Můžu poprosit o preventívní kontrolu ?
Logfile of random's system information tool 1.09 (written by random/random)
Run by Michal at 2013-02-22 23:59:50
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 4 GB (3%) free of 114 GB
Total RAM: 3002 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:00:06, on 23.2.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Game Booster\gbtray.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\WerCon.exe
C:\Users\Michal\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files\TuneUp Utilities 2013\TUMessages.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\Downloads\RSIT.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Janička\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: CEventSink Class - {B7154C4D-87C0-4A2C-AB64-DA132BAC2EE6} - C:\Program Files\Hotspot Shield\AnchorFree\ie\AFBho.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - mscoree.dll (file missing)
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Shifters Anti-Cheat] C:\Program Files\Shifters Anti-Cheat\core.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Michal\Desktop\PartyPoker.lnk (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Michal\Desktop\PartyPoker.lnk (file missing)
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O9 - Extra button: GetWebPics - {4B51A27A-6F76-49E5-BC45-06AE2DDD2A1A} - C:\Program Files\Photoactions\GetWebPics\Gwp4Ie.dll (HKCU)
O9 - Extra 'Tools' menuitem: Download pictures with GetWebPics - {4B51A27A-6F76-49E5-BC45-06AE2DDD2A1A} - C:\Program Files\Photoactions\GetWebPics\Gwp4Ie.dll (HKCU)
O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\httpd.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Multimedia Mouse Driver\v5\KMWDSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: QipGuard - QIP.ru - C:\Program Files\QipGuard\QipGuard.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SMTP Server Service (SMTPMainService) - Unknown owner - C:\Program Files\Advanced SMTP Server\SMTPListener.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_6c241dbe\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe
O23 - Service: VeNCrypt - OCCAM Financial Technology - C:\Program Files\VeNCrypt-0.2.6\vencserver.exe
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\Program Files\Stardock\MyColors\VistaSrv.exe
--
End of file - 12254 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1630076922-693152462-836407820-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1630076922-693152462-836407820-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1630076922-693152462-836407820-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1630076922-693152462-836407820-1001UA.job
C:\Windows\tasks\RegClean Pro_DEFAULT.job
C:\Windows\tasks\RegClean Pro_UPDATES.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://qip.ru"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}:1.0, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, plugin2@gameplaylabs.com:2.0, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31, afurladvisor@anchorfree.com:1.0, {687578b9-7132-4a7a-80e4-30ee31099e03}:3.12.0.8, {f0381dbd-e018-4e07-ae40-d96ab15083f0}:3.12.2.3, ffxtlbr@incredibar.com:1.5.0, {800b5000-a755-47e1-992b-48a1c1357f07}:1.5.1, {9764bb84-7272-11dd-8eb6-20d155d89557}:2.1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}"=C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox
"fmdownloader@gmail.com"=C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
"ytfmdownloader@gmail.com"=C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0]
"Description"=DivX OVS Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@fileplanet.com/fpdlm]
"Description"=
"Path"=C:\Program Files\Download Manager\npfpdlm.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/wpi,version=1.3]
"Description"=
"Path"=C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647]
"Description"=12.0.1.647
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll
C:\Program Files\Mozilla Firefox\extensions\
afurladvisor@anchorfree.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
flashplayer.xpt
nppl3260.xpt
nsILegitCheckPlugin.xpt
nsjsrealplayerplugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
np-mswmp.dll
np32dsw.dll
npdivx32.dll
npdivx32.xpt
npFoxitReaderPlugin.dll
npLegitCheckPlugin.dll
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
npwachk.dll
ShockwavePlugin.class
ssldivx.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\
ffxtlbr@incredibar.com
plugin2@gameplaylabs.com
staged
{20a82645-c095-46ed-80e3-08825760534b}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{33e0daa6-3af3-d8b5-6752-10e949c61516}
{687578b9-7132-4a7a-80e4-30ee31099e03}
{800b5000-a755-47e1-992b-48a1c1357f07}
{f0381dbd-e018-4e07-ae40-d96ab15083f0}
C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\searchplugins\
conduit.xml
icqplugin.xml
MyStart Search.xml
qip-search.xml
seznam.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Janička\AppData\Roaming\Complitly\Complitly.dll [2012-11-30 142040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}]
Incredibar.com Helper Object - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll [2012-01-21 261632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-25 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-01-16 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B7154C4D-87C0-4A2C-AB64-DA132BAC2EE6}]
CEventSink Class - C:\Program Files\Hotspot Shield\AnchorFree\ie\AFBho.dll [2006-06-05 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2}]
Freemake.YoutubeButton - C:\Windows\system32\mscoree.dll [2009-11-08 297808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll [2012-10-10 233288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F9639E4A-801B-4843-AEE3-03D9DA199E77} - Incredibar Toolbar - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll [2012-01-21 270336]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2012-03-20 1056320]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-02-19 1697064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 947176]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-07-08 273544]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2012-05-28 742264]
"Shifters Anti-Cheat"=C:\Program Files\Shifters Anti-Cheat\core.exe [2013-01-14 724992]
"Google Update"=C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-28 136176]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AFProg]
C:\Program Files\Hotspot Shield\AnchorFree\ctrl\AFController.exe [2006-06-05 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaceSoft]
C:\Program Files\Face Software\FaceSoft.exe [2012-10-29 1754624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-28 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files\Guard-ICQ\GuardICQ.exe [2013-01-05 1564368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-01-16 717696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-05-28 742264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Run VeNCrypt Listening Viewer.lnk]
C:\PROGRA~1\VENCRY~1.6\VENCVI~1.EXE [2006-12-11 730664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-05-24 27112840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]
C:\PROGRA~1\MICROS~3\Office14\ONENOTEM.EXE [2010-01-21 226176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-06-07 1195520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Michal\AppData\Local\Temp\Rar$EX00.958\Email Extractor 14 Cracked By LuisN2.exe"="C:\Users\Michal\AppData\Local\Temp\Rar$EX00.958\Email Extractor 14 Cracked By LuisN2.exe:*:Enabled:Windows Messanger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvid.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"msacm.lhacm"=lhacm.acm
"wave5"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave4"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.iv50"=ir50_32.dll
"msacm.l3codec"=L3codeca.acm
"vidc.DIV3"=DivXc32.dll
"vidc.DIV4"=DivXc32f.dll
"msacm.lameacm"=LameACM.acm
"msacm.vorbis"=vorbis.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Users\Michal\AppData\Local\Aptana Studio 3\AptanaStudio3.exe" "%1"
======List of files/folders created in the last 1 month======
2013-02-21 16:08:42 ----A---- C:\Windows\system32\drivers\zdusyjhi.sys
2013-02-21 16:07:40 ----A---- C:\Users\Michal\AppData\Roaming\data.dat
2013-02-20 01:10:50 ----D---- C:\Users\Michal\AppData\Roaming\Broad Intelligence
2013-02-20 01:10:42 ----D---- C:\Program Files\MediaCoder
2013-02-20 01:06:47 ----D---- C:\Program Files\MKVTOAVI
2013-02-18 01:41:56 ----D---- C:\Program Files\SuperiorCasino
2013-02-13 16:56:17 ----D---- C:\Program Files\Common Files\Skype
2013-02-08 15:42:57 ----ASH---- C:\hiberfil.sys
2013-02-08 15:33:56 ----A---- C:\Windows\ntbtlog.txt
2013-02-01 23:58:36 ----D---- C:\Program Files\Half-Life
2013-02-01 13:40:32 ----D---- C:\Program Files\Web Email Extractor Pro v4.1
2013-02-01 13:32:34 ----D---- C:\Users\Michal\AppData\Roaming\WebProSoftware
2013-02-01 13:31:39 ----D---- C:\Program Files\Email Extractor
2013-02-01 13:31:17 ----HDC---- C:\ProgramData\{12402AB8-6FBE-49C5-9F36-E4CEEB4480A0}
2013-01-30 11:04:22 ----SHD---- C:\found.005
======List of files/folders modified in the last 1 month======
2013-02-23 00:00:03 ----D---- C:\Windows\Prefetch
2013-02-22 23:59:57 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2013-02-22 23:59:53 ----D---- C:\Program Files\trend micro
2013-02-22 23:59:48 ----D---- C:\Windows\temp
2013-02-22 23:51:53 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2013-02-22 22:07:15 ----D---- C:\ProgramData\GameXN
2013-02-21 20:19:12 ----SHD---- C:\Windows\Installer
2013-02-21 20:19:11 ----D---- C:\Config.Msi
2013-02-21 20:19:08 ----D---- C:\Users\Michal\AppData\Roaming\Mozilla
2013-02-21 16:08:42 ----D---- C:\Windows\system32\drivers
2013-02-21 15:35:14 ----SHD---- C:\System Volume Information
2013-02-20 23:47:44 ----D---- C:\Users\Michal\AppData\Roaming\Adobe
2013-02-20 01:10:42 ----D---- C:\Program Files
2013-02-18 23:47:25 ----D---- C:\Windows\System32
2013-02-18 23:47:25 ----D---- C:\Windows\inf
2013-02-18 23:47:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-18 20:46:55 ----D---- C:\Users\Michal\AppData\Roaming\FileZilla
2013-02-16 11:18:08 ----D---- C:\Program Files\Steam
2013-02-16 11:04:54 ----D---- C:\Program Files\Common Files\Steam
2013-02-16 10:11:37 ----D---- C:\ProgramData\PMB Files
2013-02-13 16:56:29 ----D---- C:\ProgramData\Skype
2013-02-13 16:56:18 ----RD---- C:\Program Files\Skype
2013-02-13 16:56:17 ----D---- C:\Program Files\Common Files
2013-02-08 15:44:31 ----D---- C:\Windows\system32\catroot2
2013-02-08 15:33:56 ----AD---- C:\Windows
2013-02-07 23:41:59 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-02-03 00:06:21 ----D---- C:\ProgramData
2013-02-03 00:05:16 ----D---- C:\ProgramData\ServeZip
2013-01-30 11:53:21 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 354840]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-08-30 193552]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-20 691696]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys [2012-08-01 35560]
R2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x32.sys [2009-03-27 12672]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 99272]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35088]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-06-26 294952]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-06-26 88616]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-06-26 111144]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-26 33320]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-26 18728]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-10 4744704]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-05-15 47360]
R3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2004-04-01 10368]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-11-11 305256]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-11-19 408576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-02-19 242992]
R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2012-11-01 35592]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-09-19 10088]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]
S0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys []
S1 zdusyjhi;zdusyjhi; \??\C:\Windows\system32\drivers\zdusyjhi.sys [2013-02-21 43600]
S3 a0qr5y7s;a0qr5y7s; C:\Windows\system32\drivers\a0qr5y7s.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\Michal\AppData\Local\Temp\ALSysIO.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CFcatchme;CFcatchme; \??\C:\Users\Michal\AppData\Local\Temp\CFcatchme.sys []
S3 cpuz135;cpuz135; \??\C:\Users\Michal\AppData\Local\Temp\cpuz135\cpuz135_x32.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-02-16 25280]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\ialmnt5.sys [2006-11-02 1302492]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys []
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys []
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys []
S3 Ltn_stk7070P;PCTV based TV tuner device; C:\Windows\system32\DRIVERS\Ltn_stk7070P.sys [2007-06-14 466048]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-04-06 33512]
S3 TrueSight;TrueSight; \??\c:\windows\system32\drivers\TrueSight.sys [2012-02-18 111872]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2010-04-23 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2010-04-23 20864]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2010-04-23 24960]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [2010-11-01 14416]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-25 656672]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe [2009-07-22 81920]
R2 FolderSize;Folder Size; C:\Program Files\FolderSize\FolderSizeSvc.exe [2010-04-05 116224]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-01-10 101376]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [2013-01-10 9216]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2013-01-05 1564368]
