Prosím o kontrolu logu.. Mimo kontrolu logu mě vyskočil nějaký log info.. taky přikládám..
Logfile of random's system information tool 1.09 (written by random/random)
Run by Ondra at 2013-12-06 14:56:41
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 106 GB (75%) free of 142 GB
Total RAM: 1014 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:57:07, on 6.12.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Launch Manager\LManager.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\PersistenceThread.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ExpressFiles\ExpressFiles.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Overwolf\Overwolf.exe
C:\Documents and Settings\Ondra\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Ondra.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w48l15641
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daum.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w48l15641
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w48l15641
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.daum.net/search?nil_profi ... de=ms&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PersistenceThread] C:\WINDOWS\system32\PersistenceThread.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ExpressFiles] "C:\Program Files\ExpressFiles\ExpressFiles.exe" -tray
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Overwolf] C:\Program Files\Overwolf\Overwolf.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igdlogin - igdlogin.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf Ltd - C:\Program Files\Overwolf\OverwolfUpdater.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
--
End of file - 9144 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Express Files Updater.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1005Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1005UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1007Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1007UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1008Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1008UA.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\RMAutoUpdate.job
C:\WINDOWS\tasks\RMSchedule.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{9C6452F8-6F82-4E43-9676-8EAC8B6277A0}.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\pwhdinor.default
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/?utm_source=ch-to ... paign=home"
prefs.js - "keyword.URL" - "http://search.centrum.cz/?charset=UTF-8 ... toolbar-ff, ch-toolbar-ff-searchbox, tb-classic&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&utm_campaign=classic&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\pwhdinor.default\extensions\
centrumpomocnik@centrum.cz
toolbar@centrumholdings.com
{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-17 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-17 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-02-17 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-02-20 817672]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-05-01 137752]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-05-01 354840]
"PersistenceThread"=C:\WINDOWS\system32\PersistenceThread.exe [2009-05-01 92696]
"AzMixerSel"=C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe [2006-07-17 53248]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-14 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-27 1434920]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"ExpressFiles"=C:\Program Files\ExpressFiles\ExpressFiles.exe [2012-02-17 424568]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2009-04-15 135168]
"Google Update"=C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-09-23 116648]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe []
"Overwolf"=C:\Program Files\Overwolf\Overwolf.exe [2013-11-11 35256]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Documents and Settings\Ondra\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igdlogin]
C:\WINDOWS\system32\igdlogin.dll [2009-04-28 65536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=28
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Metin2\metin2.bin"="C:\Program Files\Metin2\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Metin2\metin2client.bin"="C:\Program Files\Metin2\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\Metin2\metin2.exe"="C:\Program Files\Metin2\metin2.exe:*:Enabled:metin2"
"C:\Program Files\Acer\Acer VCM\VC.exe"="C:\Program Files\Acer\Acer VCM\VC.exe:*:Enabled:Acer Video Quality Enhancement"
"C:\Documents and Settings\Mila Sopouskova\Dokumenty\Downloads\chmatakov15.exe"="C:\Documents and Settings\Mila Sopouskova\Dokumenty\Downloads\chmatakov15.exe:*:Disabled:chmatakov15"
"C:\Documents and Settings\Mila Sopouskova\Dokumenty\Downloads\chmatakov15 (1).exe"="C:\Documents and Settings\Mila Sopouskova\Dokumenty\Downloads\chmatakov15 (1).exe:*:Enabled:chmatakov15 (1)"
"C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\ExpressFiles\ExpressFiles.exe"="C:\Program Files\ExpressFiles\ExpressFiles.exe:*:Enabled:ExpressFiles"
"C:\Program Files\ExpressFiles\ExpressDL.exe"="C:\Program Files\ExpressFiles\ExpressDL.exe:*:Enabled:ExpressFilesDL"
"C:\Documents and Settings\Ondra\Plocha\chmatakov15.exe"="C:\Documents and Settings\Ondra\Plocha\chmatakov15.exe:*:Disabled:chmatakov15"
"C:\Documents and Settings\Ondra\Plocha\ChmatJabko.exe"="C:\Documents and Settings\Ondra\Plocha\ChmatJabko.exe:*:Disabled:ChmatJabko"
"C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Documents and Settings\Ondra\Local Settings\Temp\Rar$EX82.512\Chmatakov15n - 826 ip.ini.exe"="C:\Documents and Settings\Ondra\Local Settings\Temp\Rar$EX82.512\Chmatakov15n - 826 ip.ini.exe:*:Enabled:Multimedia Fusion Stand Alone Application"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"VIDC.FPS1"=frapsvid.dll
======List of files/folders created in the last 1 month======
2013-12-06 14:56:44 ----D---- C:\Program Files\trend micro
2013-12-06 14:56:41 ----D---- C:\rsit
2013-12-06 14:27:38 ----D---- C:\Program Files\Common Files\Skype
2013-12-06 14:26:16 ----D---- C:\Program Files\Common Files\Overwolf
2013-11-18 16:53:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2013-11-18 16:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2013-11-18 16:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2013-11-18 16:49:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2013-11-17 15:12:07 ----D---- C:\Program Files\Mozilla Firefox
2013-11-15 18:26:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Overwolf
======List of files/folders modified in the last 1 month======
2013-12-06 14:56:44 ----RD---- C:\Program Files
2013-12-06 14:56:44 ----D---- C:\WINDOWS\Prefetch
2013-12-06 14:36:01 ----D---- C:\WINDOWS\Temp
2013-12-06 14:29:14 ----SD---- C:\WINDOWS\Tasks
2013-12-06 14:28:50 ----SHD---- C:\WINDOWS\Installer
2013-12-06 14:28:50 ----D---- C:\Config.Msi
2013-12-06 14:28:01 ----D---- C:\Program Files\Overwolf
2013-12-06 14:27:38 ----D---- C:\Program Files\Common Files
2013-12-06 14:20:40 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-05 17:01:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-12-04 09:52:37 ----AD---- C:\WINDOWS\system32
2013-12-04 09:52:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-03 17:15:21 ----D---- C:\Program Files\ScreenshotCaptor
2013-11-20 09:28:27 ----D---- C:\WINDOWS
2013-11-20 09:27:31 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-19 11:21:30 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-11-18 16:54:04 ----HD---- C:\WINDOWS\inf
2013-11-18 16:54:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-11-18 16:53:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-11-18 16:51:46 ----A---- C:\WINDOWS\imsins.BAK
2013-11-18 16:50:26 ----D---- C:\WINDOWS\system32\drivers
2013-11-18 16:50:25 ----D---- C:\Program Files\Microsoft Security Client
2013-11-18 16:48:46 ----D---- C:\Program Files\Internet Explorer
2013-11-18 15:12:51 ----A---- C:\WINDOWS\system32\MRT.exe
2013-11-15 18:25:36 ----D---- C:\Documents and Settings\Ondra\Data aplikací\Mozilla
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-22 691696]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2012-08-21 18544]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2009-02-20 1952512]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-05 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-04-16 991136]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 igd;igd; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-04-28 5096544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-07-29 5870080]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-04-16 132480]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-02-27 205360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 ahorr0tq;ahorr0tq; C:\WINDOWS\system32\drivers\ahorr0tq.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-06-19 533024]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-25 156816]
S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-02-05 37032]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2009-06-19 45984]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2009-03-12 164864]
S3 RtsUIR;Realtek IR Driver; C:\WINDOWS\system32\DRIVERS\Rts516xIR.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\WINDOWS\system32\DRIVERS\RtsUCcid.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2008-04-14 13952]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2009-06-20 349528]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-02-17 153376]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2009-02-05 237568]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-30 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-13 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-30 135664]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-17 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 OverwolfUpdaterService;Overwolf Updater Service; C:\Program Files\Overwolf\OverwolfUpdater.exe [2013-08-22 18360]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 756392]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.09 2013-12-06 14:57:17
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acer ScreenSaver-->C:\WINDOWS\Screensavers\Acer\Uninstall.exe
Acer VCM-->"C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -runfromtemp -l0x0005 -removeonly
Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -maintain plugin
Adobe Shockwave Player 11.6-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Aktualizace systému Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2661254-v2)-->"C:\WINDOWS\$NtUninstallKB2661254-v2$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2736233)-->"C:\WINDOWS\$NtUninstallKB2736233$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2749655)-->"C:\WINDOWS\$NtUninstallKB2749655$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2863058)-->"C:\WINDOWS\$NtUninstallKB2863058$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB2834904)-->"C:\WINDOWS\$NtUninstallKB2834904_WM11$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB2834904-v2)-->"C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Aktualizace zabezpečení pro Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"
Aktualizace zabezpečení produktu Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2416400)-->"C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2647516)-->"C:\WINDOWS\ie8updates\KB2647516-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2675157)-->"C:\WINDOWS\ie8updates\KB2675157-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988)-->"C:\WINDOWS\ie8updates\KB2699988-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2722913)-->"C:\WINDOWS\ie8updates\KB2722913-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842)-->"C:\WINDOWS\ie8updates\KB2744842-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2761465)-->"C:\WINDOWS\ie8updates\KB2761465-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2792100)-->"C:\WINDOWS\ie8updates\KB2792100-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2797052)-->"C:\WINDOWS\ie8updates\KB2797052-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2799329)-->"C:\WINDOWS\ie8updates\KB2799329-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2809289)-->"C:\WINDOWS\ie8updates\KB2809289-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2817183)-->"C:\WINDOWS\ie8updates\KB2817183-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2829530)-->"C:\WINDOWS\ie8updates\KB2829530-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2838727)-->"C:\WINDOWS\ie8updates\KB2838727-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2846071)-->"C:\WINDOWS\ie8updates\KB2846071-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2847204)-->"C:\WINDOWS\ie8updates\KB2847204-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772)-->"C:\WINDOWS\ie8updates\KB2862772-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2870699)-->"C:\WINDOWS\ie8updates\KB2870699-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017)-->"C:\WINDOWS\ie8updates\KB2879017-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2888505)-->"C:\WINDOWS\ie8updates\KB2888505-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2491683)-->"C:\WINDOWS\$NtUninstallKB2491683$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2705219)-->"C:\WINDOWS\$NtUninstallKB2705219$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2712808)-->"C:\WINDOWS\$NtUninstallKB2712808$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2718523)-->"C:\WINDOWS\$NtUninstallKB2718523$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2723135)-->"C:\WINDOWS\$NtUninstallKB2723135$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2724197)-->"C:\WINDOWS\$NtUninstallKB2724197$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2727528)-->"C:\WINDOWS\$NtUninstallKB2727528$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2731847)-->"C:\WINDOWS\$NtUninstallKB2731847$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2753842)-->"C:\WINDOWS\$NtUninstallKB2753842$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2753842-v2)-->"C:\WINDOWS\$NtUninstallKB2753842-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2757638)-->"C:\WINDOWS\$NtUninstallKB2757638$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2758857)-->"C:\WINDOWS\$NtUninstallKB2758857$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2761226)-->"C:\WINDOWS\$NtUninstallKB2761226$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2770660)-->"C:\WINDOWS\$NtUninstallKB2770660$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2778344)-->"C:\WINDOWS\$NtUninstallKB2778344$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2779030)-->"C:\WINDOWS\$NtUninstallKB2779030$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2780091)-->"C:\WINDOWS\$NtUninstallKB2780091$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2799494)-->"C:\WINDOWS\$NtUninstallKB2799494$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2802968)-->"C:\WINDOWS\$NtUninstallKB2802968$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2807986)-->"C:\WINDOWS\$NtUninstallKB2807986$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2808735)-->"C:\WINDOWS\$NtUninstallKB2808735$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2813170)-->"C:\WINDOWS\$NtUninstallKB2813170$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2813345)-->"C:\WINDOWS\$NtUninstallKB2813345$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2820197)-->"C:\WINDOWS\$NtUninstallKB2820197$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2820917)-->"C:\WINDOWS\$NtUninstallKB2820917$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2829361)-->"C:\WINDOWS\$NtUninstallKB2829361$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2834886)-->"C:\WINDOWS\$NtUninstallKB2834886$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2839229)-->"C:\WINDOWS\$NtUninstallKB2839229$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2845187)-->"C:\WINDOWS\$NtUninstallKB2845187$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2847311)-->"C:\WINDOWS\$NtUninstallKB2847311$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2849470)-->"C:\WINDOWS\$NtUninstallKB2849470$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2850851)-->"C:\WINDOWS\$NtUninstallKB2850851$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2850869)-->"C:\WINDOWS\$NtUninstallKB2850869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2859537)-->"C:\WINDOWS\$NtUninstallKB2859537$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2862152)-->"C:\WINDOWS\$NtUninstallKB2862152$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2862330)-->"C:\WINDOWS\$NtUninstallKB2862330$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2862335)-->"C:\WINDOWS\$NtUninstallKB2862335$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2864063)-->"C:\WINDOWS\$NtUninstallKB2864063$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2868038)-->"C:\WINDOWS\$NtUninstallKB2868038$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2868626)-->"C:\WINDOWS\$NtUninstallKB2868626$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2876217)-->"C:\WINDOWS\$NtUninstallKB2876217$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2876315)-->"C:\WINDOWS\$NtUninstallKB2876315$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2876331)-->"C:\WINDOWS\$NtUninstallKB2876331$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2883150)-->"C:\WINDOWS\$NtUninstallKB2883150$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2900986)-->"C:\WINDOWS\$NtUninstallKB2900986$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
Free Pascal 2.6.0-->"C:\FPC\2.6.0\unins000.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\31.0.1650.63\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Talk Plugin-->MsiExec.exe /I{2A83AD05-56E6-3FBD-8752-B4143162EF59}
G-Recorder (remove only)-->"C:\Program Files\G-Recorder\Uninstall.exe"
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {99A120B0-F930-3427-A833-FAD753B85527} /parameterfolder Client
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Intel(R) Graphics Media Accelerator 500-->C:\WINDOWS\system32\lpgun.exe -uninstall
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}
Launch Manager-->C:\WINDOWS\UNINST32.EXE LManager.UNI
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended CSY Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ExtendedLP
Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Security Client-->MsiExec.exe /X{0CD47142-BA4F-46B0-AA92-2675864928B8}
Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Microsoft XNA Framework Redistributable 4.0-->MsiExec.exe /I{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}
Mozilla Firefox 25.0.1 (x86 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 15.0.1 (x86 cs)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Odinstalace tiskárny EPSON SX218 Series-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FINSGDE.EXE /R /APD /P:"EPSON SX218 Series"
Oprava hotfix aplikace Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2756822)-->"C:\WINDOWS\$NtUninstallKB2756822$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2779562)-->"C:\WINDOWS\$NtUninstallKB2779562$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB932716-v2)-->"C:\WINDOWS\$NtUninstallKB932716-v2$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
Overwolf-->MsiExec.exe /I{0A337036-B73E-4C85-8D32-3851F84B7CFE}
Penguin Adventure-->C:\Program Files\Penguin Adventure\Uninstal.exe
Screenshot Captor 4.01.00-->"C:\Program Files\ScreenshotCaptor\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {42A3562E-8B4E-39A4-B82D-CC12F82889E3} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {FCBF8C05-F031-381A-8B7F-45403B55ADF5} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {8BA4E34D-95C5-3907-87E4-62FBB31A2190} /parameterfolder Extended
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD988F49-E1C8-3C84-9683-0448B6BB8E20} /parameterfolder Client
VLC media player 2.0.8-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Fotogalerie-->MsiExec.exe /X{1F082EA8-0F22-40CA-9FA8-8F85458026AF}
Windows Live Messenger-->MsiExec.exe /X{20D0CDB1-5F03-4A5D-86EB-7C218053B157}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
WinRAR 4.00 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
======Security center information======
AV: Microsoft Security Essentials
======System event log======
Computer Name: ACER-F8C2D844E9
Event Code: 7036
Message: Stav služby Adobe Flash Player Update Service byl změněn na: Zastaveno
Record Number: 53491
Source Name: Service Control Manager
Time Written: 20130916164418.000000+120
Event Type: Informace
User:
Computer Name: ACER-F8C2D844E9
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Adobe Flash Player Update Service úspěšně odeslán.
Record Number: 53490
Source Name: Service Control Manager
Time Written: 20130916164418.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: ACER-F8C2D844E9
Event Code: 7036
Message: Stav služby Adobe Flash Player Update Service byl změněn na: Spuštěno
Record Number: 53489
Source Name: Service Control Manager
Time Written: 20130916164418.000000+120
Event Type: Informace
User:
Computer Name: ACER-F8C2D844E9
Event Code: 19
Message: Instalace dokončena: Instalace následující aktualizace byla dokončena úspěšně: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.2005.0)
Record Number: 53488
Source Name: Windows Update Agent
Time Written: 20130916164257.000000+120
Event Type: Informace
User:
Computer Name: ACER-F8C2D844E9
Event Code: 2000
Message: Verze podpisu Microsoft Antimalware byla aktualizována.
