Dobry vecer, poprosila bych o kontrolu logu, PC, hlavne co se Google Chrome tyce, ma posledni dobou pomale odezvy. Predem dekuji!
Logfile of random's system information tool 1.09 (written by random/random)
Run by Anča at 2013-01-29 21:06:22
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 13 GB (13%) free of 100 GB
Total RAM: 3004 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:06:45, on 29.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Users\Anča\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Anča\Desktop\RSIT.exe
C:\Program Files\trend micro\Anča.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2645238
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Anča\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
--
End of file - 10202 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1349919382-1813425755-1454799827-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1349919382-1813425755-1454799827-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default
prefs.js - "extensions.enabledItems" - "{9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.15, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.25.36, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.4.3, {800b5000-a755-47e1-992b-48a1c1357f07}:1.4.3, {124d001a-bdcb-472f-aa59-bbe7e4bc3204}:3.10.0.1, {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27, fe_3.6@nokia.com:1.7.56.205, {91da5e8a-3318-4f8c-b67e-5964de3ab546}:3.12.2.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="
"{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}"=C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi
nsIOGAPlugin.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
np-mswmp.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
NPOFF12.DLL
npOGAPlugin.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
ssldivx.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\extensions\
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
{124d001a-bdcb-472f-aa59-bbe7e4bc3204}-trash
{91da5e8a-3318-4f8c-b67e-5964de3ab546}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\
firmycz.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin.xml
mapycz.xml
qip-search.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-10-05 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-27 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-22 603816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-27 155384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E11DB59D-5008-42ff-9069-535843BC0BE1}]
Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll [2012-02-08 367384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-10-05 798771]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-22 603816]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PSQLLauncher"=C:\Program Files\Protector Suite QL\launcher.exe [2008-04-03 48904]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2013-01-02 73984]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1313640]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1387288]
"LogiScrollApp"=C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [2012-02-08 124184]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-11-22 738984]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2012-07-13 17418928]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-01-10 1475952]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe [2012-12-18 578560]
"Facebook Update"=C:\Users\Anča\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-24 138096]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-01-10 844144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-01-10 310128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Philips Device Listener]
C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [2011-01-25 380416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 66328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Windows\system32\psqlpwd.dll [2008-04-03 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-01-29 21:06:22 ----D---- C:\rsit
2013-01-15 22:49:24 ----A---- C:\Windows\system32\atmfd.dll
2013-01-15 22:49:23 ----A---- C:\Windows\system32\atmlib.dll
2013-01-15 22:28:05 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\winsrv.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\kernel32.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\conhost.exe
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-15 22:27:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-15 22:27:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-15 22:27:46 ----A---- C:\Windows\system32\win32spl.dll
2013-01-15 22:27:44 ----A---- C:\Windows\system32\msxml6.dll
2013-01-15 22:27:42 ----A---- C:\Windows\system32\usp10.dll
2013-01-15 22:27:31 ----A---- C:\Windows\system32\gameux.dll
2013-01-15 22:27:30 ----A---- C:\Windows\system32\Wpc.dll
2013-01-15 22:25:43 ----A---- C:\Windows\system32\win32k.sys
2013-01-15 22:25:01 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-15 22:24:36 ----A---- C:\Windows\system32\taskhost.exe
2013-01-10 18:52:48 ----D---- C:\Users\Anča\AppData\Roaming\Gogii Games
2013-01-08 22:38:12 ----D---- C:\Users\Anča\AppData\Roaming\Fenomen Games
2013-01-08 19:16:16 ----D---- C:\ProgramData\JollyBear
======List of files/folders modified in the last 1 month======
2013-01-29 21:06:39 ----D---- C:\Windows\Prefetch
2013-01-29 21:06:29 ----D---- C:\Windows\Temp
2013-01-29 21:06:29 ----D---- C:\Program Files\trend micro
2013-01-29 21:06:23 ----D---- C:\Windows\Internet Logs
2013-01-29 21:00:36 ----D---- C:\Users\Anča\AppData\Roaming\Winamp
2013-01-29 21:00:23 ----D---- C:\Windows
2013-01-29 00:11:03 ----D---- C:\Windows\system32\config
2013-01-27 23:41:43 ----D---- C:\Users\Anča\AppData\Roaming\uTorrent
2013-01-27 23:15:20 ----D---- C:\games
2013-01-27 23:04:27 ----D---- C:\Windows\Microsoft.NET
2013-01-27 23:04:25 ----RSD---- C:\Windows\assembly
2013-01-27 22:45:40 ----D---- C:\Windows\system32\DriverStore
2013-01-27 22:36:46 ----SHD---- C:\Windows\Installer
2013-01-27 22:36:46 ----D---- C:\Config.Msi
2013-01-27 21:29:20 ----D---- C:\Windows\System32
2013-01-27 21:29:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-27 21:29:19 ----D---- C:\Windows\inf
2013-01-27 20:44:19 ----D---- C:\Users\Anča\AppData\Roaming\ERS Game Studios
2013-01-26 12:05:57 ----D---- C:\Windows\system32\catroot2
2013-01-26 11:35:09 ----SHD---- C:\System Volume Information
2013-01-24 22:25:38 ----D---- C:\Users\Anča\AppData\Roaming\Elephant Games
2013-01-24 22:16:19 ----D---- C:\Windows\Minidump
2013-01-24 22:16:19 ----D---- C:\Windows\debug
2013-01-23 04:39:38 ----D---- C:\Windows\rescache
2013-01-17 16:07:42 ----D---- C:\Windows\winsxs
2013-01-17 05:26:20 ----D---- C:\Windows\system32\it-IT
2013-01-17 05:26:20 ----D---- C:\Windows\system32\en-US
2013-01-17 05:26:20 ----D---- C:\Windows\system32\cs-CZ
2013-01-15 22:49:28 ----D---- C:\Windows\system32\catroot
2013-01-15 22:48:19 ----D---- C:\ProgramData\Microsoft Help
2013-01-15 22:37:22 ----D---- C:\Program Files\Common Files\microsoft shared
2013-01-15 22:32:42 ----A---- C:\Windows\system32\MRT.exe
2013-01-15 21:21:56 ----D---- C:\Program Files\Mozilla Firefox
2013-01-10 13:21:00 ----D---- C:\Program Files\Alawarhry.cz
2013-01-09 18:44:43 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-01-08 19:16:16 ----AHD---- C:\ProgramData
2013-01-07 18:48:14 ----D---- C:\ProgramData\Elephant Games
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-01 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 31088]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2012-12-13 454744]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 27056]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-10-11 45056]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-14 45736]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-07-30 81448]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-07-30 99880]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-07-30 28464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-07-30 17448]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6032.sys [2009-07-13 214016]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2011-01-18 15664]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2007-06-12 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2007-06-12 63376]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\System32\Drivers\LEqdUsb.Sys [2011-09-02 42648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\System32\Drivers\LHidEqd.Sys [2011-09-02 12184]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 41240]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 39192]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2007-06-12 79376]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-07-03 22344]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2009-03-10 9344]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2008-04-10 50576]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2012-06-27 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 catchme;catchme; \??\C:\Users\ANA~1\AppData\Local\Temp\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-06-11 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-06-11 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2010-04-27 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2010-04-27 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2010-04-27 123776]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2012-06-27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 136808]
S3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-06-11 8192]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-06-11 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-29 238952]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-22 497320]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-01-14 5184872]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2013-01-02 2448032]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-01-22 192512]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2009-01-22 313264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 295192]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2009-01-22 69632]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu, pomale PC
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
Rudy
- Site Admin
- Příspěvky: 119401
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu, pomale PC
Zdravím!
Nejprve spusťte tuto utilitu:
Nejprve spusťte tuto utilitu:
Stáhněte AdwCleaner http://stahnu.cz/tag/adw-cleaner-free-download
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu, pomale PC
Zdravim i ja 
. zde je log:
# AdwCleaner v2.109 - Logfile created 01/29/2013 at 22:09:35
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Anča - ANCA-PC
# Boot Mode : Normal
# Running from : C:\Users\Anča\Desktop\AdwCleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
File Found : C:\Users\Anča\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin.xml
File Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\qip-search.xml
Folder Found : C:\Program Files\Conduit
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Users\Anča\AppData\Local\APN
Folder Found : C:\Users\Anča\AppData\Local\Conduit
Folder Found : C:\Users\Anča\AppData\LocalLow\Conduit
Folder Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\Conduit
Folder Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\ConduitCommon
Folder Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\CT2481032
Folder Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\CT2645238
Folder Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
Folder Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
***** [Registry] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2481032
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2645238
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Software
Key Found : HKU\S-1-5-21-1349919382-1813425755-1454799827-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKU\S-1-5-21-1349919382-1813425755-1454799827-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-1349919382-1813425755-1454799827-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2645238
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms}
-\\ Mozilla Firefox v12.0 (cs)
File : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\prefs.js
Found : user_pref("CT2481032..clientLogIsEnabled", false);
Found : user_pref("CT2481032..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2481032..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2481032.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2481032.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2481032.AppTrackingLastCheckTime", "Sat Sep 17 2011 13:17:01 GMT+0200");
Found : user_pref("CT2481032.BrowserCompStateIsOpen_129469743936644511", true);
Found : user_pref("CT2481032.BrowserCompStateIsOpen_129633221880768905", true);
Found : user_pref("CT2481032.BrowserCompStateIsOpen_129681724834737563", true);
Found : user_pref("CT2481032.CTID", "ct2481032");
Found : user_pref("CT2481032.CurrentServerDate", "21-5-2012");
Found : user_pref("CT2481032.DialogsAlignMode", "LTR");
Found : user_pref("CT2481032.DialogsGetterLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200");
Found : user_pref("CT2481032.DownloadReferralCookieData", "");
Found : user_pref("CT2481032.FeedLastCount129137415284993440", 0);
Found : user_pref("CT2481032.FeedLastCount1470371090506316425", 0);
Found : user_pref("CT2481032.FeedPollDate128975107603475850", "Mon May 21 2012 13:28:00 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129104903994210185", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129125588542653211", "Mon May 21 2012 13:28:00 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129137415288118473", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129137415288118474", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129137436798437243", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129137436798437244", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129137436798437245", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757377779301063", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757377961554609", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757377979947076", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757378132259586", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757378265651739", "Mon May 21 2012 13:28:13 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757378449145277", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757378705873295", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757378902522699", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757378968484097", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379044202234", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379219112080", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379310186023", "Mon May 21 2012 13:28:13 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379320546978", "Mon May 21 2012 13:28:13 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379400531926", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379497083274", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379497148810", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379497279882", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379644150784", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379646262407", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379767858421", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379797989042", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379883299006", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380108070872", "Mon May 21 2012 13:28:02 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380344955611", "Mon May 21 2012 13:28:02 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380390189978", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380412472059", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380467866928", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380521772385", "Mon May 21 2012 13:28:02 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380616362201", "Mon May 21 2012 13:28:13 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380727291645", "Mon May 21 2012 13:28:02 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380767393172", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380868375745", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381043554700", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381080219037", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381151343676", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381247526121", "Mon May 21 2012 13:28:00 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381247591657", "Mon May 21 2012 13:28:00 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381372042911", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381453742514", "Mon May 21 2012 13:28:02 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381520490197", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381582880127", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381641974229", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381669771831", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381670861676", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381749396397", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381869347434", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381908324302", "Mon May 21 2012 13:28:13 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381919420428", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381932420313", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381975368474", "Mon May 21 2012 13:28:02 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381979169315", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381989950054", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedTTL128975107603475850", 40);
Found : user_pref("CT2481032.FeedTTL129104903994210185", 40);
Found : user_pref("CT2481032.FeedTTL129125588542653211", 40);
Found : user_pref("CT2481032.FeedTTL129137415288118473", 40);
Found : user_pref("CT2481032.FeedTTL129137415288118474", 40);
Found : user_pref("CT2481032.FeedTTL129137436798437243", 40);
Found : user_pref("CT2481032.FeedTTL129137436798437244", 40);
Found : user_pref("CT2481032.FeedTTL129137436798437245", 40);
Found : user_pref("CT2481032.FeedTTL5609757377779301063", 15);
Found : user_pref("CT2481032.FeedTTL5609757377979947076", 15);
Found : user_pref("CT2481032.FeedTTL5609757378132259586", 10);
Found : user_pref("CT2481032.FeedTTL5609757378265651739", 30);
Found : user_pref("CT2481032.FeedTTL5609757378705873295", 15);
Found : user_pref("CT2481032.FeedTTL5609757379310186023", 5);
Found : user_pref("CT2481032.FeedTTL5609757379320546978", 2);
Found : user_pref("CT2481032.FeedTTL5609757379400531926", 5);
Found : user_pref("CT2481032.FeedTTL5609757380108070872", 5);
Found : user_pref("CT2481032.FeedTTL5609757380412472059", 15);
Found : user_pref("CT2481032.FeedTTL5609757380467866928", 2);
Found : user_pref("CT2481032.FeedTTL5609757380521772385", 2);
Found : user_pref("CT2481032.FeedTTL5609757380727291645", 5);
Found : user_pref("CT2481032.FeedTTL5609757380767393172", 1440);
Found : user_pref("CT2481032.FeedTTL5609757381043554700", 2);
Found : user_pref("CT2481032.FeedTTL5609757381247526121", 15);
Found : user_pref("CT2481032.FeedTTL5609757381372042911", 60);
Found : user_pref("CT2481032.FeedTTL5609757381453742514", 15);
Found : user_pref("CT2481032.FeedTTL5609757381908324302", 30);
Found : user_pref("CT2481032.FeedTTL5609757381932420313", 10);
Found : user_pref("CT2481032.FeedTTL5609757381979169315", 15);
Found : user_pref("CT2481032.FirstServerDate", "17-9-2011");
Found : user_pref("CT2481032.FirstTime", true);
Found : user_pref("CT2481032.FirstTimeFF3", true);
Found : user_pref("CT2481032.FixPageNotFoundErrors", true);
Found : user_pref("CT2481032.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2481032.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2481032.HasUserGlobalKeys", true);
Found : user_pref("CT2481032.HomePageProtectorEnabled", true);
Found : user_pref("CT2481032.Initialize", true);
Found : user_pref("CT2481032.InitializeCommonPrefs", true);
Found : user_pref("CT2481032.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2481032.InstallationId", "ConduitStubGeneric");
Found : user_pref("CT2481032.InstallationType", "ConduitStubIntegration");
Found : user_pref("CT2481032.InstalledDate", "Sat Sep 17 2011 13:16:48 GMT+0200");
Found : user_pref("CT2481032.IsAlertDBUpdated", true);
Found : user_pref("CT2481032.IsGrouping", false);
Found : user_pref("CT2481032.IsInitSetupIni", true);
Found : user_pref("CT2481032.IsMulticommunity", false);
Found : user_pref("CT2481032.IsOpenThankYouPage", false);
Found : user_pref("CT2481032.IsOpenUninstallPage", false);
Found : user_pref("CT2481032.IsProtectorsInit", true);
Found : user_pref("CT2481032.LanguagePackLastCheckTime", "Sat Sep 17 2011 13:16:53 GMT+0200");
Found : user_pref("CT2481032.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2481032.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2481032.LastLogin_3.10.0.1", "Mon May 21 2012 13:27:56 GMT+0200");
Found : user_pref("CT2481032.LastLogin_3.6.0.10", "Thu Dec 15 2011 15:33:56 GMT+0100");
Found : user_pref("CT2481032.LatestVersion", "3.12.2.3");
Found : user_pref("CT2481032.Locale", "en");
Found : user_pref("CT2481032.MCDetectTooltipHeight", "83");
Found : user_pref("CT2481032.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2481032.MCDetectTooltipWidth", "295");
Found : user_pref("CT2481032.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2481032.OriginalFirstVersion", "3.6.0.10");
Found : user_pref("CT2481032.RadioIsPodcast", false);
Found : user_pref("CT2481032.RadioMediaID", "9962");
Found : user_pref("CT2481032.RadioMediaType", "Media Player");
Found : user_pref("CT2481032.RadioMenuSelectedID", "EBRadioMenu_CT24810329962");
Found : user_pref("CT2481032.RadioShrinkedFromSetup", false);
Found : user_pref("CT2481032.RadioStationName", "California%20Rock");
Found : user_pref("CT2481032.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT2481032.SavedHomepage", "www.seznam.cz");
Found : user_pref("CT2481032.SearchEngineBeforeUnload", "Ashampoo US Customized Web Search");
Found : user_pref("CT2481032.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2481032.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...]