R2 HssSrv;Hotspot Shield Routing Service; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [2012-10-12 413040]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Multimedia Mouse Driver\v5\KMWDSrv.exe [2007-05-08 2179072]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 20472]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-03-29 598312]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-10-02 75064]
R2 QipGuard;QipGuard; C:\Program Files\QipGuard\QipGuard.exe [2011-10-12 191440]
R2 SMTPMainService;SMTP Server Service; C:\Program Files\Advanced SMTP Server\SMTPListener.exe [2011-01-25 1214464]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_6c241dbe\STacSV.exe [2009-11-19 221266]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2012-10-23 2848168]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2012-11-02 1699168]
R2 tvnserver;TightVNC Server; C:\Program Files\TightVNC\tvnserver.exe [2011-08-03 828944]
R2 VeNCrypt;VeNCrypt; C:\Program Files\VeNCrypt-0.2.6\vencserver.exe [2006-12-11 886312]
R2 WindowBlinds;Stardock WindowBlinds; C:\Program Files\Stardock\MyColors\VistaSrv.exe [2009-06-09 230704]
R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe [2009-07-22 2736128]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 287824]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 Apache2.2;Apache2.2; c:\xampp\apache\bin\httpd.exe [2010-10-18 20549]
S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-28 136176]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-07 251248]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-01-06 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-28 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2012-10-12 78072]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-26 129976]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-02-15 543144]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivní kontrola
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Search
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
- Ulozte nejlepe na Plochu a rozbalte
- Spustte kliknutim na mbanr
- Nyni postupne kliknete na Next a Update
- Po dokonceni update (aktualizace) databaze kliknete opet na Next
- Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
- Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
- Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
- Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
- PC bude restartovan
- Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivní kontrola
První log
# AdwCleaner v2.112 - Logfile created 02/23/2013 at 18:34:03
# Updated 10/02/2013 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# User : Michal - MICHAL-PC
# Boot Mode : Normal
# Running from : C:\Users\Michal\Desktop\adwcleaner0.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\user.js
File Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\searchplugins\Conduit.xml
File Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\searchplugins\icqplugin.xml
File Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\searchplugins\MyStart Search.xml
File Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\searchplugins\qip-search.xml
Folder Found : C:\Program Files\Complitly
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\Program Files\Free Offers from Freeze.com
Folder Found : C:\Program Files\ICQ6Toolbar
Folder Found : C:\Program Files\incredibar.com
Folder Found : C:\Program Files\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Found : C:\Program Files\Perion
Folder Found : C:\Program Files\uTorrentControl2
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Premium
Folder Found : C:\Users\Janička\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Janička\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Janička\AppData\Roaming\Complitly
Folder Found : C:\Users\Janička\AppData\Roaming\Mozilla\Firefox\Profiles\mo8oj0fu.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Folder Found : C:\Users\Michal\AppData\Local\Conduit
Folder Found : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Folder Found : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Folder Found : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Folder Found : C:\Users\Michal\AppData\LocalLow\AF-HSS
Folder Found : C:\Users\Michal\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Michal\AppData\LocalLow\Conduit
Folder Found : C:\Users\Michal\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Michal\AppData\LocalLow\FunWebProducts
Folder Found : C:\Users\Michal\AppData\LocalLow\MyWebSearch
Folder Found : C:\Users\Michal\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Michal\AppData\LocalLow\uTorrentControl2
Folder Found : C:\Users\Michal\AppData\Roaming\Babylon
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\Conduit
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\ConduitCommon
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\CT2765711
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\CT3072253
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\{f0381dbd-e018-4e07-ae40-d96ab15083f0}
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\ffxtlbr@incredibar.com
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\staged
Folder Found : C:\Users\Michal\AppData\Roaming\OpenCandy
***** [Registry] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\AF-HSS
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\GamePlayLabs
Key Found : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\incredibar.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D08D9F98-1C78-4704-87E6-368B0023D831}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AF-HSS Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facemoods
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\incredibar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl2 Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B7511D30-DDC0-4FDA-BD4D-58B20054DAC0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKLM\Software\AF-HSS
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\I
Key Found : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Found : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Found : HKLM\Software\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3229BB55-6AA7-4403-9E86-382A125EA68B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5190E9F5-6418-4C1A-B059-90F44E010098}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77D3F1B4-1224-4164-96F7-D881282FC6F7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E70DB94E-C77D-4B9C-A188-0EBDDE410B73}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B7511D30-DDC0-4FDA-BD4D-58B20054DAC0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SimplyGen
Key Found : HKLM\Software\uTorrentControl2
Key Found : HKLM\Software\Web Assistant
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{F0381DBD-E018-4E07-AE40-D96AB15083F0}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F0381DBD-E018-4E07-AE40-D96AB15083F0}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie
-\\ Mozilla Firefox v12.0 (cs)
File : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\prefs.js
Found : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2269050.CTID", "CT2269050");
Found : user_pref("CT2269050.CurrentServerDate", "31-10-2010");
Found : user_pref("CT2269050.DialogsAlignMode", "LTR");
Found : user_pref("CT2269050.DownloadReferralCookieData", "");
Found : user_pref("CT2269050.EMailNotifierPollDate", "Sun Oct 31 2010 08:23:19 GMT+0100");
Found : user_pref("CT2269050.FirstServerDate", "27-10-2010");
Found : user_pref("CT2269050.FirstTime", true);
Found : user_pref("CT2269050.FirstTimeFF3", true);
Found : user_pref("CT2269050.FirstTimeSettingsDone", true);
Found : user_pref("CT2269050.FixPageNotFoundErrors", true);
Found : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2269050.Initialize", true);
Found : user_pref("CT2269050.InitializeCommonPrefs", true);
Found : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Found : user_pref("CT2269050.InstalledDate", "Wed Oct 27 2010 20:16:42 GMT+0200");
Found : user_pref("CT2269050.InvalidateCache", false);
Found : user_pref("CT2269050.IsGrouping", false);
Found : user_pref("CT2269050.IsMulticommunity", false);
Found : user_pref("CT2269050.IsOpenThankYouPage", false);
Found : user_pref("CT2269050.IsOpenUninstallPage", false);
Found : user_pref("CT2269050.LanguagePackLastCheckTime", "Sun Oct 31 2010 08:23:20 GMT+0100");
Found : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2269050.LastLogin_2.7.2.0", "Sun Oct 31 2010 08:23:19 GMT+0100");
Found : user_pref("CT2269050.LatestVersion", "2.7.2.0");
Found : user_pref("CT2269050.Locale", "en");
Found : user_pref("CT2269050.LoginCache", 4);
Found : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Found : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Found : user_pref("CT2269050.RadioIsPodcast", false);
Found : user_pref("CT2269050.RadioLastCheckTime", "Sun Oct 31 2010 08:23:20 GMT+0100");
Found : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Found : user_pref("CT2269050.RadioMediaID", "12473383");
Found : user_pref("CT2269050.RadioMediaType", "Media Player");
Found : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Found : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Found : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Found : user_pref("CT2269050.SavedHomepage", "hxxp://start.icq.com/");
Found : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Found : user_pref("CT2269050.SearchInNewTabEnabled", true);
Found : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Sun Oct 31 2010 08:23:19 GMT+0100");
Found : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2269050.SettingsLastCheckTime", "Sun Oct 31 2010 08:23:19 GMT+0100");
Found : user_pref("CT2269050.SettingsLastUpdate", "1288425627");
Found : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Wed Oct 27 2010 19:42:05 GMT+0200");
Found : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2269050.UserID", "UN31594970939084477");
Found : user_pref("CT2269050.WeatherNetwork", "");
Found : user_pref("CT2269050.WeatherPollDate", "Sun Oct 31 2010 08:23:20 GMT+0100");
Found : user_pref("CT2269050.WeatherUnit", "C");
Found : user_pref("CT2269050.alertChannelId", "666138");
Found : user_pref("CT2269050.clientLogIsEnabled", true);
Found : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2269050.myStuffEnabled", true);
Found : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2438727.CTID", "CT2438727");
Found : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");
Found : user_pref("CT2438727.CurrentServerDate", "31-10-2010");
Found : user_pref("CT2438727.DialogsAlignMode", "LTR");
Found : user_pref("CT2438727.DownloadReferralCookieData", "");
Found : user_pref("CT2438727.FirstServerDate", "20-8-2010");
Found : user_pref("CT2438727.FirstTime", true);
Found : user_pref("CT2438727.FirstTimeFF3", true);
Found : user_pref("CT2438727.FirstTimeSettingsDone", true);
Found : user_pref("CT2438727.FixPageNotFoundErrors", true);
Found : user_pref("CT2438727.GroupingInvalidateCache", false);
Found : user_pref("CT2438727.GroupingLastCheckTime", "0");
Found : user_pref("CT2438727.GroupingLastServerUpdateTime", "0");
Found : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2438727.Initialize", true);
Found : user_pref("CT2438727.InitializeCommonPrefs", true);
Found : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2438727.InstalledDate", "Fri Aug 20 2010 13:09:25 GMT+0200");
Found : user_pref("CT2438727.InvalidateCache", false);
Found : user_pref("CT2438727.IsGrouping", false);
Found : user_pref("CT2438727.IsMulticommunity", false);
Found : user_pref("CT2438727.IsOpenThankYouPage", true);
Found : user_pref("CT2438727.IsOpenUninstallPage", true);
Found : user_pref("CT2438727.LanguagePackLastCheckTime", "Sun Oct 31 2010 08:23:18 GMT+0100");
Found : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2438727.LastLogin_2.7.1.3", "Tue Aug 24 2010 11:55:33 GMT+0200");
Found : user_pref("CT2438727.LastLogin_2.7.2.0", "Sun Oct 31 2010 08:23:18 GMT+0100");
Found : user_pref("CT2438727.LatestVersion", "2.7.1.3");
Found : user_pref("CT2438727.Locale", "en");
Found : user_pref("CT2438727.LoginCache", 4);
Found : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Found : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Found : user_pref("CT2438727.RadioLastCheckTime", "0");
Found : user_pref("CT2438727.RadioLastUpdateIPServer", "0");
Found : user_pref("CT2438727.RadioLastUpdateServer", "0");
Found : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Found : user_pref("CT2438727.SearchInNewTabEnabled", true);
Found : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Sun Oct 31 2010 08:23:17 GMT+0100");
Found : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2438727.SettingsLastCheckTime", "Sun Oct 31 2010 08:23:17 GMT+0100");
Found : user_pref("CT2438727.SettingsLastUpdate", "1287517459");
Found : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Tue Oct 26 2010 12:31:44 GMT+0200");
Found : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2438727.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2438727.UserID", "UN52615581294461425");
Found : user_pref("CT2438727.ValidationData_Toolbar", 2);
Found : user_pref("CT2438727.alertChannelId", "832836");
Found : user_pref("CT2438727.clientLogIsEnabled", false);
Found : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2438727.myStuffEnabled", true);
Found : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2680363.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2680363.CTID", "CT2680363");
Found : user_pref("CT2680363.CurrentServerDate", "31-10-2010");
Found : user_pref("CT2680363.DialogsAlignMode", "LTR");
Found : user_pref("CT2680363.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Found : user_pref("CT2680363.ExternalComponentPollDate129221960058849484", "Sun Oct 31 2010 08:23:18 GMT+010[...]
