Dobrý den,
poslední dobou mi v google chrome neustále vyskakují reklamy. Dnes také došlo k zablokování prohlížeče policejním virem - prohlížeč jsem ihned ukončila přes správce úloh. Prosím o kontrolu logu a radu, jak postupovat při odstranění. Děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by User at 2014-01-18 20:58:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 403 GB (42%) free of 954 GB
Total RAM: 2046 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:58:52, on 18.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16750)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\User.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files (x86)\Family Toolbar\tbhelper.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MHTBPos00 - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll
O2 - BHO: BetterSrf - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll
O2 - BHO: BetterSurf - {6E3C6B04-08FE-43BC-8E50-F90285024DEA} - C:\Program Files (x86)\BetterSurf\ie\BetterSurf.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: VideoPlayerV3beta795 - {79c3c480-6692-4bfe-97bb-1c9fb3d67be7} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ie\VideoPlayerV3beta795.dll
O2 - BHO: BetterSrf - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files (x86)\Better-Surf\ie\BetterSrf.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: WebexpEnhancedV1alpha53 - {b58fd3a7-2cf3-40e4-b7c5-81872f0825fb} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ie\WebexpEnhancedV1alpha53.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1914345496-1861816520-2744404927-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1914345496-1861816520-2744404927-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Download Video on This Page - res://C:\Program Files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll/211
O8 - Extra context menu item: Download Video This Links To - res://C:\Program Files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll/212
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Download Video - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll/211 (file missing)
O9 - Extra 'Tools' menuitem: Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} - res://C:\Program Files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll/211 (file missing)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B99B8F1B-A059-44AC-B563-6B0C69C7F08E}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: leaf - {3C4A8A13-029E-430D-B8C1-46E834D20B31} - mscoree.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate1cab0e66fdd3a23) (gupdate1cab0e66fdd3a23) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ReadyNAS Remote Http Service - NETGEAR - C:\Program Files (x86)\NETGEAR ReadySHARE\Cloud\bin\lnhttpservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12355 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2000
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Genius\ioCentre\gTaskBar.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\MyHeritage\Bin\FTBCheckUpdates.exe"
C:\Genius\ioCentre\gMouseTask
C:\Genius\ioCentre\gKbdTask
C:\Genius\ioCentre\gIoCentreFunMgm
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\wuauclt.exe"
"taskhost.exe"
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
"C:\Users\User\Downloads\RogueKiller.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\User\Desktop\RKreport[0]_S_01182014_205041.txt
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 pct:10c stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_69/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --instant-process --disable-html-notifications --disable-webgl --disable-pepper-3d --disable-gl-multisampling --disable-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-video-decode --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3692.0.606046655\1580603744" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 pct:10c stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_69/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --disable-webgl --disable-pepper-3d --disable-gl-multisampling --disable-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-video-decode --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3692.1.704489130\396380634" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 pct:10c stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_69/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --disable-accelerated-2d-canvas --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3692.2.1394548285\1610911453" /prefetch:673131151
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\User\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default
prefs.js - "extensions.enabledItems" - "{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}:1.0.3, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {56e8db8a-a802-4a63-8d9c-af2f0cca4ed3}:3.3.3.2, {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.5, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.90, engine@conduit.com:3.3.3.2, {ef13cf4f-2753-470c-88d2-b10effbc2092}:3.3.3.2, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8312, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "browser.startup.homepage" - "http://us.yahoo.com?fr=fp-comodo"
prefs.js - "keyword.URL" - "http://us.search.yahoo.com/search?fr=ytff-comodo&p="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
npwachk.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsILegitCheckPlugin.xpt
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
C:\Program Files (x86)\Mozilla Firefox\plugins\
npLegitCheckPlugin.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll
npwachk.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
MyHeritage.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\extensions\
engine@conduit.com
{56e8db8a-a802-4a63-8d9c-af2f0cca4ed3}
{7b13ec3e-999a-4b70-b9cb-2617b8323822}
{800b5000-a755-47e1-992b-48a1c1357f07}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
{ef13cf4f-2753-470c-88d2-b10effbc2092}
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]
MHTBPos00 Class - C:\Program Files (x86)\Family Toolbar\tbcore3.dll [2009-05-07 2642432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1824FF90-C98E-48A6-838F-E3B6572B0C77}]
Better Surf Plus - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll [2013-12-09 86528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}]
BetterSurf - C:\Program Files (x86)\BetterSurf\ie\BetterSurf.dll [2013-11-12 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79c3c480-6692-4bfe-97bb-1c9fb3d67be7}]
Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ie\VideoPlayerV3beta795.dll [2014-01-07 87040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}]
Better-Surf - C:\Program Files (x86)\Better-Surf\ie\BetterSrf.dll [2013-11-25 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b58fd3a7-2cf3-40e4-b7c5-81872f0825fb}]
Webexp Enhanced - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ie\WebexpEnhancedV1alpha53.dll [2013-12-19 87552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - Family Toolbar - C:\Program Files (x86)\Family Toolbar\tbcore3.dll [2009-05-07 2642432]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 9577680]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2012-12-21 1090040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-02-18 79192]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2009-07-24 118624]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2009-09-03 60928]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Family Tree Builder Update"=C:\MyHeritage\Bin\FTBCheckUpdates.exe [2013-09-09 2532352]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux3"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"midi8"=wdmaud.drv
"midi9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-01-18 20:58:44 ----D---- C:\Program Files\trend micro
2014-01-18 20:58:43 ----D---- C:\rsit
2014-01-15 09:16:04 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-01-15 09:16:04 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-01-15 09:16:04 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-01-15 09:16:04 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-01-15 09:16:04 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-01-15 09:16:04 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-01-15 09:16:04 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-01-15 09:16:03 ----A---- C:\Windows\system32\win32k.sys
2014-01-15 09:16:02 ----A---- C:\Windows\system32\drivers\netio.sys
2014-01-10 17:05:13 ----D---- C:\Program Files (x86)\VideoPlayerV3
2013-12-20 17:05:10 ----D---- C:\Program Files (x86)\WebexpEnhancedV1
2013-12-20 00:19:35 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-20 00:19:34 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-20 00:19:34 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-20 00:19:33 ----A---- C:\Windows\system32\wmp.dll
2013-12-20 00:15:48 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-20 00:15:47 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-20 00:15:47 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-20 00:15:47 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-20 00:15:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-20 00:15:47 ----A---- C:\Windows\system32\ieui.dll
2013-12-20 00:15:47 ----A---- C:\Windows\system32\iesetup.dll
2013-12-20 00:15:47 ----A---- C:\Windows\system32\iernonce.dll
2013-12-20 00:15:47 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-20 00:15:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-20 00:15:46 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-20 00:15:46 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-20 00:15:46 ----A---- C:\Windows\system32\iertutil.dll
2013-12-20 00:15:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-20 00:15:45 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-20 00:15:45 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-20 00:15:45 ----A---- C:\Windows\system32\jscript.dll
2013-12-20 00:15:44 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-20 00:15:44 ----A---- C:\Windows\system32\jscript9.dll
2013-12-20 00:15:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-20 00:15:43 ----A---- C:\Windows\system32\urlmon.dll
2013-12-20 00:15:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-20 00:15:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-20 00:15:42 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-20 00:15:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-20 00:15:41 ----A---- C:\Windows\system32\wininet.dll