Aktuální verze podpisu: 1.157.2005.0
Předchozí verze podpisu: 1.157.1960.0
Typ podpisu: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.9800.0
Předchozí verze modulu: 1.1.9800.0
Record Number: 53487
Source Name: Microsoft Antimalware
Time Written: 20130916164242.000000+120
Event Type: Informace
User:
=====Application event log=====
Computer Name: ACER-F8C2D844E9
Event Code: 0
Message:
Record Number: 16983
Source Name: btwdins
Time Written: 20130222095419.000000+060
Event Type: Informace
User:
Computer Name: ACER-F8C2D844E9
Event Code: 100
Message:
Record Number: 16982
Source Name: SkypeUpdate
Time Written: 20130222095415.000000+060
Event Type: Informace
User:
Computer Name: ACER-F8C2D844E9
Event Code: 0
Message:
Record Number: 16981
Source Name: gupdate
Time Written: 20130222095407.000000+060
Event Type: Informace
User:
Computer Name: ACER-F8C2D844E9
Event Code: 101
Message:
Record Number: 16980
Source Name: SkypeUpdate
Time Written: 20130221154023.000000+060
Event Type: Informace
User:
Computer Name: ACER-F8C2D844E9
Event Code: 103
Message:
Record Number: 16979
Source Name: SkypeUpdate
Time Written: 20130221154022.000000+060
Event Type: Informace
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\FPC\2.6.0\bin\i386-Win32
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=1c02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"LocalAppData"=C:\Documents and Settings\Ondra\Local Settings\Data aplikací
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
Zdravim 
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
- Provedte aktualizaci
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
black_wither
- Návštěvník
- Příspěvky: 42
- Registrován: 13 srp 2013 11:18
Re: Prosím o kontrolu logu
Omlouvám se za pomalé odpovídání, tohle je můj starý PC který jsem daroval kamarádovi.. A chodim k němu tak 3x za týden.. Natahal jsem tam všechny možný viry...
# AdwCleaner v3.014 - Report created 06/12/2013 at 17:37:24
# Updated 01/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Ondra - ACER-F8C2D844E9
# Running from : C:\Documents and Settings\Ondra\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\myfree codec
Folder Deleted : C:\Program Files\ExpressFiles
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\DOCUME~1\Mila Sopouskova\LOCALS~1\Temp\CT3072253
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\ExpressFiles
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\iWin
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\PriceGong
Folder Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\Documents and Settings\Ondra\Data aplikací\ExpressFiles
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\Mozilla\Firefox\Profiles\okn5ga4p.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\Mozilla\Firefox\Profiles\okn5ga4p.default\Smartbar
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\Mozilla\Firefox\Profiles\okn5ga4p.default\CT3072253
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\Mozilla\Firefox\Profiles\okn5ga4p.default\Extensions\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\Mozilla\Firefox\Profiles\okn5ga4p.default\Extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[!] Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jfkghimahkenmlpdjngbjnjcnijklbpi
[!] Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\obilhkhfmlggcoildcnoeknaghkiiclj
[!] Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Google\Chrome\Extensions\jfkghimahkenmlpdjngbjnjcnijklbpi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jfkghimahkenmlpdjngbjnjcnijklbpi
Key Deleted : HKCU\Software\Google\Chrome\Extensions\obilhkhfmlggcoildcnoeknaghkiiclj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\obilhkhfmlggcoildcnoeknaghkiiclj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\ExpressFiles.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\ExpressDL.exe]
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\PIP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v25.0.1 (cs)
[ File : C:\Documents and Settings\Mila Sopouskova\Data aplikací\Mozilla\Firefox\Profiles\okn5ga4p.default\prefs.js ]
Line Deleted : user_pref("CT3072253..clientLogIsEnabled", false);
Line Deleted : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT3072253./9b+7e+x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e,x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e-x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e/x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e06cg5el8:.from_oldbar.enc", "bm1rcHBybXJ0dw==");
Line Deleted : user_pref("CT3072253./9b+7e06cg5el;8i:k.from_oldbar.enc", "JH4tLyJqdHNxdnZ4c3h6fSQvS0lHT0I1fV1cPQ==");
Line Deleted : user_pref("CT3072253./9b+7e0x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e1x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e2x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e3x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e4x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e5x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e6x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e7x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e8x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e9x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e:x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e;x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e<x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e=x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e>x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e?x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e@x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7eax305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7ebe3g=;d9n9=d.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZJZXFzTTN9VlRROFBc");
Line Deleted : user_pref("CT3072253./9b+7ebx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7ecx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7edx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7etx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b-0?3g>d.from_oldbar.enc", "bGxAaT9xQEJ6cENGeiB5d0xPJUxSfCEqIyMoJSYkLS1bKSov");
Line Deleted : user_pref("CT3072253./9b-0?3g@6:5;.from_oldbar.enc", "AA==");
Line Deleted : user_pref("CT3072253./9b-0?3gfa7ef.from_oldbar.enc", "Ky4sPQ==");
Line Deleted : user_pref("CT3072253./9b-3=3eccja=f>.from_oldbar.enc", "JH4zPSxFL0E1J28pKiEsOT1EMHgyTEFCR34rLEhXS0hWXVw1U1JcY2JhWlxkP2pfYkJtbW1zYGpjS3hna2Q/bUM9Mz9ecHN9IUxZVWZ5KXx5KC8uV2RgcTYlXTU2dzwpY29tdXQgNzRrUkE9[...]
Line Deleted : user_pref("CT3072253./9b/>01=9a6k6<im;krie@pdawm.from_oldbar.enc", "bmpocHN0dXZ3");
Line Deleted : user_pref("CT3072253./9b3=>@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEcgPj1HTk1MRUdPKlVKTS1YWFheS1VONmNSVk8=");
Line Deleted : user_pref("CT3072253./9b5ba==9cjag.from_oldbar.enc", "bWs8bEFzQnN6c0Z2cnd7SE0gfVF8");
Line Deleted : user_pref("CT3072253./9b6b11g4c56b>f;p;anr@p.from_oldbar.enc", "bm1pb2pzbHRydXZ4dQ==");
Line Deleted : user_pref("CT3072253./9b9643g3/9e.from_oldbar.enc", "ag==");
Line Deleted : user_pref("CT3072253./9b;45>:bi9i7ie.from_oldbar.enc", "Ky4sPQ==");
Line Deleted : user_pref("CT3072253./9b<:222h64<.from_oldbar.enc", "OT81Lz4=");
Line Deleted : user_pref("CT3072253./9b<:222h64<l8daj.from_oldbar.enc", "bXBwb3Z0cnl3dSp5dXJ6e3V7IQ==");
Line Deleted : user_pref("CT3072253./9b=+03eh8h8j?:.from_oldbar.enc", "REM=");
Line Deleted : user_pref("CT3072253./9b?+e2a52d8.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZkcHJ5UVVeXlI=");
Line Deleted : user_pref("CT3072253./9b?b0d:8aj62<h.from_oldbar.enc", "bQ==");
Line Deleted : user_pref("CT3072253./9ba@0<0bi6a7gn:6@l?.from_oldbar.enc", "bA==");
Line Deleted : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT3072253.AppTrackingLastCheckTime", "Wed Aug 28 2013 17:52:17 GMT+0200");
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_130067979083742856", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_1359634299000", true);
Line Deleted : user_pref("CT3072253.CT3072253.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3072253&octid=CT3072253&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
Line Deleted : user_pref("CT3072253.CTID", "CT3072253");
Line Deleted : user_pref("CT3072253.ConfigurationLastCheckTime", "Fri Nov 08 2013 14:59:58 GMT+0100");
Line Deleted : user_pref("CT3072253.CurrentServerDate", "8-11-2013");
Line Deleted : user_pref("CT3072253.DSInstall", false);
Line Deleted : user_pref("CT3072253.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT3072253.DialogsGetterLastCheckTime", "Fri Nov 08 2013 15:00:03 GMT+0100");
Line Deleted : user_pref("CT3072253.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT3072253.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.FirstServerDate", "26-5-2012");
Line Deleted : user_pref("CT3072253.FirstTime", true);
Line Deleted : user_pref("CT3072253.FirstTimeFF3", true);
Line Deleted : user_pref("CT3072253.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT3072253.HPInstall", false);
Line Deleted : user_pref("CT3072253.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT3072253.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT3072253.HomepageBeforeUnload", "hxxp://www.centrum.cz/?utm_source=ch-browser&utm_medium=ff");
Line Deleted : user_pref("CT3072253.Initialize", true);
Line Deleted : user_pref("CT3072253.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT3072253.InstallationId", "fft1E.tmp.exe");
Line Deleted : user_pref("CT3072253.InstallationType", "XPE");
Line Deleted : user_pref("CT3072253.InstalledDate", "Sat May 26 2012 12:52:06 GMT+0200");
Line Deleted : user_pref("CT3072253.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT3072253.IsGrouping", false);
Line Deleted : user_pref("CT3072253.IsInitSetupIni", true);
Line Deleted : user_pref("CT3072253.IsMulticommunity", false);
Line Deleted : user_pref("CT3072253.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT3072253.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT3072253.LanguagePackLastCheckTime", "Fri Nov 08 2013 15:00:01 GMT+0100");
Line Deleted : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT3072253.LastLogin_3.12.0.8", "Sun May 27 2012 12:41:38 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.12.2.3", "Thu May 31 2012 13:30:02 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.13.0.6", "Wed Jul 18 2012 13:37:06 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.14.1.0", "Tue Aug 28 2012 09:25:36 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.15.1.0", "Fri Nov 16 2012 09:09:30 GMT+0100");
Line Deleted : user_pref("CT3072253.LastLogin_3.16.0.3", "Thu Feb 21 2013 15:25:33 GMT+0100");
Line Deleted : user_pref("CT3072253.LastLogin_3.18.0.7", "Tue Jul 16 2013 07:03:54 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.19.0.3", "Mon Sep 09 2013 18:59:47 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.20.0.4", "Fri Nov 08 2013 14:59:55 GMT+0100");
Line Deleted : user_pref("CT3072253.LatestVersion", "3.20.0.4");
Line Deleted : user_pref("CT3072253.Locale", "en");
Line Deleted : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT3072253.OriginalFirstVersion", "3.12.0.8");
Line Deleted : user_pref("CT3072253.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT3072253.SF_JUST_INSTALLED", "%CC%C7%D2%D9%CB");
Line Deleted : user_pref("CT3072253.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Deleted : user_pref("CT3072253.SF_USER_ID", "%E9%EF%EA%E5%B7%BA%BD%B8%B6%B7%B9%B7%BE%BB%B9%B7%B7%BE%B7%B6%BC%BC");
Line Deleted : user_pref("CT3072253.SF_USER_ID.enc", "Y2lkXzE0NzIwMTMxODUzMTE4MTA2Ng==");
Line Deleted : user_pref("CT3072253.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT3072253.SearchAPILastCheckTime", "Fri Nov 08 2013 14:59:57 GMT+0100");
Line Deleted : user_pref("CT3072253.SearchAppState", "%B9");
Line Deleted : user_pref("CT3072253.SearchAppState.enc", "Mw==");
Line Deleted : user_pref("CT3072253.SearchAppTracking", "%F9%EB%F4%FA");
Line Deleted : user_pref("CT3072253.SearchAppTracking.enc", "c2VudA==");
Line Deleted : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Line Deleted : user_pref("CT3072253.SearchEngineBeforeUnload", "Google");
Line Deleted : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=");
Line Deleted : user_pref("CT3072253.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Mon Sep 09 2013 18:59:45 GMT+0200");
Line Deleted : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT3072253.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT3072253&octid=CT3072253&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
Line Deleted : user_pref("CT3072253.SearchProtectorEnabled", false);
Line Deleted : user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT3072253.ServiceMapLastCheckTime", "Fri Nov 08 2013 14:59:57 GMT+0100");
Line Deleted : user_pref("CT3072253.SettingsLastCheckTime", "Fri Nov 08 2013 14:59:51 GMT+0100");
Line Deleted : user_pref("CT3072253.SettingsLastUpdate", "1383901082");
Line Deleted : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Fri Oct 18 2013 18:27:44 GMT+0200");
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT3072253.UserID", "UN14591064956111832");
Line Deleted : user_pref("CT3072253.ValidationData_Search", 2);
Line Deleted : user_pref("CT3072253.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT3072253._9b90e_.3c;7b=?ofb>>rhiqs.from_oldbar.enc", "OT81Lz4=");
Line Deleted : user_pref("CT3072253._9b_7e.:2z527.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253._9b_7e.x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253._key_cl_active", "%B9%BC%BE%E7%BA%BF%EA%BD%B3%BA%E9%B8%BC%B3%BA%BD%B8%BB%B3%E7%E9%B7%BE%B3%B8%EA%B9%B7%E8%B9%BB%E7%B7%B8%BA%BD");
Line Deleted : user_pref("CT3072253._key_cl_active.enc", "MzY4YTQ5ZDctNGMyNi00NzI1LWFjMTgtMmQzMWIzNWExMjQ3");
Line Deleted : user_pref("CT3072253.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3072253.alertChannelId", "1463702");
Line Deleted : user_pref("CT3072253.autoDisableScopes", -1);
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e+x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e,x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e-x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e.:2z527", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e.x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e/x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e06cg5el8:", "6E6D6B7070726D727477");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737176767873787A7D242F4B49474F42357D5D5C3D");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e0x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e1x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e2x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e3x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e4x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e5x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e6x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e7x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e8x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e9x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e:x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e;x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e<x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e=x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e>x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e?x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e@x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7eax305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7ebx305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7ecx305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7edx305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7etx305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b-0?3g>d", "6C6C40693F7140427A7043467A2079774C4F254C527C212A2323282526242D2D5B292A2F");
Line Deleted : user_pref("CT3072253.backendstorage./9b-0?3g@6:5;", "");
Line Deleted : user_pref("CT3072253.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Line Deleted : user_pref("CT3072253.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D443078324C4142477E2B2C48574B48565D5C3553525C6362615A5C643F6A5F62426D6D6D73606A634B78676B643F6D433D333F5E70737D2[...]
Line Deleted : user_pref("CT3072253.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Line Deleted : user_pref("CT3072253.backendstorage./9b3=>@44i48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
Line Deleted : user_pref("CT3072253.backendstorage./9b5ba==9cjag", "6D6B3C6C417342737A73467672777B484D207D517C");
Line Deleted : user_pref("CT3072253.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D696F6A736C747275767875");
Line Deleted : user_pref("CT3072253.backendstorage./9b90e@.3c;7b=?ofb>>rhiqs", "393F352F3E");
Line Deleted : user_pref("CT3072253.backendstorage./9b9643g3/9e", "6A");
Line Deleted : user_pref("CT3072253.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Line Deleted : user_pref("CT3072253.backendstorage./9b<:222h64<", "393F352F3E");
Line Deleted : user_pref("CT3072253.backendstorage./9b<:222h64<l8daj", "6D70706F7674727977752A7975727A7B757B21");
Line Deleted : user_pref("CT3072253.backendstorage./9b=+03eh8h8j?:", "4443");
Line Deleted : user_pref("CT3072253.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Line Deleted : user_pref("CT3072253.backendstorage./9b?b0d:8aj62<h", "6D");
Line Deleted : user_pref("CT3072253.backendstorage./9ba@0<0bi6a7gn:6@l?", "6C");
Line Deleted : user_pref("CT3072253.backendstorage.cb_experience_000", "33");
Line Deleted : user_pref("CT3072253.backendstorage.cb_firstuse0100", "31");
Line Deleted : user_pref("CT3072253.backendstorage.cb_user_id_000", "434232313730383232373038395F46697265666F78");
Line Deleted : user_pref("CT3072253.backendstorage.cbcountry_000", "435A");
Line Deleted : user_pref("CT3072253.backendstorage.cbcountry_001", "435A");
Line Deleted : user_pref("CT3072253.backendstorage.cbfirsttime", "536174204D617920323620323031322031323A35323A313020474D542B30323030");
Line Deleted : user_pref("CT3072253.backendstorage.cbopenmamsettings", "30");
Line Deleted : user_pref("CT3072253.backendstorage.facebook_mode", "32");
Line Deleted : user_pref("CT3072253.backendstorage.facebook_user_locale", "656E");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appsconfig", "7B2241707073436F6E66696775726174696F6E223A5B7B226964223A2245617379746F626F6F6B5F7461726765746564222C2275726C223A22687474703A2F2F636F6E6430312E6[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstate_pricegong", "6F6E");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstatereporttime", "31333833393139323435353630");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_calledsetupservice", "31");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_currentversion", "312E31312E342E32");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_eventscache", "7B2236386162373766312D313862632D343365332D626432632D343130666431346134386333223A7B22746F706963223A2273656E645573616765222C2264617461223A7B2263[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_existingusersrecoverydone", "31");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_first_time", "31");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_gadgetopen", "30");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_globalkeysmigratedtolocalstorage", "31");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_lastlogintime", "31333833393139323436313833");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C696379223A7B2254657874223A22436F6E74656E7420506F6C696379227D2C226761646765744465736372697074696F6E5072696[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_mamenabled", "66616C7365");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.10.2.5", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2238345F30222C22697354657374223[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.10.4.0", "7B22537461747573223A22737563636565646564222C2244617461223A7B2263757272656E7444617465223A223230313331313031222C22696E74657276616C223A32343[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.11.4.2", "7B22537461747573223A22737563636565646564222C2244617461223A7B2263757272656E7444617465223A223230313331313038222C22696E74657276616C223A32343[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.4.3.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315F2D31222C2269735465737422[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.4.3.2", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315F2D31222C2269735465737422[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A223231355F2D31222C22697354657374[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.6.0.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A223231355F2D31222C22697354657374[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.8.0.4", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2235345F30222C22697354657374223A[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.9.0.4", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2238345F30222C22697354657374223A[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_showclosebutton", "74727565");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_stamp", "38345F30");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_user_approval_interacted", "31");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_userid", "35386135356437632D363062662D346661342D396136302D346361373436653933336439");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_welcomedialogmode", "31");
Line Deleted : user_pref("CT3072253.backendstorage.pg_enable", "74727565");
Line Deleted : user_pref("CT3072253.backendstorage.searchappstate", "33");
Line Deleted : user_pref("CT3072253.backendstorage.searchapptracking", "73656E74");
Line Deleted : user_pref("CT3072253.backendstorage.sf_just_installed", "46414C5345");
Line Deleted : user_pref("CT3072253.backendstorage.sf_status", "454E41424C4544");
Line Deleted : user_pref("CT3072253.backendstorage.sf_user_id", "6369645F313437323031333138353331313831303636");
Line Deleted : user_pref("CT3072253.backendstorage.url_history0001", "687474703A2F2F7777772E626C616E636865706F7274652E637A2F6E6F76696E6B792D762D6279746F76656D2D74657874696C753A3A3A636C69636B68616E646C65723A3A3A31333[...]