Found : user_pref("CT2680363.ExternalComponentPollDate129222078068706850", "Sun Oct 31 2010 08:23:18 GMT+010[...]
Found : user_pref("CT2680363.ExternalComponentPollDate129228979092089554", "Sun Oct 31 2010 08:23:18 GMT+010[...]
Found : user_pref("CT2680363.ExternalComponentPollDate129243777123493394", "Sun Oct 31 2010 08:23:18 GMT+010[...]
Found : user_pref("CT2680363.ExternalComponentPollDate129308349891594152", "Sun Oct 31 2010 08:23:18 GMT+010[...]
Found : user_pref("CT2680363.FirstServerDate", "24-8-2010");
Found : user_pref("CT2680363.FirstTime", true);
Found : user_pref("CT2680363.FirstTimeFF3", true);
Found : user_pref("CT2680363.FirstTimeSettingsDone", true);
Found : user_pref("CT2680363.FixPageNotFoundErrors", true);
Found : user_pref("CT2680363.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2680363.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2680363.Initialize", true);
Found : user_pref("CT2680363.InitializeCommonPrefs", true);
Found : user_pref("CT2680363.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2680363.InstalledDate", "Tue Aug 24 2010 11:56:06 GMT+0200");
Found : user_pref("CT2680363.IsGrouping", false);
Found : user_pref("CT2680363.IsMulticommunity", false);
Found : user_pref("CT2680363.IsOpenThankYouPage", true);
Found : user_pref("CT2680363.IsOpenUninstallPage", true);
Found : user_pref("CT2680363.LanguagePackLastCheckTime", "Sun Oct 31 2010 08:23:18 GMT+0100");
Found : user_pref("CT2680363.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2680363.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2680363.LastLogin_2.7.2.0", "Sun Oct 31 2010 08:23:19 GMT+0100");
Found : user_pref("CT2680363.LatestVersion", "2.7.2.0");
Found : user_pref("CT2680363.Locale", "en");
Found : user_pref("CT2680363.LoginCache", 4);
Found : user_pref("CT2680363.MCDetectTooltipHeight", "83");
Found : user_pref("CT2680363.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2680363.MCDetectTooltipWidth", "295");
Found : user_pref("CT2680363.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2680363.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2680363.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT268[...]
Found : user_pref("CT2680363.SearchInNewTabEnabled", true);
Found : user_pref("CT2680363.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2680363.SearchInNewTabLastCheckTime", "Sun Oct 31 2010 08:23:17 GMT+0100");
Found : user_pref("CT2680363.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2680363.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2680363.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2680363.SettingsLastCheckTime", "Sun Oct 31 2010 08:23:17 GMT+0100");
Found : user_pref("CT2680363.SettingsLastUpdate", "1286362557");
Found : user_pref("CT2680363.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2680363.ThirdPartyComponentsLastCheck", "Wed Oct 27 2010 19:42:04 GMT+0200");
Found : user_pref("CT2680363.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2680363.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2680363.UserID", "UN49949333201251818");
Found : user_pref("CT2680363.ValidationData_Search", 2);
Found : user_pref("CT2680363.ValidationData_Toolbar", 2);
Found : user_pref("CT2680363.alertChannelId", "1072794");
Found : user_pref("CT2680363.clientLogIsEnabled", true);
Found : user_pref("CT2680363.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2680363.myStuffEnabled", true);
Found : user_pref("CT2680363.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2680363.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2680363.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2680363.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2680363.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2765711..clientLogIsEnabled", false);
Found : user_pref("CT2765711..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2765711..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2765711.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2765711.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2765711.AppTrackingLastCheckTime", "Tue Jul 31 2012 22:27:16 GMT+0200");
Found : user_pref("CT2765711.BrowserCompStateIsOpen_129681714285417717", true);
Found : user_pref("CT2765711.BrowserCompStateIsOpen_129738909627389163", true);
Found : user_pref("CT2765711.BrowserCompStateIsOpen_5247764004679560773", true);
Found : user_pref("CT2765711.CTID", "CT2765711");
Found : user_pref("CT2765711.CurrentServerDate", "25-12-2012");
Found : user_pref("CT2765711.DSInstall", false);
Found : user_pref("CT2765711.DialogsAlignMode", "LTR");
Found : user_pref("CT2765711.DialogsGetterLastCheckTime", "Fri Aug 17 2012 19:10:15 GMT+0200");
Found : user_pref("CT2765711.DownloadReferralCookieData", "");
Found : user_pref("CT2765711.FirstServerDate", "31-7-2012");
Found : user_pref("CT2765711.FirstTime", true);
Found : user_pref("CT2765711.FirstTimeFF3", true);
Found : user_pref("CT2765711.FirstTimeHiddenVer", true);
Found : user_pref("CT2765711.FixPageNotFoundErrors", true);
Found : user_pref("CT2765711.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2765711.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2765711.HPInstall", false);
Found : user_pref("CT2765711.HasUserGlobalKeys", true);
Found : user_pref("CT2765711.Initialize", true);
Found : user_pref("CT2765711.InitializeCommonPrefs", true);
Found : user_pref("CT2765711.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2765711.InstallationId", "ConduitStubGeneric");
Found : user_pref("CT2765711.InstallationType", "ConduitStubIntegration");
Found : user_pref("CT2765711.InstalledDate", "Tue Jul 31 2012 22:27:01 GMT+0200");
Found : user_pref("CT2765711.InvalidateCache", false);
Found : user_pref("CT2765711.IsGrouping", false);
Found : user_pref("CT2765711.IsInitSetupIni", true);
Found : user_pref("CT2765711.IsMulticommunity", false);
Found : user_pref("CT2765711.IsOpenThankYouPage", false);
Found : user_pref("CT2765711.IsOpenUninstallPage", true);
Found : user_pref("CT2765711.LanguagePackLastCheckTime", "Mon Dec 24 2012 22:48:01 GMT+0100");
Found : user_pref("CT2765711.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2765711.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2765711.LastLogin_3.12.2.3", "Fri Aug 17 2012 19:10:15 GMT+0200");
Found : user_pref("CT2765711.LastLogin_3.16.0.3", "Mon Dec 24 2012 22:48:02 GMT+0100");
Found : user_pref("CT2765711.LatestVersion", "3.16.0.3");
Found : user_pref("CT2765711.Locale", "en-us");
Found : user_pref("CT2765711.MCDetectTooltipHeight", "83");
Found : user_pref("CT2765711.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2765711.MCDetectTooltipWidth", "295");
Found : user_pref("CT2765711.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2765711.OriginalFirstVersion", "3.12.2.3");
Found : user_pref("CT2765711.RadioIsPodcast", false);
Found : user_pref("CT2765711.RadioLastCheckTime", "Tue Jul 31 2012 22:27:04 GMT+0200");
Found : user_pref("CT2765711.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2765711.RadioLastUpdateServer", "3");
Found : user_pref("CT2765711.RadioMediaID", "9962");
Found : user_pref("CT2765711.RadioMediaType", "Media Player");
Found : user_pref("CT2765711.RadioMenuSelectedID", "EBRadioMenu_CT27657119962");
Found : user_pref("CT2765711.RadioShrinkedFromSetup", false);
Found : user_pref("CT2765711.RadioStationName", "California%20Rock");
Found : user_pref("CT2765711.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT2765711.SearchCaption", "AF-HSS Customized Web Search");
Found : user_pref("CT2765711.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2765711.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT276[...]