2013-12-20 00:15:40 ----A---- C:\Windows\system32\ieframe.dll
2013-12-20 00:15:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-20 00:15:37 ----A---- C:\Windows\system32\mshtml.dll
======List of files/folders modified in the last 1 month======
2014-01-18 20:58:52 ----D---- C:\Windows\Prefetch
2014-01-18 20:58:44 ----RD---- C:\Program Files
2014-01-18 20:50:39 ----D---- C:\Windows\system32\drivers
2014-01-18 20:33:43 ----D---- C:\Users\User\AppData\Roaming\Skype
2014-01-18 14:35:34 ----D---- C:\Windows\system32\config
2014-01-18 03:13:24 ----D---- C:\Windows\Temp
2014-01-17 17:42:25 ----D---- C:\Windows\winsxs
2014-01-17 17:40:49 ----D---- C:\ProgramData\NVIDIA
2014-01-17 17:39:33 ----D---- C:\Windows\System32
2014-01-17 17:39:32 ----D---- C:\Windows\system32\DriverStore
2014-01-15 19:46:08 ----SHD---- C:\Windows\Installer
2014-01-15 19:46:08 ----SHD---- C:\Config.Msi
2014-01-15 19:46:06 ----D---- C:\ProgramData\Microsoft Help
2014-01-15 19:38:02 ----D---- C:\Windows\system32\MRT
2014-01-15 19:37:41 ----A---- C:\Windows\system32\MRT.exe
2014-01-15 19:37:21 ----SHD---- C:\System Volume Information
2014-01-15 09:15:54 ----D---- C:\Windows\system32\catroot2
2014-01-15 09:15:54 ----D---- C:\Windows\system32\catroot
2014-01-11 23:01:07 ----D---- C:\Users\User\AppData\Roaming\vlc
2014-01-10 17:06:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-01-10 17:05:13 ----D---- C:\Program Files (x86)
2014-01-02 00:35:49 ----D---- C:\Users\User\AppData\Roaming\Winamp
2014-01-01 17:30:58 ----D---- C:\CDSM
2013-12-23 18:06:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-20 08:26:13 ----D---- C:\Windows\rescache
2013-12-20 07:32:44 ----D---- C:\Windows\SysWOW64
2013-12-20 07:32:44 ----D---- C:\Program Files\Windows Media Player
2013-12-20 07:32:44 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-20 07:32:42 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-20 07:32:40 ----D---- C:\Program Files\Internet Explorer
2013-12-20 07:32:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-20 07:32:38 ----D---- C:\Windows\system32\cs-CZ
2013-12-20 00:18:05 ----D---- C:\Windows\Logs
2013-12-20 00:18:01 ----D---- C:\Windows
2013-12-19 23:57:14 ----RSD---- C:\Windows\assembly
2013-12-19 22:58:54 ----D---- C:\Users\User\AppData\Roaming\ICQ
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-08-12 69152]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-27 834544]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2012-11-08 22736]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-11-08 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-11-08 38144]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-11-08 94288]
R3 Fwleaf;NETGEAR Firewall Driver; C:\Windows\system32\DRIVERS\fwleaf.sys [2011-04-08 27200]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys [2009-06-27 25088]
R3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys [2009-06-25 14336]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 leafnets;Leaf Networks Adapter; C:\Windows\system32\DRIVERS\leafnets.sys [2011-05-26 29696]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2009-07-24 36208]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-10-27 196384]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2009-01-09 31744]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 ALSysIO;ALSysIO; \??\C:\Users\User\AppData\Local\Temp\ALSysIO64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2011-02-16 74240]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-20 32768]
S3 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2009-11-22 446152]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WPRO_41_1742;WinPcap Packet Driver (WPRO_41_1742); C:\Windows\system32\drivers\WPRO_41_1742.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-03 65640]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 2828408]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2009-07-24 199008]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-27 1364256]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate1cab0e66fdd3a23;Služba Google Update (gupdate1cab0e66fdd3a23); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-18 133104]
S2 ReadyNAS Remote Http Service;ReadyNAS Remote Http Service; C:\Program Files (x86)\NETGEAR ReadySHARE\Cloud\bin\lnhttpservice.exe [2011-07-19 100160]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-18 133104]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
vyskakující reklamy, PV
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: vyskakující reklamy, PV
Zdravim 
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: vyskakující reklamy, PV
Zdravím,
při spuštění JRT bohužel hlásí "unable to create file...." není tedy možné vytvořit zálohu a to i když povolím spuštění JRT ve firewall nebo po úplném vypnutí sítě a firewall
při spuštění JRT bohužel hlásí "unable to create file...." není tedy možné vytvořit zálohu a to i když povolím spuštění JRT ve firewall nebo po úplném vypnutí sítě a firewall
Re: vyskakující reklamy, PV
Pokracujte tedy AdwCleanerem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: vyskakující reklamy, PV
# AdwCleaner v3.017 - Report created 18/01/2014 at 23:01:41
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : User - USER-PC
# Running from : C:\Users\User\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\FreeRIP
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Program Files (x86)\BetterSurf
Folder Deleted : C:\Program Files (x86)\Better-Surf
Folder Deleted : C:\Program Files (x86)\FreeRIP
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Users\User\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Conduit
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\ConduitEngine
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\ICQToolbarData
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\CT1934975
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\CT2438727
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\CT2538476
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Extensions\engine@conduit.com
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Extensions\{56e8db8a-a802-4a63-8d9c-af2f0cca4ed3}
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Extensions\{ef13cf4f-2753-470c-88d2-b10effbc2092}
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\.autoreg
File Deleted : C:\Program Files (x86)\Mozilla Firefox\.autoreg
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\Conduit.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{501451DE-5808-4599-B544-8BD0915B6B24}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16750
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v3.6.17 (cs)
[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\prefs.js ]
Line Deleted : user_pref("CT1934975..clientLogIsEnabled", true);
Line Deleted : user_pref("CT1934975..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT1934975..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT1934975.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT1934975.AppTrackingLastCheckTime", "Sat Nov 19 2011 20:51:01 GMT+0100");
Line Deleted : user_pref("CT1934975.CT2349999.CommunityChanged", true);
Line Deleted : user_pref("CT1934975.CT2375176.CommunityChanged", true);
Line Deleted : user_pref("CT1934975.CT2383175.CommunityChanged", true);
Line Deleted : user_pref("CT1934975.CT2627675.CommunityChanged", true);
Line Deleted : user_pref("CT1934975.CTID", "CT1934975");
Line Deleted : user_pref("CT1934975.CommunitiesChangesLastCheckTime", "Sat Nov 19 2011 20:50:42 GMT+0100");
Line Deleted : user_pref("CT1934975.CommunityChanged", true);
Line Deleted : user_pref("CT1934975.CurrentServerDate", "19-11-2011");
Line Deleted : user_pref("CT1934975.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT1934975.DialogsGetterLastCheckTime", "Sun Oct 09 2011 17:20:21 GMT+0200");
Line Deleted : user_pref("CT1934975.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT1934975.FeedLastCount128669722470719329", 109);
Line Deleted : user_pref("CT1934975.FeedPollDate1046262412769165952", "Sat Nov 19 2011 22:51:01 GMT+0100");
Line Deleted : user_pref("CT1934975.FeedPollDate128669722470719329", "Thu Apr 29 2010 06:49:51 GMT+0200");
Line Deleted : user_pref("CT1934975.FeedPollDate128722506295531277", "Sat Nov 19 2011 22:51:02 GMT+0100");
Line Deleted : user_pref("CT1934975.FeedPollDate128899692363856884", "Sat Nov 19 2011 22:51:01 GMT+0100");
Line Deleted : user_pref("CT1934975.FirstServerDate", "10-2-2010");
Line Deleted : user_pref("CT1934975.FirstTime", true);
Line Deleted : user_pref("CT1934975.FirstTimeFF3", true);
Line Deleted : user_pref("CT1934975.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT1934975.GroupingLastCheckTime", "Sat Nov 19 2011 20:50:42 GMT+0100");
Line Deleted : user_pref("CT1934975.GroupingLastErrorCode", "");
Line Deleted : user_pref("CT1934975.GroupingLastResponse", true);
Line Deleted : user_pref("CT1934975.GroupingLastServerUpdateTime", "129423381495730000");
Line Deleted : user_pref("CT1934975.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT1934975.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT1934975.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT1934975.Initialize", true);
Line Deleted : user_pref("CT1934975.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT1934975.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT1934975.InstalledDate", "Wed Feb 10 2010 21:51:17 GMT+0100");
Line Deleted : user_pref("CT1934975.InvalidateCache", false);
Line Deleted : user_pref("CT1934975.IsGrouping", true);
Line Deleted : user_pref("CT1934975.IsMulticommunity", false);
Line Deleted : user_pref("CT1934975.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT1934975.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT1934975.LanguagePackLastCheckTime", "Sat Nov 19 2011 20:50:43 GMT+0100");
Line Deleted : user_pref("CT1934975.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT1934975.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT1934975.LastLogin_2.5.6.0", "Mon Aug 02 2010 05:45:54 GMT+0200");
Line Deleted : user_pref("CT1934975.LastLogin_2.7.1.3", "Mon Aug 23 2010 23:02:36 GMT+0200");
Line Deleted : user_pref("CT1934975.LastLogin_2.7.2.0", "Thu Nov 04 2010 18:08:33 GMT+0100");
Line Deleted : user_pref("CT1934975.LastLogin_3.2.3.3", "Wed Dec 15 2010 00:18:15 GMT+0100");
