1d}\Shell\AutoRun\command - "" = USBManager.exe
O33 - MountPoints2\{84b491fd-3476-11e0-901c-0018f37fae1d}\Shell\open\command - "" = USBManager.exe
O33 - MountPoints2\{9fab52d5-1be9-11e0-8ff7-0018f37fae1d}\Shell\AutoRun\command - "" = J:\PMBP_Win.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2013.01.30 11:02:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013.01.29 15:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
[2013.01.29 15:53:35 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.01.29 15:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013.01.29 15:53:34 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.01.29 15:53:32 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.01.29 15:53:31 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.01.29 15:53:31 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.01.29 15:53:30 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2013.01.29 15:53:30 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2013.01.29 15:53:30 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2013.01.29 15:52:15 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.01.29 15:52:13 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.01.29 10:49:19 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.01.29 10:49:17 | 000,000,000 | ---D | C] -- C:\rsit
[2013.01.29 10:32:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2013.01.30 11:07:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.30 11:02:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013.01.30 10:57:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.30 10:08:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.01.30 10:08:10 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.30 10:07:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.01.29 15:53:35 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013.01.29 15:53:31 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.01.29 15:49:09 | 097,565,024 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\avast_free_antivirus_setup.exe
[2013.01.29 14:03:42 | 000,580,235 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
[2013.01.29 14:00:02 | 000,139,648 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.01.29 10:46:41 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\RSIT.exe
[2013.01.29 10:18:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.30 11:07:00 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.01.29 15:53:35 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013.01.29 15:53:32 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.01.29 15:44:14 | 097,565,024 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\avast_free_antivirus_setup.exe
[2013.01.29 14:03:38 | 000,580,235 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
[2013.01.29 14:00:02 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.01.29 10:46:38 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\RSIT.exe
[2012.10.13 08:58:36 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.08.29 22:43:41 | 000,192,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009.08.29 23:01:17 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010.04.16 16:36:48 | 001,506,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:20:33 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004.08.03 23:56:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011.03.01 18:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ashampoo
[2012.02.02 09:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVG2012
[2013.01.29 10:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\go
[2012.01.20 18:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Image Zone Express
[2012.02.02 08:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
[2011.03.01 18:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2013.01.29 15:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013.01.29 16:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2009.09.19 23:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Backup
[2012.02.02 09:37:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013.01.29 11:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2013.01.29 15:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
========== Purity Check ==========
========== Custom Scans ==========
< REATERESTOREPOINT >
[2009.08.29 22:19:30 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.08.29 22:25:23 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.02.06 12:43:58 | 000,000,920 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.02.06 12:43:59 | 000,000,924 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.01.29 15:53:32 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
< >
< >
< MD5 for: ATAPI.SYS >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 01:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\autochk.exe
[2004.08.03 23:56:48 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\system32\autochk.exe
[2004.08.03 23:56:48 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
[2004.08.03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004.08.03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\hal.dll
[2004.08.03 21:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\hal.dll
< MD5 for: SCECLI.DLL >
[2004.08.03 23:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.03 23:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.06 12:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008.04.14 01:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\services.exe
[2009.02.06 18:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.06 18:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\system32\services.exe
[2009.02.06 11:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2004.08.03 23:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\svchost.exe
[2004.08.03 23:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.03 23:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.03 23:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.03 23:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.03 23:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.03 23:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe
< >
< %systemroot%*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\b5a0d96b7c12dd2c0335206a1ae160ae\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\b5a0d96b7c12dd2c0335206a1ae160ae\download\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[4 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2011.03.01 18:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2013.01.29 15:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013.01.29 16:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2009.09.19 23:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Backup