Found : user_pref("CT2481032.SearchInNewTabEnabled", true);
Found : user_pref("CT2481032.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2481032.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2481032.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2481032.SearchProtectorEnabled", true);
Found : user_pref("CT2481032.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2481032.ServiceMapLastCheckTime", "Mon May 21 2012 13:27:54 GMT+0200");
Found : user_pref("CT2481032.SettingsLastCheckTime", "Sat Sep 17 2011 13:16:46 GMT+0200");
Found : user_pref("CT2481032.SettingsLastUpdate", "1315240630");
Found : user_pref("CT2481032.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2481032.ThirdPartyComponentsLastCheck", "Sat Sep 17 2011 13:16:46 GMT+0200");
Found : user_pref("CT2481032.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT2481032.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2481032.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2481032");
Found : user_pref("CT2481032.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2481032.UserID", "UN55570380147624755");
Found : user_pref("CT2481032.ValidationData_Toolbar", 2);
Found : user_pref("CT2481032.alertChannelId", "874438");
Found : user_pref("CT2481032.backendstorage./9b+7e+x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e,x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e-x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e.x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e/x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e06cg5el8:", "6E6D6F706D6D71747072");
Found : user_pref("CT2481032.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747375767373777A7678242F4B4947[...]
Found : user_pref("CT2481032.backendstorage./9b+7e0x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e1x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e2x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e3x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e4x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e5x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e6x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e7x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e8x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e9x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e:x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e;x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e<x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e=x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e>x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e?x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e@x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7eax305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Found : user_pref("CT2481032.backendstorage./9b+7ebx305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7ecx305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7edx305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7etx305", "2423");
Found : user_pref("CT2481032.backendstorage./9b-0?3g>d", "396F6F6C41726F457A74777775204A7D494B254C7D7B262A52[...]
Found : user_pref("CT2481032.backendstorage./9b-0?3g@6:5;", "");
Found : user_pref("CT2481032.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Found : user_pref("CT2481032.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Found : user_pref("CT2481032.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484776213F3E484F4E4D464[...]
Found : user_pref("CT2481032.backendstorage./9b5ba==9cjag", "6E3F6B40707442757A70764478747C494A7D7E7C4D");
Found : user_pref("CT2481032.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F6F6A6F6C707370717372");
Found : user_pref("CT2481032.backendstorage./9b9643g3/9e", "6A");
Found : user_pref("CT2481032.backendstorage./9b<:222h64<", "393F352F3E");
Found : user_pref("CT2481032.backendstorage./9b=+03eh8h8j?:", "4443");
Found : user_pref("CT2481032.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Found : user_pref("CT2481032.backendstorage./9b?b0d:8aj62<h", "6D");
Found : user_pref("CT2481032.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Found : user_pref("CT2481032.backendstorage.cbcountry_000", "435A");
Found : user_pref("CT2481032.backendstorage.cbfirsttime", "53756E204D617220303420323031322030303A34373A34312[...]
Found : user_pref("CT2481032.backendstorage.facebook_ctid_connect_send_new", "73656E646564");
Found : user_pref("CT2481032.backendstorage.facebook_mode", "32");
Found : user_pref("CT2481032.backendstorage.facebook_user_locale", "656E");
Found : user_pref("CT2481032.backendstorage.shoppingapp.gk.exipres", "536174204D617920323620323031322031333A[...]
Found : user_pref("CT2481032.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Found : user_pref("CT2481032.backendstorage.url_history0001", "687474703A2F2F7777772E6E6F76696E6B792E637A2F7[...]
Found : user_pref("CT2481032.ct2481032.AppTrackingLastCheckTime", "Mon May 21 2012 13:28:06 GMT+0200");
Found : user_pref("CT2481032.ct2481032.DialogsAlignMode", "LTR");
Found : user_pref("CT2481032.ct2481032.FeedLastCount129137415284993440", 400);
Found : user_pref("CT2481032.ct2481032.FeedLastCount1470371090506316425", 2354);
Found : user_pref("CT2481032.ct2481032.InvalidateCache", false);
Found : user_pref("CT2481032.ct2481032.LanguagePackLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200");
Found : user_pref("CT2481032.ct2481032.Locale", "en");
Found : user_pref("CT2481032.ct2481032.RadioLastCheckTime", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2481032.ct2481032.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2481032.ct2481032.RadioLastUpdateServer", "3");
Found : user_pref("CT2481032.ct2481032.SearchInNewTabLastCheckTime", "Mon May 21 2012 13:27:55 GMT+0200");
Found : user_pref("CT2481032.ct2481032.SettingsLastCheckTime", "Mon May 21 2012 13:27:54 GMT+0200");
Found : user_pref("CT2481032.ct2481032.SettingsLastUpdate", "1337169810");
Found : user_pref("CT2481032.ct2481032.ThirdPartyComponentsLastCheck", "Mon May 21 2012 13:27:54 GMT+0200");
Found : user_pref("CT2481032.ct2481032.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2481032.ct2481032.globalFirstTimeInfoLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200[...]
Found : user_pref("CT2481032.ct2481032.toolbarAppMetaDataLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200"[...]
Found : user_pref("CT2481032.ct2481032.toolbarContextMenuLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200"[...]
Found : user_pref("CT2481032.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2481032.globalFirstTimeInfoLastCheckTime", "Sat Sep 17 2011 13:16:49 GMT+0200");
Found : user_pref("CT2481032.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2481032.initDone", true);
Found : user_pref("CT2481032.isAppTrackingManagerOn", true);
Found : user_pref("CT2481032.isFirstRadioInstallation", false);
Found : user_pref("CT2481032.myStuffEnabled", true);
Found : user_pref("CT2481032.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2481032.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2481032.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2481032.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2481032.oldAppsList", "129058858239812813,129058858240125318,111,129469743936644511,129[...]
Found : user_pref("CT2481032.revertSettingsEnabled", true);
Found : user_pref("CT2481032.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2481032.searchProtectorEnableByLogin", true);
Found : user_pref("CT2481032.testingCtid", "");
Found : user_pref("CT2481032.toolbarAppMetaDataLastCheckTime", "Sat Sep 17 2011 13:16:49 GMT+0200");
Found : user_pref("CT2481032.toolbarContextMenuLastCheckTime", "Sat Sep 17 2011 13:17:00 GMT+0200");
Found : user_pref("CT2481032.usagesFlag", 2);
Found : user_pref("CT2645238..clientLogIsEnabled", false);
Found : user_pref("CT2645238..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2645238..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2645238.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2645238.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2645238.AppTrackingLastCheckTime", "Mon May 21 2012 13:28:08 GMT+0200");
Found : user_pref("CT2645238.CT2645238", "CT2645238");
Found : user_pref("CT2645238.CurrentServerDate", "21-5-2012");
Found : user_pref("CT2645238.DialogsAlignMode", "LTR");
Found : user_pref("CT2645238.DialogsGetterLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Found : user_pref("CT2645238.DownloadReferralCookieData", "");
Found : user_pref("CT2645238.EMailNotifierPollDate", "Mon May 21 2012 13:37:59 GMT+0200");
Found : user_pref("CT2645238.FirstServerDate", "13-5-2011");
Found : user_pref("CT2645238.FirstTime", true);
Found : user_pref("CT2645238.FirstTimeFF3", true);
Found : user_pref("CT2645238.FixPageNotFoundErrors", false);
Found : user_pref("CT2645238.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2645238.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2645238.HasUserGlobalKeys", true);
Found : user_pref("CT2645238.HomePageProtectorEnabled", false);
Found : user_pref("CT2645238.Initialize", true);
Found : user_pref("CT2645238.InitializeCommonPrefs", true);
Found : user_pref("CT2645238.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2645238.InstallationType", "UnknownIntegration");
Found : user_pref("CT2645238.InstalledDate", "Thu May 12 2011 23:24:45 GMT+0200");
Found : user_pref("CT2645238.InvalidateCache", false);
Found : user_pref("CT2645238.IsAlertDBUpdated", true);
Found : user_pref("CT2645238.IsGrouping", false);
Found : user_pref("CT2645238.IsMulticommunity", false);
Found : user_pref("CT2645238.IsOpenThankYouPage", true);
Found : user_pref("CT2645238.IsOpenUninstallPage", true);
Found : user_pref("CT2645238.LanguagePackLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Found : user_pref("CT2645238.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2645238.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2645238.LastLogin_3.12.2.3", "Mon May 21 2012 13:39:29 GMT+0200");
Found : user_pref("CT2645238.LastLogin_3.3.5.1", "Thu Jul 07 2011 23:41:46 GMT+0200");
Found : user_pref("CT2645238.LastLogin_3.5.0.12", "Wed Jul 27 2011 18:20:52 GMT+0200");
Found : user_pref("CT2645238.LastLogin_3.8.0.8", "Thu Dec 15 2011 15:34:03 GMT+0100");
Found : user_pref("CT2645238.LastLogin_3.9.0.3", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2645238.LatestVersion", "3.12.2.3");
Found : user_pref("CT2645238.Locale", "en");
Found : user_pref("CT2645238.MCDetectTooltipHeight", "83");
Found : user_pref("CT2645238.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2645238.MCDetectTooltipWidth", "295");
Found : user_pref("CT2645238.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2645238.RadioIsPodcast", false);
Found : user_pref("CT2645238.RadioLastCheckTime", "Mon May 21 2012 13:28:00 GMT+0200");
Found : user_pref("CT2645238.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2645238.RadioLastUpdateServer", "0");
Found : user_pref("CT2645238.RadioMediaID", "9962");
Found : user_pref("CT2645238.RadioMediaType", "Media Player");
Found : user_pref("CT2645238.RadioMenuSelectedID", "EBRadioMenu_CT26452389962");
Found : user_pref("CT2645238.RadioShrinkedFromSetup", false);
Found : user_pref("CT2645238.RadioStationName", "California%20Rock");
Found : user_pref("CT2645238.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT2645238.SearchEngineBeforeUnload", "QIP Search");
Found : user_pref("CT2645238.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2645238.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT264[...]
Found : user_pref("CT2645238.SearchInNewTabEnabled", true);
Found : user_pref("CT2645238.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2645238.SearchInNewTabLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Found : user_pref("CT2645238.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2645238.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2645238.SearchProtectorEnabled", false);
Found : user_pref("CT2645238.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2645238.ServiceMapLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Found : user_pref("CT2645238.SettingsLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200");
Found : user_pref("CT2645238.SettingsLastUpdate", "1337169810");
Found : user_pref("CT2645238.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2645238.ThirdPartyComponentsLastCheck", "Mon May 21 2012 13:27:56 GMT+0200");
Found : user_pref("CT2645238.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2645238.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2645238.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2645238");
Found : user_pref("CT2645238.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2645238.UserID", "UN06839140628055496");
Found : user_pref("CT2645238.ValidationData_Toolbar", 0);
Found : user_pref("CT2645238.WeatherNetwork", "");
Found : user_pref("CT2645238.WeatherPollDate", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2645238.WeatherUnit", "C");
Found : user_pref("CT2645238.alertChannelId", "1037922");
Found : user_pref("CT2645238.approveUntrustedApps", true);
Found : user_pref("CT2645238.components.1000082", true);
Found : user_pref("CT2645238.components.1000234", true);
Found : user_pref("CT2645238.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2645238.globalFirstTimeInfoLastCheckTime", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2645238.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2645238.initDone", true);
Found : user_pref("CT2645238.isAppTrackingManagerOn", true);
Found : user_pref("CT2645238.isFirstRadioInstallation", false);
Found : user_pref("CT2645238.myStuffEnabled", true);
Found : user_pref("CT2645238.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2645238.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2645238.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2645238.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2645238.oldAppsList", "129194820424161790,129194820424318041,111,129194820424474292,129[...]
Found : user_pref("CT2645238.revertSettingsEnabled", true);
Found : user_pref("CT2645238.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2645238.searchProtectorEnableByLogin", true);
Found : user_pref("CT2645238.testingCtid", "");
Found : user_pref("CT2645238.toolbarAppMetaDataLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Found : user_pref("CT2645238.toolbarContextMenuLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Found : user_pref("CT2645238.usagesFlag", 1);
Found : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2645238");
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481032&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "Ashampoo US Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2645238/CT2645238[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/ct2481032/CT2481032[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2481032", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2645238", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2481032", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2481032",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2645238",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2481032&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2645238&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2481032&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2645238/CT2645238[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/38/264/CT2645238/Images/6340849608501725[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"67e[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"b44bade0bbb51fb2593c[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"b7d5f2f0a694151b9ba[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"735e913b3f2e6434df5[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"f0cd4d5636ce75457b9[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"303147c4060de03ff3b[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"4c715b77a0bb1f8296c[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/428333.xml", "\"d875da22b37b227a80327[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"6502ef37914fa383e6f14[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\An\ra\\AppData\\Roaming\\Mozilla\\F[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.qip.ru/search?from=FF&quer[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2645238,CT2481032");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2645238,CT2481032");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2481032");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu May 12 2011 23:24:33 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertEnabled", false);
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jul 07 2011 23:41:44 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "0a25348c-fd84-4e6b-a390-f4c5807620fe");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Apr 19 2012 23:12:50 GMT+0200");
Found : user_pref("CommunityToolbar.globalUserId", "7346a9f9-2c96-472f-802f-0d0b55ca5d99");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2481032");
Found : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200"[...]
Found : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200")[...]
Found : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200")[...]
Found : user_pref("browser.search.defaultthis.engineName", "Ashampoo US Customized Web Search");
Found : user_pref("keyword.URL", "hxxp://search.qip.ru/search?from=FF&query=");
Found : user_pref("surfcanyon.fractions", "0.0_0.0\r\n");
Found : user_pref("surfcanyon.last_checked_ts", "1266999529985");
-\\ Google Chrome v24.0.1312.56
File : C:\Users\Anča\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.0.1467.0
File : C:\Users\Anča\AppData\Roaming\Opera\Opera\operaprefs.ini
Found : HostName Web Lookup Address=hxxp://search.icq.com/search/afe_results.php?q=%s&ch_id=sk27211&icid=ope[...]