Line Deleted : user_pref("CT3072253.cb_experience_000.from_oldbar.enc", "Mw==");
Line Deleted : user_pref("CT3072253.cb_firstuse0100.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT3072253.cb_user_id_000.from_oldbar.enc", "Q0IyMTcwODIyNzA4OV9GaXJlZm94");
Line Deleted : user_pref("CT3072253.cbcountry_000.from_oldbar.enc", "Q1o=");
Line Deleted : user_pref("CT3072253.cbcountry_001.from_oldbar.enc", "Q1o=");
Line Deleted : user_pref("CT3072253.cbfirsttime", "%D9%E7%FA%A6%D3%E7%FF%A6%B8%BC%A6%B8%B6%B7%B8%A6%B7%B8%C0%BB%B8%C0%B7%B6%A6%CD%D3%DA%B1%B6%B8%B6%B6");
Line Deleted : user_pref("CT3072253.cbfirsttime.enc", "U2F0IE1heSAyNiAyMDEyIDEyOjUyOjEwIEdNVCswMjAw");
Line Deleted : user_pref("CT3072253.cbopenmamsettings.from_oldbar.enc", "MA==");
Line Deleted : user_pref("CT3072253.components.129593762370823811", false);
Line Deleted : user_pref("CT3072253.countryCode", "CZ");
Line Deleted : user_pref("CT3072253.embeddedsData", "[{\"appId\":\"129571859753931591\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3072253.facebook_mode.from_oldbar.enc", "Mg==");
Line Deleted : user_pref("CT3072253.facebook_user_locale.from_oldbar.enc", "ZW4=");
Line Deleted : user_pref("CT3072253.firstTimeDialogOpened", true);
Line Deleted : user_pref("CT3072253.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT3072253.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3072253.fullUserID", "UN14591064956111832.UP.2116");
Line Deleted : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Fri Nov 01 2013 07:58:37 GMT+0100");
Line Deleted : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3072253.initDone", true);
Line Deleted : user_pref("CT3072253.installId", "fft1E.tmp.exe");
Line Deleted : user_pref("CT3072253.installType", "XPE");
Line Deleted : user_pref("CT3072253.isAppTrackingManagerOn", false);
Line Deleted : user_pref("CT3072253.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3072253.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3072253.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT3072253.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3072253.keyword", true);
Line Deleted : user_pref("CT3072253.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3072253&octid=CT3072253&SearchSource=15&CUI=UN14591064956111832&SSPV=&Lay=1&UM=ff\"}");
Line Deleted : user_pref("CT3072253.lastVersion", "10.20.101.5");
Line Deleted : user_pref("CT3072253.mam_gk_appStateReportTime", "%B7%B9%BE%BC%B7%BA%BC%BF%BE%B6%BF%BA%B7");
Line Deleted : user_pref("CT3072253.mam_gk_appStateReportTime.enc", "MTM4NjE0Njk4MDk0MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_appState_Clarity_Active", "%F5%F4");
Line Deleted : user_pref("CT3072253.mam_gk_appState_Clarity_Active.enc", "b24=");
Line Deleted : user_pref("CT3072253.mam_gk_appState_CouponBuddy", "%F5%F4");
Line Deleted : user_pref("CT3072253.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Deleted : user_pref("CT3072253.mam_gk_appState_PriceGong", "%F5%F4");
Line Deleted : user_pref("CT3072253.mam_gk_appState_PriceGong.enc", "b24=");
Line Deleted : user_pref("CT3072253.mam_gk_appsConfig.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJDbGFyaXR5X0FjdGl2ZSIsInVybCI6Imh0dHA6Ly9zdG9yYWdlLmNvbmR1aXQuY29tL21hbS8zcmRwYXJ0eWFwcHMvY2xhcml0eVJheS9jcl9hY3Rpdm[...]
Line Deleted : user_pref("CT3072253.mam_gk_appsDefaultEnabled", "%F4%FB%F2%F2");
Line Deleted : user_pref("CT3072253.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Deleted : user_pref("CT3072253.mam_gk_appsdefaultenabled.from_oldbar.enc", "bnVsbA==");
Line Deleted : user_pref("CT3072253.mam_gk_calledSetupService", "%B7");
Line Deleted : user_pref("CT3072253.mam_gk_calledSetupService.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_currentVersion", "%B7%B4%B7%B7%B4%BB%B4%B7");
Line Deleted : user_pref("CT3072253.mam_gk_currentVersion.enc", "MS4xMS41LjE=");
Line Deleted : user_pref("CT3072253.mam_gk_currentversion.from_oldbar.enc", "MS4xMS40LjI=");
Line Deleted : user_pref("CT3072253.mam_gk_eventscache.from_oldbar.enc", "eyI2OGFiNzdmMS0xOGJjLTQzZTMtYmQyYy00MTBmZDE0YTQ4YzMiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlvbiI6IlZpZXcif[...]
Line Deleted : user_pref("CT3072253.mam_gk_existingUsersRecoveryDone", "%B7");
Line Deleted : user_pref("CT3072253.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_first_time", "%B7");
Line Deleted : user_pref("CT3072253.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_gadgetopen.from_oldbar.enc", "MA==");
Line Deleted : user_pref("CT3072253.mam_gk_globalKeysMigratedToLocalStorage", "%B7");
Line Deleted : user_pref("CT3072253.mam_gk_globalKeysMigratedToLocalStorage.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_lastLoginTime", "%B7%B9%BE%BC%B7%BA%BC%BF%BE%B7%BD%B6%BD");
Line Deleted : user_pref("CT3072253.mam_gk_lastLoginTime.enc", "MTM4NjE0Njk4MTcwNw==");
Line Deleted : user_pref("CT3072253.mam_gk_localization.enc", "eyJkaWFsb2dPSyI6eyJUZXh0IjoiT0sifSwiZG1ib3gxIjp7IlRleHQiOiJEZWFsXHJcbm9mIHRoZSBkYXkifSwiZG1ib3gyIjp7IlRleHQiOiJGcmVlXHJcblNoaXBtZW50In0sImRtYnVsbGV0MSI6[...]
Line Deleted : user_pref("CT3072253.mam_gk_mamEnabled", "%EC%E7%F2%F9%EB");
Line Deleted : user_pref("CT3072253.mam_gk_mamEnabled.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3072253.mam_gk_pgUnloadedOnce", "%FA%F8%FB%EB");
Line Deleted : user_pref("CT3072253.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3072253.mam_gk_settings1.11.4.2", "%u0101%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0%u0101%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%FA%EB%A8%C0%A8%B8%B6%B7%B[...]
Line Deleted : user_pref("CT3072253.mam_gk_settings1.11.4.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzExMjYiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6Ijg0XzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5[...]
Line Deleted : user_pref("CT3072253.mam_gk_settings1.11.5.1", "%u0101%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0%u0101%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%FA%EB%A8%C0%A8%B8%B6%B7%B[...]
Line Deleted : user_pref("CT3072253.mam_gk_settings1.11.5.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzEyMDQiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6Ijg0XzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5[...]
Line Deleted : user_pref("CT3072253.mam_gk_showWelcomeGadget", "%EC%E7%F2%F9%EB");
Line Deleted : user_pref("CT3072253.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3072253.mam_gk_showclosebutton.from_oldbar.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3072253.mam_gk_showwelcomegadget.from_oldbar.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3072253.mam_gk_stamp", "%BE%BA%E5%B6");
Line Deleted : user_pref("CT3072253.mam_gk_stamp.enc", "ODRfMA==");
Line Deleted : user_pref("CT3072253.mam_gk_userId", "%BB%BE%E7%BB%BB%EA%BD%E9%B3%BC%B6%E8%EC%B3%BA%EC%E7%BA%B3%BF%E7%BC%B6%B3%BA%E9%E7%BD%BA%BC%EB%BF%B9%B9%EA%BF");
Line Deleted : user_pref("CT3072253.mam_gk_userId.enc", "NThhNTVkN2MtNjBiZi00ZmE0LTlhNjAtNGNhNzQ2ZTkzM2Q5");
Line Deleted : user_pref("CT3072253.mam_gk_user_approval_interacted", "%B7");
Line Deleted : user_pref("CT3072253.mam_gk_user_approval_interacted.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_user_approval_interacted.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_welcomeDialogMode", "%B7");
Line Deleted : user_pref("CT3072253.mam_gk_welcomeDialogMode.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_welcomedialogmode.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT3072253.myStuffEnabled", true);
Line Deleted : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT3072253.navigateToUrlOnSearch", false);
Line Deleted : user_pref("CT3072253.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.marykayintouch.cz%2FLogin%2FLogin.aspx\",\"EB_MAIN_FRAME_TITLE\":\"%0A%09Mary%20Kay%20In[...]
Line Deleted : user_pref("CT3072253.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.oldAppsList", "129295695672325902,129571859753931591,111,129593762370823811,129805375651312503,129749445881800338,1359634299000,130067979083742856,1000080,1000515,1000,1001,1002,1[...]
Line Deleted : user_pref("CT3072253.originalHomepage", "hxxp://www.centrum.cz/?utm_source=ch-browser&utm_medium=ff");
Line Deleted : user_pref("CT3072253.originalSearchAddressUrl", "data:text/plain,keyword.URL=hxxp://search.centrum.cz/?channel_id=custom-browser,ff,invalid-dns&q=");
Line Deleted : user_pref("CT3072253.originalSearchEngine", "Google");
Line Deleted : user_pref("CT3072253.pg_enable.from_oldbar.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3072253.price-gong.isManagedApp", "true");
Line Deleted : user_pref("CT3072253.revertSettingsEnabled", true);
Line Deleted : user_pref("CT3072253.search.searchAppId", "129571859753931591");
Line Deleted : user_pref("CT3072253.search.searchCount", 2);
Line Deleted : user_pref("CT3072253.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT3072253.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3072253.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3072253.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT3072253.searchUserMode", "ff");
Line Deleted : user_pref("CT3072253.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3072253\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControl2.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl2 \"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_services_Configuration_lastUpdate", "1386146975270");
Line Deleted : user_pref("CT3072253.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1385915248583");
Line Deleted : user_pref("CT3072253.serviceLayer_services_appsMetadata_lastUpdate", "1386146972393");
Line Deleted : user_pref("CT3072253.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1385320119533");
Line Deleted : user_pref("CT3072253.serviceLayer_services_login_10.20.101.5_lastUpdate", "1386146969361");
Line Deleted : user_pref("CT3072253.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1385320119788");
Line Deleted : user_pref("CT3072253.serviceLayer_services_searchAPI_lastUpdate", "1386146975073");
Line Deleted : user_pref("CT3072253.serviceLayer_services_serviceMap_lastUpdate", "1386146972327");
Line Deleted : user_pref("CT3072253.serviceLayer_services_toolbarContextMenu_lastUpdate", "1386146970643");
Line Deleted : user_pref("CT3072253.serviceLayer_services_toolbarSettings_lastUpdate", "1386146970897");
Line Deleted : user_pref("CT3072253.serviceLayer_services_translation_lastUpdate", "1386146970548");
Line Deleted : user_pref("CT3072253.settingsINI", true);
Line Deleted : user_pref("CT3072253.sf_status.from_oldbar.enc", "RU5BQkxFRA==");
Line Deleted : user_pref("CT3072253.showToolbarPermission", "false");
Line Deleted : user_pref("CT3072253.smartbar.CTID", "CT3072253");
Line Deleted : user_pref("CT3072253.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3072253.smartbar.toolbarName", "uTorrentControl2 ");
Line Deleted : user_pref("CT3072253.testingCtid", "");
Line Deleted : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Fri Nov 08 2013 15:00:03 GMT+0100");
Line Deleted : user_pref("CT3072253.toolbarBornServerTime", "26-5-2012");
Line Deleted : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Fri Nov 08 2013 15:00:03 GMT+0100");
Line Deleted : user_pref("CT3072253.toolbarCurrentServerTime", "4-12-2013");
Line Deleted : user_pref("CT3072253.toolbarLoginClientTime", "Sun Nov 10 2013 12:28:09 GMT+0100");
Line Deleted : user_pref("CT3072253.upgradeFromOBVersion", true);
Line Deleted : user_pref("CT3072253.url_history0001", "%EE%FA%FA%F6%C0%B5%B5%FD%FD%FD%B4%F3%E7%F8%FF%F1%E7%FF%EF%F4%FA%F5%FB%E9%EE%B4%E9%u0100%B5%C0%C0%C0%E9%F2%EF%E9%F1%EE%E7%F4%EA%F2%EB%F8%C0%C0%C0%B7%B9%BE%BC%B7%[...]
Line Deleted : user_pref("CT3072253.url_history0001.enc", "aHR0cDovL3d3dy5tYXJ5a2F5aW50b3VjaC5jei86OjpjbGlja2hhbmRsZXI6OjoxMzg2MTQ3MjI3MzU3LCwsamF2YXNjcmlwdDpXZWJGb3JtX0RvUG9zdEJhY2tXaXRoT3B0aW9ucyhuZXclMjBXZWJGb3Jt[...]
Line Deleted : user_pref("CT3072253.usagesFlag", 2);
Line Deleted : user_pref("CT3072253_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386146949224,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253", "\"dee956085d02ea0c080e2fd6614cf66e3\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", "\"1362324308\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "G9mW7heT/8xIX1frcduu0A==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en&ctid=CT3072253", "GNmdGrr6syWWiO5HPrW6Kg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en&ctid=CT3072253", "inm6N6Ad2DrQKGUsOGzkLg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "k9un27OkAvkwB2ZmvXxTnA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en&ctid=CT3072253", "6nU8AIjBECdJeC23UVuipQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "4BgM4MhF/sOgPsDNmIs3Yw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en&ctid=CT3072253", "Y3Dtc1pIAMMkuUpvgoTeaw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"380ff24abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.8", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"23c5489aa686ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"9f8d2729abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253", "\"07766f5592f76b152ec9246ce6a0b574\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"968402cf2834e7ec0f38a19f0e9a9eb0\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Mila Sopouskova\\Data aplikací\\Mozilla\\Firefox\\Profiles\\okn5ga4p.default\\conduitCommon\\modules\\3.20.0.4");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.20.0.4");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "data:text/plain,keyword.URL=hxxp://search.centrum.cz/?channel_id=custom-browser,ff,invalid-dns&q=");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "bffa0e8e-6bac-41c0-a69a-703e781a0119");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Nov 06 2013 11:52:50 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Nov 08 2013 15:00:10 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Nov 08 2013 14:59:59 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "20e4785b-9a5f-4d31-a2dc-1cf2c89a03d8");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.centrum.cz/?utm_source=ch-browser&utm_medium=ff");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "data:text/plain,keyword.URL=hxxp://search.centrum.cz/?channel_id=custom-browser,ff,invalid-dns&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3072253");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&CUI=UN14591064956111832&UM=ff&q=");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3072253");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&CU[...]