Line Deleted : user_pref("CT1934975.LastLogin_3.2.5.2", "Sat Apr 02 2011 22:37:31 GMT+0200");
Line Deleted : user_pref("CT1934975.LastLogin_3.3.3.2", "Sat Nov 19 2011 20:50:44 GMT+0100");
Line Deleted : user_pref("CT1934975.LatestVersion", "3.5.0.12");
Line Deleted : user_pref("CT1934975.Locale", "en-us");
Line Deleted : user_pref("CT1934975.LoginCache", 4);
Line Deleted : user_pref("CT1934975.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT1934975.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT1934975.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT1934975.RadioIsPodcast", false);
Line Deleted : user_pref("CT1934975.RadioLastCheckTime", "Sat Nov 19 2011 20:51:00 GMT+0100");
Line Deleted : user_pref("CT1934975.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT1934975.RadioLastUpdateServer", "0");
Line Deleted : user_pref("CT1934975.RadioMediaID", "9962");
Line Deleted : user_pref("CT1934975.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT1934975.RadioMenuSelectedID", "EBRadioMenu_CT19349759962");
Line Deleted : user_pref("CT1934975.RadioShrinked", "expanded");
Line Deleted : user_pref("CT1934975.RadioStationName", "California%20Rock");
Line Deleted : user_pref("CT1934975.RadioStationURL", "hxxp://feedlive.net/california.asx");
Line Deleted : user_pref("CT1934975.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT1934975.SearchBoxWidth", 152);
Line Deleted : user_pref("CT1934975.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT1934975&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT1934975.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT1934975.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1934975&q=");
Line Deleted : user_pref("CT1934975.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT1934975.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT1934975.SearchInNewTabLastCheckTime", "Sat Nov 19 2011 20:50:42 GMT+0100");
Line Deleted : user_pref("CT1934975.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT1934975.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT1934975.ServiceMapLastCheckTime", "Sat Nov 19 2011 20:50:42 GMT+0100");
Line Deleted : user_pref("CT1934975.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT1934975.SettingsLastCheckTime", "Sat Nov 19 2011 20:50:42 GMT+0100");
Line Deleted : user_pref("CT1934975.SettingsLastUpdate", "1314539878");
Line Deleted : user_pref("CT1934975.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT1934975.ThirdPartyComponentsLastCheck", "Thu Nov 03 2011 22:50:08 GMT+0100");
Line Deleted : user_pref("CT1934975.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT1934975.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1934975");
Line Deleted : user_pref("CT1934975.UserID", "UN55354567116978183");
Line Deleted : user_pref("CT1934975.ValidationData_Search", 2);
Line Deleted : user_pref("CT1934975.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT1934975.WeatherNetwork", "");
Line Deleted : user_pref("CT1934975.WeatherPollDate", "Sat Nov 19 2011 22:51:03 GMT+0100");
Line Deleted : user_pref("CT1934975.WeatherUnit", "C");
Line Deleted : user_pref("CT1934975.clientLogIsEnabled", true);
Line Deleted : user_pref("CT1934975.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT1934975.components.1000082", true);
Line Deleted : user_pref("CT1934975.components.1000234", true);
Line Deleted : user_pref("CT1934975.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT1934975.globalFirstTimeInfoLastCheckTime", "Sat Nov 19 2011 20:50:46 GMT+0100");
Line Deleted : user_pref("CT1934975.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT1934975.myStuffEnabled", true);
Line Deleted : user_pref("CT1934975.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT1934975.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT1934975.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT1934975.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT1934975.oldAppsList", "200,128669721824625464,128669721967750465,1000048,128669722354000576,128671003036957157,128735201061250554,128671010216800492,128669722470719329,6848392494431101995[...]
Line Deleted : user_pref("CT1934975.testingCtid", "");
Line Deleted : user_pref("CT1934975.toolbarAppMetaDataLastCheckTime", "Sat Nov 19 2011 20:50:44 GMT+0100");
Line Deleted : user_pref("CT1934975.toolbarContextMenuLastCheckTime", "Mon Feb 07 2011 02:45:47 GMT+0100");
Line Deleted : user_pref("CT1934975.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT1934975.usagesFlag", 2);
Line Deleted : user_pref("CT2438727..clientLogIsEnabled", true);
Line Deleted : user_pref("CT2438727..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2438727..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2438727.AppTrackingLastCheckTime", "Sat Nov 19 2011 20:51:01 GMT+0100");
Line Deleted : user_pref("CT2438727.CTID", "CT2438727");
Line Deleted : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");
Line Deleted : user_pref("CT2438727.CurrentServerDate", "19-11-2011");
Line Deleted : user_pref("CT2438727.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2438727.DialogsGetterLastCheckTime", "Mon Oct 03 2011 21:39:39 GMT+0200");
Line Deleted : user_pref("CT2438727.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2438727.FirstServerDate", "6-2-2010");
Line Deleted : user_pref("CT2438727.FirstTime", true);
Line Deleted : user_pref("CT2438727.FirstTimeFF3", true);
Line Deleted : user_pref("CT2438727.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT2438727.GroupingInvalidateCache", false);
Line Deleted : user_pref("CT2438727.GroupingLastCheckTime", "0");
Line Deleted : user_pref("CT2438727.GroupingLastServerUpdateTime", "0");
Line Deleted : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2438727.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2438727.Initialize", true);
Line Deleted : user_pref("CT2438727.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2438727.InstalledDate", "Sat Feb 06 2010 14:31:59 GMT+0100");
Line Deleted : user_pref("CT2438727.InvalidateCache", false);
Line Deleted : user_pref("CT2438727.IsGrouping", false);
Line Deleted : user_pref("CT2438727.IsMulticommunity", false);
Line Deleted : user_pref("CT2438727.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2438727.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2438727.LanguagePackLastCheckTime", "Sat Nov 19 2011 20:50:47 GMT+0100");
Line Deleted : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2438727.LastLogin_2.5.6.0", "Mon Aug 02 2010 05:45:58 GMT+0200");
Line Deleted : user_pref("CT2438727.LastLogin_2.7.1.3", "Mon Aug 23 2010 23:02:47 GMT+0200");
Line Deleted : user_pref("CT2438727.LastLogin_2.7.2.0", "Thu Nov 04 2010 18:08:33 GMT+0100");
Line Deleted : user_pref("CT2438727.LastLogin_3.2.3.3", "Wed Dec 15 2010 00:18:20 GMT+0100");
Line Deleted : user_pref("CT2438727.LastLogin_3.2.5.2", "Sat Apr 02 2011 22:37:33 GMT+0200");
Line Deleted : user_pref("CT2438727.LastLogin_3.3.3.2", "Sat Nov 19 2011 20:50:47 GMT+0100");
Line Deleted : user_pref("CT2438727.LatestVersion", "3.8.0.8");
Line Deleted : user_pref("CT2438727.Locale", "en");
Line Deleted : user_pref("CT2438727.LoginCache", 4);
Line Deleted : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2438727.RadioLastCheckTime", "0");
Line Deleted : user_pref("CT2438727.RadioLastUpdateIPServer", "0");
Line Deleted : user_pref("CT2438727.RadioLastUpdateServer", "0");
Line Deleted : user_pref("CT2438727.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2438727&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=");
Line Deleted : user_pref("CT2438727.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Sat Nov 19 2011 20:50:46 GMT+0100");
Line Deleted : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2438727.ServiceMapLastCheckTime", "Sat Nov 19 2011 20:50:45 GMT+0100");
Line Deleted : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT2438727.SettingsLastCheckTime", "Sat Nov 19 2011 20:50:44 GMT+0100");
Line Deleted : user_pref("CT2438727.SettingsLastUpdate", "1314929172");
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Thu Nov 03 2011 22:50:20 GMT+0100");
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2438727");
Line Deleted : user_pref("CT2438727.UserID", "UN24678713949244924");
Line Deleted : user_pref("CT2438727.ValidationData_Search", 2);
Line Deleted : user_pref("CT2438727.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT2438727.alertChannelId", "832836");
Line Deleted : user_pref("CT2438727.backendstorage.currentgame", "76616D70697265");
Line Deleted : user_pref("CT2438727.clientLogIsEnabled", true);
Line Deleted : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2438727.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2438727.globalFirstTimeInfoLastCheckTime", "Sat Nov 19 2011 20:50:54 GMT+0100");
Line Deleted : user_pref("CT2438727.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT2438727.myStuffEnabled", true);
Line Deleted : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2438727.oldAppsList", "129017707048431316,129017707048587567,129509324767711885,129023982676944454,1000034,1000080,1000082,1000234,1000515,1000,1001,1002,1003,1004,1005,1006,1007,1008,100[...]
Line Deleted : user_pref("CT2438727.testingCtid", "");
Line Deleted : user_pref("CT2438727.toolbarAppMetaDataLastCheckTime", "Sat Nov 19 2011 20:50:47 GMT+0100");
Line Deleted : user_pref("CT2438727.toolbarContextMenuLastCheckTime", "Mon Feb 07 2011 02:45:24 GMT+0100");
Line Deleted : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2438727.usagesFlag", 2);
Line Deleted : user_pref("CT2538476..clientLogIsEnabled", true);
Line Deleted : user_pref("CT2538476..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2538476..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2538476.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2538476.AppTrackingLastCheckTime", "Sat Nov 19 2011 20:51:01 GMT+0100");
Line Deleted : user_pref("CT2538476.CTID", "CT2538476");
Line Deleted : user_pref("CT2538476.CommunitiesChangesLastCheckTime", "0");
Line Deleted : user_pref("CT2538476.CurrentServerDate", "19-11-2011");
Line Deleted : user_pref("CT2538476.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2538476.DialogsGetterLastCheckTime", "Mon Oct 03 2011 21:39:41 GMT+0200");
Line Deleted : user_pref("CT2538476.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"BannerCulture\":\"\",\"DownloadTime\":\"11/4/2010 8:13:06 PM\",\"SourceId\":0,\"OriginSource\":0,\"Refer[...]