Found : user_pref("CT2765711.SearchInNewTabEnabled", true);
Found : user_pref("CT2765711.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2765711.SearchInNewTabLastCheckTime", "Mon Dec 24 2012 22:48:01 GMT+0100");
Found : user_pref("CT2765711.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2765711.SendProtectorDataViaLogin", true);
Found : user_pref("CT2765711.ServiceMapLastCheckTime", "Mon Dec 24 2012 22:48:00 GMT+0100");
Found : user_pref("CT2765711.SettingsLastCheckTime", "Mon Dec 24 2012 22:47:23 GMT+0100");
Found : user_pref("CT2765711.SettingsLastUpdate", "1356268071");
Found : user_pref("CT2765711.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2765711&SearchSource=13");
Found : user_pref("CT2765711.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2765711.ThirdPartyComponentsLastCheck", "Tue Jul 31 2012 22:26:50 GMT+0200");
Found : user_pref("CT2765711.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2765711.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2765711.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2765711");
Found : user_pref("CT2765711.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2765711.UserID", "UN26433004189770488");
Found : user_pref("CT2765711.alertChannelId", "1157832");
Found : user_pref("CT2765711.backendstorage.cbfirsttime", "547565204A756C20333120323031322032323A32373A31362[...]
Found : user_pref("CT2765711.backendstorage.gk_iolo_notif2_sent", "73656E74");
Found : user_pref("CT2765711.backendstorage.installationdate0.2646799591156723", "31333433373636343334363832[...]
Found : user_pref("CT2765711.backendstorage.shoppingapp.gk.exipres", "53756E2041756720303520323031322032323A[...]
Found : user_pref("CT2765711.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Found : user_pref("CT2765711.backendstorage.toolbarappheartbeat", "7B22223A313334333736363433343635327D");
Found : user_pref("CT2765711.backendstorage.toolbarnotificationqueue", "5B7B22617070223A302E3236343637393935[...]
Found : user_pref("CT2765711.backendstorage.toolbarnotificationsettings", "7B2273656E644E6F74696669636174696[...]
Found : user_pref("CT2765711.backendstorage.toolbarnotificationuserid", "31313835343832313436");
Found : user_pref("CT2765711.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2765711.globalFirstTimeInfoLastCheckTime", "Tue Jul 31 2012 22:27:00 GMT+0200");
Found : user_pref("CT2765711.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2765711.initDone", true);
Found : user_pref("CT2765711.isAppTrackingManagerOn", true);
Found : user_pref("CT2765711.isFirstRadioInstallation", false);
Found : user_pref("CT2765711.myStuffEnabled", true);
Found : user_pref("CT2765711.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2765711.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2765711.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2765711.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2765711.navigateToUrlOnSearch", false);
Found : user_pref("CT2765711.revertSettingsEnabled", true);
Found : user_pref("CT2765711.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2765711.searchProtectorEnableByLogin", true);
Found : user_pref("CT2765711.testingCtid", "");
Found : user_pref("CT2765711.toolbarAppMetaDataLastCheckTime", "Mon Dec 24 2012 22:48:01 GMT+0100");
Found : user_pref("CT2765711.toolbarContextMenuLastCheckTime", "Tue Jul 31 2012 22:27:05 GMT+0200");
Found : user_pref("CT2765711.usagesFlag", 2);
Found : user_pref("CT3072253..clientLogIsEnabled", false);
Found : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT3072253.AppTrackingLastCheckTime", "Tue Jul 31 2012 22:27:16 GMT+0200");
Found : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Found : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Found : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Found : user_pref("CT3072253.CTID", "CT3072253");
Found : user_pref("CT3072253.CurrentServerDate", "25-12-2012");
Found : user_pref("CT3072253.DSInstall", true);
Found : user_pref("CT3072253.DialogsAlignMode", "LTR");
Found : user_pref("CT3072253.DialogsGetterLastCheckTime", "Mon Dec 24 2012 23:33:00 GMT+0100");
Found : user_pref("CT3072253.DownloadReferralCookieData", "");
Found : user_pref("CT3072253.FirstServerDate", "31-7-2012");
Found : user_pref("CT3072253.FirstTime", true);
Found : user_pref("CT3072253.FirstTimeFF3", true);
Found : user_pref("CT3072253.FixPageNotFoundErrors", true);
Found : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Found : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT3072253.HPInstall", true);
Found : user_pref("CT3072253.HasUserGlobalKeys", true);
Found : user_pref("CT3072253.HomePageProtectorEnabled", true);
Found : user_pref("CT3072253.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=[...]
Found : user_pref("CT3072253.Initialize", true);
Found : user_pref("CT3072253.InitializeCommonPrefs", true);
Found : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT3072253.InstallationId", "fftD09B.tmp.exe");
Found : user_pref("CT3072253.InstallationType", "XPE");
Found : user_pref("CT3072253.InstalledDate", "Tue Jul 31 2012 22:27:00 GMT+0200");
Found : user_pref("CT3072253.IsGrouping", false);
Found : user_pref("CT3072253.IsInitSetupIni", true);
Found : user_pref("CT3072253.IsMulticommunity", false);
Found : user_pref("CT3072253.IsOpenThankYouPage", true);
Found : user_pref("CT3072253.IsOpenUninstallPage", false);
Found : user_pref("CT3072253.IsProtectorsInit", true);
Found : user_pref("CT3072253.LanguagePackLastCheckTime", "Mon Dec 24 2012 22:48:01 GMT+0100");
Found : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT3072253.LastLogin_3.12.0.8", "Fri Aug 17 2012 19:10:14 GMT+0200");
Found : user_pref("CT3072253.LastLogin_3.16.0.3", "Mon Dec 24 2012 22:47:24 GMT+0100");
Found : user_pref("CT3072253.LatestVersion", "3.16.0.3");
Found : user_pref("CT3072253.Locale", "en");
Found : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Found : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Found : user_pref("CT3072253.MyStuffEnabledAtInstallation", false);
Found : user_pref("CT3072253.OriginalFirstVersion", "3.12.0.8");
Found : user_pref("CT3072253.SavedHomepage", "resource:/browserconfig.properties");
Found : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Found : user_pref("CT3072253.SearchEngineBeforeUnload", "uTorrentControl2 Customized Web Search");
Found : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Found : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT307[...]
Found : user_pref("CT3072253.SearchInNewTabEnabled", true);
Found : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Mon Dec 24 2012 22:47:24 GMT+0100");
Found : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT3072253.SearchProtectorEnabled", true);
Found : user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Found : user_pref("CT3072253.ServiceMapLastCheckTime", "Mon Dec 24 2012 22:47:21 GMT+0100");
Found : user_pref("CT3072253.SettingsLastCheckTime", "Mon Dec 24 2012 22:47:20 GMT+0100");
Found : user_pref("CT3072253.SettingsLastUpdate", "1356357634");
Found : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Found : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Tue Jul 31 2012 22:26:50 GMT+0200");
Found : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
Found : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT3072253.UserID", "UN42644974063663654");
Found : user_pref("CT3072253.alertChannelId", "1463702");
Found : user_pref("CT3072253.autoDisableScopes", -1);
Found : user_pref("CT3072253.backendstorage.cbfirsttime", "547565204A756C20333120323031322032323A32373A31342[...]
Found : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Tue Jul 31 2012 22:27:04 GMT+0200");
Found : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Found : user_pref("CT3072253.initDone", true);
Found : user_pref("CT3072253.isAppTrackingManagerOn", true);
Found : user_pref("CT3072253.myStuffEnabled", true);
Found : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Found : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT3072253.navigateToUrlOnSearch", false);
Found : user_pref("CT3072253.revertSettingsEnabled", true);
Found : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Found : user_pref("CT3072253.testingCtid", "");
Found : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Mon Dec 24 2012 22:47:24 GMT+0100");
Found : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Tue Jul 31 2012 22:27:05 GMT+0200");
Found : user_pref("CT3072253.usagesFlag", 1);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3072253&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentControl2 Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2765711/CT2765711[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1157832/1153519/CZ", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/CZ", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2765711", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2765711",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"c9e[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Michal\\AppData\\Roaming\\Mozilla\\[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2438727,CT2680363,CT2269050,CT3072253,CT2765711");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727,CT2680363,CT2269050,CT3072253,CT2765711");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253,CT2765711");
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Oct 31 2010 08:23:17 GMT+0100");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Oct 31 2010 08:23:17 GMT+0100");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1283688156");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "{53bfaa75-12be-4ddb-8cbc-0a5f3bea450e}");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Oct 31 2010 08:23:19 GMT+0100");
Found : user_pref("CommunityToolbar.globalUserId", "c6776143-9135-4e7a-b268-548239435751");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2765711");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Jul 31 2012 22:27:0[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Jul 31 2012 22:27:03 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Jul 31 2012 22:26:52 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "b63995ee-56f6-4b41-b9a3-acf9037e24c2");
Found : user_pref("CommunityToolbar.originalHomepage", "resource:/browserconfig.properties");
Found : user_pref("CommunityToolbar.originalSearchEngine", "ICQ Search");
Found : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb139?a=6PQFr6FGFK&loc=FF_NT");
Found : user_pref("browser.search.defaultenginename", "QIP Search");
Found : user_pref("browser.search.defaultthis.engineName", "uTorrentControl2 Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&Sea[...]
Found : user_pref("browser.search.selectedEngine", "QIP Search");
Found : user_pref("browser.startup.homepage", "hxxp://qip.ru");
Found : user_pref("extensions.enabledAddons", "ffxtlbr@incredibar.com:1.5.0,plugin2@gameplaylabs.com:2.0,{68[...]
Found : user_pref("extensions.incredibar.admin", false);
Found : user_pref("extensions.incredibar.aflt", "orgnl");
Found : user_pref("extensions.incredibar.cntry", "CZ");
Found : user_pref("extensions.incredibar.dfltLng", "");
Found : user_pref("extensions.incredibar.dfltSrch", false);
Found : user_pref("extensions.incredibar.did", "10650");
Found : user_pref("extensions.incredibar.envrmnt", "production");
Found : user_pref("extensions.incredibar.excTlbr", false);
Found : user_pref("extensions.incredibar.hdrMd5", "22F36BF5FF1F52AB4D9DE6243D221EBC");
Found : user_pref("extensions.incredibar.hmpg", false);
Found : user_pref("extensions.incredibar.id", "f6b52efb00000000000000ff601fc46a");
Found : user_pref("extensions.incredibar.installerproductid", "26");
Found : user_pref("extensions.incredibar.instlDay", "15555");
Found : user_pref("extensions.incredibar.instlRef", "");
Found : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1415:25:26");
Found : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Found : user_pref("extensions.incredibar.newTab", false);
Found : user_pref("extensions.incredibar.noFFXTlbr", false);
Found : user_pref("extensions.incredibar.ppd", "95%5F4");
Found : user_pref("extensions.incredibar.prdct", "incredibar");
Found : user_pref("extensions.incredibar.productid", "26");
Found : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar.sg", "none");
Found : user_pref("extensions.incredibar.smplGrp", "none");
Found : user_pref("extensions.incredibar.tlbrId", "base");
Found : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQFr6FGFK&loc=IB_T[...]