Line Deleted : user_pref("smartbar.machineId", "UNGLLBJKYQKLFXHWG0I1LYVQ88LOCZOFXUWOCWOFOOCD3XCWSMZKXZCGLZP/RWEJMUZ2ZOVFFWQZVNWP7KZWMA");
[ File : C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\pwhdinor.default\prefs.js ]
-\\ Google Chrome v31.0.1650.63
[ File : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword
Deleted : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [53108 octets] - [06/12/2013 17:34:29]
AdwCleaner[S0].txt - [53884 octets] - [06/12/2013 17:37:24]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [53945 octets] ##########
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.12.06.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Ondra :: ACER-F8C2D844E9 [administrátor]
6.12.2013 18:03:10
MBAM-log-2013-12-09 (20-07-03).txt
Typ: Kompletní kontrola (C:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 360959
Uplynulý čas: 2 dnů, 2 hodin, 10 minut, 23 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SOFTWARE\Bifrost (Bifrose.Trace) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 3
C:\WINDOWS\system32\Bifrost (Backdoor.Bifrose) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 28
C:\Documents and Settings\Ondra\Dokumenty\Downloads\IcyTower.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Dokumenty\Downloads\farmfrenzy_d505662.exe (PUP.Optional.InstallIQ.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Dokumenty\Downloads\YTDSetup (1).exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Dokumenty\Downloads\YTDSetup.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\chLogic.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\ctbe.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\statisticsStub.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\chLogic.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\ctbe.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\statisticsStub.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temporary Internet Files\Content.IE5\A5REUJAQ\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temporary Internet Files\Content.IE5\B1PF0P26\Icy_Tower[1].exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temporary Internet Files\Content.IE5\B1PF0P26\Free_Lunch_Design_TB_wpf[1].exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temporary Internet Files\Content.IE5\B1PF0P26\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Mila Sopouskova\Data aplikací\addons.dat (Bifrose.Trace) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\system32\Bifrost\logg.dat (Backdoor.Bifrose) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\chromeid.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\CT2670199.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\ddt.csf (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\initData.json (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\manifest.json (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\setup.ini.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\chromeid.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\CT2928751.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\ddt.csf (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\initData.json (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\manifest.json (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\setup.ini.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
(konec)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Ondra on p 06.12.2013 at 17:16:40,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\utorrentcontrol2
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3072253
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
~~~ Files
Successfully deleted: [File] C:\WINDOWS\Tasks\rmschedule.job
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\Documents and Settings\Ondra\Data aplikacˇ\babylontoolbar"
Successfully deleted: [Folder] "C:\Documents and Settings\Ondra\Data aplikacˇ\opencandy"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [Folder] C:\Documents and Settings\Ondra\Data aplikacˇ\mozilla\firefox\profiles\pwhdinor.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 06.12.2013 at 17:29:08,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v3.014 - Report created 06/12/2013 at 17:37:24
# Updated 01/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Ondra - ACER-F8C2D844E9
# Running from : C:\Documents and Settings\Ondra\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\myfree codec
Folder Deleted : C:\Program Files\ExpressFiles
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\DOCUME~1\Mila Sopouskova\LOCALS~1\Temp\CT3072253
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\ExpressFiles
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\iWin
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\PriceGong
Folder Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\Documents and Settings\Ondra\Data aplikací\ExpressFiles
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\Mozilla\Firefox\Profiles\okn5ga4p.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\Mozilla\Firefox\Profiles\okn5ga4p.default\Smartbar
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\Mozilla\Firefox\Profiles\okn5ga4p.default\CT3072253
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\Mozilla\Firefox\Profiles\okn5ga4p.default\Extensions\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}
Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Data aplikací\Mozilla\Firefox\Profiles\okn5ga4p.default\Extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[!] Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jfkghimahkenmlpdjngbjnjcnijklbpi
[!] Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\obilhkhfmlggcoildcnoeknaghkiiclj
[!] Folder Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Google\Chrome\Extensions\jfkghimahkenmlpdjngbjnjcnijklbpi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jfkghimahkenmlpdjngbjnjcnijklbpi
Key Deleted : HKCU\Software\Google\Chrome\Extensions\obilhkhfmlggcoildcnoeknaghkiiclj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\obilhkhfmlggcoildcnoeknaghkiiclj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\ExpressFiles.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\ExpressDL.exe]
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\PIP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v25.0.1 (cs)
[ File : C:\Documents and Settings\Mila Sopouskova\Data aplikací\Mozilla\Firefox\Profiles\okn5ga4p.default\prefs.js ]
Line Deleted : user_pref("CT3072253..clientLogIsEnabled", false);
Line Deleted : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT3072253./9b+7e+x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e,x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e-x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e/x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e06cg5el8:.from_oldbar.enc", "bm1rcHBybXJ0dw==");
Line Deleted : user_pref("CT3072253./9b+7e06cg5el;8i:k.from_oldbar.enc", "JH4tLyJqdHNxdnZ4c3h6fSQvS0lHT0I1fV1cPQ==");
Line Deleted : user_pref("CT3072253./9b+7e0x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e1x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e2x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e3x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e4x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e5x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e6x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e7x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e8x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e9x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e:x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e;x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e<x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e=x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e>x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e?x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7e@x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7eax305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7ebe3g=;d9n9=d.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZJZXFzTTN9VlRROFBc");
Line Deleted : user_pref("CT3072253./9b+7ebx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7ecx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7edx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b+7etx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253./9b-0?3g>d.from_oldbar.enc", "bGxAaT9xQEJ6cENGeiB5d0xPJUxSfCEqIyMoJSYkLS1bKSov");
Line Deleted : user_pref("CT3072253./9b-0?3g@6:5;.from_oldbar.enc", "AA==");
Line Deleted : user_pref("CT3072253./9b-0?3gfa7ef.from_oldbar.enc", "Ky4sPQ==");
Line Deleted : user_pref("CT3072253./9b-3=3eccja=f>.from_oldbar.enc", "JH4zPSxFL0E1J28pKiEsOT1EMHgyTEFCR34rLEhXS0hWXVw1U1JcY2JhWlxkP2pfYkJtbW1zYGpjS3hna2Q/bUM9Mz9ecHN9IUxZVWZ5KXx5KC8uV2RgcTYlXTU2dzwpY29tdXQgNzRrUkE9[...]
Line Deleted : user_pref("CT3072253./9b/>01=9a6k6<im;krie@pdawm.from_oldbar.enc", "bmpocHN0dXZ3");
Line Deleted : user_pref("CT3072253./9b3=>@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEcgPj1HTk1MRUdPKlVKTS1YWFheS1VONmNSVk8=");
Line Deleted : user_pref("CT3072253./9b5ba==9cjag.from_oldbar.enc", "bWs8bEFzQnN6c0Z2cnd7SE0gfVF8");
Line Deleted : user_pref("CT3072253./9b6b11g4c56b>f;p;anr@p.from_oldbar.enc", "bm1pb2pzbHRydXZ4dQ==");
Line Deleted : user_pref("CT3072253./9b9643g3/9e.from_oldbar.enc", "ag==");
Line Deleted : user_pref("CT3072253./9b;45>:bi9i7ie.from_oldbar.enc", "Ky4sPQ==");
Line Deleted : user_pref("CT3072253./9b<:222h64<.from_oldbar.enc", "OT81Lz4=");
Line Deleted : user_pref("CT3072253./9b<:222h64<l8daj.from_oldbar.enc", "bXBwb3Z0cnl3dSp5dXJ6e3V7IQ==");
Line Deleted : user_pref("CT3072253./9b=+03eh8h8j?:.from_oldbar.enc", "REM=");
Line Deleted : user_pref("CT3072253./9b?+e2a52d8.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZkcHJ5UVVeXlI=");
Line Deleted : user_pref("CT3072253./9b?b0d:8aj62<h.from_oldbar.enc", "bQ==");
Line Deleted : user_pref("CT3072253./9ba@0<0bi6a7gn:6@l?.from_oldbar.enc", "bA==");
Line Deleted : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT3072253.AppTrackingLastCheckTime", "Wed Aug 28 2013 17:52:17 GMT+0200");
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_130067979083742856", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_1359634299000", true);
Line Deleted : user_pref("CT3072253.CT3072253.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3072253&octid=CT3072253&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
Line Deleted : user_pref("CT3072253.CTID", "CT3072253");
Line Deleted : user_pref("CT3072253.ConfigurationLastCheckTime", "Fri Nov 08 2013 14:59:58 GMT+0100");
Line Deleted : user_pref("CT3072253.CurrentServerDate", "8-11-2013");
Line Deleted : user_pref("CT3072253.DSInstall", false);
Line Deleted : user_pref("CT3072253.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT3072253.DialogsGetterLastCheckTime", "Fri Nov 08 2013 15:00:03 GMT+0100");
Line Deleted : user_pref("CT3072253.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT3072253.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.FirstServerDate", "26-5-2012");
Line Deleted : user_pref("CT3072253.FirstTime", true);
Line Deleted : user_pref("CT3072253.FirstTimeFF3", true);
Line Deleted : user_pref("CT3072253.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT3072253.HPInstall", false);
Line Deleted : user_pref("CT3072253.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT3072253.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT3072253.HomepageBeforeUnload", "hxxp://www.centrum.cz/?utm_source=ch-browser&utm_medium=ff");
Line Deleted : user_pref("CT3072253.Initialize", true);
Line Deleted : user_pref("CT3072253.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT3072253.InstallationId", "fft1E.tmp.exe");
Line Deleted : user_pref("CT3072253.InstallationType", "XPE");
Line Deleted : user_pref("CT3072253.InstalledDate", "Sat May 26 2012 12:52:06 GMT+0200");
Line Deleted : user_pref("CT3072253.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT3072253.IsGrouping", false);
Line Deleted : user_pref("CT3072253.IsInitSetupIni", true);
Line Deleted : user_pref("CT3072253.IsMulticommunity", false);
Line Deleted : user_pref("CT3072253.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT3072253.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT3072253.LanguagePackLastCheckTime", "Fri Nov 08 2013 15:00:01 GMT+0100");
Line Deleted : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT3072253.LastLogin_3.12.0.8", "Sun May 27 2012 12:41:38 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.12.2.3", "Thu May 31 2012 13:30:02 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.13.0.6", "Wed Jul 18 2012 13:37:06 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.14.1.0", "Tue Aug 28 2012 09:25:36 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.15.1.0", "Fri Nov 16 2012 09:09:30 GMT+0100");
Line Deleted : user_pref("CT3072253.LastLogin_3.16.0.3", "Thu Feb 21 2013 15:25:33 GMT+0100");
Line Deleted : user_pref("CT3072253.LastLogin_3.18.0.7", "Tue Jul 16 2013 07:03:54 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.19.0.3", "Mon Sep 09 2013 18:59:47 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.20.0.4", "Fri Nov 08 2013 14:59:55 GMT+0100");
Line Deleted : user_pref("CT3072253.LatestVersion", "3.20.0.4");
Line Deleted : user_pref("CT3072253.Locale", "en");
Line Deleted : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT3072253.OriginalFirstVersion", "3.12.0.8");
Line Deleted : user_pref("CT3072253.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT3072253.SF_JUST_INSTALLED", "%CC%C7%D2%D9%CB");
Line Deleted : user_pref("CT3072253.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Deleted : user_pref("CT3072253.SF_USER_ID", "%E9%EF%EA%E5%B7%BA%BD%B8%B6%B7%B9%B7%BE%BB%B9%B7%B7%BE%B7%B6%BC%BC");
Line Deleted : user_pref("CT3072253.SF_USER_ID.enc", "Y2lkXzE0NzIwMTMxODUzMTE4MTA2Ng==");
Line Deleted : user_pref("CT3072253.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT3072253.SearchAPILastCheckTime", "Fri Nov 08 2013 14:59:57 GMT+0100");
Line Deleted : user_pref("CT3072253.SearchAppState", "%B9");
Line Deleted : user_pref("CT3072253.SearchAppState.enc", "Mw==");
Line Deleted : user_pref("CT3072253.SearchAppTracking", "%F9%EB%F4%FA");
Line Deleted : user_pref("CT3072253.SearchAppTracking.enc", "c2VudA==");
Line Deleted : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Line Deleted : user_pref("CT3072253.SearchEngineBeforeUnload", "Google");
Line Deleted : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=");
Line Deleted : user_pref("CT3072253.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Mon Sep 09 2013 18:59:45 GMT+0200");
Line Deleted : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT3072253.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT3072253&octid=CT3072253&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
Line Deleted : user_pref("CT3072253.SearchProtectorEnabled", false);
Line Deleted : user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT3072253.ServiceMapLastCheckTime", "Fri Nov 08 2013 14:59:57 GMT+0100");
Line Deleted : user_pref("CT3072253.SettingsLastCheckTime", "Fri Nov 08 2013 14:59:51 GMT+0100");
Line Deleted : user_pref("CT3072253.SettingsLastUpdate", "1383901082");
Line Deleted : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Fri Oct 18 2013 18:27:44 GMT+0200");
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT3072253.UserID", "UN14591064956111832");
Line Deleted : user_pref("CT3072253.ValidationData_Search", 2);
Line Deleted : user_pref("CT3072253.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT3072253._9b90e_.3c;7b=?ofb>>rhiqs.from_oldbar.enc", "OT81Lz4=");
Line Deleted : user_pref("CT3072253._9b_7e.:2z527.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253._9b_7e.x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT3072253._key_cl_active", "%B9%BC%BE%E7%BA%BF%EA%BD%B3%BA%E9%B8%BC%B3%BA%BD%B8%BB%B3%E7%E9%B7%BE%B3%B8%EA%B9%B7%E8%B9%BB%E7%B7%B8%BA%BD");
Line Deleted : user_pref("CT3072253._key_cl_active.enc", "MzY4YTQ5ZDctNGMyNi00NzI1LWFjMTgtMmQzMWIzNWExMjQ3");
Line Deleted : user_pref("CT3072253.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3072253.alertChannelId", "1463702");
Line Deleted : user_pref("CT3072253.autoDisableScopes", -1);
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e+x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e,x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e-x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e.:2z527", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e.x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e/x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e06cg5el8:", "6E6D6B7070726D727477");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737176767873787A7D242F4B49474F42357D5D5C3D");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e0x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e1x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e2x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e3x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e4x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e5x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e6x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e7x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e8x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e9x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e:x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e;x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e<x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e=x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e>x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e?x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7e@x305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7eax305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7ebx305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7ecx305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7edx305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b+7etx305", "2423");
Line Deleted : user_pref("CT3072253.backendstorage./9b-0?3g>d", "6C6C40693F7140427A7043467A2079774C4F254C527C212A2323282526242D2D5B292A2F");
Line Deleted : user_pref("CT3072253.backendstorage./9b-0?3g@6:5;", "");
Line Deleted : user_pref("CT3072253.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Line Deleted : user_pref("CT3072253.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D443078324C4142477E2B2C48574B48565D5C3553525C6362615A5C643F6A5F62426D6D6D73606A634B78676B643F6D433D333F5E70737D2[...]
Line Deleted : user_pref("CT3072253.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Line Deleted : user_pref("CT3072253.backendstorage./9b3=>@44i48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
Line Deleted : user_pref("CT3072253.backendstorage./9b5ba==9cjag", "6D6B3C6C417342737A73467672777B484D207D517C");
Line Deleted : user_pref("CT3072253.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D696F6A736C747275767875");
Line Deleted : user_pref("CT3072253.backendstorage./9b90e@.3c;7b=?ofb>>rhiqs", "393F352F3E");
Line Deleted : user_pref("CT3072253.backendstorage./9b9643g3/9e", "6A");
Line Deleted : user_pref("CT3072253.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Line Deleted : user_pref("CT3072253.backendstorage./9b<:222h64<", "393F352F3E");
Line Deleted : user_pref("CT3072253.backendstorage./9b<:222h64<l8daj", "6D70706F7674727977752A7975727A7B757B21");
Line Deleted : user_pref("CT3072253.backendstorage./9b=+03eh8h8j?:", "4443");
Line Deleted : user_pref("CT3072253.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Line Deleted : user_pref("CT3072253.backendstorage./9b?b0d:8aj62<h", "6D");
Line Deleted : user_pref("CT3072253.backendstorage./9ba@0<0bi6a7gn:6@l?", "6C");
Line Deleted : user_pref("CT3072253.backendstorage.cb_experience_000", "33");
Line Deleted : user_pref("CT3072253.backendstorage.cb_firstuse0100", "31");
Line Deleted : user_pref("CT3072253.backendstorage.cb_user_id_000", "434232313730383232373038395F46697265666F78");
Line Deleted : user_pref("CT3072253.backendstorage.cbcountry_000", "435A");
Line Deleted : user_pref("CT3072253.backendstorage.cbcountry_001", "435A");
Line Deleted : user_pref("CT3072253.backendstorage.cbfirsttime", "536174204D617920323620323031322031323A35323A313020474D542B30323030");
Line Deleted : user_pref("CT3072253.backendstorage.cbopenmamsettings", "30");
Line Deleted : user_pref("CT3072253.backendstorage.facebook_mode", "32");
Line Deleted : user_pref("CT3072253.backendstorage.facebook_user_locale", "656E");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appsconfig", "7B2241707073436F6E66696775726174696F6E223A5B7B226964223A2245617379746F626F6F6B5F7461726765746564222C2275726C223A22687474703A2F2F636F6E6430312E6[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstate_pricegong", "6F6E");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstatereporttime", "31333833393139323435353630");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_calledsetupservice", "31");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_currentversion", "312E31312E342E32");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_eventscache", "7B2236386162373766312D313862632D343365332D626432632D343130666431346134386333223A7B22746F706963223A2273656E645573616765222C2264617461223A7B2263[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_existingusersrecoverydone", "31");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_first_time", "31");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_gadgetopen", "30");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_globalkeysmigratedtolocalstorage", "31");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_lastlogintime", "31333833393139323436313833");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C696379223A7B2254657874223A22436F6E74656E7420506F6C696379227D2C226761646765744465736372697074696F6E5072696[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_mamenabled", "66616C7365");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.10.2.5", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2238345F30222C22697354657374223[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.10.4.0", "7B22537461747573223A22737563636565646564222C2244617461223A7B2263757272656E7444617465223A223230313331313031222C22696E74657276616C223A32343[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.11.4.2", "7B22537461747573223A22737563636565646564222C2244617461223A7B2263757272656E7444617465223A223230313331313038222C22696E74657276616C223A32343[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.4.3.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315F2D31222C2269735465737422[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.4.3.2", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315F2D31222C2269735465737422[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A223231355F2D31222C22697354657374[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.6.0.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A223231355F2D31222C22697354657374[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.8.0.4", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2235345F30222C22697354657374223A[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.9.0.4", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2238345F30222C22697354657374223A[...]
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_showclosebutton", "74727565");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_stamp", "38345F30");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_user_approval_interacted", "31");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_userid", "35386135356437632D363062662D346661342D396136302D346361373436653933336439");
Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_welcomedialogmode", "31");
Line Deleted : user_pref("CT3072253.backendstorage.pg_enable", "74727565");
Line Deleted : user_pref("CT3072253.backendstorage.searchappstate", "33");
Line Deleted : user_pref("CT3072253.backendstorage.searchapptracking", "73656E74");
Line Deleted : user_pref("CT3072253.backendstorage.sf_just_installed", "46414C5345");
Line Deleted : user_pref("CT3072253.backendstorage.sf_status", "454E41424C4544");
Line Deleted : user_pref("CT3072253.backendstorage.sf_user_id", "6369645F313437323031333138353331313831303636");
Line Deleted : user_pref("CT3072253.backendstorage.url_history0001", "687474703A2F2F7777772E626C616E636865706F7274652E637A2F6E6F76696E6B792D762D6279746F76656D2D74657874696C753A3A3A636C69636B68616E646C65723A3A3A31333[...]