Line Deleted : user_pref("CT2538476.FirstServerDate", "4-11-2010");
Line Deleted : user_pref("CT2538476.FirstTime", true);
Line Deleted : user_pref("CT2538476.FirstTimeFF3", true);
Line Deleted : user_pref("CT2538476.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2538476.GroupingInvalidateCache", false);
Line Deleted : user_pref("CT2538476.GroupingLastCheckTime", "0");
Line Deleted : user_pref("CT2538476.GroupingLastServerUpdateTime", "0");
Line Deleted : user_pref("CT2538476.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2538476.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2538476.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2538476.Initialize", true);
Line Deleted : user_pref("CT2538476.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2538476.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2538476.InstalledDate", "Thu Nov 04 2010 18:27:14 GMT+0100");
Line Deleted : user_pref("CT2538476.InvalidateCache", false);
Line Deleted : user_pref("CT2538476.IsGrouping", false);
Line Deleted : user_pref("CT2538476.IsMulticommunity", false);
Line Deleted : user_pref("CT2538476.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2538476.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2538476.LanguagePackLastCheckTime", "Sat Nov 19 2011 20:50:59 GMT+0100");
Line Deleted : user_pref("CT2538476.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2538476.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2538476.LastLogin_3.2.3.3", "Wed Dec 15 2010 00:18:23 GMT+0100");
Line Deleted : user_pref("CT2538476.LastLogin_3.2.5.2", "Sat Apr 02 2011 22:37:35 GMT+0200");
Line Deleted : user_pref("CT2538476.LastLogin_3.3.3.2", "Sat Nov 19 2011 20:50:59 GMT+0100");
Line Deleted : user_pref("CT2538476.LatestVersion", "3.5.0.12");
Line Deleted : user_pref("CT2538476.Locale", "en");
Line Deleted : user_pref("CT2538476.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2538476.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2538476.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2538476.RadioLastCheckTime", "0");
Line Deleted : user_pref("CT2538476.RadioLastUpdateIPServer", "0");
Line Deleted : user_pref("CT2538476.RadioLastUpdateServer", "0");
Line Deleted : user_pref("CT2538476.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT2538476.SearchBoxWidth", 195);
Line Deleted : user_pref("CT2538476.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2538476&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT2538476.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2538476.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2538476&q=");
Line Deleted : user_pref("CT2538476.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2538476.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2538476.SearchInNewTabLastCheckTime", "Sat Nov 19 2011 20:50:47 GMT+0100");
Line Deleted : user_pref("CT2538476.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2538476.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2538476.ServiceMapLastCheckTime", "Sat Nov 19 2011 20:50:47 GMT+0100");
Line Deleted : user_pref("CT2538476.SettingsLastCheckTime", "Sat Nov 19 2011 20:51:07 GMT+0100");
Line Deleted : user_pref("CT2538476.SettingsLastUpdate", "1320325868");
Line Deleted : user_pref("CT2538476.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2538476.ThirdPartyComponentsLastCheck", "Thu Nov 03 2011 22:50:24 GMT+0100");
Line Deleted : user_pref("CT2538476.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT2538476.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2538476");
Line Deleted : user_pref("CT2538476.UserID", "UN91727397762057230");
Line Deleted : user_pref("CT2538476.ValidationData_Search", 1);
Line Deleted : user_pref("CT2538476.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT2538476.WeatherNetwork", "");
Line Deleted : user_pref("CT2538476.WeatherPollDate", "Sat Nov 19 2011 22:51:09 GMT+0100");
Line Deleted : user_pref("CT2538476.WeatherUnit", "C");
Line Deleted : user_pref("CT2538476.alertChannelId", "931463");
Line Deleted : user_pref("CT2538476.backendstorage.hxxp://www_mousehuntgame_com/toolbar.expires", "30");
Line Deleted : user_pref("CT2538476.backendstorage.hxxp://www_mousehuntgame_com/toolbar.secret", "596F634D524C315F4D6830446C564C784836374A54415F5F");
Line Deleted : user_pref("CT2538476.backendstorage.hxxp://www_mousehuntgame_com/toolbar.session_key", "322E4C7761434F504B674F697A526F4157737558474677775F5F2E333630302E313239373435343430302D31343030333634313432");
Line Deleted : user_pref("CT2538476.backendstorage.hxxp://www_mousehuntgame_com/toolbar.sig", "6539666662646633636662633461396465636534343530316564613033333035");
Line Deleted : user_pref("CT2538476.backendstorage.hxxp://www_mousehuntgame_com/toolbar.uid", "31343030333634313432");
Line Deleted : user_pref("CT2538476.components.1000034", false);
Line Deleted : user_pref("CT2538476.components.1000082", false);
Line Deleted : user_pref("CT2538476.components.1000234", true);
Line Deleted : user_pref("CT2538476.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2538476.globalFirstTimeInfoLastCheckTime", "Sat Nov 19 2011 20:51:02 GMT+0100");
Line Deleted : user_pref("CT2538476.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT2538476.myStuffEnabled", true);
Line Deleted : user_pref("CT2538476.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2538476.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2538476.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2538476.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2538476.oldAppsList", "129109032888275383,129109032888275384,129109120718432630,129304328669662854,1000034,1000080,1000082,1000234,1000,1001,1002,1003,1004,1005,1006,1007,1008,1009,1010,1[...]
Line Deleted : user_pref("CT2538476.testingCtid", "");
Line Deleted : user_pref("CT2538476.toolbarAppMetaDataLastCheckTime", "Sat Nov 19 2011 20:50:59 GMT+0100");
Line Deleted : user_pref("CT2538476.toolbarContextMenuLastCheckTime", "Mon Feb 07 2011 02:45:24 GMT+0100");
Line Deleted : user_pref("CT2538476.usagesFlag", 1);
Line Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2438727,CT2538476,CT1934975");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=1020425&fid=1016139", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=470167&fid=466038", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=745401&fid=741237", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=770053&fid=765881", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=777952&fid=773780", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=832836&fid=828639", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=909619&fid=905414", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=931463&fid=927247", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1020425/1016139/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/470167/466038/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/745401/741237/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/770053/765881/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/777952/773780/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/931463/927247/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1934975", "\"1273667989\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2538476", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "L+tncv4eqt6Qm5T3dzChdA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "poKjTfHs0NrVUIalKI8jyg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "poKjTfHs0NrVUIalKI8jyg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "QmycQXJXVyFVAzIiNllWhQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "QmycQXJXVyFVAzIiNllWhQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "SuMy8xgBA7+FodOxmk9aiQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"01ffa8b1cc6cb1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0ee90707f77cc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1934975", "\"189bc05ed9753368aadfb2b80f08021d\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727", "\"189bc05ed9753368aadfb2b80f08021d\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2538476", "\"189bc05ed9753368aadfb2b80f08021d\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634231103359500000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634207581820000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1934975&octid=CT1934975", "\"1314539879\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2438727&octid=CT2438727", "\"1314929173\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2538476&octid=CT2538476", "\"1320325869\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT1934975/CT1934975", "\"1310989086\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2438727/CT2438727", "\"1311168869\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2538476/CT2538476", "\"1311168870\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"634322696881670000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"1d81252562c31be757300e4205a85371\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"dfcd977b3de16cbbb14789dbe1cbbc9f\"");
Line Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Line Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Line Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2438727,CT1934975,CT2538476,ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727,CT1934975,CT2538476");
Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Apr 03 2011 10:40:13 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Nov 19 2011 20:51:07 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Nov 19 2011 20:50:41 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "{99919343-9936-42f3-884b-eb5a7460d36e}");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Nov 19 2011 20:50:54 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "54238b02-9825-4dd1-972c-972c05b99ceb");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2538476");
Line Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Line Deleted : user_pref("ConduitEngine.FirstServerDate", "11/04/2010 20");
Line Deleted : user_pref("ConduitEngine.FirstTime", true);
Line Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Line Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line Deleted : user_pref("ConduitEngine.Initialize", true);
Line Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line Deleted : user_pref("ConduitEngine.InstalledDate", "Thu Nov 04 2010 18:27:39 GMT+0100");
Line Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Line Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Line Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Nov 04 2010 18:27:39 GMT+0100");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.2.3.3", "Thu Nov 04 2010 18:27:39 GMT+0100");
Line Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Nov 04 2010 18:27:38 GMT+0100");
Line Deleted : user_pref("ConduitEngine.UserID", "UN71818870826003826");
Line Deleted : user_pref("ConduitEngine.componentAlertEnabled", false);
Line Deleted : user_pref("ConduitEngine.engineLocale", "cs");
Line Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Nov 04 2010 18:27:39 GMT+0100");
Line Deleted : user_pref("ConduitEngine.initDone", true);
Line Deleted : user_pref("ConduitEngine.usagesFlag", 2);
Line Deleted : user_pref("browser.search.defaultthis.engineName", "HitGrab Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2538476&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("extensions.enabledItems", "{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}:1.0.3,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{56e8db8a-a802-4a63-8d9c-af2f0cca4ed3}:3.3.3.2,{7b13ec3e-999a-4b70-b9cb[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1321732238);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "praha%20v%20noci||amsterdam%20statues||V%20Pra%C5%BEsk%C3%A9%20br%C3%A1n%C4%9B%2074%2C%20Beroun%2C%20%C4%8Cesk%C3%A1%20republika||n%C3%A1m%C4%9Bst%C3%AD%20Gener%C3%A1l[...]