[2012.02.02 09:37:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013.01.29 11:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2013.01.29 10:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009.10.16 22:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2013.01.29 15:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012.02.02 09:06:21 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009.09.19 23:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010.12.25 09:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2012.03.08 18:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2011.05.29 09:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype Extras
[2010.10.23 11:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2011.05.29 09:46:12 | 000,423,296 | ---- | M] (EasyBits Software AS) -- C:\Documents and Settings\All Users\Application Data\Easybits GO\EasyBitsGO.exe
[2011.05.29 09:46:12 | 000,014,208 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Easybits GO\ezShell64Run.exe
[2011.05.29 09:46:12 | 000,718,208 | ---- | M] (EasyBits Media) -- C:\Documents and Settings\All Users\Application Data\Easybits GO\Svc\GOUpdate.exe
[2011.01.05 20:16:58 | 000,523,440 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\gtb5F8.tmp.exe
< %APPDATA%\*. >
[2009.09.18 23:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2011.03.01 18:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ashampoo
[2009.08.29 23:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ATI
[2012.02.02 09:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVG2012
[2013.01.29 10:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\go
[2009.08.30 08:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Google
[2009.11.25 18:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\HP
[2009.08.29 22:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2012.01.20 18:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Image Zone Express
[2009.09.18 23:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2010.06.29 13:15:22 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2010.08.23 19:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
[2013.01.30 10:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Skype
[2011.05.29 08:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\skypePM
[2009.09.19 23:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\vlc
[2012.02.02 08:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2013.01.30 10:08:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.01.30 10:08:10 | 000,000,920 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.01.30 10:57:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.08.30 00:14:17 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.08.30 00:14:17 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.08.30 00:14:17 | 000,925,696 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.01.29 15:53:31 | 000,002,625 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2013.01.29 14:00:02 | 000,139,648 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2013.01.29 10:18:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.02.29 07:55:08 | 017,148,552 | R--- | M] (Skype Technologies S.A.)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.03 23:56:50 | 000,015,360 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2010.12.10 14:33:57 | 000,912,344 | ---- | M] (Mozilla Corporation) MD5=0E20A3213ED010FC4997D1EF48082ABC -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2004.08.03 23:56:52 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=E7484514C0464642BE7B4DC2689354C8 -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.01.18 09:07:04 | 001,248,208 | ---- | M] (Google Inc.) MD5=CEB132745142C85988317E9A4CA36B08 -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.01.30 11:07:00 | 000,000,512 | ---- | M] () MD5=D8DE784A4581B1134002BA9FE6ED66DF -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2013.01.29 15:56:15 | 000,009,216 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temp\_MEI31162\_win32sysloader.pyd
[2013.01.29 14:02:21 | 000,105,903 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\3LE4M5LW\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[2].js
[2013.01.30 10:09:40 | 000,000,753 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\ODA3K5Y3\AdLoader[1].htm
[2012.02.15 13:28:30 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.15 13:28:30 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.png
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2002.02.01 18:25:22 | 000,009,728 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\osloader.exe.mui
[2008.04.14 01:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\dmloader.dll
[2008.04.13 19:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\osloader.exe
[2008.04.13 19:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\osloader.ntd
[2004.08.03 23:56:44 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2004.08.03 23:56:44 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
< End of report >
Extres.txt
OTL Extras logfile created on: 30. 1. 2013 11:04:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy
511,23 Mb Total Physical Memory | 237,14 Mb Available Physical Memory | 46,39% Memory free
1,22 Gb Paging File | 0,71 Gb Available in Paging File | 57,94% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 3,79 Gb Free Space | 9,71% Space Free | Partition Type: NTFS
Drive D: | 53,71 Gb Total Space | 1,15 Gb Free Space | 2,14% Space Free | Partition Type: NTFS
Drive E: | 60,60 Gb Total Space | 45,20 Gb Free Space | 74,58% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: SONIA-6328FE16E | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Giga Ethernet Utility
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{71D4305B-56E6-4971-A799-FB7678A1D1A5}" = ASUS ATI Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7A21C722-F259-4976-B7AA-6658E5FDEDAF}" = Google Drive
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90437E5F-0A9E-4B63-AD8B-D232897D18BF}" = ATI Parental Control & Encoder
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F003CD43-85AF-4643-BC8D-3C170830827D}" = ATI Catalyst Control Center
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"AtcL1" = Attansic L1 Gigabit Ethernet Driver
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSNINST" = MSN
"Nero8Lite_is1" = Nero 8 Lite
"STANDARD" = Microsoft Office Standard 2007
"VLC media player" = VideoLAN VLC media player 0.8.6
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-527237240-507921405-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26. 1. 2012 14:22:43 | Computer Name = SONIA-6328FE16E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia vlc.exe, verzia 0.8.6.0, zablokovaný modul hungapp,
verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 1. 4. 2012 10:15:35 | Computer Name = SONIA-6328FE16E | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie hpqtra08.exe, verzia 70.0.170.0, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x00d1fad0.