Found : user_pref("extensions.incredibar.upn2", "6PQFr6FGFK");
Found : user_pref("extensions.incredibar.upn2n", "92543342265772732");
Found : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1415:25:26");
Found : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.aflt", "orgnl");
Found : user_pref("extensions.incredibar_i.dfltLng", "");
Found : user_pref("extensions.incredibar_i.did", "10650");
Found : user_pref("extensions.incredibar_i.excTlbr", false);
Found : user_pref("extensions.incredibar_i.id", "f6b52efb00000000000000ff601fc46a");
Found : user_pref("extensions.incredibar_i.installerproductid", "26");
Found : user_pref("extensions.incredibar_i.instlDay", "15555");
Found : user_pref("extensions.incredibar_i.instlRef", "");
Found : user_pref("extensions.incredibar_i.ms_url_id", "");
Found : user_pref("extensions.incredibar_i.newTab", false);
Found : user_pref("extensions.incredibar_i.ppd", "95%5F4");
Found : user_pref("extensions.incredibar_i.prdct", "incredibar");
Found : user_pref("extensions.incredibar_i.productid", "26");
Found : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar_i.smplGrp", "none");
Found : user_pref("extensions.incredibar_i.tlbrId", "base");
Found : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQFr6FGFK&loc=IB[...]
Found : user_pref("extensions.incredibar_i.upn2", "6PQFr6FGFK");
Found : user_pref("extensions.incredibar_i.upn2n", "92543342265772732");
Found : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1415:25:26");
Found : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Found : user_pref("extensions.plugin2@gameplaylabs.com.fr", "1301838532");
Found : user_pref("extensions.plugin2@gameplaylabs.com.ranonce", true);
Found : user_pref("extensions.plugin2@gameplaylabs.com.rule_/", "1301838533");
Found : user_pref("extensions.plugin2@gameplaylabs.com.rule_h", "1301838533");
Found : user_pref("keyword.URL", "hxxp://search.qip.ru/search?from=FF&query=");
Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]
File : C:\Users\Janička\AppData\Roaming\Mozilla\Firefox\Profiles\mo8oj0fu.default\prefs.js
Found : user_pref("browser.startup.homepage", "hxxp://search.hotspotshield.com/g/?c=h");
Found : user_pref("extensions.plugin2@gameplaylabs.com.fr", "1301840862");
Found : user_pref("extensions.plugin2@gameplaylabs.com.ranonce", true);
Found : user_pref("extensions.plugin2@gameplaylabs.com.rule_/", "1301840865");
Found : user_pref("extensions.plugin2@gameplaylabs.com.rule_h", "1301840865");
Found : user_pref("keyword.URL", "hxxp://search.hotspotshield.com/g/results.php?c=s&q=");
-\\ Google Chrome v24.0.1312.57
File : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.12.1707.0
File : C:\Users\Michal\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [60230 octets] - [23/02/2013 18:34:03]
########## EOF - C:\AdwCleaner[R1].txt - [60291 octets] ##########
# AdwCleaner v2.112 - Logfile created 02/23/2013 at 18:34:03
# Updated 10/02/2013 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# User : Michal - MICHAL-PC
# Boot Mode : Normal
# Running from : C:\Users\Michal\Desktop\adwcleaner0.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\user.js
File Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\searchplugins\Conduit.xml
File Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\searchplugins\icqplugin.xml
File Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\searchplugins\MyStart Search.xml
File Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\searchplugins\qip-search.xml
Folder Found : C:\Program Files\Complitly
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\Program Files\Free Offers from Freeze.com
Folder Found : C:\Program Files\ICQ6Toolbar
Folder Found : C:\Program Files\incredibar.com
Folder Found : C:\Program Files\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Found : C:\Program Files\Perion
Folder Found : C:\Program Files\uTorrentControl2
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Premium
Folder Found : C:\Users\Janička\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Janička\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Janička\AppData\Roaming\Complitly
Folder Found : C:\Users\Janička\AppData\Roaming\Mozilla\Firefox\Profiles\mo8oj0fu.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Folder Found : C:\Users\Michal\AppData\Local\Conduit
Folder Found : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Folder Found : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Folder Found : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Folder Found : C:\Users\Michal\AppData\LocalLow\AF-HSS
Folder Found : C:\Users\Michal\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Michal\AppData\LocalLow\Conduit
Folder Found : C:\Users\Michal\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Michal\AppData\LocalLow\FunWebProducts
Folder Found : C:\Users\Michal\AppData\LocalLow\MyWebSearch
Folder Found : C:\Users\Michal\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Michal\AppData\LocalLow\uTorrentControl2
Folder Found : C:\Users\Michal\AppData\Roaming\Babylon
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\Conduit
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\ConduitCommon
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\CT2765711
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\CT3072253
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\{f0381dbd-e018-4e07-ae40-d96ab15083f0}
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\ffxtlbr@incredibar.com
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\extensions\staged
Folder Found : C:\Users\Michal\AppData\Roaming\OpenCandy
***** [Registry] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\AF-HSS
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\GamePlayLabs
Key Found : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\incredibar.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D08D9F98-1C78-4704-87E6-368B0023D831}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AF-HSS Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facemoods
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\incredibar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl2 Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B7511D30-DDC0-4FDA-BD4D-58B20054DAC0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKLM\Software\AF-HSS
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\I
Key Found : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Found : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Found : HKLM\Software\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3229BB55-6AA7-4403-9E86-382A125EA68B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5190E9F5-6418-4C1A-B059-90F44E010098}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77D3F1B4-1224-4164-96F7-D881282FC6F7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E70DB94E-C77D-4B9C-A188-0EBDDE410B73}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B7511D30-DDC0-4FDA-BD4D-58B20054DAC0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SimplyGen
Key Found : HKLM\Software\uTorrentControl2
Key Found : HKLM\Software\Web Assistant
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Key Found : HKU\S-1-5-21-1630076922-693152462-836407820-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{F0381DBD-E018-4E07-AE40-D96AB15083F0}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F0381DBD-E018-4E07-AE40-D96AB15083F0}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie
-\\ Mozilla Firefox v12.0 (cs)
File : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m4h0qydf.default\prefs.js
Found : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2269050.CTID", "CT2269050");
Found : user_pref("CT2269050.CurrentServerDate", "31-10-2010");
Found : user_pref("CT2269050.DialogsAlignMode", "LTR");
Found : user_pref("CT2269050.DownloadReferralCookieData", "");
Found : user_pref("CT2269050.EMailNotifierPollDate", "Sun Oct 31 2010 08:23:19 GMT+0100");
Found : user_pref("CT2269050.FirstServerDate", "27-10-2010");
Found : user_pref("CT2269050.FirstTime", true);
Found : user_pref("CT2269050.FirstTimeFF3", true);
Found : user_pref("CT2269050.FirstTimeSettingsDone", true);
Found : user_pref("CT2269050.FixPageNotFoundErrors", true);
Found : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2269050.Initialize", true);
Found : user_pref("CT2269050.InitializeCommonPrefs", true);
Found : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Found : user_pref("CT2269050.InstalledDate", "Wed Oct 27 2010 20:16:42 GMT+0200");
Found : user_pref("CT2269050.InvalidateCache", false);
Found : user_pref("CT2269050.IsGrouping", false);
Found : user_pref("CT2269050.IsMulticommunity", false);
Found : user_pref("CT2269050.IsOpenThankYouPage", false);
Found : user_pref("CT2269050.IsOpenUninstallPage", false);
Found : user_pref("CT2269050.LanguagePackLastCheckTime", "Sun Oct 31 2010 08:23:20 GMT+0100");
Found : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2269050.LastLogin_2.7.2.0", "Sun Oct 31 2010 08:23:19 GMT+0100");
Found : user_pref("CT2269050.LatestVersion", "2.7.2.0");
Found : user_pref("CT2269050.Locale", "en");
Found : user_pref("CT2269050.LoginCache", 4);
Found : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Found : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Found : user_pref("CT2269050.RadioIsPodcast", false);
Found : user_pref("CT2269050.RadioLastCheckTime", "Sun Oct 31 2010 08:23:20 GMT+0100");
Found : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Found : user_pref("CT2269050.RadioMediaID", "12473383");
Found : user_pref("CT2269050.RadioMediaType", "Media Player");
Found : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Found : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Found : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Found : user_pref("CT2269050.SavedHomepage", "hxxp://start.icq.com/");
Found : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Found : user_pref("CT2269050.SearchInNewTabEnabled", true);
Found : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Sun Oct 31 2010 08:23:19 GMT+0100");
Found : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2269050.SettingsLastCheckTime", "Sun Oct 31 2010 08:23:19 GMT+0100");
Found : user_pref("CT2269050.SettingsLastUpdate", "1288425627");
Found : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Wed Oct 27 2010 19:42:05 GMT+0200");
Found : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2269050.UserID", "UN31594970939084477");
Found : user_pref("CT2269050.WeatherNetwork", "");
Found : user_pref("CT2269050.WeatherPollDate", "Sun Oct 31 2010 08:23:20 GMT+0100");
Found : user_pref("CT2269050.WeatherUnit", "C");
Found : user_pref("CT2269050.alertChannelId", "666138");
Found : user_pref("CT2269050.clientLogIsEnabled", true);
Found : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2269050.myStuffEnabled", true);
Found : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2438727.CTID", "CT2438727");
Found : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");
Found : user_pref("CT2438727.CurrentServerDate", "31-10-2010");
Found : user_pref("CT2438727.DialogsAlignMode", "LTR");
Found : user_pref("CT2438727.DownloadReferralCookieData", "");
Found : user_pref("CT2438727.FirstServerDate", "20-8-2010");
Found : user_pref("CT2438727.FirstTime", true);
Found : user_pref("CT2438727.FirstTimeFF3", true);
Found : user_pref("CT2438727.FirstTimeSettingsDone", true);
Found : user_pref("CT2438727.FixPageNotFoundErrors", true);
Found : user_pref("CT2438727.GroupingInvalidateCache", false);
Found : user_pref("CT2438727.GroupingLastCheckTime", "0");
Found : user_pref("CT2438727.GroupingLastServerUpdateTime", "0");
Found : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2438727.Initialize", true);
Found : user_pref("CT2438727.InitializeCommonPrefs", true);
Found : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2438727.InstalledDate", "Fri Aug 20 2010 13:09:25 GMT+0200");
Found : user_pref("CT2438727.InvalidateCache", false);
Found : user_pref("CT2438727.IsGrouping", false);
Found : user_pref("CT2438727.IsMulticommunity", false);
Found : user_pref("CT2438727.IsOpenThankYouPage", true);
Found : user_pref("CT2438727.IsOpenUninstallPage", true);
Found : user_pref("CT2438727.LanguagePackLastCheckTime", "Sun Oct 31 2010 08:23:18 GMT+0100");
Found : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2438727.LastLogin_2.7.1.3", "Tue Aug 24 2010 11:55:33 GMT+0200");
Found : user_pref("CT2438727.LastLogin_2.7.2.0", "Sun Oct 31 2010 08:23:18 GMT+0100");
Found : user_pref("CT2438727.LatestVersion", "2.7.1.3");
Found : user_pref("CT2438727.Locale", "en");
Found : user_pref("CT2438727.LoginCache", 4);
Found : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Found : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Found : user_pref("CT2438727.RadioLastCheckTime", "0");
Found : user_pref("CT2438727.RadioLastUpdateIPServer", "0");
Found : user_pref("CT2438727.RadioLastUpdateServer", "0");
Found : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Found : user_pref("CT2438727.SearchInNewTabEnabled", true);
Found : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Sun Oct 31 2010 08:23:17 GMT+0100");
Found : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2438727.SettingsLastCheckTime", "Sun Oct 31 2010 08:23:17 GMT+0100");
Found : user_pref("CT2438727.SettingsLastUpdate", "1287517459");
Found : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Tue Oct 26 2010 12:31:44 GMT+0200");
Found : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2438727.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2438727.UserID", "UN52615581294461425");
Found : user_pref("CT2438727.ValidationData_Toolbar", 2);
Found : user_pref("CT2438727.alertChannelId", "832836");
Found : user_pref("CT2438727.clientLogIsEnabled", false);
Found : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2438727.myStuffEnabled", true);
Found : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2680363.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2680363.CTID", "CT2680363");
Found : user_pref("CT2680363.CurrentServerDate", "31-10-2010");
Found : user_pref("CT2680363.DialogsAlignMode", "LTR");
Found : user_pref("CT2680363.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Found : user_pref("CT2680363.ExternalComponentPollDate129221960058849484", "Sun Oct 31 2010 08:23:18 GMT+010[...]