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1310577446");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "3.6.17");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "127675133812767516051276794122754");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1321732263);
Line Deleted : user_pref("icqtoolbar.version", "1.1.9");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
-\\ Google Chrome v32.0.1700.76
[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [46398 octets] - [18/01/2014 22:58:27]
AdwCleaner[S0].txt - [47037 octets] - [18/01/2014 23:01:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [47098 octets] ##########
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : User - USER-PC
# Running from : C:\Users\User\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\FreeRIP
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Program Files (x86)\BetterSurf
Folder Deleted : C:\Program Files (x86)\Better-Surf
Folder Deleted : C:\Program Files (x86)\FreeRIP
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Users\User\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Conduit
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\ConduitEngine
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\ICQToolbarData
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\CT1934975
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\CT2438727
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\CT2538476
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Extensions\engine@conduit.com
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Extensions\{56e8db8a-a802-4a63-8d9c-af2f0cca4ed3}
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Extensions\{ef13cf4f-2753-470c-88d2-b10effbc2092}
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\.autoreg
File Deleted : C:\Program Files (x86)\Mozilla Firefox\.autoreg
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\Conduit.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{501451DE-5808-4599-B544-8BD0915B6B24}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16750
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v3.6.17 (cs)
[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\prefs.js ]
Line Deleted : user_pref("CT1934975..clientLogIsEnabled", true);
Line Deleted : user_pref("CT1934975..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT1934975..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT1934975.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT1934975.AppTrackingLastCheckTime", "Sat Nov 19 2011 20:51:01 GMT+0100");
Line Deleted : user_pref("CT1934975.CT2349999.CommunityChanged", true);
Line Deleted : user_pref("CT1934975.CT2375176.CommunityChanged", true);
Line Deleted : user_pref("CT1934975.CT2383175.CommunityChanged", true);
Line Deleted : user_pref("CT1934975.CT2627675.CommunityChanged", true);
Line Deleted : user_pref("CT1934975.CTID", "CT1934975");
Line Deleted : user_pref("CT1934975.CommunitiesChangesLastCheckTime", "Sat Nov 19 2011 20:50:42 GMT+0100");
Line Deleted : user_pref("CT1934975.CommunityChanged", true);
Line Deleted : user_pref("CT1934975.CurrentServerDate", "19-11-2011");
Line Deleted : user_pref("CT1934975.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT1934975.DialogsGetterLastCheckTime", "Sun Oct 09 2011 17:20:21 GMT+0200");
Line Deleted : user_pref("CT1934975.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT1934975.FeedLastCount128669722470719329", 109);
Line Deleted : user_pref("CT1934975.FeedPollDate1046262412769165952", "Sat Nov 19 2011 22:51:01 GMT+0100");
Line Deleted : user_pref("CT1934975.FeedPollDate128669722470719329", "Thu Apr 29 2010 06:49:51 GMT+0200");
Line Deleted : user_pref("CT1934975.FeedPollDate128722506295531277", "Sat Nov 19 2011 22:51:02 GMT+0100");
Line Deleted : user_pref("CT1934975.FeedPollDate128899692363856884", "Sat Nov 19 2011 22:51:01 GMT+0100");
Line Deleted : user_pref("CT1934975.FirstServerDate", "10-2-2010");
Line Deleted : user_pref("CT1934975.FirstTime", true);
Line Deleted : user_pref("CT1934975.FirstTimeFF3", true);
Line Deleted : user_pref("CT1934975.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT1934975.GroupingLastCheckTime", "Sat Nov 19 2011 20:50:42 GMT+0100");
Line Deleted : user_pref("CT1934975.GroupingLastErrorCode", "");
Line Deleted : user_pref("CT1934975.GroupingLastResponse", true);
Line Deleted : user_pref("CT1934975.GroupingLastServerUpdateTime", "129423381495730000");
Line Deleted : user_pref("CT1934975.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT1934975.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT1934975.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT1934975.Initialize", true);
Line Deleted : user_pref("CT1934975.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT1934975.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT1934975.InstalledDate", "Wed Feb 10 2010 21:51:17 GMT+0100");
Line Deleted : user_pref("CT1934975.InvalidateCache", false);
Line Deleted : user_pref("CT1934975.IsGrouping", true);
Line Deleted : user_pref("CT1934975.IsMulticommunity", false);
Line Deleted : user_pref("CT1934975.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT1934975.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT1934975.LanguagePackLastCheckTime", "Sat Nov 19 2011 20:50:43 GMT+0100");
Line Deleted : user_pref("CT1934975.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT1934975.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT1934975.LastLogin_2.5.6.0", "Mon Aug 02 2010 05:45:54 GMT+0200");
Line Deleted : user_pref("CT1934975.LastLogin_2.7.1.3", "Mon Aug 23 2010 23:02:36 GMT+0200");
Line Deleted : user_pref("CT1934975.LastLogin_2.7.2.0", "Thu Nov 04 2010 18:08:33 GMT+0100");
Line Deleted : user_pref("CT1934975.LastLogin_3.2.3.3", "Wed Dec 15 2010 00:18:15 GMT+0100");
Line Deleted : user_pref("CT1934975.LastLogin_3.2.5.2", "Sat Apr 02 2011 22:37:31 GMT+0200");
Line Deleted : user_pref("CT1934975.LastLogin_3.3.3.2", "Sat Nov 19 2011 20:50:44 GMT+0100");
Line Deleted : user_pref("CT1934975.LatestVersion", "3.5.0.12");
Line Deleted : user_pref("CT1934975.Locale", "en-us");
Line Deleted : user_pref("CT1934975.LoginCache", 4);
Line Deleted : user_pref("CT1934975.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT1934975.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT1934975.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT1934975.RadioIsPodcast", false);
Line Deleted : user_pref("CT1934975.RadioLastCheckTime", "Sat Nov 19 2011 20:51:00 GMT+0100");
Line Deleted : user_pref("CT1934975.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT1934975.RadioLastUpdateServer", "0");
Line Deleted : user_pref("CT1934975.RadioMediaID", "9962");
Line Deleted : user_pref("CT1934975.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT1934975.RadioMenuSelectedID", "EBRadioMenu_CT19349759962");
Line Deleted : user_pref("CT1934975.RadioShrinked", "expanded");
Line Deleted : user_pref("CT1934975.RadioStationName", "California%20Rock");
Line Deleted : user_pref("CT1934975.RadioStationURL", "hxxp://feedlive.net/california.asx");
Line Deleted : user_pref("CT1934975.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT1934975.SearchBoxWidth", 152);
Line Deleted : user_pref("CT1934975.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT1934975&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT1934975.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT1934975.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1934975&q=");
Line Deleted : user_pref("CT1934975.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT1934975.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT1934975.SearchInNewTabLastCheckTime", "Sat Nov 19 2011 20:50:42 GMT+0100");
Line Deleted : user_pref("CT1934975.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT1934975.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT1934975.ServiceMapLastCheckTime", "Sat Nov 19 2011 20:50:42 GMT+0100");
Line Deleted : user_pref("CT1934975.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT1934975.SettingsLastCheckTime", "Sat Nov 19 2011 20:50:42 GMT+0100");
Line Deleted : user_pref("CT1934975.SettingsLastUpdate", "1314539878");
Line Deleted : user_pref("CT1934975.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT1934975.ThirdPartyComponentsLastCheck", "Thu Nov 03 2011 22:50:08 GMT+0100");
Line Deleted : user_pref("CT1934975.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT1934975.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1934975");
Line Deleted : user_pref("CT1934975.UserID", "UN55354567116978183");
Line Deleted : user_pref("CT1934975.ValidationData_Search", 2);
Line Deleted : user_pref("CT1934975.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT1934975.WeatherNetwork", "");
Line Deleted : user_pref("CT1934975.WeatherPollDate", "Sat Nov 19 2011 22:51:03 GMT+0100");
Line Deleted : user_pref("CT1934975.WeatherUnit", "C");
Line Deleted : user_pref("CT1934975.clientLogIsEnabled", true);
Line Deleted : user_pref("CT1934975.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT1934975.components.1000082", true);
Line Deleted : user_pref("CT1934975.components.1000234", true);
Line Deleted : user_pref("CT1934975.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT1934975.globalFirstTimeInfoLastCheckTime", "Sat Nov 19 2011 20:50:46 GMT+0100");
Line Deleted : user_pref("CT1934975.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT1934975.myStuffEnabled", true);
Line Deleted : user_pref("CT1934975.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT1934975.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT1934975.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT1934975.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT1934975.oldAppsList", "200,128669721824625464,128669721967750465,1000048,128669722354000576,128671003036957157,128735201061250554,128671010216800492,128669722470719329,6848392494431101995[...]