*************************
AdwCleaner[R1].txt - [41959 octets] - [29/01/2013 22:09:35]
########## EOF - C:\AdwCleaner[R1].txt - [42020 octets] ##########
. zde je log:# AdwCleaner v2.109 - Logfile created 01/29/2013 at 22:09:35
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Anča - ANCA-PC
# Boot Mode : Normal
# Running from : C:\Users\Anča\Desktop\AdwCleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
File Found : C:\Users\Anča\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin.xml
File Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\qip-search.xml
Folder Found : C:\Program Files\Conduit
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Users\Anča\AppData\Local\APN
Folder Found : C:\Users\Anča\AppData\Local\Conduit
Folder Found : C:\Users\Anča\AppData\LocalLow\Conduit
Folder Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\Conduit
Folder Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\ConduitCommon
Folder Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\CT2481032
Folder Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\CT2645238
Folder Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
Folder Found : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
***** [Registry] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2481032
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2645238
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Software
Key Found : HKU\S-1-5-21-1349919382-1813425755-1454799827-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKU\S-1-5-21-1349919382-1813425755-1454799827-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-1349919382-1813425755-1454799827-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2645238
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms}
-\\ Mozilla Firefox v12.0 (cs)
File : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\prefs.js
Found : user_pref("CT2481032..clientLogIsEnabled", false);
Found : user_pref("CT2481032..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2481032..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2481032.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2481032.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2481032.AppTrackingLastCheckTime", "Sat Sep 17 2011 13:17:01 GMT+0200");
Found : user_pref("CT2481032.BrowserCompStateIsOpen_129469743936644511", true);
Found : user_pref("CT2481032.BrowserCompStateIsOpen_129633221880768905", true);
Found : user_pref("CT2481032.BrowserCompStateIsOpen_129681724834737563", true);
Found : user_pref("CT2481032.CTID", "ct2481032");
Found : user_pref("CT2481032.CurrentServerDate", "21-5-2012");
Found : user_pref("CT2481032.DialogsAlignMode", "LTR");
Found : user_pref("CT2481032.DialogsGetterLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200");
Found : user_pref("CT2481032.DownloadReferralCookieData", "");
Found : user_pref("CT2481032.FeedLastCount129137415284993440", 0);
Found : user_pref("CT2481032.FeedLastCount1470371090506316425", 0);
Found : user_pref("CT2481032.FeedPollDate128975107603475850", "Mon May 21 2012 13:28:00 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129104903994210185", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129125588542653211", "Mon May 21 2012 13:28:00 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129137415288118473", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129137415288118474", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129137436798437243", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129137436798437244", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate129137436798437245", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757377779301063", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757377961554609", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757377979947076", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757378132259586", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757378265651739", "Mon May 21 2012 13:28:13 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757378449145277", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757378705873295", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757378902522699", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757378968484097", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379044202234", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379219112080", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379310186023", "Mon May 21 2012 13:28:13 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379320546978", "Mon May 21 2012 13:28:13 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379400531926", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379497083274", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379497148810", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379497279882", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379644150784", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379646262407", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379767858421", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379797989042", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757379883299006", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380108070872", "Mon May 21 2012 13:28:02 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380344955611", "Mon May 21 2012 13:28:02 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380390189978", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380412472059", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380467866928", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380521772385", "Mon May 21 2012 13:28:02 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380616362201", "Mon May 21 2012 13:28:13 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380727291645", "Mon May 21 2012 13:28:02 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380767393172", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757380868375745", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381043554700", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381080219037", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381151343676", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381247526121", "Mon May 21 2012 13:28:00 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381247591657", "Mon May 21 2012 13:28:00 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381372042911", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381453742514", "Mon May 21 2012 13:28:02 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381520490197", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381582880127", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381641974229", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381669771831", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381670861676", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381749396397", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381869347434", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381908324302", "Mon May 21 2012 13:28:13 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381919420428", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381932420313", "Mon May 21 2012 13:28:15 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381975368474", "Mon May 21 2012 13:28:02 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381979169315", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2481032.FeedPollDate5609757381989950054", "Mon May 21 2012 13:28:14 GMT+0200");
Found : user_pref("CT2481032.FeedTTL128975107603475850", 40);
Found : user_pref("CT2481032.FeedTTL129104903994210185", 40);
Found : user_pref("CT2481032.FeedTTL129125588542653211", 40);
Found : user_pref("CT2481032.FeedTTL129137415288118473", 40);
Found : user_pref("CT2481032.FeedTTL129137415288118474", 40);
Found : user_pref("CT2481032.FeedTTL129137436798437243", 40);
Found : user_pref("CT2481032.FeedTTL129137436798437244", 40);
Found : user_pref("CT2481032.FeedTTL129137436798437245", 40);
Found : user_pref("CT2481032.FeedTTL5609757377779301063", 15);
Found : user_pref("CT2481032.FeedTTL5609757377979947076", 15);
Found : user_pref("CT2481032.FeedTTL5609757378132259586", 10);
Found : user_pref("CT2481032.FeedTTL5609757378265651739", 30);
Found : user_pref("CT2481032.FeedTTL5609757378705873295", 15);
Found : user_pref("CT2481032.FeedTTL5609757379310186023", 5);
Found : user_pref("CT2481032.FeedTTL5609757379320546978", 2);
Found : user_pref("CT2481032.FeedTTL5609757379400531926", 5);
Found : user_pref("CT2481032.FeedTTL5609757380108070872", 5);
Found : user_pref("CT2481032.FeedTTL5609757380412472059", 15);
Found : user_pref("CT2481032.FeedTTL5609757380467866928", 2);
Found : user_pref("CT2481032.FeedTTL5609757380521772385", 2);
Found : user_pref("CT2481032.FeedTTL5609757380727291645", 5);
Found : user_pref("CT2481032.FeedTTL5609757380767393172", 1440);
Found : user_pref("CT2481032.FeedTTL5609757381043554700", 2);
Found : user_pref("CT2481032.FeedTTL5609757381247526121", 15);
Found : user_pref("CT2481032.FeedTTL5609757381372042911", 60);
Found : user_pref("CT2481032.FeedTTL5609757381453742514", 15);
Found : user_pref("CT2481032.FeedTTL5609757381908324302", 30);
Found : user_pref("CT2481032.FeedTTL5609757381932420313", 10);
Found : user_pref("CT2481032.FeedTTL5609757381979169315", 15);
Found : user_pref("CT2481032.FirstServerDate", "17-9-2011");
Found : user_pref("CT2481032.FirstTime", true);
Found : user_pref("CT2481032.FirstTimeFF3", true);
Found : user_pref("CT2481032.FixPageNotFoundErrors", true);
Found : user_pref("CT2481032.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2481032.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2481032.HasUserGlobalKeys", true);
Found : user_pref("CT2481032.HomePageProtectorEnabled", true);
Found : user_pref("CT2481032.Initialize", true);
Found : user_pref("CT2481032.InitializeCommonPrefs", true);
Found : user_pref("CT2481032.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2481032.InstallationId", "ConduitStubGeneric");
Found : user_pref("CT2481032.InstallationType", "ConduitStubIntegration");
Found : user_pref("CT2481032.InstalledDate", "Sat Sep 17 2011 13:16:48 GMT+0200");
Found : user_pref("CT2481032.IsAlertDBUpdated", true);
Found : user_pref("CT2481032.IsGrouping", false);
Found : user_pref("CT2481032.IsInitSetupIni", true);
Found : user_pref("CT2481032.IsMulticommunity", false);
Found : user_pref("CT2481032.IsOpenThankYouPage", false);
Found : user_pref("CT2481032.IsOpenUninstallPage", false);
Found : user_pref("CT2481032.IsProtectorsInit", true);
Found : user_pref("CT2481032.LanguagePackLastCheckTime", "Sat Sep 17 2011 13:16:53 GMT+0200");
Found : user_pref("CT2481032.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2481032.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2481032.LastLogin_3.10.0.1", "Mon May 21 2012 13:27:56 GMT+0200");
Found : user_pref("CT2481032.LastLogin_3.6.0.10", "Thu Dec 15 2011 15:33:56 GMT+0100");
Found : user_pref("CT2481032.LatestVersion", "3.12.2.3");
Found : user_pref("CT2481032.Locale", "en");
Found : user_pref("CT2481032.MCDetectTooltipHeight", "83");
Found : user_pref("CT2481032.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2481032.MCDetectTooltipWidth", "295");
Found : user_pref("CT2481032.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2481032.OriginalFirstVersion", "3.6.0.10");
Found : user_pref("CT2481032.RadioIsPodcast", false);
Found : user_pref("CT2481032.RadioMediaID", "9962");
Found : user_pref("CT2481032.RadioMediaType", "Media Player");
Found : user_pref("CT2481032.RadioMenuSelectedID", "EBRadioMenu_CT24810329962");
Found : user_pref("CT2481032.RadioShrinkedFromSetup", false);
Found : user_pref("CT2481032.RadioStationName", "California%20Rock");
Found : user_pref("CT2481032.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT2481032.SavedHomepage", "www.seznam.cz");
Found : user_pref("CT2481032.SearchEngineBeforeUnload", "Ashampoo US Customized Web Search");
Found : user_pref("CT2481032.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2481032.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...]
Found : user_pref("CT2481032.SearchInNewTabEnabled", true);
Found : user_pref("CT2481032.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2481032.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2481032.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2481032.SearchProtectorEnabled", true);
Found : user_pref("CT2481032.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2481032.ServiceMapLastCheckTime", "Mon May 21 2012 13:27:54 GMT+0200");
Found : user_pref("CT2481032.SettingsLastCheckTime", "Sat Sep 17 2011 13:16:46 GMT+0200");
Found : user_pref("CT2481032.SettingsLastUpdate", "1315240630");
Found : user_pref("CT2481032.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2481032.ThirdPartyComponentsLastCheck", "Sat Sep 17 2011 13:16:46 GMT+0200");
Found : user_pref("CT2481032.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT2481032.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2481032.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2481032");
Found : user_pref("CT2481032.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2481032.UserID", "UN55570380147624755");
Found : user_pref("CT2481032.ValidationData_Toolbar", 2);
Found : user_pref("CT2481032.alertChannelId", "874438");
Found : user_pref("CT2481032.backendstorage./9b+7e+x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e,x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e-x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e.x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e/x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e06cg5el8:", "6E6D6F706D6D71747072");
Found : user_pref("CT2481032.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747375767373777A7678242F4B4947[...]
Found : user_pref("CT2481032.backendstorage./9b+7e0x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e1x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e2x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e3x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e4x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e5x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e6x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e7x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e8x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e9x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e:x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e;x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e<x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e=x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e>x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e?x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7e@x305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7eax305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Found : user_pref("CT2481032.backendstorage./9b+7ebx305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7ecx305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7edx305", "2423");
Found : user_pref("CT2481032.backendstorage./9b+7etx305", "2423");
Found : user_pref("CT2481032.backendstorage./9b-0?3g>d", "396F6F6C41726F457A74777775204A7D494B254C7D7B262A52[...]
Found : user_pref("CT2481032.backendstorage./9b-0?3g@6:5;", "");
Found : user_pref("CT2481032.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Found : user_pref("CT2481032.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Found : user_pref("CT2481032.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484776213F3E484F4E4D464[...]
Found : user_pref("CT2481032.backendstorage./9b5ba==9cjag", "6E3F6B40707442757A70764478747C494A7D7E7C4D");
Found : user_pref("CT2481032.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F6F6A6F6C707370717372");
Found : user_pref("CT2481032.backendstorage./9b9643g3/9e", "6A");
Found : user_pref("CT2481032.backendstorage./9b<:222h64<", "393F352F3E");
Found : user_pref("CT2481032.backendstorage./9b=+03eh8h8j?:", "4443");
Found : user_pref("CT2481032.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Found : user_pref("CT2481032.backendstorage./9b?b0d:8aj62<h", "6D");
Found : user_pref("CT2481032.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Found : user_pref("CT2481032.backendstorage.cbcountry_000", "435A");
Found : user_pref("CT2481032.backendstorage.cbfirsttime", "53756E204D617220303420323031322030303A34373A34312[...]
Found : user_pref("CT2481032.backendstorage.facebook_ctid_connect_send_new", "73656E646564");
Found : user_pref("CT2481032.backendstorage.facebook_mode", "32");
Found : user_pref("CT2481032.backendstorage.facebook_user_locale", "656E");
Found : user_pref("CT2481032.backendstorage.shoppingapp.gk.exipres", "536174204D617920323620323031322031333A[...]
Found : user_pref("CT2481032.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Found : user_pref("CT2481032.backendstorage.url_history0001", "687474703A2F2F7777772E6E6F76696E6B792E637A2F7[...]
Found : user_pref("CT2481032.ct2481032.AppTrackingLastCheckTime", "Mon May 21 2012 13:28:06 GMT+0200");
Found : user_pref("CT2481032.ct2481032.DialogsAlignMode", "LTR");
Found : user_pref("CT2481032.ct2481032.FeedLastCount129137415284993440", 400);
Found : user_pref("CT2481032.ct2481032.FeedLastCount1470371090506316425", 2354);
Found : user_pref("CT2481032.ct2481032.InvalidateCache", false);
Found : user_pref("CT2481032.ct2481032.LanguagePackLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200");
Found : user_pref("CT2481032.ct2481032.Locale", "en");
Found : user_pref("CT2481032.ct2481032.RadioLastCheckTime", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2481032.ct2481032.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2481032.ct2481032.RadioLastUpdateServer", "3");
Found : user_pref("CT2481032.ct2481032.SearchInNewTabLastCheckTime", "Mon May 21 2012 13:27:55 GMT+0200");
Found : user_pref("CT2481032.ct2481032.SettingsLastCheckTime", "Mon May 21 2012 13:27:54 GMT+0200");
Found : user_pref("CT2481032.ct2481032.SettingsLastUpdate", "1337169810");
Found : user_pref("CT2481032.ct2481032.ThirdPartyComponentsLastCheck", "Mon May 21 2012 13:27:54 GMT+0200");
Found : user_pref("CT2481032.ct2481032.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2481032.ct2481032.globalFirstTimeInfoLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200[...]
Found : user_pref("CT2481032.ct2481032.toolbarAppMetaDataLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200"[...]
Found : user_pref("CT2481032.ct2481032.toolbarContextMenuLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200"[...]
Found : user_pref("CT2481032.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2481032.globalFirstTimeInfoLastCheckTime", "Sat Sep 17 2011 13:16:49 GMT+0200");
Found : user_pref("CT2481032.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2481032.initDone", true);
Found : user_pref("CT2481032.isAppTrackingManagerOn", true);
Found : user_pref("CT2481032.isFirstRadioInstallation", false);
Found : user_pref("CT2481032.myStuffEnabled", true);
Found : user_pref("CT2481032.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2481032.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2481032.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2481032.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2481032.oldAppsList", "129058858239812813,129058858240125318,111,129469743936644511,129[...]
Found : user_pref("CT2481032.revertSettingsEnabled", true);
Found : user_pref("CT2481032.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2481032.searchProtectorEnableByLogin", true);
Found : user_pref("CT2481032.testingCtid", "");
Found : user_pref("CT2481032.toolbarAppMetaDataLastCheckTime", "Sat Sep 17 2011 13:16:49 GMT+0200");
Found : user_pref("CT2481032.toolbarContextMenuLastCheckTime", "Sat Sep 17 2011 13:17:00 GMT+0200");
Found : user_pref("CT2481032.usagesFlag", 2);
Found : user_pref("CT2645238..clientLogIsEnabled", false);
Found : user_pref("CT2645238..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2645238..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2645238.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2645238.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2645238.AppTrackingLastCheckTime", "Mon May 21 2012 13:28:08 GMT+0200");
Found : user_pref("CT2645238.CT2645238", "CT2645238");
Found : user_pref("CT2645238.CurrentServerDate", "21-5-2012");
Found : user_pref("CT2645238.DialogsAlignMode", "LTR");
Found : user_pref("CT2645238.DialogsGetterLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Found : user_pref("CT2645238.DownloadReferralCookieData", "");
Found : user_pref("CT2645238.EMailNotifierPollDate", "Mon May 21 2012 13:37:59 GMT+0200");
Found : user_pref("CT2645238.FirstServerDate", "13-5-2011");
Found : user_pref("CT2645238.FirstTime", true);
Found : user_pref("CT2645238.FirstTimeFF3", true);
Found : user_pref("CT2645238.FixPageNotFoundErrors", false);
Found : user_pref("CT2645238.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2645238.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2645238.HasUserGlobalKeys", true);
Found : user_pref("CT2645238.HomePageProtectorEnabled", false);
Found : user_pref("CT2645238.Initialize", true);
Found : user_pref("CT2645238.InitializeCommonPrefs", true);
Found : user_pref("CT2645238.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2645238.InstallationType", "UnknownIntegration");
Found : user_pref("CT2645238.InstalledDate", "Thu May 12 2011 23:24:45 GMT+0200");
Found : user_pref("CT2645238.InvalidateCache", false);
Found : user_pref("CT2645238.IsAlertDBUpdated", true);
Found : user_pref("CT2645238.IsGrouping", false);
Found : user_pref("CT2645238.IsMulticommunity", false);
Found : user_pref("CT2645238.IsOpenThankYouPage", true);
Found : user_pref("CT2645238.IsOpenUninstallPage", true);
Found : user_pref("CT2645238.LanguagePackLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Found : user_pref("CT2645238.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2645238.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2645238.LastLogin_3.12.2.3", "Mon May 21 2012 13:39:29 GMT+0200");
Found : user_pref("CT2645238.LastLogin_3.3.5.1", "Thu Jul 07 2011 23:41:46 GMT+0200");
Found : user_pref("CT2645238.LastLogin_3.5.0.12", "Wed Jul 27 2011 18:20:52 GMT+0200");
Found : user_pref("CT2645238.LastLogin_3.8.0.8", "Thu Dec 15 2011 15:34:03 GMT+0100");
Found : user_pref("CT2645238.LastLogin_3.9.0.3", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2645238.LatestVersion", "3.12.2.3");
Found : user_pref("CT2645238.Locale", "en");
Found : user_pref("CT2645238.MCDetectTooltipHeight", "83");
Found : user_pref("CT2645238.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2645238.MCDetectTooltipWidth", "295");
Found : user_pref("CT2645238.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2645238.RadioIsPodcast", false);
Found : user_pref("CT2645238.RadioLastCheckTime", "Mon May 21 2012 13:28:00 GMT+0200");
Found : user_pref("CT2645238.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2645238.RadioLastUpdateServer", "0");
Found : user_pref("CT2645238.RadioMediaID", "9962");
Found : user_pref("CT2645238.RadioMediaType", "Media Player");
Found : user_pref("CT2645238.RadioMenuSelectedID", "EBRadioMenu_CT26452389962");
Found : user_pref("CT2645238.RadioShrinkedFromSetup", false);
Found : user_pref("CT2645238.RadioStationName", "California%20Rock");
Found : user_pref("CT2645238.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT2645238.SearchEngineBeforeUnload", "QIP Search");
Found : user_pref("CT2645238.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2645238.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT264[...]