Line Deleted : user_pref("CT3072253.cb_experience_000.from_oldbar.enc", "Mw==");
Line Deleted : user_pref("CT3072253.cb_firstuse0100.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT3072253.cb_user_id_000.from_oldbar.enc", "Q0IyMTcwODIyNzA4OV9GaXJlZm94");
Line Deleted : user_pref("CT3072253.cbcountry_000.from_oldbar.enc", "Q1o=");
Line Deleted : user_pref("CT3072253.cbcountry_001.from_oldbar.enc", "Q1o=");
Line Deleted : user_pref("CT3072253.cbfirsttime", "%D9%E7%FA%A6%D3%E7%FF%A6%B8%BC%A6%B8%B6%B7%B8%A6%B7%B8%C0%BB%B8%C0%B7%B6%A6%CD%D3%DA%B1%B6%B8%B6%B6");
Line Deleted : user_pref("CT3072253.cbfirsttime.enc", "U2F0IE1heSAyNiAyMDEyIDEyOjUyOjEwIEdNVCswMjAw");
Line Deleted : user_pref("CT3072253.cbopenmamsettings.from_oldbar.enc", "MA==");
Line Deleted : user_pref("CT3072253.components.129593762370823811", false);
Line Deleted : user_pref("CT3072253.countryCode", "CZ");
Line Deleted : user_pref("CT3072253.embeddedsData", "[{\"appId\":\"129571859753931591\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3072253.facebook_mode.from_oldbar.enc", "Mg==");
Line Deleted : user_pref("CT3072253.facebook_user_locale.from_oldbar.enc", "ZW4=");
Line Deleted : user_pref("CT3072253.firstTimeDialogOpened", true);
Line Deleted : user_pref("CT3072253.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT3072253.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3072253.fullUserID", "UN14591064956111832.UP.2116");
Line Deleted : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Fri Nov 01 2013 07:58:37 GMT+0100");
Line Deleted : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3072253.initDone", true);
Line Deleted : user_pref("CT3072253.installId", "fft1E.tmp.exe");
Line Deleted : user_pref("CT3072253.installType", "XPE");
Line Deleted : user_pref("CT3072253.isAppTrackingManagerOn", false);
Line Deleted : user_pref("CT3072253.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3072253.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3072253.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT3072253.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3072253.keyword", true);
Line Deleted : user_pref("CT3072253.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3072253&octid=CT3072253&SearchSource=15&CUI=UN14591064956111832&SSPV=&Lay=1&UM=ff\"}");
Line Deleted : user_pref("CT3072253.lastVersion", "10.20.101.5");
Line Deleted : user_pref("CT3072253.mam_gk_appStateReportTime", "%B7%B9%BE%BC%B7%BA%BC%BF%BE%B6%BF%BA%B7");
Line Deleted : user_pref("CT3072253.mam_gk_appStateReportTime.enc", "MTM4NjE0Njk4MDk0MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_appState_Clarity_Active", "%F5%F4");
Line Deleted : user_pref("CT3072253.mam_gk_appState_Clarity_Active.enc", "b24=");
Line Deleted : user_pref("CT3072253.mam_gk_appState_CouponBuddy", "%F5%F4");
Line Deleted : user_pref("CT3072253.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Deleted : user_pref("CT3072253.mam_gk_appState_PriceGong", "%F5%F4");
Line Deleted : user_pref("CT3072253.mam_gk_appState_PriceGong.enc", "b24=");
Line Deleted : user_pref("CT3072253.mam_gk_appsConfig.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJDbGFyaXR5X0FjdGl2ZSIsInVybCI6Imh0dHA6Ly9zdG9yYWdlLmNvbmR1aXQuY29tL21hbS8zcmRwYXJ0eWFwcHMvY2xhcml0eVJheS9jcl9hY3Rpdm[...]
Line Deleted : user_pref("CT3072253.mam_gk_appsDefaultEnabled", "%F4%FB%F2%F2");
Line Deleted : user_pref("CT3072253.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Deleted : user_pref("CT3072253.mam_gk_appsdefaultenabled.from_oldbar.enc", "bnVsbA==");
Line Deleted : user_pref("CT3072253.mam_gk_calledSetupService", "%B7");
Line Deleted : user_pref("CT3072253.mam_gk_calledSetupService.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_currentVersion", "%B7%B4%B7%B7%B4%BB%B4%B7");
Line Deleted : user_pref("CT3072253.mam_gk_currentVersion.enc", "MS4xMS41LjE=");
Line Deleted : user_pref("CT3072253.mam_gk_currentversion.from_oldbar.enc", "MS4xMS40LjI=");
Line Deleted : user_pref("CT3072253.mam_gk_eventscache.from_oldbar.enc", "eyI2OGFiNzdmMS0xOGJjLTQzZTMtYmQyYy00MTBmZDE0YTQ4YzMiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlvbiI6IlZpZXcif[...]
Line Deleted : user_pref("CT3072253.mam_gk_existingUsersRecoveryDone", "%B7");
Line Deleted : user_pref("CT3072253.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_first_time", "%B7");
Line Deleted : user_pref("CT3072253.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_gadgetopen.from_oldbar.enc", "MA==");
Line Deleted : user_pref("CT3072253.mam_gk_globalKeysMigratedToLocalStorage", "%B7");
Line Deleted : user_pref("CT3072253.mam_gk_globalKeysMigratedToLocalStorage.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_lastLoginTime", "%B7%B9%BE%BC%B7%BA%BC%BF%BE%B7%BD%B6%BD");
Line Deleted : user_pref("CT3072253.mam_gk_lastLoginTime.enc", "MTM4NjE0Njk4MTcwNw==");
Line Deleted : user_pref("CT3072253.mam_gk_localization.enc", "eyJkaWFsb2dPSyI6eyJUZXh0IjoiT0sifSwiZG1ib3gxIjp7IlRleHQiOiJEZWFsXHJcbm9mIHRoZSBkYXkifSwiZG1ib3gyIjp7IlRleHQiOiJGcmVlXHJcblNoaXBtZW50In0sImRtYnVsbGV0MSI6[...]
Line Deleted : user_pref("CT3072253.mam_gk_mamEnabled", "%EC%E7%F2%F9%EB");
Line Deleted : user_pref("CT3072253.mam_gk_mamEnabled.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3072253.mam_gk_pgUnloadedOnce", "%FA%F8%FB%EB");
Line Deleted : user_pref("CT3072253.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3072253.mam_gk_settings1.11.4.2", "%u0101%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0%u0101%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%FA%EB%A8%C0%A8%B8%B6%B7%B[...]
Line Deleted : user_pref("CT3072253.mam_gk_settings1.11.4.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzExMjYiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6Ijg0XzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5[...]
Line Deleted : user_pref("CT3072253.mam_gk_settings1.11.5.1", "%u0101%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0%u0101%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%FA%EB%A8%C0%A8%B8%B6%B7%B[...]
Line Deleted : user_pref("CT3072253.mam_gk_settings1.11.5.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzEyMDQiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6Ijg0XzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5[...]
Line Deleted : user_pref("CT3072253.mam_gk_showWelcomeGadget", "%EC%E7%F2%F9%EB");
Line Deleted : user_pref("CT3072253.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3072253.mam_gk_showclosebutton.from_oldbar.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3072253.mam_gk_showwelcomegadget.from_oldbar.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3072253.mam_gk_stamp", "%BE%BA%E5%B6");
Line Deleted : user_pref("CT3072253.mam_gk_stamp.enc", "ODRfMA==");
Line Deleted : user_pref("CT3072253.mam_gk_userId", "%BB%BE%E7%BB%BB%EA%BD%E9%B3%BC%B6%E8%EC%B3%BA%EC%E7%BA%B3%BF%E7%BC%B6%B3%BA%E9%E7%BD%BA%BC%EB%BF%B9%B9%EA%BF");
Line Deleted : user_pref("CT3072253.mam_gk_userId.enc", "NThhNTVkN2MtNjBiZi00ZmE0LTlhNjAtNGNhNzQ2ZTkzM2Q5");
Line Deleted : user_pref("CT3072253.mam_gk_user_approval_interacted", "%B7");
Line Deleted : user_pref("CT3072253.mam_gk_user_approval_interacted.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_user_approval_interacted.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_welcomeDialogMode", "%B7");
Line Deleted : user_pref("CT3072253.mam_gk_welcomeDialogMode.enc", "MQ==");
Line Deleted : user_pref("CT3072253.mam_gk_welcomedialogmode.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT3072253.myStuffEnabled", true);
Line Deleted : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT3072253.navigateToUrlOnSearch", false);
Line Deleted : user_pref("CT3072253.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.marykayintouch.cz%2FLogin%2FLogin.aspx\",\"EB_MAIN_FRAME_TITLE\":\"%0A%09Mary%20Kay%20In[...]
Line Deleted : user_pref("CT3072253.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.oldAppsList", "129295695672325902,129571859753931591,111,129593762370823811,129805375651312503,129749445881800338,1359634299000,130067979083742856,1000080,1000515,1000,1001,1002,1[...]
Line Deleted : user_pref("CT3072253.originalHomepage", "hxxp://www.centrum.cz/?utm_source=ch-browser&utm_medium=ff");
Line Deleted : user_pref("CT3072253.originalSearchAddressUrl", "data:text/plain,keyword.URL=hxxp://search.centrum.cz/?channel_id=custom-browser,ff,invalid-dns&q=");
Line Deleted : user_pref("CT3072253.originalSearchEngine", "Google");
Line Deleted : user_pref("CT3072253.pg_enable.from_oldbar.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3072253.price-gong.isManagedApp", "true");
Line Deleted : user_pref("CT3072253.revertSettingsEnabled", true);
Line Deleted : user_pref("CT3072253.search.searchAppId", "129571859753931591");
Line Deleted : user_pref("CT3072253.search.searchCount", 2);
Line Deleted : user_pref("CT3072253.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT3072253.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3072253.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3072253.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT3072253.searchUserMode", "ff");
Line Deleted : user_pref("CT3072253.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3072253\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControl2.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl2 \"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_services_Configuration_lastUpdate", "1386146975270");
Line Deleted : user_pref("CT3072253.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1385915248583");
Line Deleted : user_pref("CT3072253.serviceLayer_services_appsMetadata_lastUpdate", "1386146972393");
Line Deleted : user_pref("CT3072253.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1385320119533");
Line Deleted : user_pref("CT3072253.serviceLayer_services_login_10.20.101.5_lastUpdate", "1386146969361");
Line Deleted : user_pref("CT3072253.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1385320119788");
Line Deleted : user_pref("CT3072253.serviceLayer_services_searchAPI_lastUpdate", "1386146975073");
Line Deleted : user_pref("CT3072253.serviceLayer_services_serviceMap_lastUpdate", "1386146972327");
Line Deleted : user_pref("CT3072253.serviceLayer_services_toolbarContextMenu_lastUpdate", "1386146970643");
Line Deleted : user_pref("CT3072253.serviceLayer_services_toolbarSettings_lastUpdate", "1386146970897");
Line Deleted : user_pref("CT3072253.serviceLayer_services_translation_lastUpdate", "1386146970548");
Line Deleted : user_pref("CT3072253.settingsINI", true);
Line Deleted : user_pref("CT3072253.sf_status.from_oldbar.enc", "RU5BQkxFRA==");
Line Deleted : user_pref("CT3072253.showToolbarPermission", "false");
Line Deleted : user_pref("CT3072253.smartbar.CTID", "CT3072253");
Line Deleted : user_pref("CT3072253.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3072253.smartbar.toolbarName", "uTorrentControl2 ");
Line Deleted : user_pref("CT3072253.testingCtid", "");
Line Deleted : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Fri Nov 08 2013 15:00:03 GMT+0100");
Line Deleted : user_pref("CT3072253.toolbarBornServerTime", "26-5-2012");
Line Deleted : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Fri Nov 08 2013 15:00:03 GMT+0100");
Line Deleted : user_pref("CT3072253.toolbarCurrentServerTime", "4-12-2013");
Line Deleted : user_pref("CT3072253.toolbarLoginClientTime", "Sun Nov 10 2013 12:28:09 GMT+0100");
Line Deleted : user_pref("CT3072253.upgradeFromOBVersion", true);
Line Deleted : user_pref("CT3072253.url_history0001", "%EE%FA%FA%F6%C0%B5%B5%FD%FD%FD%B4%F3%E7%F8%FF%F1%E7%FF%EF%F4%FA%F5%FB%E9%EE%B4%E9%u0100%B5%C0%C0%C0%E9%F2%EF%E9%F1%EE%E7%F4%EA%F2%EB%F8%C0%C0%C0%B7%B9%BE%BC%B7%[...]
Line Deleted : user_pref("CT3072253.url_history0001.enc", "aHR0cDovL3d3dy5tYXJ5a2F5aW50b3VjaC5jei86OjpjbGlja2hhbmRsZXI6OjoxMzg2MTQ3MjI3MzU3LCwsamF2YXNjcmlwdDpXZWJGb3JtX0RvUG9zdEJhY2tXaXRoT3B0aW9ucyhuZXclMjBXZWJGb3Jt[...]
Line Deleted : user_pref("CT3072253.usagesFlag", 2);
Line Deleted : user_pref("CT3072253_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386146949224,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253", "\"dee956085d02ea0c080e2fd6614cf66e3\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", "\"1362324308\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "G9mW7heT/8xIX1frcduu0A==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en&ctid=CT3072253", "GNmdGrr6syWWiO5HPrW6Kg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en&ctid=CT3072253", "inm6N6Ad2DrQKGUsOGzkLg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "k9un27OkAvkwB2ZmvXxTnA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en&ctid=CT3072253", "6nU8AIjBECdJeC23UVuipQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "4BgM4MhF/sOgPsDNmIs3Yw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en&ctid=CT3072253", "Y3Dtc1pIAMMkuUpvgoTeaw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"380ff24abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.8", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"23c5489aa686ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"9f8d2729abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253", "\"07766f5592f76b152ec9246ce6a0b574\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"968402cf2834e7ec0f38a19f0e9a9eb0\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Mila Sopouskova\\Data aplikací\\Mozilla\\Firefox\\Profiles\\okn5ga4p.default\\conduitCommon\\modules\\3.20.0.4");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.20.0.4");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "data:text/plain,keyword.URL=hxxp://search.centrum.cz/?channel_id=custom-browser,ff,invalid-dns&q=");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "bffa0e8e-6bac-41c0-a69a-703e781a0119");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Nov 06 2013 11:52:50 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Nov 08 2013 15:00:10 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Nov 08 2013 14:59:59 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "20e4785b-9a5f-4d31-a2dc-1cf2c89a03d8");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.centrum.cz/?utm_source=ch-browser&utm_medium=ff");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "data:text/plain,keyword.URL=hxxp://search.centrum.cz/?channel_id=custom-browser,ff,invalid-dns&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3072253");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&CUI=UN14591064956111832&UM=ff&q=");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3072253");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&CU[...]
Line Deleted : user_pref("smartbar.machineId", "UNGLLBJKYQKLFXHWG0I1LYVQ88LOCZOFXUWOCWOFOOCD3XCWSMZKXZCGLZP/RWEJMUZ2ZOVFFWQZVNWP7KZWMA");
[ File : C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\pwhdinor.default\prefs.js ]
-\\ Google Chrome v31.0.1650.63
[ File : C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword
Deleted : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [53108 octets] - [06/12/2013 17:34:29]
AdwCleaner[S0].txt - [53884 octets] - [06/12/2013 17:37:24]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [53945 octets] ##########
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.12.06.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Ondra :: ACER-F8C2D844E9 [administrátor]
6.12.2013 18:03:10
MBAM-log-2013-12-09 (20-07-03).txt
Typ: Kompletní kontrola (C:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 360959
Uplynulý čas: 2 dnů, 2 hodin, 10 minut, 23 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SOFTWARE\Bifrost (Bifrose.Trace) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 3
C:\WINDOWS\system32\Bifrost (Backdoor.Bifrose) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 28
C:\Documents and Settings\Ondra\Dokumenty\Downloads\IcyTower.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Dokumenty\Downloads\farmfrenzy_d505662.exe (PUP.Optional.InstallIQ.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Dokumenty\Downloads\YTDSetup (1).exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Dokumenty\Downloads\YTDSetup.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\chLogic.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\ctbe.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\statisticsStub.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\chLogic.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\ctbe.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\statisticsStub.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temporary Internet Files\Content.IE5\A5REUJAQ\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temporary Internet Files\Content.IE5\B1PF0P26\Icy_Tower[1].exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temporary Internet Files\Content.IE5\B1PF0P26\Free_Lunch_Design_TB_wpf[1].exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temporary Internet Files\Content.IE5\B1PF0P26\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Mila Sopouskova\Data aplikací\addons.dat (Bifrose.Trace) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\system32\Bifrost\logg.dat (Backdoor.Bifrose) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\chromeid.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\CT2670199.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\ddt.csf (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\initData.json (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\manifest.json (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2670199\setup.ini.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\chromeid.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\CT2928751.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\ddt.csf (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\initData.json (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\manifest.json (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Ondra\Local Settings\Temp\CT2928751\setup.ini.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
(konec)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Ondra on p 06.12.2013 at 17:16:40,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\utorrentcontrol2
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3072253
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
~~~ Files
Successfully deleted: [File] C:\WINDOWS\Tasks\rmschedule.job
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\Documents and Settings\Ondra\Data aplikacˇ\babylontoolbar"
Successfully deleted: [Folder] "C:\Documents and Settings\Ondra\Data aplikacˇ\opencandy"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [Folder] C:\Documents and Settings\Ondra\Data aplikacˇ\mozilla\firefox\profiles\pwhdinor.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 06.12.2013 at 17:29:08,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosím o kontrolu logu
Poprosim o log z FRSTLauncheru http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
black_wither
- Návštěvník
- Příspěvky: 42
- Registrován: 13 srp 2013 11:18
Re: Prosím o kontrolu logu
Je normální ze FRST trvalo extrémně dlouho vytvořit log? A co mám udělat z nálezy z MBAMu?