Found : user_pref("CT2680363.ExternalComponentPollDate129222078068706850", "Sun Oct 31 2010 08:23:18 GMT+010[...]
Found : user_pref("CT2680363.ExternalComponentPollDate129228979092089554", "Sun Oct 31 2010 08:23:18 GMT+010[...]
Found : user_pref("CT2680363.ExternalComponentPollDate129243777123493394", "Sun Oct 31 2010 08:23:18 GMT+010[...]
Found : user_pref("CT2680363.ExternalComponentPollDate129308349891594152", "Sun Oct 31 2010 08:23:18 GMT+010[...]
Found : user_pref("CT2680363.FirstServerDate", "24-8-2010");
Found : user_pref("CT2680363.FirstTime", true);
Found : user_pref("CT2680363.FirstTimeFF3", true);
Found : user_pref("CT2680363.FirstTimeSettingsDone", true);
Found : user_pref("CT2680363.FixPageNotFoundErrors", true);
Found : user_pref("CT2680363.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2680363.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2680363.Initialize", true);
Found : user_pref("CT2680363.InitializeCommonPrefs", true);
Found : user_pref("CT2680363.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2680363.InstalledDate", "Tue Aug 24 2010 11:56:06 GMT+0200");
Found : user_pref("CT2680363.IsGrouping", false);
Found : user_pref("CT2680363.IsMulticommunity", false);
Found : user_pref("CT2680363.IsOpenThankYouPage", true);
Found : user_pref("CT2680363.IsOpenUninstallPage", true);
Found : user_pref("CT2680363.LanguagePackLastCheckTime", "Sun Oct 31 2010 08:23:18 GMT+0100");
Found : user_pref("CT2680363.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2680363.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2680363.LastLogin_2.7.2.0", "Sun Oct 31 2010 08:23:19 GMT+0100");
Found : user_pref("CT2680363.LatestVersion", "2.7.2.0");
Found : user_pref("CT2680363.Locale", "en");
Found : user_pref("CT2680363.LoginCache", 4);
Found : user_pref("CT2680363.MCDetectTooltipHeight", "83");
Found : user_pref("CT2680363.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2680363.MCDetectTooltipWidth", "295");
Found : user_pref("CT2680363.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2680363.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2680363.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT268[...]
Found : user_pref("CT2680363.SearchInNewTabEnabled", true);
Found : user_pref("CT2680363.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2680363.SearchInNewTabLastCheckTime", "Sun Oct 31 2010 08:23:17 GMT+0100");
Found : user_pref("CT2680363.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2680363.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2680363.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2680363.SettingsLastCheckTime", "Sun Oct 31 2010 08:23:17 GMT+0100");
Found : user_pref("CT2680363.SettingsLastUpdate", "1286362557");
Found : user_pref("CT2680363.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2680363.ThirdPartyComponentsLastCheck", "Wed Oct 27 2010 19:42:04 GMT+0200");
Found : user_pref("CT2680363.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2680363.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2680363.UserID", "UN49949333201251818");
Found : user_pref("CT2680363.ValidationData_Search", 2);
Found : user_pref("CT2680363.ValidationData_Toolbar", 2);
Found : user_pref("CT2680363.alertChannelId", "1072794");
Found : user_pref("CT2680363.clientLogIsEnabled", true);
Found : user_pref("CT2680363.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2680363.myStuffEnabled", true);
Found : user_pref("CT2680363.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2680363.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2680363.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2680363.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2680363.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2765711..clientLogIsEnabled", false);
Found : user_pref("CT2765711..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2765711..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2765711.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2765711.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2765711.AppTrackingLastCheckTime", "Tue Jul 31 2012 22:27:16 GMT+0200");
Found : user_pref("CT2765711.BrowserCompStateIsOpen_129681714285417717", true);
Found : user_pref("CT2765711.BrowserCompStateIsOpen_129738909627389163", true);
Found : user_pref("CT2765711.BrowserCompStateIsOpen_5247764004679560773", true);
Found : user_pref("CT2765711.CTID", "CT2765711");
Found : user_pref("CT2765711.CurrentServerDate", "25-12-2012");
Found : user_pref("CT2765711.DSInstall", false);
Found : user_pref("CT2765711.DialogsAlignMode", "LTR");
Found : user_pref("CT2765711.DialogsGetterLastCheckTime", "Fri Aug 17 2012 19:10:15 GMT+0200");
Found : user_pref("CT2765711.DownloadReferralCookieData", "");
Found : user_pref("CT2765711.FirstServerDate", "31-7-2012");
Found : user_pref("CT2765711.FirstTime", true);
Found : user_pref("CT2765711.FirstTimeFF3", true);
Found : user_pref("CT2765711.FirstTimeHiddenVer", true);
Found : user_pref("CT2765711.FixPageNotFoundErrors", true);
Found : user_pref("CT2765711.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2765711.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2765711.HPInstall", false);
Found : user_pref("CT2765711.HasUserGlobalKeys", true);
Found : user_pref("CT2765711.Initialize", true);
Found : user_pref("CT2765711.InitializeCommonPrefs", true);
Found : user_pref("CT2765711.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2765711.InstallationId", "ConduitStubGeneric");
Found : user_pref("CT2765711.InstallationType", "ConduitStubIntegration");
Found : user_pref("CT2765711.InstalledDate", "Tue Jul 31 2012 22:27:01 GMT+0200");
Found : user_pref("CT2765711.InvalidateCache", false);
Found : user_pref("CT2765711.IsGrouping", false);
Found : user_pref("CT2765711.IsInitSetupIni", true);
Found : user_pref("CT2765711.IsMulticommunity", false);
Found : user_pref("CT2765711.IsOpenThankYouPage", false);
Found : user_pref("CT2765711.IsOpenUninstallPage", true);
Found : user_pref("CT2765711.LanguagePackLastCheckTime", "Mon Dec 24 2012 22:48:01 GMT+0100");
Found : user_pref("CT2765711.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2765711.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2765711.LastLogin_3.12.2.3", "Fri Aug 17 2012 19:10:15 GMT+0200");
Found : user_pref("CT2765711.LastLogin_3.16.0.3", "Mon Dec 24 2012 22:48:02 GMT+0100");
Found : user_pref("CT2765711.LatestVersion", "3.16.0.3");
Found : user_pref("CT2765711.Locale", "en-us");
Found : user_pref("CT2765711.MCDetectTooltipHeight", "83");
Found : user_pref("CT2765711.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2765711.MCDetectTooltipWidth", "295");
Found : user_pref("CT2765711.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2765711.OriginalFirstVersion", "3.12.2.3");
Found : user_pref("CT2765711.RadioIsPodcast", false);
Found : user_pref("CT2765711.RadioLastCheckTime", "Tue Jul 31 2012 22:27:04 GMT+0200");
Found : user_pref("CT2765711.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2765711.RadioLastUpdateServer", "3");
Found : user_pref("CT2765711.RadioMediaID", "9962");
Found : user_pref("CT2765711.RadioMediaType", "Media Player");
Found : user_pref("CT2765711.RadioMenuSelectedID", "EBRadioMenu_CT27657119962");
Found : user_pref("CT2765711.RadioShrinkedFromSetup", false);
Found : user_pref("CT2765711.RadioStationName", "California%20Rock");
Found : user_pref("CT2765711.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT2765711.SearchCaption", "AF-HSS Customized Web Search");
Found : user_pref("CT2765711.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2765711.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT276[...]