Found : user_pref("CT2645238.SearchInNewTabEnabled", true);
Found : user_pref("CT2645238.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2645238.SearchInNewTabLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Found : user_pref("CT2645238.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2645238.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2645238.SearchProtectorEnabled", false);
Found : user_pref("CT2645238.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2645238.ServiceMapLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Found : user_pref("CT2645238.SettingsLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200");
Found : user_pref("CT2645238.SettingsLastUpdate", "1337169810");
Found : user_pref("CT2645238.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2645238.ThirdPartyComponentsLastCheck", "Mon May 21 2012 13:27:56 GMT+0200");
Found : user_pref("CT2645238.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2645238.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2645238.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2645238");
Found : user_pref("CT2645238.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2645238.UserID", "UN06839140628055496");
Found : user_pref("CT2645238.ValidationData_Toolbar", 0);
Found : user_pref("CT2645238.WeatherNetwork", "");
Found : user_pref("CT2645238.WeatherPollDate", "Mon May 21 2012 13:28:01 GMT+0200");
Found : user_pref("CT2645238.WeatherUnit", "C");
Found : user_pref("CT2645238.alertChannelId", "1037922");
Found : user_pref("CT2645238.approveUntrustedApps", true);
Found : user_pref("CT2645238.components.1000082", true);
Found : user_pref("CT2645238.components.1000234", true);
Found : user_pref("CT2645238.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2645238.globalFirstTimeInfoLastCheckTime", "Mon May 21 2012 13:27:58 GMT+0200");
Found : user_pref("CT2645238.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2645238.initDone", true);
Found : user_pref("CT2645238.isAppTrackingManagerOn", true);
Found : user_pref("CT2645238.isFirstRadioInstallation", false);
Found : user_pref("CT2645238.myStuffEnabled", true);
Found : user_pref("CT2645238.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2645238.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2645238.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2645238.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2645238.oldAppsList", "129194820424161790,129194820424318041,111,129194820424474292,129[...]
Found : user_pref("CT2645238.revertSettingsEnabled", true);
Found : user_pref("CT2645238.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2645238.searchProtectorEnableByLogin", true);
Found : user_pref("CT2645238.testingCtid", "");
Found : user_pref("CT2645238.toolbarAppMetaDataLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Found : user_pref("CT2645238.toolbarContextMenuLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Found : user_pref("CT2645238.usagesFlag", 1);
Found : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2645238");
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481032&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "Ashampoo US Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2645238/CT2645238[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/ct2481032/CT2481032[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2481032", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2645238", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2481032", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2481032",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2645238",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2481032&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2645238&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2481032&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2645238/CT2645238[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/38/264/CT2645238/Images/6340849608501725[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"67e[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"b44bade0bbb51fb2593c[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"b7d5f2f0a694151b9ba[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"735e913b3f2e6434df5[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"f0cd4d5636ce75457b9[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"303147c4060de03ff3b[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"4c715b77a0bb1f8296c[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/428333.xml", "\"d875da22b37b227a80327[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"6502ef37914fa383e6f14[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\An\ra\\AppData\\Roaming\\Mozilla\\F[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.qip.ru/search?from=FF&quer[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2645238,CT2481032");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2645238,CT2481032");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2481032");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu May 12 2011 23:24:33 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertEnabled", false);
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jul 07 2011 23:41:44 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "0a25348c-fd84-4e6b-a390-f4c5807620fe");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Apr 19 2012 23:12:50 GMT+0200");
Found : user_pref("CommunityToolbar.globalUserId", "7346a9f9-2c96-472f-802f-0d0b55ca5d99");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2481032");
Found : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200"[...]
Found : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200")[...]
Found : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200")[...]
Found : user_pref("browser.search.defaultthis.engineName", "Ashampoo US Customized Web Search");
Found : user_pref("keyword.URL", "hxxp://search.qip.ru/search?from=FF&query=");
Found : user_pref("surfcanyon.fractions", "0.0_0.0\r\n");
Found : user_pref("surfcanyon.last_checked_ts", "1266999529985");
-\\ Google Chrome v24.0.1312.56
File : C:\Users\Anča\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.0.1467.0
File : C:\Users\Anča\AppData\Roaming\Opera\Opera\operaprefs.ini
Found : HostName Web Lookup Address=hxxp://search.icq.com/search/afe_results.php?q=%s&ch_id=sk27211&icid=ope[...]
*************************
AdwCleaner[R1].txt - [41959 octets] - [29/01/2013 22:09:35]
########## EOF - C:\AdwCleaner[R1].txt - [42020 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119401
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu, pomale PC
Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu, pomale PC
Provedeno, zde log:
# AdwCleaner v2.109 - Logfile created 01/29/2013 at 22:16:38
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Anča - ANCA-PC
# Boot Mode : Normal
# Running from : C:\Users\Anča\Desktop\AdwCleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
File Deleted : C:\Users\Anča\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\qip-search.xml
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Anča\AppData\Local\APN
Folder Deleted : C:\Users\Anča\AppData\Local\Conduit
Folder Deleted : C:\Users\Anča\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\Conduit
Folder Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\ConduitCommon
Folder Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\CT2481032
Folder Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\CT2645238
Folder Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
Folder Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
***** [Registry] *****
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2481032
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2645238
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2645238 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms} --> hxxp://www.google.com
-\\ Mozilla Firefox v12.0 (cs)
File : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\prefs.js
Deleted : user_pref("CT2481032..clientLogIsEnabled", false);
Deleted : user_pref("CT2481032..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2481032..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2481032.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2481032.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2481032.AppTrackingLastCheckTime", "Sat Sep 17 2011 13:17:01 GMT+0200");
Deleted : user_pref("CT2481032.BrowserCompStateIsOpen_129469743936644511", true);
Deleted : user_pref("CT2481032.BrowserCompStateIsOpen_129633221880768905", true);
Deleted : user_pref("CT2481032.BrowserCompStateIsOpen_129681724834737563", true);
Deleted : user_pref("CT2481032.CTID", "ct2481032");
Deleted : user_pref("CT2481032.CurrentServerDate", "21-5-2012");
Deleted : user_pref("CT2481032.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2481032.DialogsGetterLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200");
Deleted : user_pref("CT2481032.DownloadReferralCookieData", "");
Deleted : user_pref("CT2481032.FeedLastCount129137415284993440", 0);
Deleted : user_pref("CT2481032.FeedLastCount1470371090506316425", 0);
Deleted : user_pref("CT2481032.FeedPollDate128975107603475850", "Mon May 21 2012 13:28:00 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129104903994210185", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129125588542653211", "Mon May 21 2012 13:28:00 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129137415288118473", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129137415288118474", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129137436798437243", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129137436798437244", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129137436798437245", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757377779301063", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757377961554609", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757377979947076", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757378132259586", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757378265651739", "Mon May 21 2012 13:28:13 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757378449145277", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757378705873295", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757378902522699", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757378968484097", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379044202234", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379219112080", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379310186023", "Mon May 21 2012 13:28:13 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379320546978", "Mon May 21 2012 13:28:13 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379400531926", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379497083274", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379497148810", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379497279882", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379644150784", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379646262407", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379767858421", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379797989042", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379883299006", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380108070872", "Mon May 21 2012 13:28:02 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380344955611", "Mon May 21 2012 13:28:02 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380390189978", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380412472059", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380467866928", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380521772385", "Mon May 21 2012 13:28:02 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380616362201", "Mon May 21 2012 13:28:13 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380727291645", "Mon May 21 2012 13:28:02 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380767393172", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380868375745", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381043554700", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381080219037", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381151343676", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381247526121", "Mon May 21 2012 13:28:00 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381247591657", "Mon May 21 2012 13:28:00 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381372042911", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381453742514", "Mon May 21 2012 13:28:02 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381520490197", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381582880127", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381641974229", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381669771831", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381670861676", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381749396397", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381869347434", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381908324302", "Mon May 21 2012 13:28:13 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381919420428", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381932420313", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381975368474", "Mon May 21 2012 13:28:02 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381979169315", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381989950054", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedTTL128975107603475850", 40);
Deleted : user_pref("CT2481032.FeedTTL129104903994210185", 40);
Deleted : user_pref("CT2481032.FeedTTL129125588542653211", 40);
Deleted : user_pref("CT2481032.FeedTTL129137415288118473", 40);
Deleted : user_pref("CT2481032.FeedTTL129137415288118474", 40);
Deleted : user_pref("CT2481032.FeedTTL129137436798437243", 40);
Deleted : user_pref("CT2481032.FeedTTL129137436798437244", 40);
Deleted : user_pref("CT2481032.FeedTTL129137436798437245", 40);
Deleted : user_pref("CT2481032.FeedTTL5609757377779301063", 15);
Deleted : user_pref("CT2481032.FeedTTL5609757377979947076", 15);
Deleted : user_pref("CT2481032.FeedTTL5609757378132259586", 10);
Deleted : user_pref("CT2481032.FeedTTL5609757378265651739", 30);
Deleted : user_pref("CT2481032.FeedTTL5609757378705873295", 15);
Deleted : user_pref("CT2481032.FeedTTL5609757379310186023", 5);
Deleted : user_pref("CT2481032.FeedTTL5609757379320546978", 2);
Deleted : user_pref("CT2481032.FeedTTL5609757379400531926", 5);
Deleted : user_pref("CT2481032.FeedTTL5609757380108070872", 5);
Deleted : user_pref("CT2481032.FeedTTL5609757380412472059", 15);
Deleted : user_pref("CT2481032.FeedTTL5609757380467866928", 2);
Deleted : user_pref("CT2481032.FeedTTL5609757380521772385", 2);
Deleted : user_pref("CT2481032.FeedTTL5609757380727291645", 5);
Deleted : user_pref("CT2481032.FeedTTL5609757380767393172", 1440);
Deleted : user_pref("CT2481032.FeedTTL5609757381043554700", 2);
Deleted : user_pref("CT2481032.FeedTTL5609757381247526121", 15);
Deleted : user_pref("CT2481032.FeedTTL5609757381372042911", 60);
Deleted : user_pref("CT2481032.FeedTTL5609757381453742514", 15);
Deleted : user_pref("CT2481032.FeedTTL5609757381908324302", 30);
Deleted : user_pref("CT2481032.FeedTTL5609757381932420313", 10);
Deleted : user_pref("CT2481032.FeedTTL5609757381979169315", 15);
Deleted : user_pref("CT2481032.FirstServerDate", "17-9-2011");
Deleted : user_pref("CT2481032.FirstTime", true);
Deleted : user_pref("CT2481032.FirstTimeFF3", true);
Deleted : user_pref("CT2481032.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2481032.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2481032.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2481032.HasUserGlobalKeys", true);
Deleted : user_pref("CT2481032.HomePageProtectorEnabled", true);
Deleted : user_pref("CT2481032.Initialize", true);
Deleted : user_pref("CT2481032.InitializeCommonPrefs", true);
Deleted : user_pref("CT2481032.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2481032.InstallationId", "ConduitStubGeneric");
Deleted : user_pref("CT2481032.InstallationType", "ConduitStubIntegration");
Deleted : user_pref("CT2481032.InstalledDate", "Sat Sep 17 2011 13:16:48 GMT+0200");
Deleted : user_pref("CT2481032.IsAlertDBUpdated", true);
Deleted : user_pref("CT2481032.IsGrouping", false);
Deleted : user_pref("CT2481032.IsInitSetupIni", true);
Deleted : user_pref("CT2481032.IsMulticommunity", false);
Deleted : user_pref("CT2481032.IsOpenThankYouPage", false);
Deleted : user_pref("CT2481032.IsOpenUninstallPage", false);
Deleted : user_pref("CT2481032.IsProtectorsInit", true);
Deleted : user_pref("CT2481032.LanguagePackLastCheckTime", "Sat Sep 17 2011 13:16:53 GMT+0200");
Deleted : user_pref("CT2481032.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2481032.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2481032.LastLogin_3.10.0.1", "Mon May 21 2012 13:27:56 GMT+0200");
Deleted : user_pref("CT2481032.LastLogin_3.6.0.10", "Thu Dec 15 2011 15:33:56 GMT+0100");
Deleted : user_pref("CT2481032.LatestVersion", "3.12.2.3");
Deleted : user_pref("CT2481032.Locale", "en");
Deleted : user_pref("CT2481032.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2481032.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2481032.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2481032.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2481032.OriginalFirstVersion", "3.6.0.10");
Deleted : user_pref("CT2481032.RadioIsPodcast", false);
Deleted : user_pref("CT2481032.RadioMediaID", "9962");
Deleted : user_pref("CT2481032.RadioMediaType", "Media Player");
Deleted : user_pref("CT2481032.RadioMenuSelectedID", "EBRadioMenu_CT24810329962");
Deleted : user_pref("CT2481032.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2481032.RadioStationName", "California%20Rock");
Deleted : user_pref("CT2481032.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT2481032.SavedHomepage", "www.seznam.cz");
Deleted : user_pref("CT2481032.SearchEngineBeforeUnload", "Ashampoo US Customized Web Search");
Deleted : user_pref("CT2481032.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2481032.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...]
Deleted : user_pref("CT2481032.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2481032.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2481032.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2481032.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2481032.SearchProtectorEnabled", true);
Deleted : user_pref("CT2481032.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2481032.ServiceMapLastCheckTime", "Mon May 21 2012 13:27:54 GMT+0200");
Deleted : user_pref("CT2481032.SettingsLastCheckTime", "Sat Sep 17 2011 13:16:46 GMT+0200");
Deleted : user_pref("CT2481032.SettingsLastUpdate", "1315240630");
Deleted : user_pref("CT2481032.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2481032.ThirdPartyComponentsLastCheck", "Sat Sep 17 2011 13:16:46 GMT+0200");
Deleted : user_pref("CT2481032.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2481032.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2481032.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2481032");
Deleted : user_pref("CT2481032.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2481032.UserID", "UN55570380147624755");
Deleted : user_pref("CT2481032.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2481032.alertChannelId", "874438");
Deleted : user_pref("CT2481032.backendstorage./9b+7e+x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e,x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e-x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e.x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e/x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e06cg5el8:", "6E6D6F706D6D71747072");
Deleted : user_pref("CT2481032.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747375767373777A7678242F4B4947[...]
Deleted : user_pref("CT2481032.backendstorage./9b+7e0x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e1x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e2x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e3x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e4x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e5x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e6x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e7x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e8x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e9x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e:x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e;x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e<x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e=x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e>x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e?x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e@x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7eax305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Deleted : user_pref("CT2481032.backendstorage./9b+7ebx305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7ecx305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7edx305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7etx305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b-0?3g>d", "396F6F6C41726F457A74777775204A7D494B254C7D7B262A52[...]
Deleted : user_pref("CT2481032.backendstorage./9b-0?3g@6:5;", "");
Deleted : user_pref("CT2481032.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Deleted : user_pref("CT2481032.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Deleted : user_pref("CT2481032.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484776213F3E484F4E4D464[...]