[ System Events ]
Error - 27. 12. 2012 11:43:13 | Computer Name = SONIA-6328FE16E | Source = sr | ID = 1
Description = Pri spracovaní súboru „“ vo zväzku „HarddiskVolume1“ filtrom služby
Obnovovanie systému sa vyskytla neočakávaná chyba „0xC0000001“. Služba prestala
sledovať zväzok.
Error - 13. 1. 2013 2:51:54 | Computer Name = SONIA-6328FE16E | Source = sr | ID = 1
Description = Pri spracovaní súboru „“ vo zväzku „HarddiskVolume1“ filtrom služby
Obnovovanie systému sa vyskytla neočakávaná chyba „0xC0000001“. Služba prestala
sledovať zväzok.
Error - 18. 1. 2013 11:45:54 | Computer Name = SONIA-6328FE16E | Source = sr | ID = 1
Description = Pri spracovaní súboru „“ vo zväzku „HarddiskVolume1“ filtrom služby
Obnovovanie systému sa vyskytla neočakávaná chyba „0xC0000001“. Služba prestala
sledovať zväzok.
Error - 30. 1. 2013 5:05:50 | Computer Name = SONIA-6328FE16E | Source = DCOM | ID = 10005
Description = Server DCOM zistil chybu %1084 pri pokuse spustiť službu EventSystem
s argumentmi potrebnú na spustenie servera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 30. 1. 2013 5:07:11 | Computer Name = SONIA-6328FE16E | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: Aavmker4 asuskbnt aswSnx aswSP aswTdi Fips Processor
Error - 30. 1. 2013 5:07:11 | Computer Name = SONIA-6328FE16E | Source = DCOM | ID = 10005
Description = Server DCOM zistil chybu %1084 pri pokuse spustiť službu EventSystem
s argumentmi potrebnú na spustenie servera: {1BE1F766-5536-11D1-B726-00C04FB926AF}
< End of report >
Re: Poprosím o preventívku
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RkPavproc1.sys -- (RkPavproc1) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) IE - HKU\S-1-5-21-527237240-507921405-725345543-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-527237240-507921405-725345543-500\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KC5FZ7KK.DEFAULT\EXTENSIONS\{0B38152B-1B20-484D-A11F-5E04A9B0661F} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KC5FZ7KK.DEFAULT\EXTENSIONS\{75656794-AB59-4712-BFBC-5D816D56F3BC} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KC5FZ7KK.DEFAULT\EXTENSIONS\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KC5FZ7KK.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4 CHR - default_search_provider: AVG Secure Search (Enabled) CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={AD95F935-8FBC-4FE3-AAF2-3CC1E13EF689}&mid=657b3936438b47d1b1bad151b59b47ee-c0f84bb1c1cc2e004cb1e2d98999755fb55dfeb3&lang=sk&ds=AVG&pr=fr&d=&v=&sap=dsp&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll O33 - MountPoints2\{6a811a07-d712-11e0-912e-0018f37fae1d}\Shell - "" = Autorun [2012.02.02 09:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVG2012 [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ] [1 C:\WINDOWS\SoftwareDistribution\Download\b5a0d96b7c12dd2c0335206a1ae160ae\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\b5a0d96b7c12dd2c0335206a1ae160ae\download\*.tmp -> ] [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [4 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ] [1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ] [2013.01.30 10:08:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job [2013.01.30 10:08:10 | 000,000,920 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [2013.01.30 10:57:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job :files %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosím o preventívku
All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service RkPavproc1 stopped successfully!
Service RkPavproc1 deleted successfully!
File C:\WINDOWS\system32\drivers\RkPavproc1.sys not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Registry key HKEY_USERS\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
File C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a811a07-d712-11e0-912e-0018f37fae1d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6a811a07-d712-11e0-912e-0018f37fae1d}\ not found.