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-12-2013
Ran by Ondra (administrator) on ACER-F8C2D844E9 on 10-12-2013 17:13:06
Running from C:\Documents and Settings\Ondra\Plocha
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\PersistenceThread.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(Overwolf) C:\Program Files\Overwolf\Overwolf.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [817672 2009-02-20] (Dritek System Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [PersistenceThread] - C:\WINDOWS\system32\PersistenceThread.exe [92696 2009-05-01] (Intel Corporation)
HKLM\...\Run: [AzMixerSel] - C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe [53248 2006-07-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [IMJPMIG8.1] - C:\WINDOWS\ime\imjp8_1\imjpmig.exe [208952 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] - C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE [59392 2008-04-14] ()
HKLM\...\Run: [PHIME2002ASync] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1434920 2009-02-27] (Synaptics Incorporated)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [ExpressFiles] - "C:\Program Files\ExpressFiles\ExpressFiles.exe" -tray
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
Winlogon\Notify\igdlogin: C:\Windows\system32\igdlogin.dll ()
HKCU\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [135168 2009-04-15] (Acer)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [116648 2012-09-23] (Google Inc.)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKCU\...\Run: [Overwolf] - C:\Program Files\Overwolf\Overwolf.exe [35256 2013-11-11] (Overwolf)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin [829832 2013-10-13] (Adobe Systems Incorporated)
HKU\Default User\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2009-04-15] (Acer)
HKU\Default User\...\RunOnce: [ScrSav] - C:\WINDOWS\Screensavers\Acer\run_Acer.exe [ 2009-03-16] (TODO: <Company name>)
HKU\Mila Sopouskova\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2009-04-15] (Acer)
HKU\Mila Sopouskova\...\Run: [EPSON SX218 Series] - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGDE.EXE /FU "C:\WINDOWS\TEMP\E_S4B.tmp" /EF "HKCU"
HKU\Mila Sopouskova\...\Run: [Facebook Update] - C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [ 2012-07-16] (Facebook Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Documents and Settings\Mila Sopouskova\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\Ondra\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daum.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w48l15641
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w48l15641
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w48l15641
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {354B0DC0-B196-40EE-B9BB-3F7862D7DE4D} URL = http://search.daum.net/cgi-bin/nsp/sear ... earchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\pwhdinor.default
FF DefaultSearchEngine: Centrum.cz classic
FF DefaultSearchEngine: Centrum.cz classic
FF SelectedSearchEngine: Centrum.cz classic
FF Homepage: hxxp://www.centrum.cz/?utm_source=ch-toolbar&u ... paign=home
FF Keyword.URL: hxxp://search.centrum.cz/?charset=UTF-8&channel_id=ch-toolbar-ff,ch-toolbar-ff-searchbox,tb-classic&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&utm_campaign=classic&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Centrum doménový pomocník - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\pwhdinor.default\Extensions\centrumpomocnik@centrum.cz
FF Extension: Lišta Centrum.cz - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\pwhdinor.default\Extensions\toolbar@centrumholdings.com
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchKeyword: search.conduit.com
CHR DefaultSearchProvider: Conduit
CHR DefaultSearchURL: http://search.conduit.com/Results.aspx? ... spv=TB_TH2
CHR DefaultSuggestURL: http://suggest.search.conduit.com/CSugg ... B_TH2&UM=1
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Angry Birds Seasons) - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\adkdbmomhdhkgdocinjlnacgjnmgdbpj\1.1_0
CHR Extension: (YouTube) - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Facebook) - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0
CHR Extension: (SmallringFX DarkOrange Theme) - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\kjnlgbpnlangffmpnapcfdihmhhfnomg\1.7_0
CHR Extension: (Chrome In-App Payments service) - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Doodle Jump) - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nojaabckpfdijgbnlhdlhjheiappijbp\2.3.1_0
========================== Services (Whitelisted) =================
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2013-08-22] (Overwolf Ltd)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [237568 2009-02-05] (Acer Incorporated)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
==================== Drivers (Whitelisted) ====================
S4 abp480n5; C:\Windows\system32\DRIVERS\ABP480N5.SYS [23552 2008-04-14] (Microsoft Corporation)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [18544 2012-08-21] (AVAST Software)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [1952512 2009-02-20] (Broadcom Corporation)
S3 btaudio; C:\Windows\System32\drivers\btaudio.sys [533024 2009-06-19] (Broadcom Corporation.)
R3 BTDriver; C:\Windows\System32\DRIVERS\btport.sys [37160 2008-02-05] (Broadcom Corporation.)
R3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [991136 2009-04-16] (Broadcom Corporation.)
S3 BTWDNDIS; C:\Windows\System32\DRIVERS\btwdndis.sys [156816 2008-07-25] (Broadcom Corporation.)
S3 btwmodem; C:\Windows\System32\DRIVERS\btwmodem.sys [37032 2008-02-05] (Broadcom Corporation.)
S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [45984 2009-06-19] (Broadcom Corporation.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 igd; C:\Windows\System32\DRIVERS\igxpmp32.sys [5096544 2009-04-28] (Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-12-06] (Malwarebytes Corporation)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-05-22] ()
U3 aw5xk9nl; C:\Windows\System32\Drivers\aw5xk9nl.sys [0 ] (Microsoft Corporation)
S3 EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-10 17:13 - 2013-12-10 17:24 - 00019092 _____ C:\Documents and Settings\Ondra\Plocha\FRST.txt
2013-12-10 17:10 - 2013-12-10 17:10 - 00000000 ____D C:\FRST
2013-12-10 17:08 - 2013-12-10 17:09 - 01060641 _____ (Farbar) C:\Documents and Settings\Ondra\Plocha\FRST.exe
2013-12-06 18:00 - 2013-12-06 18:02 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-12-06 18:00 - 2013-12-06 18:00 - 00000788 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-12-06 18:00 - 2013-12-06 18:00 - 00000000 ____D C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes
2013-12-06 18:00 - 2013-12-06 18:00 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2013-12-06 18:00 - 2013-12-06 18:00 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-12-06 17:59 - 2013-12-06 18:00 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-06 17:59 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-06 17:34 - 2013-12-06 17:40 - 00000000 ____D C:\AdwCleaner
2013-12-06 17:33 - 2013-12-06 17:33 - 01110034 _____ C:\Documents and Settings\Ondra\Plocha\adwcleaner.exe
2013-12-06 17:31 - 2013-12-06 17:31 - 00004332 _____ C:\Documents and Settings\Ondra\Plocha\JRT.txt
2013-12-06 17:16 - 2013-12-06 17:16 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-06 17:12 - 2013-12-06 17:13 - 01034531 _____ (Thisisu) C:\Documents and Settings\Ondra\Plocha\JRT.exe
2013-12-06 14:56 - 2013-12-06 14:57 - 00000000 ____D C:\rsit
2013-12-06 14:56 - 2013-12-06 14:57 - 00000000 ____D C:\Program Files\trend micro
2013-12-06 14:55 - 2013-12-06 14:56 - 00781383 _____ C:\Documents and Settings\Ondra\Plocha\RSIT.exe
2013-12-06 14:27 - 2013-12-06 14:27 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-12-06 14:26 - 2013-12-06 14:27 - 00000000 ____D C:\Program Files\Common Files\Overwolf
2013-11-20 09:38 - 2013-12-06 17:52 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-18 16:53 - 2013-11-18 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-18 16:51 - 2013-11-18 16:51 - 00013870 _____ C:\WINDOWS\KB2900986.log
2013-11-18 16:51 - 2013-11-18 16:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-18 16:49 - 2013-11-18 16:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-18 16:49 - 2013-11-18 16:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-18 16:47 - 2013-11-18 16:49 - 00012173 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-18 15:19 - 2013-11-18 16:54 - 00020185 _____ C:\WINDOWS\KB2868626.log
2013-11-18 15:16 - 2013-11-18 16:49 - 00014718 _____ C:\WINDOWS\KB2862152.log
2013-11-18 15:13 - 2013-11-18 16:49 - 00013909 _____ C:\WINDOWS\KB2876331.log
2013-11-17 15:12 - 2013-11-18 15:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-15 18:26 - 2013-11-15 18:26 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Overwolf
==================== One Month Modified Files and Folders =======
2013-12-10 18:24 - 2012-02-08 06:54 - 00000466 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{9C6452F8-6F82-4E43-9676-8EAC8B6277A0}.job
2013-12-10 18:14 - 2012-02-08 08:09 - 00001026 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1007UA.job
2013-12-10 17:55 - 2012-11-15 15:09 - 00001026 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1008UA.job
2013-12-10 17:55 - 2012-11-15 15:09 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1008Core.job
2013-12-10 17:44 - 2012-08-28 14:47 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-10 17:41 - 2011-12-23 16:43 - 00001086 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1005UA.job
2013-12-10 17:37 - 2010-04-30 12:04 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-10 17:24 - 2013-12-10 17:13 - 00019092 _____ C:\Documents and Settings\Ondra\Plocha\FRST.txt
2013-12-10 17:16 - 2009-07-29 23:09 - 01478859 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-10 17:13 - 2012-05-26 16:26 - 00000000 ____D C:\Documents and Settings\Ondra\Plocha
2013-12-10 17:11 - 2012-06-28 14:58 - 00000000 ____D C:\Documents and Settings\Ondra\Dokumenty\Stažené soubory
2013-12-10 17:10 - 2013-12-10 17:10 - 00000000 ____D C:\FRST
2013-12-10 17:09 - 2013-12-10 17:08 - 01060641 _____ (Farbar) C:\Documents and Settings\Ondra\Plocha\FRST.exe
2013-12-10 15:20 - 2010-04-28 23:04 - 00000178 ___SH C:\Documents and Settings\Mila Sopouskova\ntuser.ini
2013-12-10 08:14 - 2012-02-08 08:09 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1007Core.job
2013-12-10 08:14 - 2009-07-29 23:15 - 00032482 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-09 20:04 - 2009-07-30 01:04 - 00000211 _____ C:\WINDOWS\wiadebug.log
2013-12-06 18:02 - 2013-12-06 18:00 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-12-06 18:00 - 2013-12-06 18:00 - 00000788 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-12-06 18:00 - 2013-12-06 18:00 - 00000000 ____D C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes
2013-12-06 18:00 - 2013-12-06 18:00 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2013-12-06 18:00 - 2013-12-06 18:00 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-12-06 18:00 - 2013-12-06 17:59 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-06 18:00 - 2012-05-26 16:26 - 00000000 __RHD C:\Documents and Settings\Ondra\Data aplikací
2013-12-06 18:00 - 2009-07-30 01:01 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-12-06 18:00 - 2009-07-30 01:00 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-12-06 18:00 - 2009-07-30 01:00 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-12-06 17:52 - 2013-11-20 09:38 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-12-06 17:46 - 2009-07-30 01:01 - 01196612 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-06 17:44 - 2013-09-25 17:04 - 00000000 ____D C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Overwolf
2013-12-06 17:42 - 2013-07-15 18:06 - 00000272 _____ C:\WINDOWS\Tasks\RMAutoUpdate.job
2013-12-06 17:42 - 2012-02-17 18:20 - 00000290 _____ C:\WINDOWS\Tasks\Express Files Updater.job
2013-12-06 17:42 - 2010-04-30 12:04 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-06 17:42 - 2009-07-30 01:04 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-12-06 17:42 - 2009-07-29 23:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-06 17:41 - 2013-10-23 12:11 - 00198856 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2013-12-06 17:41 - 2012-05-26 16:26 - 00000178 ___SH C:\Documents and Settings\Ondra\ntuser.ini
2013-12-06 17:41 - 2009-07-29 23:15 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2013-12-06 17:40 - 2013-12-06 17:34 - 00000000 ____D C:\AdwCleaner
2013-12-06 17:37 - 2012-05-26 16:26 - 00000000 ___HD C:\Documents and Settings\Ondra\Local Settings\Data aplikací
2013-12-06 17:37 - 2010-04-28 23:04 - 00000000 __RHD C:\Documents and Settings\Mila Sopouskova\Data aplikací
2013-12-06 17:37 - 2010-04-28 23:04 - 00000000 ___HD C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací
2013-12-06 17:33 - 2013-12-06 17:33 - 01110034 _____ C:\Documents and Settings\Ondra\Plocha\adwcleaner.exe
2013-12-06 17:31 - 2013-12-06 17:31 - 00004332 _____ C:\Documents and Settings\Ondra\Plocha\JRT.txt
2013-12-06 17:20 - 2012-05-26 16:26 - 00000000 ___RD C:\Documents and Settings\Ondra\Dokumenty
2013-12-06 17:16 - 2013-12-06 17:16 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-06 17:13 - 2013-12-06 17:12 - 01034531 _____ (Thisisu) C:\Documents and Settings\Ondra\Plocha\JRT.exe
2013-12-06 14:57 - 2013-12-06 14:56 - 00000000 ____D C:\rsit
2013-12-06 14:57 - 2013-12-06 14:56 - 00000000 ____D C:\Program Files\trend micro
2013-12-06 14:56 - 2013-12-06 14:55 - 00781383 _____ C:\Documents and Settings\Ondra\Plocha\RSIT.exe
2013-12-06 14:41 - 2011-12-23 16:43 - 00001064 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1005Core.job
2013-12-06 14:28 - 2013-09-25 17:07 - 00000000 ____D C:\Program Files\Overwolf
2013-12-06 14:27 - 2013-12-06 14:27 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-12-06 14:27 - 2013-12-06 14:26 - 00000000 ____D C:\Program Files\Common Files\Overwolf
2013-12-05 16:51 - 2009-07-30 08:44 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-04 16:44 - 2012-08-28 08:39 - 00001817 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2013-12-03 17:15 - 2013-08-01 16:46 - 00000000 ____D C:\Program Files\ScreenshotCaptor
2013-11-20 09:27 - 2012-05-06 15:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-19 11:21 - 2013-08-13 15:15 - 00230048 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-18 16:54 - 2013-11-18 15:19 - 00020185 _____ C:\WINDOWS\KB2868626.log
2013-11-18 16:54 - 2010-04-28 23:11 - 00701011 _____ C:\WINDOWS\setupapi.log
2013-11-18 16:54 - 2009-07-30 01:01 - 01917277 _____ C:\WINDOWS\FaxSetup.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00919261 _____ C:\WINDOWS\ocgen.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00732655 _____ C:\WINDOWS\tsoc.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00642894 _____ C:\WINDOWS\comsetup.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00388071 _____ C:\WINDOWS\ntdtcsetup.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00301848 _____ C:\WINDOWS\iis6.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00119001 _____ C:\WINDOWS\ocmsn.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00095425 _____ C:\WINDOWS\msgsocm.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-18 16:54 - 2009-07-29 23:29 - 00158627 _____ C:\WINDOWS\updspapi.log
2013-11-18 16:53 - 2013-11-18 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-18 16:53 - 2009-07-30 01:57 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-11-18 16:51 - 2013-11-18 16:51 - 00013870 _____ C:\WINDOWS\KB2900986.log
2013-11-18 16:51 - 2013-11-18 16:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-18 16:51 - 2013-08-13 15:18 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-11-18 16:51 - 2009-07-30 01:01 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-18 16:50 - 2013-08-13 15:11 - 00001702 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
2013-11-18 16:50 - 2013-08-13 15:11 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-18 16:49 - 2013-11-18 16:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-18 16:49 - 2013-11-18 16:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-18 16:49 - 2013-11-18 16:47 - 00012173 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-18 16:49 - 2013-11-18 15:16 - 00014718 _____ C:\WINDOWS\KB2862152.log
2013-11-18 16:49 - 2013-11-18 15:13 - 00013909 _____ C:\WINDOWS\KB2876331.log
2013-11-18 15:29 - 2013-08-15 12:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-18 15:16 - 2013-11-17 15:12 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-18 15:12 - 2010-05-05 18:00 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-15 18:26 - 2013-11-15 18:26 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Overwolf
2013-11-15 18:25 - 2012-05-26 16:48 - 00000000 ____D C:\Documents and Settings\Ondra\Data aplikací\Mozilla
Files to move or delete:
====================
C:\Documents and Settings\Mila Sopouskova\jagex_runescape_preferences.dat
C:\Documents and Settings\Mila Sopouskova\jagex_runescape_preferences2.dat
C:\Documents and Settings\Mila Sopouskova\jagex__preferences3.dat
C:\Documents and Settings\Ondra\jagex_cl_runescape_LIVE.dat
Some content of TEMP:
====================
C:\Documents and Settings\Mila Sopouskova\Local Settings\Temp\jre-6u35-windows-i586-iftw.exe
C:\Documents and Settings\Mila Sopouskova\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Mila Sopouskova\Local Settings\Temp\tbuTo2.dll
C:\Documents and Settings\Mila Sopouskova\Local Settings\Temp\utt19.tmp.exe
C:\Documents and Settings\Ondra\Local Settings\Temp\jre-6u35-windows-i586-iftw.exe
C:\Documents and Settings\Ondra\Local Settings\Temp\jre-6u37-windows-i586-iftw.exe
C:\Documents and Settings\Ondra\Local Settings\Temp\PotPlayerSetup.exe
C:\Documents and Settings\Ondra\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Ondra\Local Settings\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2009-07-30 08:43] - [2008-04-14 13:00] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1
C:\Windows\System32\winlogon.exe
[2009-07-30 08:44] - [2008-04-14 13:00] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea
C:\Windows\System32\svchost.exe
[2009-07-30 08:44] - [2008-04-14 13:00] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93
C:\Windows\System32\services.exe
[2009-07-30 08:44] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7
C:\Windows\System32\User32.dll
[2009-07-30 08:44] - [2008-04-14 13:00] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53
C:\Windows\System32\userinit.exe
[2009-07-30 08:44] - [2008-04-14 13:00] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239
C:\Windows\System32\Drivers\volsnap.sys
[2009-07-30 08:44] - [2008-04-14 13:00] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-12-2013
Ran by Ondra (administrator) on ACER-F8C2D844E9 on 10-12-2013 17:13:06
Running from C:\Documents and Settings\Ondra\Plocha
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\PersistenceThread.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(Overwolf) C:\Program Files\Overwolf\Overwolf.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [817672 2009-02-20] (Dritek System Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [PersistenceThread] - C:\WINDOWS\system32\PersistenceThread.exe [92696 2009-05-01] (Intel Corporation)
HKLM\...\Run: [AzMixerSel] - C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe [53248 2006-07-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [IMJPMIG8.1] - C:\WINDOWS\ime\imjp8_1\imjpmig.exe [208952 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] - C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE [59392 2008-04-14] ()
HKLM\...\Run: [PHIME2002ASync] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1434920 2009-02-27] (Synaptics Incorporated)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [ExpressFiles] - "C:\Program Files\ExpressFiles\ExpressFiles.exe" -tray
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
Winlogon\Notify\igdlogin: C:\Windows\system32\igdlogin.dll ()
HKCU\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [135168 2009-04-15] (Acer)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [116648 2012-09-23] (Google Inc.)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKCU\...\Run: [Overwolf] - C:\Program Files\Overwolf\Overwolf.exe [35256 2013-11-11] (Overwolf)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin [829832 2013-10-13] (Adobe Systems Incorporated)
HKU\Default User\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2009-04-15] (Acer)
HKU\Default User\...\RunOnce: [ScrSav] - C:\WINDOWS\Screensavers\Acer\run_Acer.exe [ 2009-03-16] (TODO: <Company name>)
HKU\Mila Sopouskova\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2009-04-15] (Acer)
HKU\Mila Sopouskova\...\Run: [EPSON SX218 Series] - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGDE.EXE /FU "C:\WINDOWS\TEMP\E_S4B.tmp" /EF "HKCU"
HKU\Mila Sopouskova\...\Run: [Facebook Update] - C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [ 2012-07-16] (Facebook Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Documents and Settings\Mila Sopouskova\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\Ondra\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daum.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w48l15641
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w48l15641
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w48l15641
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {354B0DC0-B196-40EE-B9BB-3F7862D7DE4D} URL = http://search.daum.net/cgi-bin/nsp/sear ... earchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\pwhdinor.default
FF DefaultSearchEngine: Centrum.cz classic
FF DefaultSearchEngine: Centrum.cz classic
FF SelectedSearchEngine: Centrum.cz classic
FF Homepage: hxxp://www.centrum.cz/?utm_source=ch-toolbar&u ... paign=home
FF Keyword.URL: hxxp://search.centrum.cz/?charset=UTF-8&channel_id=ch-toolbar-ff,ch-toolbar-ff-searchbox,tb-classic&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&utm_campaign=classic&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Centrum doménový pomocník - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\pwhdinor.default\Extensions\centrumpomocnik@centrum.cz
FF Extension: Lišta Centrum.cz - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\pwhdinor.default\Extensions\toolbar@centrumholdings.com
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchKeyword: search.conduit.com
CHR DefaultSearchProvider: Conduit
CHR DefaultSearchURL: http://search.conduit.com/Results.aspx? ... spv=TB_TH2
CHR DefaultSuggestURL: http://suggest.search.conduit.com/CSugg ... B_TH2&UM=1
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Angry Birds Seasons) - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\adkdbmomhdhkgdocinjlnacgjnmgdbpj\1.1_0
CHR Extension: (YouTube) - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Facebook) - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0
CHR Extension: (SmallringFX DarkOrange Theme) - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\kjnlgbpnlangffmpnapcfdihmhhfnomg\1.7_0
CHR Extension: (Chrome In-App Payments service) - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Doodle Jump) - C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nojaabckpfdijgbnlhdlhjheiappijbp\2.3.1_0
========================== Services (Whitelisted) =================
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2013-08-22] (Overwolf Ltd)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [237568 2009-02-05] (Acer Incorporated)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
==================== Drivers (Whitelisted) ====================
S4 abp480n5; C:\Windows\system32\DRIVERS\ABP480N5.SYS [23552 2008-04-14] (Microsoft Corporation)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [18544 2012-08-21] (AVAST Software)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [1952512 2009-02-20] (Broadcom Corporation)
S3 btaudio; C:\Windows\System32\drivers\btaudio.sys [533024 2009-06-19] (Broadcom Corporation.)