Deleted : user_pref("CT2481032.backendstorage./9b5ba==9cjag", "6E3F6B40707442757A70764478747C494A7D7E7C4D");
Deleted : user_pref("CT2481032.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F6F6A6F6C707370717372");
Deleted : user_pref("CT2481032.backendstorage./9b9643g3/9e", "6A");
Deleted : user_pref("CT2481032.backendstorage./9b<:222h64<", "393F352F3E");
Deleted : user_pref("CT2481032.backendstorage./9b=+03eh8h8j?:", "4443");
Deleted : user_pref("CT2481032.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Deleted : user_pref("CT2481032.backendstorage./9b?b0d:8aj62<h", "6D");
Deleted : user_pref("CT2481032.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Deleted : user_pref("CT2481032.backendstorage.cbcountry_000", "435A");
Deleted : user_pref("CT2481032.backendstorage.cbfirsttime", "53756E204D617220303420323031322030303A34373A34312[...]
Deleted : user_pref("CT2481032.backendstorage.facebook_ctid_connect_send_new", "73656E646564");
Deleted : user_pref("CT2481032.backendstorage.facebook_mode", "32");
Deleted : user_pref("CT2481032.backendstorage.facebook_user_locale", "656E");
Deleted : user_pref("CT2481032.backendstorage.shoppingapp.gk.exipres", "536174204D617920323620323031322031333A[...]
Deleted : user_pref("CT2481032.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Deleted : user_pref("CT2481032.backendstorage.url_history0001", "687474703A2F2F7777772E6E6F76696E6B792E637A2F7[...]
Deleted : user_pref("CT2481032.ct2481032.AppTrackingLastCheckTime", "Mon May 21 2012 13:28:06 GMT+0200");
Deleted : user_pref("CT2481032.ct2481032.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2481032.ct2481032.FeedLastCount129137415284993440", 400);
Deleted : user_pref("CT2481032.ct2481032.FeedLastCount1470371090506316425", 2354);
Deleted : user_pref("CT2481032.ct2481032.InvalidateCache", false);
Deleted : user_pref("CT2481032.ct2481032.LanguagePackLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200");
Deleted : user_pref("CT2481032.ct2481032.Locale", "en");
Deleted : user_pref("CT2481032.ct2481032.RadioLastCheckTime", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2481032.ct2481032.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2481032.ct2481032.RadioLastUpdateServer", "3");
Deleted : user_pref("CT2481032.ct2481032.SearchInNewTabLastCheckTime", "Mon May 21 2012 13:27:55 GMT+0200");
Deleted : user_pref("CT2481032.ct2481032.SettingsLastCheckTime", "Mon May 21 2012 13:27:54 GMT+0200");
Deleted : user_pref("CT2481032.ct2481032.SettingsLastUpdate", "1337169810");
Deleted : user_pref("CT2481032.ct2481032.ThirdPartyComponentsLastCheck", "Mon May 21 2012 13:27:54 GMT+0200");
Deleted : user_pref("CT2481032.ct2481032.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2481032.ct2481032.globalFirstTimeInfoLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200[...]
Deleted : user_pref("CT2481032.ct2481032.toolbarAppMetaDataLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200"[...]
Deleted : user_pref("CT2481032.ct2481032.toolbarContextMenuLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200"[...]
Deleted : user_pref("CT2481032.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2481032.globalFirstTimeInfoLastCheckTime", "Sat Sep 17 2011 13:16:49 GMT+0200");
Deleted : user_pref("CT2481032.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2481032.initDone", true);
Deleted : user_pref("CT2481032.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2481032.isFirstRadioInstallation", false);
Deleted : user_pref("CT2481032.myStuffEnabled", true);
Deleted : user_pref("CT2481032.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2481032.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2481032.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2481032.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2481032.oldAppsList", "129058858239812813,129058858240125318,111,129469743936644511,129[...]
Deleted : user_pref("CT2481032.revertSettingsEnabled", true);
Deleted : user_pref("CT2481032.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2481032.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2481032.testingCtid", "");
Deleted : user_pref("CT2481032.toolbarAppMetaDataLastCheckTime", "Sat Sep 17 2011 13:16:49 GMT+0200");
Deleted : user_pref("CT2481032.toolbarContextMenuLastCheckTime", "Sat Sep 17 2011 13:17:00 GMT+0200");
Deleted : user_pref("CT2481032.usagesFlag", 2);
Deleted : user_pref("CT2645238..clientLogIsEnabled", false);
Deleted : user_pref("CT2645238..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2645238..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2645238.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2645238.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2645238.AppTrackingLastCheckTime", "Mon May 21 2012 13:28:08 GMT+0200");
Deleted : user_pref("CT2645238.CT2645238", "CT2645238");
Deleted : user_pref("CT2645238.CurrentServerDate", "21-5-2012");
Deleted : user_pref("CT2645238.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2645238.DialogsGetterLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Deleted : user_pref("CT2645238.DownloadReferralCookieData", "");
Deleted : user_pref("CT2645238.EMailNotifierPollDate", "Mon May 21 2012 13:37:59 GMT+0200");
Deleted : user_pref("CT2645238.FirstServerDate", "13-5-2011");
Deleted : user_pref("CT2645238.FirstTime", true);
Deleted : user_pref("CT2645238.FirstTimeFF3", true);
Deleted : user_pref("CT2645238.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2645238.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2645238.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2645238.HasUserGlobalKeys", true);
Deleted : user_pref("CT2645238.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2645238.Initialize", true);
Deleted : user_pref("CT2645238.InitializeCommonPrefs", true);
Deleted : user_pref("CT2645238.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2645238.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2645238.InstalledDate", "Thu May 12 2011 23:24:45 GMT+0200");
Deleted : user_pref("CT2645238.InvalidateCache", false);
Deleted : user_pref("CT2645238.IsAlertDBUpdated", true);
Deleted : user_pref("CT2645238.IsGrouping", false);
Deleted : user_pref("CT2645238.IsMulticommunity", false);
Deleted : user_pref("CT2645238.IsOpenThankYouPage", true);
Deleted : user_pref("CT2645238.IsOpenUninstallPage", true);
Deleted : user_pref("CT2645238.LanguagePackLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Deleted : user_pref("CT2645238.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2645238.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2645238.LastLogin_3.12.2.3", "Mon May 21 2012 13:39:29 GMT+0200");
Deleted : user_pref("CT2645238.LastLogin_3.3.5.1", "Thu Jul 07 2011 23:41:46 GMT+0200");
Deleted : user_pref("CT2645238.LastLogin_3.5.0.12", "Wed Jul 27 2011 18:20:52 GMT+0200");
Deleted : user_pref("CT2645238.LastLogin_3.8.0.8", "Thu Dec 15 2011 15:34:03 GMT+0100");
Deleted : user_pref("CT2645238.LastLogin_3.9.0.3", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2645238.LatestVersion", "3.12.2.3");
Deleted : user_pref("CT2645238.Locale", "en");
Deleted : user_pref("CT2645238.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2645238.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2645238.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2645238.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2645238.RadioIsPodcast", false);
Deleted : user_pref("CT2645238.RadioLastCheckTime", "Mon May 21 2012 13:28:00 GMT+0200");
Deleted : user_pref("CT2645238.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2645238.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2645238.RadioMediaID", "9962");
Deleted : user_pref("CT2645238.RadioMediaType", "Media Player");
Deleted : user_pref("CT2645238.RadioMenuSelectedID", "EBRadioMenu_CT26452389962");
Deleted : user_pref("CT2645238.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2645238.RadioStationName", "California%20Rock");
Deleted : user_pref("CT2645238.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT2645238.SearchEngineBeforeUnload", "QIP Search");
Deleted : user_pref("CT2645238.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2645238.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT264[...]
Deleted : user_pref("CT2645238.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2645238.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2645238.SearchInNewTabLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Deleted : user_pref("CT2645238.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2645238.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2645238.SearchProtectorEnabled", false);
Deleted : user_pref("CT2645238.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2645238.ServiceMapLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Deleted : user_pref("CT2645238.SettingsLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200");
Deleted : user_pref("CT2645238.SettingsLastUpdate", "1337169810");
Deleted : user_pref("CT2645238.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2645238.ThirdPartyComponentsLastCheck", "Mon May 21 2012 13:27:56 GMT+0200");
Deleted : user_pref("CT2645238.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2645238.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2645238.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2645238");
Deleted : user_pref("CT2645238.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2645238.UserID", "UN06839140628055496");
Deleted : user_pref("CT2645238.ValidationData_Toolbar", 0);
Deleted : user_pref("CT2645238.WeatherNetwork", "");
Deleted : user_pref("CT2645238.WeatherPollDate", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2645238.WeatherUnit", "C");
Deleted : user_pref("CT2645238.alertChannelId", "1037922");
Deleted : user_pref("CT2645238.approveUntrustedApps", true);
Deleted : user_pref("CT2645238.components.1000082", true);
Deleted : user_pref("CT2645238.components.1000234", true);
Deleted : user_pref("CT2645238.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2645238.globalFirstTimeInfoLastCheckTime", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2645238.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2645238.initDone", true);
Deleted : user_pref("CT2645238.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2645238.isFirstRadioInstallation", false);
Deleted : user_pref("CT2645238.myStuffEnabled", true);
Deleted : user_pref("CT2645238.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2645238.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2645238.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2645238.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2645238.oldAppsList", "129194820424161790,129194820424318041,111,129194820424474292,129[...]
Deleted : user_pref("CT2645238.revertSettingsEnabled", true);
Deleted : user_pref("CT2645238.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2645238.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2645238.testingCtid", "");
Deleted : user_pref("CT2645238.toolbarAppMetaDataLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Deleted : user_pref("CT2645238.toolbarContextMenuLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Deleted : user_pref("CT2645238.usagesFlag", 1);
Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2645238");
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481032&Search[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "Ashampoo US Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2645238/CT2645238[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/ct2481032/CT2481032[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2481032", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2645238", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2481032", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2481032",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2645238",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2481032&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2645238&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2481032&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2645238/CT2645238[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/38/264/CT2645238/Images/6340849608501725[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"67e[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"b44bade0bbb51fb2593c[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"b7d5f2f0a694151b9ba[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"735e913b3f2e6434df5[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"f0cd4d5636ce75457b9[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"303147c4060de03ff3b[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"4c715b77a0bb1f8296c[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/428333.xml", "\"d875da22b37b227a80327[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"6502ef37914fa383e6f14[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\An\ra\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.qip.ru/search?from=FF&quer[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2645238,CT2481032");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2645238,CT2481032");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2481032");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu May 12 2011 23:24:33 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jul 07 2011 23:41:44 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "0a25348c-fd84-4e6b-a390-f4c5807620fe");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Apr 19 2012 23:12:50 GMT+0200");
Deleted : user_pref("CommunityToolbar.globalUserId", "7346a9f9-2c96-472f-802f-0d0b55ca5d99");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2481032");
Deleted : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200"[...]
Deleted : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200")[...]
Deleted : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200")[...]
Deleted : user_pref("browser.search.defaultthis.engineName", "Ashampoo US Customized Web Search");
Deleted : user_pref("keyword.URL", "hxxp://search.qip.ru/search?from=FF&query=");
Deleted : user_pref("surfcanyon.fractions", "0.0_0.0\r\n");
Deleted : user_pref("surfcanyon.last_checked_ts", "1266999529985");
-\\ Google Chrome v24.0.1312.56
File : C:\Users\Anča\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.0.1467.0
File : C:\Users\Anča\AppData\Roaming\Opera\Opera\operaprefs.ini
Deleted : HostName Web Lookup Address=hxxp://search.icq.com/search/afe_results.php?q=%s&ch_id=sk27211&icid=ope[...]