C:\Documents and Settings\Administrator\Application Data\AVG2012\cfgall folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\AVG2012 folder moved successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP610.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP65F.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP65F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6FE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP732.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP743.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP744.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP76F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP82B.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI52D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI69.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\b5a0d96b7c12dd2c0335206a1ae160ae\download\BIT55B.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\52.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\54.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\8C9.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\8CC.tmp deleted successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp deleted successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 60459934 bytes
->Temporary Internet Files folder emptied: 1506806 bytes
->FireFox cache emptied: 52516668 bytes
->Google Chrome cache emptied: 60873790 bytes
->Flash cache emptied: 739 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 3220077 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 276 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 65454005 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 89 bytes
Total Files Cleaned = 233,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: Administrator
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01302013_133201
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\F7H3SII4\Z2xvYmFsXzIuMi4wLGhsYXZhcGF0YV8yLjEuNix2ZWNodGlrXzEuMC4wLHhrcnVoXzIuMS4wLHByZWllXzIuMC4zLGJ1YmxpdGthXzIuMC44LHpybmtvXzIuMi4yLHN0cmFua292YW5pZV8yLjAuOCxzdGxwY2VfMi4xLjAsb[1].css not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\72PXXW6V\aGxhdmFwYXRhLWllXzIuMC43LHZlY2h0aWstaWVfMS4wLjEseGtydWgtaWVfMi4wLjUsYnVibGl0a2EtaWVfMi4wLjUsenJua28taWVfMi4wLjQsbmFzdGVua2EtaWVfMi4wLjYsdnlzdXZhYy1pZV8yLjAuMyxhbGJ1bS1pZ[1].css not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\4T6R0LQF\dmVuZG9yOmpxdWVyeV8xLjMuMixnbG9iYWxfMi4yLjEsYnViYmxlXzIuMC40LG1pZXN0bm9zdGk6bWFpbl8yLjAuMTMsYWRkZnJpZW5kXzIuMS41LHBhbmVsXzIuMy43LHBpbmdlcl8yLjAuMyx2ZW5kb3I6Z2VtaXVzOnhnZW[1].js not found!
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service RkPavproc1 stopped successfully!
Service RkPavproc1 deleted successfully!
File C:\WINDOWS\system32\drivers\RkPavproc1.sys not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Registry key HKEY_USERS\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-527237240-507921405-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
File C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a811a07-d712-11e0-912e-0018f37fae1d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6a811a07-d712-11e0-912e-0018f37fae1d}\ not found.
C:\Documents and Settings\Administrator\Application Data\AVG2012\cfgall folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\AVG2012 folder moved successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP610.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP65F.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP65F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6FE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP732.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP743.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP744.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP76F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP82B.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI52D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI69.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\b5a0d96b7c12dd2c0335206a1ae160ae\download\BIT55B.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\52.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\54.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\8C9.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\8CC.tmp deleted successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp deleted successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 60459934 bytes
->Temporary Internet Files folder emptied: 1506806 bytes
->FireFox cache emptied: 52516668 bytes
->Google Chrome cache emptied: 60873790 bytes
->Flash cache emptied: 739 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 3220077 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 276 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 65454005 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 89 bytes
Total Files Cleaned = 233,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: Administrator
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01302013_133201
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\F7H3SII4\Z2xvYmFsXzIuMi4wLGhsYXZhcGF0YV8yLjEuNix2ZWNodGlrXzEuMC4wLHhrcnVoXzIuMS4wLHByZWllXzIuMC4zLGJ1YmxpdGthXzIuMC44LHpybmtvXzIuMi4yLHN0cmFua292YW5pZV8yLjAuOCxzdGxwY2VfMi4xLjAsb[1].css not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\72PXXW6V\aGxhdmFwYXRhLWllXzIuMC43LHZlY2h0aWstaWVfMS4wLjEseGtydWgtaWVfMi4wLjUsYnVibGl0a2EtaWVfMi4wLjUsenJua28taWVfMi4wLjQsbmFzdGVua2EtaWVfMi4wLjYsdnlzdXZhYy1pZV8yLjAuMyxhbGJ1bS1pZ[1].css not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5\4T6R0LQF\dmVuZG9yOmpxdWVyeV8xLjMuMixnbG9iYWxfMi4yLjEsYnViYmxlXzIuMC40LG1pZXN0bm9zdGk6bWFpbl8yLjAuMTMsYWRkZnJpZW5kXzIuMS41LHBhbmVsXzIuMy43LHBpbmdlcl8yLjAuMyx2ZW5kb3I6Z2VtaXVzOnhnZW[1].js not found!
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Poprosím o preventívku
Fajn, jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosím o preventívku
Zatiaľ som nepozoroval nič nezvyčajné, internet konečne ide ako má.
Ďakujem
Ďakujem
Re: Poprosím o preventívku
Tak jeste uklidime 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosím o preventívku
Ešte raz ďakujem za pomoc.
Přispějete na provoz fóra?