Found : user_pref("CT2765711.SearchInNewTabEnabled", true);
Found : user_pref("CT2765711.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2765711.SearchInNewTabLastCheckTime", "Mon Dec 24 2012 22:48:01 GMT+0100");
Found : user_pref("CT2765711.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2765711.SendProtectorDataViaLogin", true);
Found : user_pref("CT2765711.ServiceMapLastCheckTime", "Mon Dec 24 2012 22:48:00 GMT+0100");
Found : user_pref("CT2765711.SettingsLastCheckTime", "Mon Dec 24 2012 22:47:23 GMT+0100");
Found : user_pref("CT2765711.SettingsLastUpdate", "1356268071");
Found : user_pref("CT2765711.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2765711&SearchSource=13");
Found : user_pref("CT2765711.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2765711.ThirdPartyComponentsLastCheck", "Tue Jul 31 2012 22:26:50 GMT+0200");
Found : user_pref("CT2765711.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2765711.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2765711.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2765711");
Found : user_pref("CT2765711.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2765711.UserID", "UN26433004189770488");
Found : user_pref("CT2765711.alertChannelId", "1157832");
Found : user_pref("CT2765711.backendstorage.cbfirsttime", "547565204A756C20333120323031322032323A32373A31362[...]
Found : user_pref("CT2765711.backendstorage.gk_iolo_notif2_sent", "73656E74");
Found : user_pref("CT2765711.backendstorage.installationdate0.2646799591156723", "31333433373636343334363832[...]
Found : user_pref("CT2765711.backendstorage.shoppingapp.gk.exipres", "53756E2041756720303520323031322032323A[...]
Found : user_pref("CT2765711.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Found : user_pref("CT2765711.backendstorage.toolbarappheartbeat", "7B22223A313334333736363433343635327D");
Found : user_pref("CT2765711.backendstorage.toolbarnotificationqueue", "5B7B22617070223A302E3236343637393935[...]
Found : user_pref("CT2765711.backendstorage.toolbarnotificationsettings", "7B2273656E644E6F74696669636174696[...]
Found : user_pref("CT2765711.backendstorage.toolbarnotificationuserid", "31313835343832313436");
Found : user_pref("CT2765711.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2765711.globalFirstTimeInfoLastCheckTime", "Tue Jul 31 2012 22:27:00 GMT+0200");
Found : user_pref("CT2765711.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2765711.initDone", true);
Found : user_pref("CT2765711.isAppTrackingManagerOn", true);
Found : user_pref("CT2765711.isFirstRadioInstallation", false);
Found : user_pref("CT2765711.myStuffEnabled", true);
Found : user_pref("CT2765711.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2765711.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2765711.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2765711.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2765711.navigateToUrlOnSearch", false);
Found : user_pref("CT2765711.revertSettingsEnabled", true);
Found : user_pref("CT2765711.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2765711.searchProtectorEnableByLogin", true);
Found : user_pref("CT2765711.testingCtid", "");
Found : user_pref("CT2765711.toolbarAppMetaDataLastCheckTime", "Mon Dec 24 2012 22:48:01 GMT+0100");
Found : user_pref("CT2765711.toolbarContextMenuLastCheckTime", "Tue Jul 31 2012 22:27:05 GMT+0200");
Found : user_pref("CT2765711.usagesFlag", 2);
Found : user_pref("CT3072253..clientLogIsEnabled", false);
Found : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT3072253.AppTrackingLastCheckTime", "Tue Jul 31 2012 22:27:16 GMT+0200");
Found : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Found : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Found : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Found : user_pref("CT3072253.CTID", "CT3072253");
Found : user_pref("CT3072253.CurrentServerDate", "25-12-2012");
Found : user_pref("CT3072253.DSInstall", true);
Found : user_pref("CT3072253.DialogsAlignMode", "LTR");
Found : user_pref("CT3072253.DialogsGetterLastCheckTime", "Mon Dec 24 2012 23:33:00 GMT+0100");
Found : user_pref("CT3072253.DownloadReferralCookieData", "");
Found : user_pref("CT3072253.FirstServerDate", "31-7-2012");
Found : user_pref("CT3072253.FirstTime", true);
Found : user_pref("CT3072253.FirstTimeFF3", true);
Found : user_pref("CT3072253.FixPageNotFoundErrors", true);
Found : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Found : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT3072253.HPInstall", true);
Found : user_pref("CT3072253.HasUserGlobalKeys", true);
Found : user_pref("CT3072253.HomePageProtectorEnabled", true);
Found : user_pref("CT3072253.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=[...]
Found : user_pref("CT3072253.Initialize", true);
Found : user_pref("CT3072253.InitializeCommonPrefs", true);
Found : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT3072253.InstallationId", "fftD09B.tmp.exe");
Found : user_pref("CT3072253.InstallationType", "XPE");
Found : user_pref("CT3072253.InstalledDate", "Tue Jul 31 2012 22:27:00 GMT+0200");
Found : user_pref("CT3072253.IsGrouping", false);
Found : user_pref("CT3072253.IsInitSetupIni", true);
Found : user_pref("CT3072253.IsMulticommunity", false);
Found : user_pref("CT3072253.IsOpenThankYouPage", true);
Found : user_pref("CT3072253.IsOpenUninstallPage", false);
Found : user_pref("CT3072253.IsProtectorsInit", true);
Found : user_pref("CT3072253.LanguagePackLastCheckTime", "Mon Dec 24 2012 22:48:01 GMT+0100");
Found : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT3072253.LastLogin_3.12.0.8", "Fri Aug 17 2012 19:10:14 GMT+0200");
Found : user_pref("CT3072253.LastLogin_3.16.0.3", "Mon Dec 24 2012 22:47:24 GMT+0100");
Found : user_pref("CT3072253.LatestVersion", "3.16.0.3");
Found : user_pref("CT3072253.Locale", "en");
Found : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Found : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Found : user_pref("CT3072253.MyStuffEnabledAtInstallation", false);
Found : user_pref("CT3072253.OriginalFirstVersion", "3.12.0.8");
Found : user_pref("CT3072253.SavedHomepage", "resource:/browserconfig.properties");
Found : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Found : user_pref("CT3072253.SearchEngineBeforeUnload", "uTorrentControl2 Customized Web Search");
Found : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Found : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT307[...]
Found : user_pref("CT3072253.SearchInNewTabEnabled", true);
Found : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Mon Dec 24 2012 22:47:24 GMT+0100");
Found : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT3072253.SearchProtectorEnabled", true);
Found : user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Found : user_pref("CT3072253.ServiceMapLastCheckTime", "Mon Dec 24 2012 22:47:21 GMT+0100");
Found : user_pref("CT3072253.SettingsLastCheckTime", "Mon Dec 24 2012 22:47:20 GMT+0100");
Found : user_pref("CT3072253.SettingsLastUpdate", "1356357634");
Found : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Found : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Tue Jul 31 2012 22:26:50 GMT+0200");
Found : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
Found : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT3072253.UserID", "UN42644974063663654");
Found : user_pref("CT3072253.alertChannelId", "1463702");
Found : user_pref("CT3072253.autoDisableScopes", -1);
Found : user_pref("CT3072253.backendstorage.cbfirsttime", "547565204A756C20333120323031322032323A32373A31342[...]
Found : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Tue Jul 31 2012 22:27:04 GMT+0200");
Found : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Found : user_pref("CT3072253.initDone", true);
Found : user_pref("CT3072253.isAppTrackingManagerOn", true);
Found : user_pref("CT3072253.myStuffEnabled", true);
Found : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Found : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT3072253.navigateToUrlOnSearch", false);
Found : user_pref("CT3072253.revertSettingsEnabled", true);
Found : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Found : user_pref("CT3072253.testingCtid", "");
Found : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Mon Dec 24 2012 22:47:24 GMT+0100");
Found : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Tue Jul 31 2012 22:27:05 GMT+0200");
Found : user_pref("CT3072253.usagesFlag", 1);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3072253&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentControl2 Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2765711/CT2765711[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1157832/1153519/CZ", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/CZ", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2765711", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2765711",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"c9e[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Michal\\AppData\\Roaming\\Mozilla\\[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2438727,CT2680363,CT2269050,CT3072253,CT2765711");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727,CT2680363,CT2269050,CT3072253,CT2765711");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253,CT2765711");
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Oct 31 2010 08:23:17 GMT+0100");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Oct 31 2010 08:23:17 GMT+0100");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1283688156");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "{53bfaa75-12be-4ddb-8cbc-0a5f3bea450e}");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Oct 31 2010 08:23:19 GMT+0100");
Found : user_pref("CommunityToolbar.globalUserId", "c6776143-9135-4e7a-b268-548239435751");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2765711");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Jul 31 2012 22:27:0[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Jul 31 2012 22:27:03 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Jul 31 2012 22:26:52 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "b63995ee-56f6-4b41-b9a3-acf9037e24c2");
Found : user_pref("CommunityToolbar.originalHomepage", "resource:/browserconfig.properties");
Found : user_pref("CommunityToolbar.originalSearchEngine", "ICQ Search");
Found : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb139?a=6PQFr6FGFK&loc=FF_NT");
Found : user_pref("browser.search.defaultenginename", "QIP Search");
Found : user_pref("browser.search.defaultthis.engineName", "uTorrentControl2 Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&Sea[...]
Found : user_pref("browser.search.selectedEngine", "QIP Search");
Found : user_pref("browser.startup.homepage", "hxxp://qip.ru");
Found : user_pref("extensions.enabledAddons", "ffxtlbr@incredibar.com:1.5.0,plugin2@gameplaylabs.com:2.0,{68[...]
Found : user_pref("extensions.incredibar.admin", false);
Found : user_pref("extensions.incredibar.aflt", "orgnl");
Found : user_pref("extensions.incredibar.cntry", "CZ");
Found : user_pref("extensions.incredibar.dfltLng", "");
Found : user_pref("extensions.incredibar.dfltSrch", false);
Found : user_pref("extensions.incredibar.did", "10650");
Found : user_pref("extensions.incredibar.envrmnt", "production");
Found : user_pref("extensions.incredibar.excTlbr", false);
Found : user_pref("extensions.incredibar.hdrMd5", "22F36BF5FF1F52AB4D9DE6243D221EBC");
Found : user_pref("extensions.incredibar.hmpg", false);
Found : user_pref("extensions.incredibar.id", "f6b52efb00000000000000ff601fc46a");
Found : user_pref("extensions.incredibar.installerproductid", "26");
Found : user_pref("extensions.incredibar.instlDay", "15555");
Found : user_pref("extensions.incredibar.instlRef", "");
Found : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1415:25:26");
Found : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Found : user_pref("extensions.incredibar.newTab", false);
Found : user_pref("extensions.incredibar.noFFXTlbr", false);
Found : user_pref("extensions.incredibar.ppd", "95%5F4");
Found : user_pref("extensions.incredibar.prdct", "incredibar");
Found : user_pref("extensions.incredibar.productid", "26");
Found : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar.sg", "none");
Found : user_pref("extensions.incredibar.smplGrp", "none");
Found : user_pref("extensions.incredibar.tlbrId", "base");
Found : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQFr6FGFK&loc=IB_T[...]