Line Deleted : user_pref("CT1934975.testingCtid", "");
Line Deleted : user_pref("CT1934975.toolbarAppMetaDataLastCheckTime", "Sat Nov 19 2011 20:50:44 GMT+0100");
Line Deleted : user_pref("CT1934975.toolbarContextMenuLastCheckTime", "Mon Feb 07 2011 02:45:47 GMT+0100");
Line Deleted : user_pref("CT1934975.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT1934975.usagesFlag", 2);
Line Deleted : user_pref("CT2438727..clientLogIsEnabled", true);
Line Deleted : user_pref("CT2438727..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2438727..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2438727.AppTrackingLastCheckTime", "Sat Nov 19 2011 20:51:01 GMT+0100");
Line Deleted : user_pref("CT2438727.CTID", "CT2438727");
Line Deleted : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");
Line Deleted : user_pref("CT2438727.CurrentServerDate", "19-11-2011");
Line Deleted : user_pref("CT2438727.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2438727.DialogsGetterLastCheckTime", "Mon Oct 03 2011 21:39:39 GMT+0200");
Line Deleted : user_pref("CT2438727.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2438727.FirstServerDate", "6-2-2010");
Line Deleted : user_pref("CT2438727.FirstTime", true);
Line Deleted : user_pref("CT2438727.FirstTimeFF3", true);
Line Deleted : user_pref("CT2438727.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT2438727.GroupingInvalidateCache", false);
Line Deleted : user_pref("CT2438727.GroupingLastCheckTime", "0");
Line Deleted : user_pref("CT2438727.GroupingLastServerUpdateTime", "0");
Line Deleted : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2438727.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2438727.Initialize", true);
Line Deleted : user_pref("CT2438727.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2438727.InstalledDate", "Sat Feb 06 2010 14:31:59 GMT+0100");
Line Deleted : user_pref("CT2438727.InvalidateCache", false);
Line Deleted : user_pref("CT2438727.IsGrouping", false);
Line Deleted : user_pref("CT2438727.IsMulticommunity", false);
Line Deleted : user_pref("CT2438727.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2438727.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2438727.LanguagePackLastCheckTime", "Sat Nov 19 2011 20:50:47 GMT+0100");
Line Deleted : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2438727.LastLogin_2.5.6.0", "Mon Aug 02 2010 05:45:58 GMT+0200");
Line Deleted : user_pref("CT2438727.LastLogin_2.7.1.3", "Mon Aug 23 2010 23:02:47 GMT+0200");
Line Deleted : user_pref("CT2438727.LastLogin_2.7.2.0", "Thu Nov 04 2010 18:08:33 GMT+0100");
Line Deleted : user_pref("CT2438727.LastLogin_3.2.3.3", "Wed Dec 15 2010 00:18:20 GMT+0100");
Line Deleted : user_pref("CT2438727.LastLogin_3.2.5.2", "Sat Apr 02 2011 22:37:33 GMT+0200");
Line Deleted : user_pref("CT2438727.LastLogin_3.3.3.2", "Sat Nov 19 2011 20:50:47 GMT+0100");
Line Deleted : user_pref("CT2438727.LatestVersion", "3.8.0.8");
Line Deleted : user_pref("CT2438727.Locale", "en");
Line Deleted : user_pref("CT2438727.LoginCache", 4);
Line Deleted : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2438727.RadioLastCheckTime", "0");
Line Deleted : user_pref("CT2438727.RadioLastUpdateIPServer", "0");
Line Deleted : user_pref("CT2438727.RadioLastUpdateServer", "0");
Line Deleted : user_pref("CT2438727.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2438727&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=");
Line Deleted : user_pref("CT2438727.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Sat Nov 19 2011 20:50:46 GMT+0100");
Line Deleted : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2438727.ServiceMapLastCheckTime", "Sat Nov 19 2011 20:50:45 GMT+0100");
Line Deleted : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT2438727.SettingsLastCheckTime", "Sat Nov 19 2011 20:50:44 GMT+0100");
Line Deleted : user_pref("CT2438727.SettingsLastUpdate", "1314929172");
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Thu Nov 03 2011 22:50:20 GMT+0100");
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2438727");
Line Deleted : user_pref("CT2438727.UserID", "UN24678713949244924");
Line Deleted : user_pref("CT2438727.ValidationData_Search", 2);
Line Deleted : user_pref("CT2438727.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT2438727.alertChannelId", "832836");
Line Deleted : user_pref("CT2438727.backendstorage.currentgame", "76616D70697265");
Line Deleted : user_pref("CT2438727.clientLogIsEnabled", true);
Line Deleted : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2438727.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2438727.globalFirstTimeInfoLastCheckTime", "Sat Nov 19 2011 20:50:54 GMT+0100");
Line Deleted : user_pref("CT2438727.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT2438727.myStuffEnabled", true);
Line Deleted : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2438727.oldAppsList", "129017707048431316,129017707048587567,129509324767711885,129023982676944454,1000034,1000080,1000082,1000234,1000515,1000,1001,1002,1003,1004,1005,1006,1007,1008,100[...]
Line Deleted : user_pref("CT2438727.testingCtid", "");
Line Deleted : user_pref("CT2438727.toolbarAppMetaDataLastCheckTime", "Sat Nov 19 2011 20:50:47 GMT+0100");
Line Deleted : user_pref("CT2438727.toolbarContextMenuLastCheckTime", "Mon Feb 07 2011 02:45:24 GMT+0100");
Line Deleted : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2438727.usagesFlag", 2);
Line Deleted : user_pref("CT2538476..clientLogIsEnabled", true);
Line Deleted : user_pref("CT2538476..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2538476..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2538476.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2538476.AppTrackingLastCheckTime", "Sat Nov 19 2011 20:51:01 GMT+0100");
Line Deleted : user_pref("CT2538476.CTID", "CT2538476");
Line Deleted : user_pref("CT2538476.CommunitiesChangesLastCheckTime", "0");
Line Deleted : user_pref("CT2538476.CurrentServerDate", "19-11-2011");
Line Deleted : user_pref("CT2538476.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2538476.DialogsGetterLastCheckTime", "Mon Oct 03 2011 21:39:41 GMT+0200");
Line Deleted : user_pref("CT2538476.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"BannerCulture\":\"\",\"DownloadTime\":\"11/4/2010 8:13:06 PM\",\"SourceId\":0,\"OriginSource\":0,\"Refer[...]