*************************
AdwCleaner[R1].txt - [42090 octets] - [29/01/2013 22:09:35]
AdwCleaner[S1].txt - [42605 octets] - [29/01/2013 22:16:38]
########## EOF - C:\AdwCleaner[S1].txt - [42666 octets] ##########
# AdwCleaner v2.109 - Logfile created 01/29/2013 at 22:16:38
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Anča - ANCA-PC
# Boot Mode : Normal
# Running from : C:\Users\Anča\Desktop\AdwCleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
File Deleted : C:\Users\Anča\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\qip-search.xml
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Anča\AppData\Local\APN
Folder Deleted : C:\Users\Anča\AppData\Local\Conduit
Folder Deleted : C:\Users\Anča\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\Conduit
Folder Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\ConduitCommon
Folder Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\CT2481032
Folder Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\CT2645238
Folder Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
Folder Deleted : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
***** [Registry] *****
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2481032
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2645238
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2645238 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms} --> hxxp://www.google.com
-\\ Mozilla Firefox v12.0 (cs)
File : C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\prefs.js
Deleted : user_pref("CT2481032..clientLogIsEnabled", false);
Deleted : user_pref("CT2481032..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2481032..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2481032.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2481032.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2481032.AppTrackingLastCheckTime", "Sat Sep 17 2011 13:17:01 GMT+0200");
Deleted : user_pref("CT2481032.BrowserCompStateIsOpen_129469743936644511", true);
Deleted : user_pref("CT2481032.BrowserCompStateIsOpen_129633221880768905", true);
Deleted : user_pref("CT2481032.BrowserCompStateIsOpen_129681724834737563", true);
Deleted : user_pref("CT2481032.CTID", "ct2481032");
Deleted : user_pref("CT2481032.CurrentServerDate", "21-5-2012");
Deleted : user_pref("CT2481032.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2481032.DialogsGetterLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200");
Deleted : user_pref("CT2481032.DownloadReferralCookieData", "");
Deleted : user_pref("CT2481032.FeedLastCount129137415284993440", 0);
Deleted : user_pref("CT2481032.FeedLastCount1470371090506316425", 0);
Deleted : user_pref("CT2481032.FeedPollDate128975107603475850", "Mon May 21 2012 13:28:00 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129104903994210185", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129125588542653211", "Mon May 21 2012 13:28:00 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129137415288118473", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129137415288118474", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129137436798437243", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129137436798437244", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate129137436798437245", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757377779301063", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757377961554609", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757377979947076", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757378132259586", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757378265651739", "Mon May 21 2012 13:28:13 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757378449145277", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757378705873295", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757378902522699", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757378968484097", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379044202234", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379219112080", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379310186023", "Mon May 21 2012 13:28:13 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379320546978", "Mon May 21 2012 13:28:13 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379400531926", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379497083274", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379497148810", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379497279882", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379644150784", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379646262407", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379767858421", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379797989042", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757379883299006", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380108070872", "Mon May 21 2012 13:28:02 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380344955611", "Mon May 21 2012 13:28:02 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380390189978", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380412472059", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380467866928", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380521772385", "Mon May 21 2012 13:28:02 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380616362201", "Mon May 21 2012 13:28:13 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380727291645", "Mon May 21 2012 13:28:02 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380767393172", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757380868375745", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381043554700", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381080219037", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381151343676", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381247526121", "Mon May 21 2012 13:28:00 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381247591657", "Mon May 21 2012 13:28:00 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381372042911", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381453742514", "Mon May 21 2012 13:28:02 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381520490197", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381582880127", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381641974229", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381669771831", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381670861676", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381749396397", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381869347434", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381908324302", "Mon May 21 2012 13:28:13 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381919420428", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381932420313", "Mon May 21 2012 13:28:15 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381975368474", "Mon May 21 2012 13:28:02 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381979169315", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2481032.FeedPollDate5609757381989950054", "Mon May 21 2012 13:28:14 GMT+0200");
Deleted : user_pref("CT2481032.FeedTTL128975107603475850", 40);
Deleted : user_pref("CT2481032.FeedTTL129104903994210185", 40);
Deleted : user_pref("CT2481032.FeedTTL129125588542653211", 40);
Deleted : user_pref("CT2481032.FeedTTL129137415288118473", 40);
Deleted : user_pref("CT2481032.FeedTTL129137415288118474", 40);
Deleted : user_pref("CT2481032.FeedTTL129137436798437243", 40);
Deleted : user_pref("CT2481032.FeedTTL129137436798437244", 40);
Deleted : user_pref("CT2481032.FeedTTL129137436798437245", 40);
Deleted : user_pref("CT2481032.FeedTTL5609757377779301063", 15);
Deleted : user_pref("CT2481032.FeedTTL5609757377979947076", 15);
Deleted : user_pref("CT2481032.FeedTTL5609757378132259586", 10);
Deleted : user_pref("CT2481032.FeedTTL5609757378265651739", 30);
Deleted : user_pref("CT2481032.FeedTTL5609757378705873295", 15);
Deleted : user_pref("CT2481032.FeedTTL5609757379310186023", 5);
Deleted : user_pref("CT2481032.FeedTTL5609757379320546978", 2);
Deleted : user_pref("CT2481032.FeedTTL5609757379400531926", 5);
Deleted : user_pref("CT2481032.FeedTTL5609757380108070872", 5);
Deleted : user_pref("CT2481032.FeedTTL5609757380412472059", 15);
Deleted : user_pref("CT2481032.FeedTTL5609757380467866928", 2);
Deleted : user_pref("CT2481032.FeedTTL5609757380521772385", 2);
Deleted : user_pref("CT2481032.FeedTTL5609757380727291645", 5);
Deleted : user_pref("CT2481032.FeedTTL5609757380767393172", 1440);
Deleted : user_pref("CT2481032.FeedTTL5609757381043554700", 2);
Deleted : user_pref("CT2481032.FeedTTL5609757381247526121", 15);
Deleted : user_pref("CT2481032.FeedTTL5609757381372042911", 60);
Deleted : user_pref("CT2481032.FeedTTL5609757381453742514", 15);
Deleted : user_pref("CT2481032.FeedTTL5609757381908324302", 30);
Deleted : user_pref("CT2481032.FeedTTL5609757381932420313", 10);
Deleted : user_pref("CT2481032.FeedTTL5609757381979169315", 15);
Deleted : user_pref("CT2481032.FirstServerDate", "17-9-2011");
Deleted : user_pref("CT2481032.FirstTime", true);
Deleted : user_pref("CT2481032.FirstTimeFF3", true);
Deleted : user_pref("CT2481032.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2481032.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2481032.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2481032.HasUserGlobalKeys", true);
Deleted : user_pref("CT2481032.HomePageProtectorEnabled", true);
Deleted : user_pref("CT2481032.Initialize", true);
Deleted : user_pref("CT2481032.InitializeCommonPrefs", true);
Deleted : user_pref("CT2481032.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2481032.InstallationId", "ConduitStubGeneric");
Deleted : user_pref("CT2481032.InstallationType", "ConduitStubIntegration");
Deleted : user_pref("CT2481032.InstalledDate", "Sat Sep 17 2011 13:16:48 GMT+0200");
Deleted : user_pref("CT2481032.IsAlertDBUpdated", true);
Deleted : user_pref("CT2481032.IsGrouping", false);
Deleted : user_pref("CT2481032.IsInitSetupIni", true);
Deleted : user_pref("CT2481032.IsMulticommunity", false);
Deleted : user_pref("CT2481032.IsOpenThankYouPage", false);
Deleted : user_pref("CT2481032.IsOpenUninstallPage", false);
Deleted : user_pref("CT2481032.IsProtectorsInit", true);
Deleted : user_pref("CT2481032.LanguagePackLastCheckTime", "Sat Sep 17 2011 13:16:53 GMT+0200");
Deleted : user_pref("CT2481032.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2481032.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2481032.LastLogin_3.10.0.1", "Mon May 21 2012 13:27:56 GMT+0200");
Deleted : user_pref("CT2481032.LastLogin_3.6.0.10", "Thu Dec 15 2011 15:33:56 GMT+0100");
Deleted : user_pref("CT2481032.LatestVersion", "3.12.2.3");
Deleted : user_pref("CT2481032.Locale", "en");
Deleted : user_pref("CT2481032.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2481032.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2481032.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2481032.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2481032.OriginalFirstVersion", "3.6.0.10");
Deleted : user_pref("CT2481032.RadioIsPodcast", false);
Deleted : user_pref("CT2481032.RadioMediaID", "9962");
Deleted : user_pref("CT2481032.RadioMediaType", "Media Player");
Deleted : user_pref("CT2481032.RadioMenuSelectedID", "EBRadioMenu_CT24810329962");
Deleted : user_pref("CT2481032.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2481032.RadioStationName", "California%20Rock");
Deleted : user_pref("CT2481032.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT2481032.SavedHomepage", "www.seznam.cz");
Deleted : user_pref("CT2481032.SearchEngineBeforeUnload", "Ashampoo US Customized Web Search");
Deleted : user_pref("CT2481032.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2481032.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...]
Deleted : user_pref("CT2481032.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2481032.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2481032.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2481032.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2481032.SearchProtectorEnabled", true);
Deleted : user_pref("CT2481032.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2481032.ServiceMapLastCheckTime", "Mon May 21 2012 13:27:54 GMT+0200");
Deleted : user_pref("CT2481032.SettingsLastCheckTime", "Sat Sep 17 2011 13:16:46 GMT+0200");
Deleted : user_pref("CT2481032.SettingsLastUpdate", "1315240630");
Deleted : user_pref("CT2481032.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2481032.ThirdPartyComponentsLastCheck", "Sat Sep 17 2011 13:16:46 GMT+0200");
Deleted : user_pref("CT2481032.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2481032.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2481032.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2481032");
Deleted : user_pref("CT2481032.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2481032.UserID", "UN55570380147624755");
Deleted : user_pref("CT2481032.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2481032.alertChannelId", "874438");
Deleted : user_pref("CT2481032.backendstorage./9b+7e+x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e,x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e-x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e.x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e/x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e06cg5el8:", "6E6D6F706D6D71747072");
Deleted : user_pref("CT2481032.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747375767373777A7678242F4B4947[...]
Deleted : user_pref("CT2481032.backendstorage./9b+7e0x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e1x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e2x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e3x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e4x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e5x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e6x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e7x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e8x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e9x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e:x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e;x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e<x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e=x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e>x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e?x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7e@x305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7eax305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Deleted : user_pref("CT2481032.backendstorage./9b+7ebx305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7ecx305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7edx305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b+7etx305", "2423");
Deleted : user_pref("CT2481032.backendstorage./9b-0?3g>d", "396F6F6C41726F457A74777775204A7D494B254C7D7B262A52[...]
Deleted : user_pref("CT2481032.backendstorage./9b-0?3g@6:5;", "");
Deleted : user_pref("CT2481032.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Deleted : user_pref("CT2481032.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Deleted : user_pref("CT2481032.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484776213F3E484F4E4D464[...]
Deleted : user_pref("CT2481032.backendstorage./9b5ba==9cjag", "6E3F6B40707442757A70764478747C494A7D7E7C4D");
Deleted : user_pref("CT2481032.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F6F6A6F6C707370717372");
Deleted : user_pref("CT2481032.backendstorage./9b9643g3/9e", "6A");
Deleted : user_pref("CT2481032.backendstorage./9b<:222h64<", "393F352F3E");
Deleted : user_pref("CT2481032.backendstorage./9b=+03eh8h8j?:", "4443");
Deleted : user_pref("CT2481032.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Deleted : user_pref("CT2481032.backendstorage./9b?b0d:8aj62<h", "6D");
Deleted : user_pref("CT2481032.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Deleted : user_pref("CT2481032.backendstorage.cbcountry_000", "435A");
Deleted : user_pref("CT2481032.backendstorage.cbfirsttime", "53756E204D617220303420323031322030303A34373A34312[...]
Deleted : user_pref("CT2481032.backendstorage.facebook_ctid_connect_send_new", "73656E646564");
Deleted : user_pref("CT2481032.backendstorage.facebook_mode", "32");
Deleted : user_pref("CT2481032.backendstorage.facebook_user_locale", "656E");
Deleted : user_pref("CT2481032.backendstorage.shoppingapp.gk.exipres", "536174204D617920323620323031322031333A[...]
Deleted : user_pref("CT2481032.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Deleted : user_pref("CT2481032.backendstorage.url_history0001", "687474703A2F2F7777772E6E6F76696E6B792E637A2F7[...]
Deleted : user_pref("CT2481032.ct2481032.AppTrackingLastCheckTime", "Mon May 21 2012 13:28:06 GMT+0200");
Deleted : user_pref("CT2481032.ct2481032.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2481032.ct2481032.FeedLastCount129137415284993440", 400);
Deleted : user_pref("CT2481032.ct2481032.FeedLastCount1470371090506316425", 2354);
Deleted : user_pref("CT2481032.ct2481032.InvalidateCache", false);
Deleted : user_pref("CT2481032.ct2481032.LanguagePackLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200");
Deleted : user_pref("CT2481032.ct2481032.Locale", "en");
Deleted : user_pref("CT2481032.ct2481032.RadioLastCheckTime", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2481032.ct2481032.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2481032.ct2481032.RadioLastUpdateServer", "3");
Deleted : user_pref("CT2481032.ct2481032.SearchInNewTabLastCheckTime", "Mon May 21 2012 13:27:55 GMT+0200");
Deleted : user_pref("CT2481032.ct2481032.SettingsLastCheckTime", "Mon May 21 2012 13:27:54 GMT+0200");
Deleted : user_pref("CT2481032.ct2481032.SettingsLastUpdate", "1337169810");
Deleted : user_pref("CT2481032.ct2481032.ThirdPartyComponentsLastCheck", "Mon May 21 2012 13:27:54 GMT+0200");
Deleted : user_pref("CT2481032.ct2481032.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2481032.ct2481032.globalFirstTimeInfoLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200[...]
Deleted : user_pref("CT2481032.ct2481032.toolbarAppMetaDataLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200"[...]
Deleted : user_pref("CT2481032.ct2481032.toolbarContextMenuLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200"[...]
Deleted : user_pref("CT2481032.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2481032.globalFirstTimeInfoLastCheckTime", "Sat Sep 17 2011 13:16:49 GMT+0200");
Deleted : user_pref("CT2481032.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2481032.initDone", true);
Deleted : user_pref("CT2481032.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2481032.isFirstRadioInstallation", false);
Deleted : user_pref("CT2481032.myStuffEnabled", true);
Deleted : user_pref("CT2481032.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2481032.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2481032.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2481032.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2481032.oldAppsList", "129058858239812813,129058858240125318,111,129469743936644511,129[...]
Deleted : user_pref("CT2481032.revertSettingsEnabled", true);
Deleted : user_pref("CT2481032.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2481032.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2481032.testingCtid", "");
Deleted : user_pref("CT2481032.toolbarAppMetaDataLastCheckTime", "Sat Sep 17 2011 13:16:49 GMT+0200");
Deleted : user_pref("CT2481032.toolbarContextMenuLastCheckTime", "Sat Sep 17 2011 13:17:00 GMT+0200");
Deleted : user_pref("CT2481032.usagesFlag", 2);
Deleted : user_pref("CT2645238..clientLogIsEnabled", false);
Deleted : user_pref("CT2645238..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2645238..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2645238.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2645238.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2645238.AppTrackingLastCheckTime", "Mon May 21 2012 13:28:08 GMT+0200");
Deleted : user_pref("CT2645238.CT2645238", "CT2645238");
Deleted : user_pref("CT2645238.CurrentServerDate", "21-5-2012");
Deleted : user_pref("CT2645238.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2645238.DialogsGetterLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Deleted : user_pref("CT2645238.DownloadReferralCookieData", "");
Deleted : user_pref("CT2645238.EMailNotifierPollDate", "Mon May 21 2012 13:37:59 GMT+0200");
Deleted : user_pref("CT2645238.FirstServerDate", "13-5-2011");
Deleted : user_pref("CT2645238.FirstTime", true);
Deleted : user_pref("CT2645238.FirstTimeFF3", true);
Deleted : user_pref("CT2645238.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2645238.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2645238.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2645238.HasUserGlobalKeys", true);
Deleted : user_pref("CT2645238.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2645238.Initialize", true);
Deleted : user_pref("CT2645238.InitializeCommonPrefs", true);
Deleted : user_pref("CT2645238.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2645238.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2645238.InstalledDate", "Thu May 12 2011 23:24:45 GMT+0200");
Deleted : user_pref("CT2645238.InvalidateCache", false);
Deleted : user_pref("CT2645238.IsAlertDBUpdated", true);
Deleted : user_pref("CT2645238.IsGrouping", false);
Deleted : user_pref("CT2645238.IsMulticommunity", false);
Deleted : user_pref("CT2645238.IsOpenThankYouPage", true);
Deleted : user_pref("CT2645238.IsOpenUninstallPage", true);
Deleted : user_pref("CT2645238.LanguagePackLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Deleted : user_pref("CT2645238.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2645238.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2645238.LastLogin_3.12.2.3", "Mon May 21 2012 13:39:29 GMT+0200");
Deleted : user_pref("CT2645238.LastLogin_3.3.5.1", "Thu Jul 07 2011 23:41:46 GMT+0200");
Deleted : user_pref("CT2645238.LastLogin_3.5.0.12", "Wed Jul 27 2011 18:20:52 GMT+0200");
Deleted : user_pref("CT2645238.LastLogin_3.8.0.8", "Thu Dec 15 2011 15:34:03 GMT+0100");
Deleted : user_pref("CT2645238.LastLogin_3.9.0.3", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2645238.LatestVersion", "3.12.2.3");
Deleted : user_pref("CT2645238.Locale", "en");
Deleted : user_pref("CT2645238.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2645238.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2645238.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2645238.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2645238.RadioIsPodcast", false);
Deleted : user_pref("CT2645238.RadioLastCheckTime", "Mon May 21 2012 13:28:00 GMT+0200");
Deleted : user_pref("CT2645238.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2645238.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2645238.RadioMediaID", "9962");
Deleted : user_pref("CT2645238.RadioMediaType", "Media Player");
Deleted : user_pref("CT2645238.RadioMenuSelectedID", "EBRadioMenu_CT26452389962");
Deleted : user_pref("CT2645238.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2645238.RadioStationName", "California%20Rock");
Deleted : user_pref("CT2645238.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT2645238.SearchEngineBeforeUnload", "QIP Search");
Deleted : user_pref("CT2645238.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2645238.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT264[...]
Deleted : user_pref("CT2645238.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2645238.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2645238.SearchInNewTabLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Deleted : user_pref("CT2645238.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2645238.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2645238.SearchProtectorEnabled", false);
Deleted : user_pref("CT2645238.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2645238.ServiceMapLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Deleted : user_pref("CT2645238.SettingsLastCheckTime", "Mon May 21 2012 13:27:56 GMT+0200");
Deleted : user_pref("CT2645238.SettingsLastUpdate", "1337169810");
Deleted : user_pref("CT2645238.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2645238.ThirdPartyComponentsLastCheck", "Mon May 21 2012 13:27:56 GMT+0200");
Deleted : user_pref("CT2645238.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2645238.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2645238.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2645238");
Deleted : user_pref("CT2645238.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2645238.UserID", "UN06839140628055496");
Deleted : user_pref("CT2645238.ValidationData_Toolbar", 0);
Deleted : user_pref("CT2645238.WeatherNetwork", "");
Deleted : user_pref("CT2645238.WeatherPollDate", "Mon May 21 2012 13:28:01 GMT+0200");
Deleted : user_pref("CT2645238.WeatherUnit", "C");
Deleted : user_pref("CT2645238.alertChannelId", "1037922");
Deleted : user_pref("CT2645238.approveUntrustedApps", true);
Deleted : user_pref("CT2645238.components.1000082", true);
Deleted : user_pref("CT2645238.components.1000234", true);
Deleted : user_pref("CT2645238.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2645238.globalFirstTimeInfoLastCheckTime", "Mon May 21 2012 13:27:58 GMT+0200");
Deleted : user_pref("CT2645238.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2645238.initDone", true);
Deleted : user_pref("CT2645238.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2645238.isFirstRadioInstallation", false);
Deleted : user_pref("CT2645238.myStuffEnabled", true);
Deleted : user_pref("CT2645238.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2645238.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2645238.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2645238.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2645238.oldAppsList", "129194820424161790,129194820424318041,111,129194820424474292,129[...]