R3 BTDriver; C:\Windows\System32\DRIVERS\btport.sys [37160 2008-02-05] (Broadcom Corporation.)
R3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [991136 2009-04-16] (Broadcom Corporation.)
S3 BTWDNDIS; C:\Windows\System32\DRIVERS\btwdndis.sys [156816 2008-07-25] (Broadcom Corporation.)
S3 btwmodem; C:\Windows\System32\DRIVERS\btwmodem.sys [37032 2008-02-05] (Broadcom Corporation.)
S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [45984 2009-06-19] (Broadcom Corporation.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 igd; C:\Windows\System32\DRIVERS\igxpmp32.sys [5096544 2009-04-28] (Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-12-06] (Malwarebytes Corporation)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-05-22] ()
U3 aw5xk9nl; C:\Windows\System32\Drivers\aw5xk9nl.sys [0 ] (Microsoft Corporation)
S3 EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-10 17:13 - 2013-12-10 17:24 - 00019092 _____ C:\Documents and Settings\Ondra\Plocha\FRST.txt
2013-12-10 17:10 - 2013-12-10 17:10 - 00000000 ____D C:\FRST
2013-12-10 17:08 - 2013-12-10 17:09 - 01060641 _____ (Farbar) C:\Documents and Settings\Ondra\Plocha\FRST.exe
2013-12-06 18:00 - 2013-12-06 18:02 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-12-06 18:00 - 2013-12-06 18:00 - 00000788 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-12-06 18:00 - 2013-12-06 18:00 - 00000000 ____D C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes
2013-12-06 18:00 - 2013-12-06 18:00 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2013-12-06 18:00 - 2013-12-06 18:00 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-12-06 17:59 - 2013-12-06 18:00 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-06 17:59 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-06 17:34 - 2013-12-06 17:40 - 00000000 ____D C:\AdwCleaner
2013-12-06 17:33 - 2013-12-06 17:33 - 01110034 _____ C:\Documents and Settings\Ondra\Plocha\adwcleaner.exe
2013-12-06 17:31 - 2013-12-06 17:31 - 00004332 _____ C:\Documents and Settings\Ondra\Plocha\JRT.txt
2013-12-06 17:16 - 2013-12-06 17:16 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-06 17:12 - 2013-12-06 17:13 - 01034531 _____ (Thisisu) C:\Documents and Settings\Ondra\Plocha\JRT.exe
2013-12-06 14:56 - 2013-12-06 14:57 - 00000000 ____D C:\rsit
2013-12-06 14:56 - 2013-12-06 14:57 - 00000000 ____D C:\Program Files\trend micro
2013-12-06 14:55 - 2013-12-06 14:56 - 00781383 _____ C:\Documents and Settings\Ondra\Plocha\RSIT.exe
2013-12-06 14:27 - 2013-12-06 14:27 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-12-06 14:26 - 2013-12-06 14:27 - 00000000 ____D C:\Program Files\Common Files\Overwolf
2013-11-20 09:38 - 2013-12-06 17:52 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-18 16:53 - 2013-11-18 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-18 16:51 - 2013-11-18 16:51 - 00013870 _____ C:\WINDOWS\KB2900986.log
2013-11-18 16:51 - 2013-11-18 16:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-18 16:49 - 2013-11-18 16:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-18 16:49 - 2013-11-18 16:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-18 16:47 - 2013-11-18 16:49 - 00012173 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-18 15:19 - 2013-11-18 16:54 - 00020185 _____ C:\WINDOWS\KB2868626.log
2013-11-18 15:16 - 2013-11-18 16:49 - 00014718 _____ C:\WINDOWS\KB2862152.log
2013-11-18 15:13 - 2013-11-18 16:49 - 00013909 _____ C:\WINDOWS\KB2876331.log
2013-11-17 15:12 - 2013-11-18 15:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-15 18:26 - 2013-11-15 18:26 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Overwolf
==================== One Month Modified Files and Folders =======
2013-12-10 18:24 - 2012-02-08 06:54 - 00000466 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{9C6452F8-6F82-4E43-9676-8EAC8B6277A0}.job
2013-12-10 18:14 - 2012-02-08 08:09 - 00001026 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1007UA.job
2013-12-10 17:55 - 2012-11-15 15:09 - 00001026 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1008UA.job
2013-12-10 17:55 - 2012-11-15 15:09 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1008Core.job
2013-12-10 17:44 - 2012-08-28 14:47 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-10 17:41 - 2011-12-23 16:43 - 00001086 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1005UA.job
2013-12-10 17:37 - 2010-04-30 12:04 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-10 17:24 - 2013-12-10 17:13 - 00019092 _____ C:\Documents and Settings\Ondra\Plocha\FRST.txt
2013-12-10 17:16 - 2009-07-29 23:09 - 01478859 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-10 17:13 - 2012-05-26 16:26 - 00000000 ____D C:\Documents and Settings\Ondra\Plocha
2013-12-10 17:11 - 2012-06-28 14:58 - 00000000 ____D C:\Documents and Settings\Ondra\Dokumenty\Stažené soubory
2013-12-10 17:10 - 2013-12-10 17:10 - 00000000 ____D C:\FRST
2013-12-10 17:09 - 2013-12-10 17:08 - 01060641 _____ (Farbar) C:\Documents and Settings\Ondra\Plocha\FRST.exe
2013-12-10 15:20 - 2010-04-28 23:04 - 00000178 ___SH C:\Documents and Settings\Mila Sopouskova\ntuser.ini
2013-12-10 08:14 - 2012-02-08 08:09 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1007Core.job
2013-12-10 08:14 - 2009-07-29 23:15 - 00032482 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-09 20:04 - 2009-07-30 01:04 - 00000211 _____ C:\WINDOWS\wiadebug.log
2013-12-06 18:02 - 2013-12-06 18:00 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-12-06 18:00 - 2013-12-06 18:00 - 00000788 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-12-06 18:00 - 2013-12-06 18:00 - 00000000 ____D C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes
2013-12-06 18:00 - 2013-12-06 18:00 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2013-12-06 18:00 - 2013-12-06 18:00 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-12-06 18:00 - 2013-12-06 17:59 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-06 18:00 - 2012-05-26 16:26 - 00000000 __RHD C:\Documents and Settings\Ondra\Data aplikací
2013-12-06 18:00 - 2009-07-30 01:01 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-12-06 18:00 - 2009-07-30 01:00 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-12-06 18:00 - 2009-07-30 01:00 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-12-06 17:52 - 2013-11-20 09:38 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-12-06 17:46 - 2009-07-30 01:01 - 01196612 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-06 17:44 - 2013-09-25 17:04 - 00000000 ____D C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Overwolf
2013-12-06 17:42 - 2013-07-15 18:06 - 00000272 _____ C:\WINDOWS\Tasks\RMAutoUpdate.job
2013-12-06 17:42 - 2012-02-17 18:20 - 00000290 _____ C:\WINDOWS\Tasks\Express Files Updater.job
2013-12-06 17:42 - 2010-04-30 12:04 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-06 17:42 - 2009-07-30 01:04 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-12-06 17:42 - 2009-07-29 23:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-06 17:41 - 2013-10-23 12:11 - 00198856 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2013-12-06 17:41 - 2012-05-26 16:26 - 00000178 ___SH C:\Documents and Settings\Ondra\ntuser.ini
2013-12-06 17:41 - 2009-07-29 23:15 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2013-12-06 17:40 - 2013-12-06 17:34 - 00000000 ____D C:\AdwCleaner
2013-12-06 17:37 - 2012-05-26 16:26 - 00000000 ___HD C:\Documents and Settings\Ondra\Local Settings\Data aplikací
2013-12-06 17:37 - 2010-04-28 23:04 - 00000000 __RHD C:\Documents and Settings\Mila Sopouskova\Data aplikací
2013-12-06 17:37 - 2010-04-28 23:04 - 00000000 ___HD C:\Documents and Settings\Mila Sopouskova\Local Settings\Data aplikací
2013-12-06 17:33 - 2013-12-06 17:33 - 01110034 _____ C:\Documents and Settings\Ondra\Plocha\adwcleaner.exe
2013-12-06 17:31 - 2013-12-06 17:31 - 00004332 _____ C:\Documents and Settings\Ondra\Plocha\JRT.txt
2013-12-06 17:20 - 2012-05-26 16:26 - 00000000 ___RD C:\Documents and Settings\Ondra\Dokumenty
2013-12-06 17:16 - 2013-12-06 17:16 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-06 17:13 - 2013-12-06 17:12 - 01034531 _____ (Thisisu) C:\Documents and Settings\Ondra\Plocha\JRT.exe
2013-12-06 14:57 - 2013-12-06 14:56 - 00000000 ____D C:\rsit
2013-12-06 14:57 - 2013-12-06 14:56 - 00000000 ____D C:\Program Files\trend micro
2013-12-06 14:56 - 2013-12-06 14:55 - 00781383 _____ C:\Documents and Settings\Ondra\Plocha\RSIT.exe
2013-12-06 14:41 - 2011-12-23 16:43 - 00001064 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3825283475-3410288154-3143571267-1005Core.job
2013-12-06 14:28 - 2013-09-25 17:07 - 00000000 ____D C:\Program Files\Overwolf
2013-12-06 14:27 - 2013-12-06 14:27 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-12-06 14:27 - 2013-12-06 14:26 - 00000000 ____D C:\Program Files\Common Files\Overwolf
2013-12-05 16:51 - 2009-07-30 08:44 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-04 16:44 - 2012-08-28 08:39 - 00001817 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2013-12-03 17:15 - 2013-08-01 16:46 - 00000000 ____D C:\Program Files\ScreenshotCaptor
2013-11-20 09:27 - 2012-05-06 15:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-19 11:21 - 2013-08-13 15:15 - 00230048 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-18 16:54 - 2013-11-18 15:19 - 00020185 _____ C:\WINDOWS\KB2868626.log
2013-11-18 16:54 - 2010-04-28 23:11 - 00701011 _____ C:\WINDOWS\setupapi.log
2013-11-18 16:54 - 2009-07-30 01:01 - 01917277 _____ C:\WINDOWS\FaxSetup.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00919261 _____ C:\WINDOWS\ocgen.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00732655 _____ C:\WINDOWS\tsoc.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00642894 _____ C:\WINDOWS\comsetup.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00388071 _____ C:\WINDOWS\ntdtcsetup.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00301848 _____ C:\WINDOWS\iis6.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00119001 _____ C:\WINDOWS\ocmsn.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00095425 _____ C:\WINDOWS\msgsocm.log
2013-11-18 16:54 - 2009-07-30 01:01 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-18 16:54 - 2009-07-29 23:29 - 00158627 _____ C:\WINDOWS\updspapi.log
2013-11-18 16:53 - 2013-11-18 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-18 16:53 - 2009-07-30 01:57 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-11-18 16:51 - 2013-11-18 16:51 - 00013870 _____ C:\WINDOWS\KB2900986.log
2013-11-18 16:51 - 2013-11-18 16:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-18 16:51 - 2013-08-13 15:18 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-11-18 16:51 - 2009-07-30 01:01 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-18 16:50 - 2013-08-13 15:11 - 00001702 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
2013-11-18 16:50 - 2013-08-13 15:11 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-18 16:49 - 2013-11-18 16:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-18 16:49 - 2013-11-18 16:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-18 16:49 - 2013-11-18 16:47 - 00012173 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-18 16:49 - 2013-11-18 15:16 - 00014718 _____ C:\WINDOWS\KB2862152.log
2013-11-18 16:49 - 2013-11-18 15:13 - 00013909 _____ C:\WINDOWS\KB2876331.log
2013-11-18 15:29 - 2013-08-15 12:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-18 15:16 - 2013-11-17 15:12 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-18 15:12 - 2010-05-05 18:00 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-15 18:26 - 2013-11-15 18:26 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Overwolf
2013-11-15 18:25 - 2012-05-26 16:48 - 00000000 ____D C:\Documents and Settings\Ondra\Data aplikací\Mozilla
Files to move or delete:
====================
C:\Documents and Settings\Mila Sopouskova\jagex_runescape_preferences.dat
C:\Documents and Settings\Mila Sopouskova\jagex_runescape_preferences2.dat
C:\Documents and Settings\Mila Sopouskova\jagex__preferences3.dat
C:\Documents and Settings\Ondra\jagex_cl_runescape_LIVE.dat
Some content of TEMP:
====================
C:\Documents and Settings\Mila Sopouskova\Local Settings\Temp\jre-6u35-windows-i586-iftw.exe
C:\Documents and Settings\Mila Sopouskova\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Mila Sopouskova\Local Settings\Temp\tbuTo2.dll
C:\Documents and Settings\Mila Sopouskova\Local Settings\Temp\utt19.tmp.exe
C:\Documents and Settings\Ondra\Local Settings\Temp\jre-6u35-windows-i586-iftw.exe
C:\Documents and Settings\Ondra\Local Settings\Temp\jre-6u37-windows-i586-iftw.exe
C:\Documents and Settings\Ondra\Local Settings\Temp\PotPlayerSetup.exe
C:\Documents and Settings\Ondra\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Ondra\Local Settings\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2009-07-30 08:43] - [2008-04-14 13:00] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1
C:\Windows\System32\winlogon.exe
[2009-07-30 08:44] - [2008-04-14 13:00] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea
C:\Windows\System32\svchost.exe
[2009-07-30 08:44] - [2008-04-14 13:00] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93
C:\Windows\System32\services.exe
[2009-07-30 08:44] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7
C:\Windows\System32\User32.dll
[2009-07-30 08:44] - [2008-04-14 13:00] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53
C:\Windows\System32\userinit.exe
[2009-07-30 08:44] - [2008-04-14 13:00] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239
C:\Windows\System32\Drivers\volsnap.sys
[2009-07-30 08:44] - [2008-04-14 13:00] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1
==================== End Of Log ============================
- Přílohy
-
- Log Addition.txt.rar
- (7.09 KiB) Staženo 21 x
Re: Prosím o kontrolu logu
Nalezy MBAMu smazat Postupoval jste dle navodu?? Jelikoz tam nikde nevidim, ze byste stahl FRSTLauncher, tak jak navod pise a pak ho samozrejme i nepouzil 
Ono my si ty navody nepiseme pro sebe a jen tak z nudy "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
black_wither
- Návštěvník
- Příspěvky: 42
- Registrován: 13 srp 2013 11:18
Re: Prosím o kontrolu logu
Prominte, jedna stránka ( http://vyosek.tym.cz/pro_usery/FRSTLauncher.exe ) nefungovala (teď už funguje) a tak jsem to nestáhl, omlouvám se.. Udělám to znova..