Line Deleted : user_pref("CT2538476.FirstServerDate", "4-11-2010");
Line Deleted : user_pref("CT2538476.FirstTime", true);
Line Deleted : user_pref("CT2538476.FirstTimeFF3", true);
Line Deleted : user_pref("CT2538476.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2538476.GroupingInvalidateCache", false);
Line Deleted : user_pref("CT2538476.GroupingLastCheckTime", "0");
Line Deleted : user_pref("CT2538476.GroupingLastServerUpdateTime", "0");
Line Deleted : user_pref("CT2538476.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2538476.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2538476.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2538476.Initialize", true);
Line Deleted : user_pref("CT2538476.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2538476.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2538476.InstalledDate", "Thu Nov 04 2010 18:27:14 GMT+0100");
Line Deleted : user_pref("CT2538476.InvalidateCache", false);
Line Deleted : user_pref("CT2538476.IsGrouping", false);
Line Deleted : user_pref("CT2538476.IsMulticommunity", false);
Line Deleted : user_pref("CT2538476.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2538476.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2538476.LanguagePackLastCheckTime", "Sat Nov 19 2011 20:50:59 GMT+0100");
Line Deleted : user_pref("CT2538476.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2538476.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2538476.LastLogin_3.2.3.3", "Wed Dec 15 2010 00:18:23 GMT+0100");
Line Deleted : user_pref("CT2538476.LastLogin_3.2.5.2", "Sat Apr 02 2011 22:37:35 GMT+0200");
Line Deleted : user_pref("CT2538476.LastLogin_3.3.3.2", "Sat Nov 19 2011 20:50:59 GMT+0100");
Line Deleted : user_pref("CT2538476.LatestVersion", "3.5.0.12");
Line Deleted : user_pref("CT2538476.Locale", "en");
Line Deleted : user_pref("CT2538476.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2538476.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2538476.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2538476.RadioLastCheckTime", "0");
Line Deleted : user_pref("CT2538476.RadioLastUpdateIPServer", "0");
Line Deleted : user_pref("CT2538476.RadioLastUpdateServer", "0");
Line Deleted : user_pref("CT2538476.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT2538476.SearchBoxWidth", 195);
Line Deleted : user_pref("CT2538476.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2538476&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT2538476.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2538476.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2538476&q=");
Line Deleted : user_pref("CT2538476.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2538476.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2538476.SearchInNewTabLastCheckTime", "Sat Nov 19 2011 20:50:47 GMT+0100");
Line Deleted : user_pref("CT2538476.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2538476.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2538476.ServiceMapLastCheckTime", "Sat Nov 19 2011 20:50:47 GMT+0100");
Line Deleted : user_pref("CT2538476.SettingsLastCheckTime", "Sat Nov 19 2011 20:51:07 GMT+0100");
Line Deleted : user_pref("CT2538476.SettingsLastUpdate", "1320325868");
Line Deleted : user_pref("CT2538476.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2538476.ThirdPartyComponentsLastCheck", "Thu Nov 03 2011 22:50:24 GMT+0100");
Line Deleted : user_pref("CT2538476.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT2538476.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2538476");
Line Deleted : user_pref("CT2538476.UserID", "UN91727397762057230");
Line Deleted : user_pref("CT2538476.ValidationData_Search", 1);
Line Deleted : user_pref("CT2538476.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT2538476.WeatherNetwork", "");
Line Deleted : user_pref("CT2538476.WeatherPollDate", "Sat Nov 19 2011 22:51:09 GMT+0100");
Line Deleted : user_pref("CT2538476.WeatherUnit", "C");
Line Deleted : user_pref("CT2538476.alertChannelId", "931463");
Line Deleted : user_pref("CT2538476.backendstorage.hxxp://www_mousehuntgame_com/toolbar.expires", "30");
Line Deleted : user_pref("CT2538476.backendstorage.hxxp://www_mousehuntgame_com/toolbar.secret", "596F634D524C315F4D6830446C564C784836374A54415F5F");
Line Deleted : user_pref("CT2538476.backendstorage.hxxp://www_mousehuntgame_com/toolbar.session_key", "322E4C7761434F504B674F697A526F4157737558474677775F5F2E333630302E313239373435343430302D31343030333634313432");
Line Deleted : user_pref("CT2538476.backendstorage.hxxp://www_mousehuntgame_com/toolbar.sig", "6539666662646633636662633461396465636534343530316564613033333035");
Line Deleted : user_pref("CT2538476.backendstorage.hxxp://www_mousehuntgame_com/toolbar.uid", "31343030333634313432");
Line Deleted : user_pref("CT2538476.components.1000034", false);
Line Deleted : user_pref("CT2538476.components.1000082", false);
Line Deleted : user_pref("CT2538476.components.1000234", true);
Line Deleted : user_pref("CT2538476.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2538476.globalFirstTimeInfoLastCheckTime", "Sat Nov 19 2011 20:51:02 GMT+0100");
Line Deleted : user_pref("CT2538476.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT2538476.myStuffEnabled", true);
Line Deleted : user_pref("CT2538476.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2538476.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2538476.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2538476.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2538476.oldAppsList", "129109032888275383,129109032888275384,129109120718432630,129304328669662854,1000034,1000080,1000082,1000234,1000,1001,1002,1003,1004,1005,1006,1007,1008,1009,1010,1[...]
Line Deleted : user_pref("CT2538476.testingCtid", "");
Line Deleted : user_pref("CT2538476.toolbarAppMetaDataLastCheckTime", "Sat Nov 19 2011 20:50:59 GMT+0100");
Line Deleted : user_pref("CT2538476.toolbarContextMenuLastCheckTime", "Mon Feb 07 2011 02:45:24 GMT+0100");
Line Deleted : user_pref("CT2538476.usagesFlag", 1);
Line Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2438727,CT2538476,CT1934975");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=1020425&fid=1016139", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=470167&fid=466038", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=745401&fid=741237", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=770053&fid=765881", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=777952&fid=773780", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=832836&fid=828639", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=909619&fid=905414", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=931463&fid=927247", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1020425/1016139/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/470167/466038/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/745401/741237/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/770053/765881/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/777952/773780/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/931463/927247/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1934975", "\"1273667989\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2538476", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "L+tncv4eqt6Qm5T3dzChdA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "poKjTfHs0NrVUIalKI8jyg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "poKjTfHs0NrVUIalKI8jyg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "QmycQXJXVyFVAzIiNllWhQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "QmycQXJXVyFVAzIiNllWhQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "SuMy8xgBA7+FodOxmk9aiQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"01ffa8b1cc6cb1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0ee90707f77cc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1934975", "\"189bc05ed9753368aadfb2b80f08021d\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727", "\"189bc05ed9753368aadfb2b80f08021d\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2538476", "\"189bc05ed9753368aadfb2b80f08021d\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634231103359500000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634207581820000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1934975&octid=CT1934975", "\"1314539879\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2438727&octid=CT2438727", "\"1314929173\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2538476&octid=CT2538476", "\"1320325869\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT1934975/CT1934975", "\"1310989086\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2438727/CT2438727", "\"1311168869\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2538476/CT2538476", "\"1311168870\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"634322696881670000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"1d81252562c31be757300e4205a85371\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"dfcd977b3de16cbbb14789dbe1cbbc9f\"");
Line Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Line Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Line Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2438727,CT1934975,CT2538476,ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727,CT1934975,CT2538476");
Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Apr 03 2011 10:40:13 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Nov 19 2011 20:51:07 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Nov 19 2011 20:50:41 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "{99919343-9936-42f3-884b-eb5a7460d36e}");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Nov 19 2011 20:50:54 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "54238b02-9825-4dd1-972c-972c05b99ceb");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2538476");
Line Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Line Deleted : user_pref("ConduitEngine.FirstServerDate", "11/04/2010 20");
Line Deleted : user_pref("ConduitEngine.FirstTime", true);
Line Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Line Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line Deleted : user_pref("ConduitEngine.Initialize", true);
Line Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line Deleted : user_pref("ConduitEngine.InstalledDate", "Thu Nov 04 2010 18:27:39 GMT+0100");
Line Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Line Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Line Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Nov 04 2010 18:27:39 GMT+0100");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.2.3.3", "Thu Nov 04 2010 18:27:39 GMT+0100");
Line Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Nov 04 2010 18:27:38 GMT+0100");
Line Deleted : user_pref("ConduitEngine.UserID", "UN71818870826003826");
Line Deleted : user_pref("ConduitEngine.componentAlertEnabled", false);
Line Deleted : user_pref("ConduitEngine.engineLocale", "cs");
Line Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Nov 04 2010 18:27:39 GMT+0100");
Line Deleted : user_pref("ConduitEngine.initDone", true);
Line Deleted : user_pref("ConduitEngine.usagesFlag", 2);
Line Deleted : user_pref("browser.search.defaultthis.engineName", "HitGrab Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2538476&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("extensions.enabledItems", "{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}:1.0.3,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{56e8db8a-a802-4a63-8d9c-af2f0cca4ed3}:3.3.3.2,{7b13ec3e-999a-4b70-b9cb[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1321732238);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "praha%20v%20noci||amsterdam%20statues||V%20Pra%C5%BEsk%C3%A9%20br%C3%A1n%C4%9B%2074%2C%20Beroun%2C%20%C4%8Cesk%C3%A1%20republika||n%C3%A1m%C4%9Bst%C3%AD%20Gener%C3%A1l[...]