Deleted : user_pref("CT2645238.revertSettingsEnabled", true);
Deleted : user_pref("CT2645238.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2645238.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2645238.testingCtid", "");
Deleted : user_pref("CT2645238.toolbarAppMetaDataLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Deleted : user_pref("CT2645238.toolbarContextMenuLastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200");
Deleted : user_pref("CT2645238.usagesFlag", 1);
Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2645238");
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481032&Search[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "Ashampoo US Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2645238/CT2645238[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/ct2481032/CT2481032[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2481032", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2645238", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2481032", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2481032",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2645238",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2481032&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2645238&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2481032&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2645238/CT2645238[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/38/264/CT2645238/Images/6340849608501725[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"67e[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"b44bade0bbb51fb2593c[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"b7d5f2f0a694151b9ba[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"735e913b3f2e6434df5[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"f0cd4d5636ce75457b9[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"303147c4060de03ff3b[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"4c715b77a0bb1f8296c[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/428333.xml", "\"d875da22b37b227a80327[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"6502ef37914fa383e6f14[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\An\ra\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.qip.ru/search?from=FF&quer[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2645238,CT2481032");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2645238,CT2481032");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2481032");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu May 12 2011 23:24:33 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jul 07 2011 23:41:44 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "0a25348c-fd84-4e6b-a390-f4c5807620fe");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Apr 19 2012 23:12:50 GMT+0200");
Deleted : user_pref("CommunityToolbar.globalUserId", "7346a9f9-2c96-472f-802f-0d0b55ca5d99");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2481032");
Deleted : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200"[...]
Deleted : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200")[...]
Deleted : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Mon May 21 2012 13:27:57 GMT+0200")[...]
Deleted : user_pref("browser.search.defaultthis.engineName", "Ashampoo US Customized Web Search");
Deleted : user_pref("keyword.URL", "hxxp://search.qip.ru/search?from=FF&query=");
Deleted : user_pref("surfcanyon.fractions", "0.0_0.0\r\n");
Deleted : user_pref("surfcanyon.last_checked_ts", "1266999529985");
-\\ Google Chrome v24.0.1312.56
File : C:\Users\Anča\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.0.1467.0
File : C:\Users\Anča\AppData\Roaming\Opera\Opera\operaprefs.ini
Deleted : HostName Web Lookup Address=hxxp://search.icq.com/search/afe_results.php?q=%s&ch_id=sk27211&icid=ope[...]
*************************
AdwCleaner[R1].txt - [42090 octets] - [29/01/2013 22:09:35]
AdwCleaner[S1].txt - [42605 octets] - [29/01/2013 22:16:38]
########## EOF - C:\AdwCleaner[S1].txt - [42666 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119401
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu, pomale PC
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu, pomale PC
Ajaj, pardon, zde je:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Anča at 2013-01-30 18:57:18
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 13 GB (13%) free of 100 GB
Total RAM: 3004 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:57:46, on 30.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Users\Anča\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Anča\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Anča.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Anča\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
--
End of file - 9879 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1349919382-1813425755-1454799827-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1349919382-1813425755-1454799827-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default
prefs.js - "extensions.enabledItems" - "{9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.15, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.25.36, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.4.3, {800b5000-a755-47e1-992b-48a1c1357f07}:1.4.3, {124d001a-bdcb-472f-aa59-bbe7e4bc3204}:3.10.0.1, {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27, fe_3.6@nokia.com:1.7.56.205, {91da5e8a-3318-4f8c-b67e-5964de3ab546}:3.12.2.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
"{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}"=C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi
nsIOGAPlugin.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
np-mswmp.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
NPOFF12.DLL
npOGAPlugin.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
ssldivx.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\extensions\
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{124d001a-bdcb-472f-aa59-bbe7e4bc3204}-trash
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\
firmycz.xml
icqplugin-4.xml
mapycz.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-10-05 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-27 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-22 603816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-27 155384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E11DB59D-5008-42ff-9069-535843BC0BE1}]
Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll [2012-02-08 367384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-10-05 798771]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-22 603816]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PSQLLauncher"=C:\Program Files\Protector Suite QL\launcher.exe [2008-04-03 48904]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2013-01-02 73984]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1313640]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1387288]
"LogiScrollApp"=C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [2012-02-08 124184]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-11-22 738984]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2012-07-13 17418928]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-01-10 1475952]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe [2012-12-18 578560]
"Facebook Update"=C:\Users\Anča\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-24 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-01-10 310128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Philips Device Listener]
C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [2011-01-25 380416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 66328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Windows\system32\psqlpwd.dll [2008-04-03 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-01-29 22:16:38 ----A---- C:\AdwCleaner[S1].txt
2013-01-29 22:09:35 ----A---- C:\AdwCleaner[R1].txt
2013-01-29 21:06:22 ----D---- C:\rsit
2013-01-15 22:49:24 ----A---- C:\Windows\system32\atmfd.dll
2013-01-15 22:49:23 ----A---- C:\Windows\system32\atmlib.dll
2013-01-15 22:28:05 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\winsrv.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\kernel32.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\conhost.exe
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-15 22:27:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-15 22:27:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-15 22:27:46 ----A---- C:\Windows\system32\win32spl.dll
2013-01-15 22:27:44 ----A---- C:\Windows\system32\msxml6.dll
2013-01-15 22:27:42 ----A---- C:\Windows\system32\usp10.dll
2013-01-15 22:27:31 ----A---- C:\Windows\system32\gameux.dll
2013-01-15 22:27:30 ----A---- C:\Windows\system32\Wpc.dll
2013-01-15 22:25:43 ----A---- C:\Windows\system32\win32k.sys
2013-01-15 22:25:01 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-15 22:24:36 ----A---- C:\Windows\system32\taskhost.exe
2013-01-10 18:52:48 ----D---- C:\Users\Anča\AppData\Roaming\Gogii Games
2013-01-08 22:38:12 ----D---- C:\Users\Anča\AppData\Roaming\Fenomen Games
2013-01-08 19:16:16 ----D---- C:\ProgramData\JollyBear
======List of files/folders modified in the last 1 month======
2013-01-30 18:57:43 ----D---- C:\Windows\Temp
2013-01-30 18:57:35 ----D---- C:\Program Files\trend micro
2013-01-30 18:53:04 ----D---- C:\Windows\Prefetch
2013-01-30 18:22:30 ----D---- C:\Windows\system32\config
2013-01-29 23:50:53 ----D---- C:\Windows\Internet Logs
2013-01-29 22:25:58 ----D---- C:\Windows\system32\DriverStore
2013-01-29 22:21:30 ----D---- C:\Windows
2013-01-29 22:16:50 ----D---- C:\Program Files
2013-01-29 22:16:50 ----AHD---- C:\ProgramData
2013-01-29 21:00:36 ----D---- C:\Users\Anča\AppData\Roaming\Winamp
2013-01-27 23:41:43 ----D---- C:\Users\Anča\AppData\Roaming\uTorrent
2013-01-27 23:15:20 ----D---- C:\games
2013-01-27 23:04:27 ----D---- C:\Windows\Microsoft.NET
2013-01-27 23:04:25 ----RSD---- C:\Windows\assembly
2013-01-27 22:36:46 ----SHD---- C:\Windows\Installer
2013-01-27 22:36:46 ----D---- C:\Config.Msi
2013-01-27 21:29:20 ----D---- C:\Windows\System32
2013-01-27 21:29:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-27 21:29:19 ----D---- C:\Windows\inf
2013-01-27 20:44:19 ----D---- C:\Users\Anča\AppData\Roaming\ERS Game Studios
2013-01-26 12:05:57 ----D---- C:\Windows\system32\catroot2
2013-01-26 11:35:09 ----SHD---- C:\System Volume Information
2013-01-24 22:25:38 ----D---- C:\Users\Anča\AppData\Roaming\Elephant Games
2013-01-24 22:16:19 ----D---- C:\Windows\Minidump
2013-01-24 22:16:19 ----D---- C:\Windows\debug
2013-01-23 04:39:38 ----D---- C:\Windows\rescache
2013-01-17 16:07:42 ----D---- C:\Windows\winsxs
2013-01-17 05:26:20 ----D---- C:\Windows\system32\it-IT
2013-01-17 05:26:20 ----D---- C:\Windows\system32\en-US
2013-01-17 05:26:20 ----D---- C:\Windows\system32\cs-CZ
2013-01-15 22:49:28 ----D---- C:\Windows\system32\catroot
2013-01-15 22:48:19 ----D---- C:\ProgramData\Microsoft Help
2013-01-15 22:37:22 ----D---- C:\Program Files\Common Files\microsoft shared
2013-01-15 22:32:42 ----A---- C:\Windows\system32\MRT.exe
2013-01-15 21:21:56 ----D---- C:\Program Files\Mozilla Firefox
2013-01-10 13:21:00 ----D---- C:\Program Files\Alawarhry.cz
2013-01-09 18:44:43 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-01-07 18:48:14 ----D---- C:\ProgramData\Elephant Games
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-01 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 31088]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2012-12-13 454744]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 27056]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-10-11 45056]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-14 45736]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-07-30 81448]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-07-30 99880]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-07-30 28464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-07-30 17448]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6032.sys [2009-07-13 214016]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2011-01-18 15664]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2007-06-12 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2007-06-12 63376]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\System32\Drivers\LEqdUsb.Sys [2011-09-02 42648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\System32\Drivers\LHidEqd.Sys [2011-09-02 12184]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 41240]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 39192]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2007-06-12 79376]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-07-03 22344]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2009-03-10 9344]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2008-04-10 50576]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2012-06-27 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 catchme;catchme; \??\C:\Users\ANA~1\AppData\Local\Temp\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-06-11 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-06-11 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2010-04-27 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2010-04-27 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2010-04-27 123776]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2012-06-27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 136808]
S3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-06-11 8192]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-06-11 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-29 238952]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-22 497320]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-01-14 5184872]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2013-01-02 2448032]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-01-22 192512]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2009-01-22 313264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 295192]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2009-01-22 69632]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Anča at 2013-01-30 18:57:18
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 13 GB (13%) free of 100 GB
Total RAM: 3004 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:57:46, on 30.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Users\Anča\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Anča\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Anča.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Anča\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
--
End of file - 9879 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1349919382-1813425755-1454799827-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1349919382-1813425755-1454799827-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default
prefs.js - "extensions.enabledItems" - "{9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.15, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.25.36, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.4.3, {800b5000-a755-47e1-992b-48a1c1357f07}:1.4.3, {124d001a-bdcb-472f-aa59-bbe7e4bc3204}:3.10.0.1, {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27, fe_3.6@nokia.com:1.7.56.205, {91da5e8a-3318-4f8c-b67e-5964de3ab546}:3.12.2.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
"{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}"=C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi
nsIOGAPlugin.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
np-mswmp.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
NPOFF12.DLL
npOGAPlugin.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
ssldivx.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\extensions\
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{124d001a-bdcb-472f-aa59-bbe7e4bc3204}-trash
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\
firmycz.xml
icqplugin-4.xml
mapycz.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-10-05 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-27 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-22 603816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-27 155384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E11DB59D-5008-42ff-9069-535843BC0BE1}]
Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll [2012-02-08 367384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-10-05 798771]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-22 603816]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PSQLLauncher"=C:\Program Files\Protector Suite QL\launcher.exe [2008-04-03 48904]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2013-01-02 73984]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1313640]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1387288]
"LogiScrollApp"=C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [2012-02-08 124184]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-11-22 738984]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2012-07-13 17418928]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-01-10 1475952]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe [2012-12-18 578560]
"Facebook Update"=C:\Users\Anča\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-24 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-01-10 310128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Philips Device Listener]
C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [2011-01-25 380416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 66328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Windows\system32\psqlpwd.dll [2008-04-03 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-01-29 22:16:38 ----A---- C:\AdwCleaner[S1].txt
2013-01-29 22:09:35 ----A---- C:\AdwCleaner[R1].txt
2013-01-29 21:06:22 ----D---- C:\rsit
2013-01-15 22:49:24 ----A---- C:\Windows\system32\atmfd.dll
2013-01-15 22:49:23 ----A---- C:\Windows\system32\atmlib.dll
2013-01-15 22:28:05 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\winsrv.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\kernel32.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\conhost.exe
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-15 22:27:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-15 22:27:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-15 22:27:46 ----A---- C:\Windows\system32\win32spl.dll
2013-01-15 22:27:44 ----A---- C:\Windows\system32\msxml6.dll
2013-01-15 22:27:42 ----A---- C:\Windows\system32\usp10.dll
2013-01-15 22:27:31 ----A---- C:\Windows\system32\gameux.dll
2013-01-15 22:27:30 ----A---- C:\Windows\system32\Wpc.dll
2013-01-15 22:25:43 ----A---- C:\Windows\system32\win32k.sys
2013-01-15 22:25:01 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-15 22:24:36 ----A---- C:\Windows\system32\taskhost.exe
2013-01-10 18:52:48 ----D---- C:\Users\Anča\AppData\Roaming\Gogii Games
2013-01-08 22:38:12 ----D---- C:\Users\Anča\AppData\Roaming\Fenomen Games
2013-01-08 19:16:16 ----D---- C:\ProgramData\JollyBear
======List of files/folders modified in the last 1 month======
2013-01-30 18:57:43 ----D---- C:\Windows\Temp
2013-01-30 18:57:35 ----D---- C:\Program Files\trend micro
2013-01-30 18:53:04 ----D---- C:\Windows\Prefetch
2013-01-30 18:22:30 ----D---- C:\Windows\system32\config
2013-01-29 23:50:53 ----D---- C:\Windows\Internet Logs
2013-01-29 22:25:58 ----D---- C:\Windows\system32\DriverStore
2013-01-29 22:21:30 ----D---- C:\Windows
2013-01-29 22:16:50 ----D---- C:\Program Files
2013-01-29 22:16:50 ----AHD---- C:\ProgramData
2013-01-29 21:00:36 ----D---- C:\Users\Anča\AppData\Roaming\Winamp
2013-01-27 23:41:43 ----D---- C:\Users\Anča\AppData\Roaming\uTorrent
2013-01-27 23:15:20 ----D---- C:\games
2013-01-27 23:04:27 ----D---- C:\Windows\Microsoft.NET
2013-01-27 23:04:25 ----RSD---- C:\Windows\assembly
2013-01-27 22:36:46 ----SHD---- C:\Windows\Installer
2013-01-27 22:36:46 ----D---- C:\Config.Msi
2013-01-27 21:29:20 ----D---- C:\Windows\System32
2013-01-27 21:29:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-27 21:29:19 ----D---- C:\Windows\inf
2013-01-27 20:44:19 ----D---- C:\Users\Anča\AppData\Roaming\ERS Game Studios
2013-01-26 12:05:57 ----D---- C:\Windows\system32\catroot2
2013-01-26 11:35:09 ----SHD---- C:\System Volume Information
2013-01-24 22:25:38 ----D---- C:\Users\Anča\AppData\Roaming\Elephant Games
2013-01-24 22:16:19 ----D---- C:\Windows\Minidump
2013-01-24 22:16:19 ----D---- C:\Windows\debug
2013-01-23 04:39:38 ----D---- C:\Windows\rescache
2013-01-17 16:07:42 ----D---- C:\Windows\winsxs
2013-01-17 05:26:20 ----D---- C:\Windows\system32\it-IT
2013-01-17 05:26:20 ----D---- C:\Windows\system32\en-US
2013-01-17 05:26:20 ----D---- C:\Windows\system32\cs-CZ
2013-01-15 22:49:28 ----D---- C:\Windows\system32\catroot
2013-01-15 22:48:19 ----D---- C:\ProgramData\Microsoft Help
2013-01-15 22:37:22 ----D---- C:\Program Files\Common Files\microsoft shared
2013-01-15 22:32:42 ----A---- C:\Windows\system32\MRT.exe
2013-01-15 21:21:56 ----D---- C:\Program Files\Mozilla Firefox
2013-01-10 13:21:00 ----D---- C:\Program Files\Alawarhry.cz
2013-01-09 18:44:43 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-01-07 18:48:14 ----D---- C:\ProgramData\Elephant Games