Re: Prosím o kontrolu logu
OK, pockam si na log...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
black_wither
- Návštěvník
- Příspěvky: 42
- Registrován: 13 srp 2013 11:18
Re: Prosím o kontrolu logu
Dá se zobrazováí smajlíků v odeslání odpovědi vypnout? (myslím to, jak mi to nabízí nějáký smajlíky..) Notebook to nezvládá a nemůžu najednou ani odpovědět 
Flashku nemám, ale půjčím si ji, tak prosím o strpení (ty logy už mám..)
E: dřív ty smajlíci nedělaly problém, PC je o hodně pomalejší
PS: Píšu z jiného PC..
Flashku nemám, ale půjčím si ji, tak prosím o strpení (ty logy už mám..)E: dřív ty smajlíci nedělaly problém, PC je o hodně pomalejší
PS: Píšu z jiného PC..
Re: Prosím o kontrolu logu
Divne ze se tak najednou zpomalil...No uvidime co ukaze log...Smajlici jsou dani nastaveni fora
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
black_wither
- Návštěvník
- Příspěvky: 42
- Registrován: 13 srp 2013 11:18
Re: Prosím o kontrolu logu
Nejde tam skoro ani pohnout myší, už se mi tam podařilo přiložit soubor, odeslat a ukázala se mi nějáká ''tabulka průběhu'' (nebo tak něco) a pak se mi restartla stránka .. Děkuji za trpělivost, logy budou za 4 dny..
.. Děkuji za trpělivost, logy budou za 4 dny..Re: Prosím o kontrolu logu
Zkuste jeste PC v nouzovem rezimu...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
black_wither
- Návštěvník
- Příspěvky: 42
- Registrován: 13 srp 2013 11:18
Re: Prosím o kontrolu logu
Zajímavé, PC jede podobně (o trochu rychleji) jako byl před tím, než jsem začal s kontrolou... Ale když otevřu internetový prohlížeč a vyjede mě tam jakákoliv hýbající se reklama či smajlíci, tak je extrémně pomalý.. Stejné je to jako s takovými stránkamy, kdy na něco najedu myší, a ono to ''něco'' udělá (např. najedu na kolonku e-shop a ono my tam pod to vyjede náramky , trička atd..) (dřív, když PC nebyl zavirovaný tak s tím nebyl problém) flashku jsem našel, tak tu ten log je teď..
E: Zapomněl jsem na toto: FRSTlauncher mi napsal 3x: Chyba: požadováný klíč registru nebyl nalezen (nebo nějak tak)
Potom se mi otevřel poznámkový blog ''bez názvu.txt'' a otevřelo se mi okýnko od poznámkového bloku: ''Přístup byl odepřen.'' Nechal jsem FRST dopracovat a vyplivlo mi to 2 logy.. Potom jsem našel na ploše nějakej soubor ''TMP'' a ještě log FRST3 (ten tam taky je )
E: Zapomněl jsem na toto: FRSTlauncher mi napsal 3x: Chyba: požadováný klíč registru nebyl nalezen (nebo nějak tak)
Potom se mi otevřel poznámkový blog ''bez názvu.txt'' a otevřelo se mi okýnko od poznámkového bloku: ''Přístup byl odepřen.'' Nechal jsem FRST dopracovat a vyplivlo mi to 2 logy.. Potom jsem našel na ploše nějakej soubor ''TMP'' a ještě log FRST3 (ten tam taky je
)- Přílohy
-
- logy.rar
- (15.94 KiB) Staženo 15 x
Re: Prosím o kontrolu logu
Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe
Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe
Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe - Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- Na plose vznikne log Rkill.txt ten mi sem vlozte
- Ted nerestartujte PC - prisli byste o ucinek RKillu
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
black_wither
- Návštěvník
- Příspěvky: 42
- Registrován: 13 srp 2013 11:18
Re: Prosím o kontrolu logu
ComboFixu jsem se obával, al mám to za sebou
Rkill 2.6.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/12/2013 02:31:13 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Reparse Point/Junctions Found (Most likely legitimate)!
* C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
* C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* HOSTS file entries found:
127.0.0.1 localhost
Program finished at: 12/12/2013 02:32:14 PM
Execution time: 0 hours(s), 1 minute(s), and 1 seconds(s)
ComboFix 13-12-12.01 - Ondra 12.12.2013 14:43:03.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.476 [GMT 1:00]
Spuštěný z: c:\documents and settings\Ondra\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Ondra\WINDOWS
c:\windows\EventSystem.log
c:\windows\Services.reg
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000023_.tmp.dll
c:\windows\system32\_000024_.tmp.dll
c:\windows\system32\_000025_.tmp.dll
c:\windows\system32\_000026_.tmp.dll
c:\windows\system32\frapsvid.dll
c:\windows\system32\SET11E.tmp
c:\windows\system32\SET183.tmp
c:\windows\system32\SET18C.tmp
c:\windows\system32\SET199.tmp
c:\windows\system32\SET1BF.tmp
c:\windows\system32\SET1D8.tmp
c:\windows\system32\SET200.tmp
c:\windows\system32\SET206.tmp
c:\windows\system32\SET228.tmp
c:\windows\system32\SET229.tmp
c:\windows\system32\SET22A.tmp
c:\windows\system32\SET22B.tmp
c:\windows\system32\SET23B.tmp
c:\windows\system32\SET96.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-12 do 2013-12-12 )))))))))))))))))))))))))))))))
.
.
2013-12-12 13:30 . 2013-11-08 01:15 7772552 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{54728885-D0CC-46D5-933A-9A45F2B5CBF0}\mpengine.dll
2013-12-11 16:32 . 2013-12-11 16:35 -------- d-----w- c:\program files\Common Files\Overwolf
2013-12-11 16:32 . 2013-12-11 16:32 -------- d-----w- c:\program files\Common Files\Skype
2013-12-10 16:10 . 2013-12-10 20:25 -------- d-----w- C:\FRST
2013-12-08 16:54 . 2013-11-08 01:15 7772552 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-06 17:00 . 2013-12-06 17:02 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-12-06 17:00 . 2013-12-06 17:00 -------- d-----w- c:\documents and settings\Ondra\Data aplikací\Malwarebytes
2013-12-06 17:00 . 2013-12-06 17:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-12-06 16:59 . 2013-12-06 17:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-12-06 16:59 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-12-06 16:34 . 2013-12-06 16:40 -------- d-----w- C:\AdwCleaner
2013-12-06 16:16 . 2013-12-06 16:16 -------- d-----w- c:\windows\ERUNT
2013-12-06 13:56 . 2013-12-06 13:57 -------- d-----w- c:\program files\trend micro
2013-12-06 13:56 . 2013-12-06 13:57 -------- d-----w- C:\rsit
2013-11-15 17:26 . 2013-11-15 17:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Overwolf
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-19 10:21 . 2013-08-13 14:15 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-10-13 16:45 . 2012-08-28 13:47 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-13 16:45 . 2011-08-02 18:08 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-13 16:45 . 2013-10-09 08:45 17813896 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-10-13 11:42 . 2009-07-30 07:44 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:12 . 2009-07-30 07:43 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-13 07:12 . 2009-07-30 07:43 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:12 . 2009-07-30 07:43 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:57 . 2009-07-30 07:43 385024 ----a-w- c:\windows\system32\html.iec
2013-10-12 15:57 . 2009-07-30 07:43 279552 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:13 . 2009-07-30 07:43 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-07 11:00 . 2009-07-30 07:43 606208 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:42 . 2008-05-05 05:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-09-27 08:53 . 2013-06-18 19:50 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-28 07:32 . 2012-08-28 07:30 93654616 ----a-w- c:\program files\avast_free_antivirus_setup.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2009-04-15 135168]
"Overwolf"="c:\program files\Overwolf\Overwolf.exe" [2013-12-09 35768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-02-20 817672]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-05-01 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-05-01 354840]
"PersistenceThread"="c:\windows\system32\PersistenceThread.exe" [2009-05-01 92696]
"AzMixerSel"="c:\program files\Realtek\Audio\Drivers\AzMixerSel.exe" [2006-07-17 53248]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-27 1434920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Ondra\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-6-20 607584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igdlogin]
2009-04-28 03:44 65536 ----a-w- c:\windows\system32\igdlogin.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Acer\\Acer VCM\\VC.exe"=
"c:\\Documents and Settings\\Ondra\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Documents and Settings\\Mila Sopouskova\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [22.5.2010 12:05 691696]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [28.8.2012 14:36 18544]
R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [30.7.2009 2:59 237568]
R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [30.7.2009 1:40 5096544]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [30.7.2009 1:46 1684736]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [6.12.2013 18:00 40776]
S3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files\Overwolf\OverwolfUpdater.exe [25.9.2013 17:09 96184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [30.7.2009 1:32 164864]
S3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-04 15:37 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-28 16:45]
.
2013-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-30 11:04]
.
2013-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-30 11:04]
.
2013-12-11 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-10-23 14:01]
.
2013-12-12 c:\windows\Tasks\User_Feed_Synchronization-{9C6452F8-6F82-4E43-9676-8EAC8B6277A0}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.daum.net/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=ao751h&r=0xph04101706l03c3wu45w48l15641
uSearchURL,(Default) = hxxp://search.daum.net/search?nil_profile=ie&ref_code=ms&q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 213.46.172.36 192.168.0.1
FF - ProfilePath - c:\documents and settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\pwhdinor.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz classic
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/?utm_source=ch-toolbar&u ... paign=home
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/?charset=UTF-8&channel_id=ch-toolbar-ff,ch-toolbar-ff-searchbox,tb-classic&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&utm_campaign=classic&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
HKLM-Run-ExpressFiles - c:\program files\ExpressFiles\ExpressFiles.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-12 14:57
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(860)
c:\windows\system32\igdlogin.dll
.
Celkový čas: 2013-12-12 15:01:31
ComboFix-quarantined-files.txt 2013-12-12 14:01
.
Před spuštěním: Volných bajtů: 112 974 266 368
Po spuštění: Volných bajtů: 115 674 148 864
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - F76016ABCCD628D2C0F41B03E15A45DA
5C616939100B85E558DA92B899A0FC36
Rkill 2.6.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/12/2013 02:31:13 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Reparse Point/Junctions Found (Most likely legitimate)!
* C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
* C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* HOSTS file entries found:
127.0.0.1 localhost
Program finished at: 12/12/2013 02:32:14 PM
Execution time: 0 hours(s), 1 minute(s), and 1 seconds(s)
ComboFix 13-12-12.01 - Ondra 12.12.2013 14:43:03.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.476 [GMT 1:00]
Spuštěný z: c:\documents and settings\Ondra\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Ondra\WINDOWS
c:\windows\EventSystem.log
c:\windows\Services.reg
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000023_.tmp.dll
c:\windows\system32\_000024_.tmp.dll
c:\windows\system32\_000025_.tmp.dll
c:\windows\system32\_000026_.tmp.dll
c:\windows\system32\frapsvid.dll
c:\windows\system32\SET11E.tmp
c:\windows\system32\SET183.tmp
c:\windows\system32\SET18C.tmp
c:\windows\system32\SET199.tmp
c:\windows\system32\SET1BF.tmp
c:\windows\system32\SET1D8.tmp
c:\windows\system32\SET200.tmp
c:\windows\system32\SET206.tmp
c:\windows\system32\SET228.tmp
c:\windows\system32\SET229.tmp
c:\windows\system32\SET22A.tmp
c:\windows\system32\SET22B.tmp
c:\windows\system32\SET23B.tmp
c:\windows\system32\SET96.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-12 do 2013-12-12 )))))))))))))))))))))))))))))))
.
.
2013-12-12 13:30 . 2013-11-08 01:15 7772552 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{54728885-D0CC-46D5-933A-9A45F2B5CBF0}\mpengine.dll
2013-12-11 16:32 . 2013-12-11 16:35 -------- d-----w- c:\program files\Common Files\Overwolf
2013-12-11 16:32 . 2013-12-11 16:32 -------- d-----w- c:\program files\Common Files\Skype
2013-12-10 16:10 . 2013-12-10 20:25 -------- d-----w- C:\FRST
2013-12-08 16:54 . 2013-11-08 01:15 7772552 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-06 17:00 . 2013-12-06 17:02 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-12-06 17:00 . 2013-12-06 17:00 -------- d-----w- c:\documents and settings\Ondra\Data aplikací\Malwarebytes
2013-12-06 17:00 . 2013-12-06 17:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-12-06 16:59 . 2013-12-06 17:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-12-06 16:59 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-12-06 16:34 . 2013-12-06 16:40 -------- d-----w- C:\AdwCleaner
2013-12-06 16:16 . 2013-12-06 16:16 -------- d-----w- c:\windows\ERUNT
2013-12-06 13:56 . 2013-12-06 13:57 -------- d-----w- c:\program files\trend micro
2013-12-06 13:56 . 2013-12-06 13:57 -------- d-----w- C:\rsit
2013-11-15 17:26 . 2013-11-15 17:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Overwolf
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-19 10:21 . 2013-08-13 14:15 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-10-13 16:45 . 2012-08-28 13:47 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-13 16:45 . 2011-08-02 18:08 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-13 16:45 . 2013-10-09 08:45 17813896 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-10-13 11:42 . 2009-07-30 07:44 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:12 . 2009-07-30 07:43 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-13 07:12 . 2009-07-30 07:43 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:12 . 2009-07-30 07:43 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:57 . 2009-07-30 07:43 385024 ----a-w- c:\windows\system32\html.iec
2013-10-12 15:57 . 2009-07-30 07:43 279552 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:13 . 2009-07-30 07:43 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-07 11:00 . 2009-07-30 07:43 606208 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:42 . 2008-05-05 05:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-09-27 08:53 . 2013-06-18 19:50 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-28 07:32 . 2012-08-28 07:30 93654616 ----a-w- c:\program files\avast_free_antivirus_setup.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2009-04-15 135168]
"Overwolf"="c:\program files\Overwolf\Overwolf.exe" [2013-12-09 35768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-02-20 817672]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-05-01 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-05-01 354840]
"PersistenceThread"="c:\windows\system32\PersistenceThread.exe" [2009-05-01 92696]
"AzMixerSel"="c:\program files\Realtek\Audio\Drivers\AzMixerSel.exe" [2006-07-17 53248]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-27 1434920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Ondra\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-6-20 607584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igdlogin]
2009-04-28 03:44 65536 ----a-w- c:\windows\system32\igdlogin.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Acer\\Acer VCM\\VC.exe"=
"c:\\Documents and Settings\\Ondra\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Documents and Settings\\Mila Sopouskova\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [22.5.2010 12:05 691696]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [28.8.2012 14:36 18544]
R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [30.7.2009 2:59 237568]
R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [30.7.2009 1:40 5096544]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [30.7.2009 1:46 1684736]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [6.12.2013 18:00 40776]
S3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files\Overwolf\OverwolfUpdater.exe [25.9.2013 17:09 96184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [30.7.2009 1:32 164864]
S3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-04 15:37 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-28 16:45]
.
2013-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-30 11:04]
.
2013-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-30 11:04]
.
2013-12-11 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-10-23 14:01]
.
2013-12-12 c:\windows\Tasks\User_Feed_Synchronization-{9C6452F8-6F82-4E43-9676-8EAC8B6277A0}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.daum.net/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=ao751h&r=0xph04101706l03c3wu45w48l15641
uSearchURL,(Default) = hxxp://search.daum.net/search?nil_profile=ie&ref_code=ms&q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 213.46.172.36 192.168.0.1
FF - ProfilePath - c:\documents and settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\pwhdinor.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz classic
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/?utm_source=ch-toolbar&u ... paign=home
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/?charset=UTF-8&channel_id=ch-toolbar-ff,ch-toolbar-ff-searchbox,tb-classic&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&utm_campaign=classic&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
HKLM-Run-ExpressFiles - c:\program files\ExpressFiles\ExpressFiles.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-12 14:57
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(860)
c:\windows\system32\igdlogin.dll
.
Celkový čas: 2013-12-12 15:01:31
ComboFix-quarantined-files.txt 2013-12-12 14:01
.
Před spuštěním: Volných bajtů: 112 974 266 368
Po spuštění: Volných bajtů: 115 674 148 864
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - F76016ABCCD628D2C0F41B03E15A45DA
5C616939100B85E558DA92B899A0FC36
Přispějete na provoz fóra?