Found : user_pref("extensions.incredibar.upn2", "6PQFr6FGFK");
Found : user_pref("extensions.incredibar.upn2n", "92543342265772732");
Found : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1415:25:26");
Found : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.aflt", "orgnl");
Found : user_pref("extensions.incredibar_i.dfltLng", "");
Found : user_pref("extensions.incredibar_i.did", "10650");
Found : user_pref("extensions.incredibar_i.excTlbr", false);
Found : user_pref("extensions.incredibar_i.id", "f6b52efb00000000000000ff601fc46a");
Found : user_pref("extensions.incredibar_i.installerproductid", "26");
Found : user_pref("extensions.incredibar_i.instlDay", "15555");
Found : user_pref("extensions.incredibar_i.instlRef", "");
Found : user_pref("extensions.incredibar_i.ms_url_id", "");
Found : user_pref("extensions.incredibar_i.newTab", false);
Found : user_pref("extensions.incredibar_i.ppd", "95%5F4");
Found : user_pref("extensions.incredibar_i.prdct", "incredibar");
Found : user_pref("extensions.incredibar_i.productid", "26");
Found : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar_i.smplGrp", "none");
Found : user_pref("extensions.incredibar_i.tlbrId", "base");
Found : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQFr6FGFK&loc=IB[...]
Found : user_pref("extensions.incredibar_i.upn2", "6PQFr6FGFK");
Found : user_pref("extensions.incredibar_i.upn2n", "92543342265772732");
Found : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1415:25:26");
Found : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Found : user_pref("extensions.plugin2@gameplaylabs.com.fr", "1301838532");
Found : user_pref("extensions.plugin2@gameplaylabs.com.ranonce", true);
Found : user_pref("extensions.plugin2@gameplaylabs.com.rule_/", "1301838533");
Found : user_pref("extensions.plugin2@gameplaylabs.com.rule_h", "1301838533");
Found : user_pref("keyword.URL", "hxxp://search.qip.ru/search?from=FF&query=");
Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]
File : C:\Users\Janička\AppData\Roaming\Mozilla\Firefox\Profiles\mo8oj0fu.default\prefs.js
Found : user_pref("browser.startup.homepage", "hxxp://search.hotspotshield.com/g/?c=h");
Found : user_pref("extensions.plugin2@gameplaylabs.com.fr", "1301840862");
Found : user_pref("extensions.plugin2@gameplaylabs.com.ranonce", true);
Found : user_pref("extensions.plugin2@gameplaylabs.com.rule_/", "1301840865");
Found : user_pref("extensions.plugin2@gameplaylabs.com.rule_h", "1301840865");
Found : user_pref("keyword.URL", "hxxp://search.hotspotshield.com/g/results.php?c=s&q=");
-\\ Google Chrome v24.0.1312.57
File : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Users\Janička\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.12.1707.0
File : C:\Users\Michal\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [60230 octets] - [23/02/2013 18:34:03]
########## EOF - C:\AdwCleaner[R1].txt - [60291 octets] ##########
Re: Preventivní kontrola
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020
(c) Malwarebytes Corporation 2011-2012
OS version: 6.0.6002 Windows Vista Service Pack 2 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_31
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 3148005376, free: 1613438976
------------ Kernel report ------------
02/23/2013 18:39:16
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\spdz.sys
\SystemRoot\System32\Drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\sfhlp02.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\athr.sys
\SystemRoot\system32\DRIVERS\Rtlh86.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\System32\Drivers\ElbyCDFL.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\a0qr5y7s.SYS
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\BdaSup.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\taphss6.sys
\SystemRoot\System32\Drivers\pcouffin.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\AmdLLD.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\stwrt.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\hssdrv6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\system32\drivers\btwampfl.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\bthmodem.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\drivers\btwavdt.sys
\SystemRoot\system32\DRIVERS\hidbth.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\system32\DRIVERS\btwrchid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\cpuz132_x32.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\System32\cdd.dll
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Program Files\DAEMON Tools Lite\Engine.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff882c5620
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff8651e028
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
Downloaded database version: v2013.02.23.06
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff882c5620, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff882c5308, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff882c5620, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff8651e028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0xffffffffd0b856f0, 0xffffffff882c5620, 0xffffffff87fb23d0
Lower DeviceData: 0xffffffffce86a0b8, 0xffffffff8651e028, 0xffffffff881b2f08
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
File user open failed: C:\Windows\system32\drivers\sptd.sys (0x00000020)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: B15BAC34
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 234436608
Partition file system is NTFS
Partition is bootable
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 120034123776 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-234421648-234441648)...
Done!
Performing system, memory and registry scan...
Read File: File "c:\ProgramData\{12402AB8-6FBE-49C5-9F36-E4CEEB4480A0}\email-extractor-setup.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{12402AB8-6FBE-49C5-9F36-E4CEEB4480A0}\instance.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{12402AB8-6FBE-49C5-9F36-E4CEEB4480A0}\email-extractor-setup.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{12402AB8-6FBE-49C5-9F36-E4CEEB4480A0}\instance.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{12402AB8-6FBE-49C5-9F36-E4CEEB4480A0}\email-extractor-setup.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{12402AB8-6FBE-49C5-9F36-E4CEEB4480A0}\instance.dat" is compressed (flags = 1)
Infected: c:\Windows\System32\mrvcl32.exe --> [Trojan.Clicker.CT]
Infected: c:\Users\Michal\AppData\Roaming\data.dat --> [Stolen.Data]
Infected: c:\Users\Michal\AppData\Roaming\MinecraftSP.exe --> [Backdoor.Agent.DC]
Infected: HKCU\SOFTWARE\CLASSES\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9} --> [Hijack.Trojan.Siredef.C]
Infected: HKCU\SOFTWARE\VB AND VBA PROGRAM SETTINGS\SrvID --> [Malware.Trace]
Done!
Scan finished
Creating System Restore point...
Scheduling clean up...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020
(c) Malwarebytes Corporation 2011-2012
OS version: 6.0.6002 Windows Vista Service Pack 2 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_31
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 3148005376, free: 2120306688
Removal queue found; removal started
Removing c:\Windows\System32\mrvcl32.exe...
Removing c:\Users\Michal\AppData\Roaming\data.dat...
Removing c:\Users\Michal\AppData\Roaming\MinecraftSP.exe...
Removal finished
=======================================
Malwarebytes Anti-Rootkit BETA 1.01.0.1020
(c) Malwarebytes Corporation 2011-2012
OS version: 6.0.6002 Windows Vista Service Pack 2 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_31
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 3148005376, free: 1613438976
------------ Kernel report ------------
02/23/2013 18:39:16
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\spdz.sys
\SystemRoot\System32\Drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\sfhlp02.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\athr.sys
\SystemRoot\system32\DRIVERS\Rtlh86.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\System32\Drivers\ElbyCDFL.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\a0qr5y7s.SYS
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\BdaSup.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\taphss6.sys
\SystemRoot\System32\Drivers\pcouffin.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\AmdLLD.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\stwrt.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\hssdrv6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\system32\drivers\btwampfl.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\bthmodem.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\drivers\btwavdt.sys
\SystemRoot\system32\DRIVERS\hidbth.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\system32\DRIVERS\btwrchid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\cpuz132_x32.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\System32\cdd.dll
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Program Files\DAEMON Tools Lite\Engine.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff882c5620
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff8651e028
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
Downloaded database version: v2013.02.23.06
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff882c5620, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff882c5308, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff882c5620, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff8651e028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0xffffffffd0b856f0, 0xffffffff882c5620, 0xffffffff87fb23d0
Lower DeviceData: 0xffffffffce86a0b8, 0xffffffff8651e028, 0xffffffff881b2f08
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
File user open failed: C:\Windows\system32\drivers\sptd.sys (0x00000020)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: B15BAC34
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 234436608
Partition file system is NTFS
Partition is bootable
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 120034123776 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-234421648-234441648)...
Done!
Performing system, memory and registry scan...
Read File: File "c:\ProgramData\{12402AB8-6FBE-49C5-9F36-E4CEEB4480A0}\email-extractor-setup.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{12402AB8-6FBE-49C5-9F36-E4CEEB4480A0}\instance.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{12402AB8-6FBE-49C5-9F36-E4CEEB4480A0}\email-extractor-setup.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{12402AB8-6FBE-49C5-9F36-E4CEEB4480A0}\instance.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{12402AB8-6FBE-49C5-9F36-E4CEEB4480A0}\email-extractor-setup.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{12402AB8-6FBE-49C5-9F36-E4CEEB4480A0}\instance.dat" is compressed (flags = 1)
Infected: c:\Windows\System32\mrvcl32.exe --> [Trojan.Clicker.CT]
Infected: c:\Users\Michal\AppData\Roaming\data.dat --> [Stolen.Data]
Infected: c:\Users\Michal\AppData\Roaming\MinecraftSP.exe --> [Backdoor.Agent.DC]
Infected: HKCU\SOFTWARE\CLASSES\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9} --> [Hijack.Trojan.Siredef.C]
Infected: HKCU\SOFTWARE\VB AND VBA PROGRAM SETTINGS\SrvID --> [Malware.Trace]
Done!
Scan finished
Creating System Restore point...
Scheduling clean up...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020
(c) Malwarebytes Corporation 2011-2012
OS version: 6.0.6002 Windows Vista Service Pack 2 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_31
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 3148005376, free: 2120306688
Removal queue found; removal started
Removing c:\Windows\System32\mrvcl32.exe...
Removing c:\Users\Michal\AppData\Roaming\data.dat...
Removing c:\Users\Michal\AppData\Roaming\MinecraftSP.exe...
Removal finished
=======================================
Re: Preventivní kontrola
Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Delete
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?