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-01 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 31088]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2012-12-13 454744]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 27056]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-10-11 45056]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-14 45736]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-07-30 81448]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-07-30 99880]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-07-30 28464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-07-30 17448]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6032.sys [2009-07-13 214016]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2011-01-18 15664]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2007-06-12 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2007-06-12 63376]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\System32\Drivers\LEqdUsb.Sys [2011-09-02 42648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\System32\Drivers\LHidEqd.Sys [2011-09-02 12184]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 41240]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 39192]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2007-06-12 79376]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-07-03 22344]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2009-03-10 9344]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2008-04-10 50576]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2012-06-27 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 catchme;catchme; \??\C:\Users\ANA~1\AppData\Local\Temp\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-06-11 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-06-11 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2010-04-27 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2010-04-27 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2010-04-27 123776]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2012-06-27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 136808]
S3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-06-11 8192]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-06-11 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-29 238952]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-22 497320]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-01-14 5184872]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2013-01-02 2448032]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-01-22 192512]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2009-01-22 313264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 295192]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2009-01-22 69632]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119401
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu, pomale PC
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1349919382-1813425755-1454799827-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1349919382-1813425755-1454799827-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Anča\AppData\Local\Facebook\Update
:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu, pomale PC
Provedeno, zde je log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Anča at 2013-01-30 22:17:25
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 13 GB (13%) free of 100 GB
Total RAM: 3004 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:17:35, on 30.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Anča\Desktop\RSIT.exe
C:\Program Files\trend micro\Anča.exe
C:\Windows\system32\sdclt.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
--
End of file - 9742 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default
prefs.js - "extensions.enabledItems" - "{9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.15, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.25.36, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.4.3, {800b5000-a755-47e1-992b-48a1c1357f07}:1.4.3, {124d001a-bdcb-472f-aa59-bbe7e4bc3204}:3.10.0.1, {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27, fe_3.6@nokia.com:1.7.56.205, {91da5e8a-3318-4f8c-b67e-5964de3ab546}:3.12.2.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
"{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}"=C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi
nsIOGAPlugin.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
np-mswmp.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
NPOFF12.DLL
npOGAPlugin.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
ssldivx.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\extensions\
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{124d001a-bdcb-472f-aa59-bbe7e4bc3204}-trash
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\
firmycz.xml
icqplugin-4.xml
mapycz.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-10-05 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-27 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-22 603816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-27 155384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E11DB59D-5008-42ff-9069-535843BC0BE1}]
Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll [2012-02-08 367384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-10-05 798771]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-22 603816]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PSQLLauncher"=C:\Program Files\Protector Suite QL\launcher.exe [2008-04-03 48904]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2013-01-02 73984]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1313640]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1387288]
"LogiScrollApp"=C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [2012-02-08 124184]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-11-22 738984]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2012-07-13 17418928]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-01-10 1475952]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe [2012-12-18 578560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-01-10 310128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Philips Device Listener]
C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [2011-01-25 380416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 66328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Windows\system32\psqlpwd.dll [2008-04-03 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-01-30 22:09:03 ----D---- C:\_OTM
2013-01-29 22:16:38 ----A---- C:\AdwCleaner[S1].txt
2013-01-29 22:09:35 ----A---- C:\AdwCleaner[R1].txt
2013-01-29 21:06:22 ----D---- C:\rsit
2013-01-15 22:49:24 ----A---- C:\Windows\system32\atmfd.dll
2013-01-15 22:49:23 ----A---- C:\Windows\system32\atmlib.dll
2013-01-15 22:28:05 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\winsrv.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\kernel32.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\conhost.exe
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-15 22:27:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-15 22:27:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-15 22:27:46 ----A---- C:\Windows\system32\win32spl.dll
2013-01-15 22:27:44 ----A---- C:\Windows\system32\msxml6.dll
2013-01-15 22:27:42 ----A---- C:\Windows\system32\usp10.dll
2013-01-15 22:27:31 ----A---- C:\Windows\system32\gameux.dll
2013-01-15 22:27:30 ----A---- C:\Windows\system32\Wpc.dll
2013-01-15 22:25:43 ----A---- C:\Windows\system32\win32k.sys
2013-01-15 22:25:01 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-15 22:24:36 ----A---- C:\Windows\system32\taskhost.exe
2013-01-10 18:52:48 ----D---- C:\Users\Anča\AppData\Roaming\Gogii Games
2013-01-08 22:38:12 ----D---- C:\Users\Anča\AppData\Roaming\Fenomen Games
2013-01-08 19:16:16 ----D---- C:\ProgramData\JollyBear
======List of files/folders modified in the last 1 month======
2013-01-30 22:17:32 ----D---- C:\Program Files\trend micro
2013-01-30 22:17:27 ----D---- C:\Windows\Temp
2013-01-30 22:16:13 ----D---- C:\Windows\Prefetch
2013-01-30 22:14:15 ----D---- C:\Windows\system32\DriverStore
2013-01-30 22:09:05 ----D---- C:\Windows\Tasks
2013-01-30 22:01:11 ----D---- C:\Windows\Internet Logs
2013-01-30 18:22:30 ----D---- C:\Windows\system32\config
2013-01-29 22:21:30 ----D---- C:\Windows
2013-01-29 22:16:50 ----D---- C:\Program Files
2013-01-29 22:16:50 ----AHD---- C:\ProgramData
2013-01-29 21:00:36 ----D---- C:\Users\Anča\AppData\Roaming\Winamp
2013-01-27 23:41:43 ----D---- C:\Users\Anča\AppData\Roaming\uTorrent
2013-01-27 23:15:20 ----D---- C:\games
2013-01-27 23:04:27 ----D---- C:\Windows\Microsoft.NET
2013-01-27 23:04:25 ----RSD---- C:\Windows\assembly
2013-01-27 22:36:46 ----SHD---- C:\Windows\Installer
2013-01-27 22:36:46 ----D---- C:\Config.Msi
2013-01-27 21:29:20 ----D---- C:\Windows\System32
2013-01-27 21:29:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-27 21:29:19 ----D---- C:\Windows\inf
2013-01-27 20:44:19 ----D---- C:\Users\Anča\AppData\Roaming\ERS Game Studios
2013-01-26 12:05:57 ----D---- C:\Windows\system32\catroot2
2013-01-26 11:35:09 ----SHD---- C:\System Volume Information
2013-01-24 22:25:38 ----D---- C:\Users\Anča\AppData\Roaming\Elephant Games
2013-01-24 22:16:19 ----D---- C:\Windows\Minidump
2013-01-24 22:16:19 ----D---- C:\Windows\debug
2013-01-23 04:39:38 ----D---- C:\Windows\rescache
2013-01-17 16:07:42 ----D---- C:\Windows\winsxs
2013-01-17 05:26:20 ----D---- C:\Windows\system32\it-IT
2013-01-17 05:26:20 ----D---- C:\Windows\system32\en-US
2013-01-17 05:26:20 ----D---- C:\Windows\system32\cs-CZ
2013-01-15 22:49:28 ----D---- C:\Windows\system32\catroot
2013-01-15 22:48:19 ----D---- C:\ProgramData\Microsoft Help
2013-01-15 22:37:22 ----D---- C:\Program Files\Common Files\microsoft shared
2013-01-15 22:32:42 ----A---- C:\Windows\system32\MRT.exe
2013-01-15 21:21:56 ----D---- C:\Program Files\Mozilla Firefox
2013-01-10 13:21:00 ----D---- C:\Program Files\Alawarhry.cz
2013-01-09 18:44:43 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-01-07 18:48:14 ----D---- C:\ProgramData\Elephant Games
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-01 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 31088]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2012-12-13 454744]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 27056]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-10-11 45056]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-14 45736]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-07-30 81448]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-07-30 99880]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-07-30 28464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-07-30 17448]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6032.sys [2009-07-13 214016]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2011-01-18 15664]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2007-06-12 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2007-06-12 63376]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\System32\Drivers\LEqdUsb.Sys [2011-09-02 42648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\System32\Drivers\LHidEqd.Sys [2011-09-02 12184]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 41240]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 39192]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2007-06-12 79376]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-07-03 22344]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2009-03-10 9344]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2008-04-10 50576]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2012-06-27 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 catchme;catchme; \??\C:\Users\ANA~1\AppData\Local\Temp\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-06-11 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-06-11 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2010-04-27 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2010-04-27 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2010-04-27 123776]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2012-06-27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 136808]
S3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-06-11 8192]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-06-11 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-29 238952]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-22 497320]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-01-14 5184872]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2013-01-02 2448032]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-01-22 192512]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2009-01-22 313264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 295192]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2009-01-22 69632]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Anča at 2013-01-30 22:17:25
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 13 GB (13%) free of 100 GB
Total RAM: 3004 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:17:35, on 30.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Anča\Desktop\RSIT.exe
C:\Program Files\trend micro\Anča.exe
C:\Windows\system32\sdclt.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
--
End of file - 9742 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default
prefs.js - "extensions.enabledItems" - "{9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.15, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.25.36, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.4.3, {800b5000-a755-47e1-992b-48a1c1357f07}:1.4.3, {124d001a-bdcb-472f-aa59-bbe7e4bc3204}:3.10.0.1, {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27, fe_3.6@nokia.com:1.7.56.205, {91da5e8a-3318-4f8c-b67e-5964de3ab546}:3.12.2.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
"{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}"=C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi
nsIOGAPlugin.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
np-mswmp.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
NPOFF12.DLL
npOGAPlugin.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
ssldivx.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\extensions\
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{124d001a-bdcb-472f-aa59-bbe7e4bc3204}-trash
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Anča\AppData\Roaming\Mozilla\Firefox\Profiles\z7eq6cgh.default\searchplugins\
firmycz.xml
icqplugin-4.xml
mapycz.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-10-05 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-27 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-22 603816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-27 155384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E11DB59D-5008-42ff-9069-535843BC0BE1}]
Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll [2012-02-08 367384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-10-05 798771]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-22 603816]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PSQLLauncher"=C:\Program Files\Protector Suite QL\launcher.exe [2008-04-03 48904]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2013-01-02 73984]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1313640]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1387288]
"LogiScrollApp"=C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [2012-02-08 124184]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-11-22 738984]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2012-07-13 17418928]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-01-10 1475952]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe [2012-12-18 578560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-01-10 310128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Philips Device Listener]
C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [2011-01-25 380416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 66328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Windows\system32\psqlpwd.dll [2008-04-03 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-01-30 22:09:03 ----D---- C:\_OTM
2013-01-29 22:16:38 ----A---- C:\AdwCleaner[S1].txt
2013-01-29 22:09:35 ----A---- C:\AdwCleaner[R1].txt
2013-01-29 21:06:22 ----D---- C:\rsit
2013-01-15 22:49:24 ----A---- C:\Windows\system32\atmfd.dll
2013-01-15 22:49:23 ----A---- C:\Windows\system32\atmlib.dll
2013-01-15 22:28:05 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\winsrv.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\kernel32.dll
2013-01-15 22:28:01 ----A---- C:\Windows\system32\conhost.exe
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-15 22:27:59 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-15 22:27:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-15 22:27:57 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-15 22:27:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-15 22:27:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-15 22:27:46 ----A---- C:\Windows\system32\win32spl.dll
2013-01-15 22:27:44 ----A---- C:\Windows\system32\msxml6.dll
2013-01-15 22:27:42 ----A---- C:\Windows\system32\usp10.dll
2013-01-15 22:27:31 ----A---- C:\Windows\system32\gameux.dll
2013-01-15 22:27:30 ----A---- C:\Windows\system32\Wpc.dll
2013-01-15 22:25:43 ----A---- C:\Windows\system32\win32k.sys
2013-01-15 22:25:01 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-15 22:24:36 ----A---- C:\Windows\system32\taskhost.exe
2013-01-10 18:52:48 ----D---- C:\Users\Anča\AppData\Roaming\Gogii Games
2013-01-08 22:38:12 ----D---- C:\Users\Anča\AppData\Roaming\Fenomen Games
2013-01-08 19:16:16 ----D---- C:\ProgramData\JollyBear
======List of files/folders modified in the last 1 month======
2013-01-30 22:17:32 ----D---- C:\Program Files\trend micro
2013-01-30 22:17:27 ----D---- C:\Windows\Temp
2013-01-30 22:16:13 ----D---- C:\Windows\Prefetch
2013-01-30 22:14:15 ----D---- C:\Windows\system32\DriverStore
2013-01-30 22:09:05 ----D---- C:\Windows\Tasks
2013-01-30 22:01:11 ----D---- C:\Windows\Internet Logs
2013-01-30 18:22:30 ----D---- C:\Windows\system32\config
2013-01-29 22:21:30 ----D---- C:\Windows
2013-01-29 22:16:50 ----D---- C:\Program Files
2013-01-29 22:16:50 ----AHD---- C:\ProgramData
2013-01-29 21:00:36 ----D---- C:\Users\Anča\AppData\Roaming\Winamp
2013-01-27 23:41:43 ----D---- C:\Users\Anča\AppData\Roaming\uTorrent
2013-01-27 23:15:20 ----D---- C:\games
2013-01-27 23:04:27 ----D---- C:\Windows\Microsoft.NET
2013-01-27 23:04:25 ----RSD---- C:\Windows\assembly
2013-01-27 22:36:46 ----SHD---- C:\Windows\Installer
2013-01-27 22:36:46 ----D---- C:\Config.Msi
2013-01-27 21:29:20 ----D---- C:\Windows\System32
2013-01-27 21:29:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-27 21:29:19 ----D---- C:\Windows\inf
2013-01-27 20:44:19 ----D---- C:\Users\Anča\AppData\Roaming\ERS Game Studios
2013-01-26 12:05:57 ----D---- C:\Windows\system32\catroot2
2013-01-26 11:35:09 ----SHD---- C:\System Volume Information
2013-01-24 22:25:38 ----D---- C:\Users\Anča\AppData\Roaming\Elephant Games
2013-01-24 22:16:19 ----D---- C:\Windows\Minidump
2013-01-24 22:16:19 ----D---- C:\Windows\debug
2013-01-23 04:39:38 ----D---- C:\Windows\rescache
2013-01-17 16:07:42 ----D---- C:\Windows\winsxs
2013-01-17 05:26:20 ----D---- C:\Windows\system32\it-IT
2013-01-17 05:26:20 ----D---- C:\Windows\system32\en-US
2013-01-17 05:26:20 ----D---- C:\Windows\system32\cs-CZ
2013-01-15 22:49:28 ----D---- C:\Windows\system32\catroot
2013-01-15 22:48:19 ----D---- C:\ProgramData\Microsoft Help
2013-01-15 22:37:22 ----D---- C:\Program Files\Common Files\microsoft shared
2013-01-15 22:32:42 ----A---- C:\Windows\system32\MRT.exe
2013-01-15 21:21:56 ----D---- C:\Program Files\Mozilla Firefox
2013-01-10 13:21:00 ----D---- C:\Program Files\Alawarhry.cz
2013-01-09 18:44:43 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-01-07 18:48:14 ----D---- C:\ProgramData\Elephant Games
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-01 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 31088]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2012-12-13 454744]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 27056]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-10-11 45056]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-14 45736]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-07-30 81448]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-07-30 99880]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-07-30 28464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-07-30 17448]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6032.sys [2009-07-13 214016]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2011-01-18 15664]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2007-06-12 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2007-06-12 63376]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\System32\Drivers\LEqdUsb.Sys [2011-09-02 42648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\System32\Drivers\LHidEqd.Sys [2011-09-02 12184]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 41240]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 39192]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2007-06-12 79376]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-07-03 22344]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2009-03-10 9344]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2008-04-10 50576]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2012-06-27 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 catchme;catchme; \??\C:\Users\ANA~1\AppData\Local\Temp\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-06-11 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-06-11 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2010-04-27 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2010-04-27 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2010-04-27 123776]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2012-06-27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 136808]
S3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-06-11 8192]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-06-11 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-29 238952]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-22 497320]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-01-14 5184872]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2013-01-02 2448032]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-01-22 192512]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2009-01-22 313264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 295192]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2009-01-22 69632]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119401
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu, pomale PC
Dvouklikem na soubor C:\Program Files\trend micro\Anča.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.R3 - URLSearchHook: (no name) - - (no file)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?