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1310577446");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "3.6.17");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "127675133812767516051276794122754");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1321732263);
Line Deleted : user_pref("icqtoolbar.version", "1.1.9");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
-\\ Google Chrome v32.0.1700.76
[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [46398 octets] - [18/01/2014 22:58:27]
AdwCleaner[S0].txt - [47037 octets] - [18/01/2014 23:01:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [47098 octets] ##########
Re: vyskakující reklamy, PV
Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: vyskakující reklamy, PV
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03
Ran by User (administrator) on USER-PC on 19-01-2014 02:38:18
Running from C:\Users\User\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR ReadySHARE\Cloud\bin\lnhttpservice.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
() C:\Genius\ioCentre\gTaskBar.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(MyHeritage) C:\MyHeritage\Bin\FTBCheckUpdates.exe
() C:\Genius\ioCentre\gMouseTask.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Genius\ioCentre\gKbdTask.exe
(TODO: <Company name>) C:\Genius\ioCentre\gIoCentreFunMgm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Companion\companionuser.exe
(forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [118624 2009-07-24] (Microsoft Corporation)
HKLM-x32\...\Run: [ioCentre] - C:\Genius\ioCentre\gTaskBar.exe [60928 2009-09-03] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Family Tree Builder Update] - C:\MyHeritage\Bin\FTBCheckUpdates.exe [2532352 2013-09-09] (MyHeritage)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [] - [x]
AppInit_DLLs: C:\Windows\system32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0D0A270CEB96CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.myheritage.com
URLSearchHook: HKCU - MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files (x86)\Family Toolbar\tbhelper.dll ()
SearchScopes: HKLM-x32 - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms}
SearchScopes: HKCU - DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={se ... chr-comodo
SearchScopes: HKCU - {4F6E540F-23AE-47D7-90A0-A29926AE4FCB} URL = http://search.centrum.cz/index.php?char ... x&kibitz=0
SearchScopes: HKCU - {8AE6F03A-E8DE-4FBB-BDD1-5D6144A7B022} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={se ... chr-comodo
SearchScopes: HKCU - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MHTBPos00 Class - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
BHO-x32: Better Surf Plus - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Video Player - {79c3c480-6692-4bfe-97bb-1c9fb3d67be7} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ie\VideoPlayerV3beta795.dll ()
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Webexp Enhanced - {b58fd3a7-2cf3-40e4-b7c5-81872f0825fb} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ie\WebexpEnhancedV1alpha53.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
Handler: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - No File
Handler-x32: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B99B8F1B-A059-44AC-B563-6B0C69C7F08E}: [NameServer]8.26.56.26,156.154.70.22
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default
FF Homepage: hxxp://us.yahoo.com?fr=fp-comodo
FF DefaultSearchEngine: Yahoo
FF Keyword.URL: hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
FF SelectedSearchEngine: Yahoo
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\MyHeritage.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Adobe DLM (powered by getPlus(R)) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010-10-29]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2010-01-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [2010-04-05]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-08]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-08-27]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-02-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-07-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2012-08-23]
FF Extension: Family Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} [2010-02-14]
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha53.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ff
FF Extension: Webexp Enhanced - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ff [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta795.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ff
FF Extension: Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ff [2014-01-10]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Vyhled\u00E1v\u00E1n\u00ED Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (Pen\u011B\u017Eenka Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [bbkgadobmliomlncmhlamenfchpnkkeo] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ch\VideoPlayerV3beta795.crx [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [jbeiobamjhndgjoimahopkdachmaegpj] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ch\WebexpEnhancedV1alpha53.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2013-12-19]
==================== Services (Whitelisted) =================
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
S2 gupdate1cab0e66fdd3a23; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2010-02-18] (Google Inc.)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 nosGetPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll [66112 2010-08-13] (NOS Microsystems Ltd.)
R2 ReadyNAS Remote Http Service; C:\Program Files (x86)\NETGEAR ReadySHARE\Cloud\bin\lnhttpservice.exe [100160 2011-07-19] (NETGEAR)
==================== Drivers (Whitelisted) ====================
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [22736 2012-11-08] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R3 Fwleaf; C:\Windows\System32\DRIVERS\fwleaf.sys [27200 2011-04-08] (NETGEAR)
R3 gHidPnp; C:\Windows\System32\Drivers\gHidPnp.Sys [25088 2009-06-27] ()
R3 gMouUsb; C:\Windows\System32\DRIVERS\gMouUsb.sys [14336 2009-06-25] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69152 2010-08-12] (Lavasoft AB)
R3 leafnets; C:\Windows\System32\DRIVERS\leafnets.sys [29696 2011-05-26] (Leaf Networks)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74240 2011-02-16] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-02-27] ()
S3 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [446152 2009-11-22] (Check Point Software Technologies LTD)
S3 ALSysIO; \??\C:\Users\User\AppData\Local\Temp\ALSysIO64.sys [x]
S3 WPRO_41_1742; system32\drivers\WPRO_41_1742.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-19 02:38 - 2014-01-19 02:40 - 00020839 _____ C:\Users\User\Desktop\FRST.txt
2014-01-19 02:37 - 2014-01-19 02:37 - 00000000 ____D C:\FRST
2014-01-19 02:36 - 2014-01-19 02:29 - 02076160 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-01-19 02:35 - 2014-01-19 02:35 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2014-01-19 02:28 - 2014-01-19 02:29 - 02076160 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-01-18 22:58 - 2014-01-18 23:02 - 00000000 ____D C:\AdwCleaner
2014-01-18 21:50 - 2014-01-18 21:50 - 00000000 ____D C:\Windows\ERUNT
2014-01-18 21:49 - 2014-01-18 21:49 - 01236282 _____ C:\Users\User\Desktop\adwcleaner.exe
2014-01-18 21:48 - 2014-01-18 21:48 - 01037068 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-01-18 20:58 - 2014-01-18 21:20 - 00000000 ____D C:\rsit
2014-01-18 20:58 - 2014-01-18 20:58 - 00000000 ____D C:\Program Files\trend micro
2014-01-18 20:57 - 2014-01-18 20:57 - 00935175 _____ C:\Users\User\Downloads\RSITx64.exe
2014-01-18 20:50 - 2014-01-18 20:50 - 00002007 _____ C:\Users\User\Desktop\RKreport[0]_S_01182014_205041.txt
2014-01-18 20:48 - 2014-01-18 21:03 - 00000000 ____D C:\Users\User\Desktop\RK_Quarantine
2014-01-18 20:44 - 2014-01-18 20:44 - 03809280 _____ C:\Users\User\Downloads\RogueKiller.exe
2014-01-17 19:53 - 2014-01-18 00:45 - 1333497856 _____ C:\Users\User\Downloads\Jeune.et.jolie.2013.Jen-.17.DVDRip.XviD.AC3.cz.tit_vlozeny.maNo.avi
2014-01-15 19:22 - 2014-01-15 19:22 - 01731072 _____ C:\Users\User\Downloads\blond1.pps
2014-01-15 19:20 - 2014-01-15 19:20 - 05836614 _____ C:\Users\User\Downloads\VĹĄe_je_OK._JeÄ_te_dĂĄl.....avi
2014-01-15 19:03 - 2014-01-15 19:03 - 02522112 _____ C:\Users\User\Downloads\VTIPY-PRO-PLNOLET��.pps
2014-01-15 19:01 - 2014-01-15 19:01 - 03148288 _____ C:\Users\User\Downloads\Hiroshima_ou_DetroitCZ.pps
2014-01-15 09:16 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 09:16 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 09:16 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 09:16 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 09:16 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 09:16 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 09:16 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 09:16 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 09:16 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-11 15:50 - 2014-01-11 15:58 - 145175030 _____ C:\Users\User\Downloads\Haven.S01E03.Harmony.HDTV.XviD-FQM_PocketPC.avi
2014-01-11 01:22 - 2014-01-11 01:42 - 367476744 _____ C:\Users\User\Downloads\haven.s01e02.hdtv.xvid-fqm.avi
2014-01-11 01:22 - 2014-01-11 01:22 - 00043344 _____ C:\Users\User\Downloads\haven.s01e02.hdtv.xvid-fqm.srt
2014-01-11 00:37 - 2014-01-11 00:37 - 00045778 _____ C:\Users\User\Downloads\haven.s01e01.hdtv.xvid-fqm.srt
2014-01-10 22:27 - 2014-01-10 23:36 - 366875088 _____ C:\Users\User\Downloads\haven.s01e01.hdtv.xvid-fqm.avi
2014-01-10 17:05 - 2014-01-10 17:05 - 00000000 ____D C:\Program Files (x86)\VideoPlayerV3
2014-01-07 19:17 - 2014-01-07 19:17 - 01068544 _____ C:\Users\User\Downloads\Los10AutosMasCaros.pps
2014-01-07 19:13 - 2014-01-07 19:13 - 01088512 _____ C:\Users\User\Downloads\Ktera_ma_hezci_limuzinu.pps
2014-01-07 19:11 - 2014-01-07 19:11 - 02228615 _____ C:\Users\User\Downloads\Vybitá_autobaterie_-_ruské_startování_auta.wmv
2014-01-07 19:06 - 2014-01-07 19:06 - 02973609 _____ C:\Users\User\Downloads\penalta_.wmv
2014-01-02 20:00 - 2014-01-02 20:41 - 733892608 _____ C:\Users\User\Downloads\Příběh-O---The-Story-of-O-CZ.avi
2013-12-30 22:22 - 2013-12-30 22:22 - 01085440 _____ C:\Users\User\Downloads\HARMONOGRAM_2009_2012.xls
2013-12-29 20:32 - 2014-01-12 20:07 - 00022883 _____ C:\Users\User\Documents\sportka_2014.xlsx
2013-12-26 23:26 - 2013-12-26 23:26 - 00000000 ____D C:\Users\User\AppData\Local\Wooky_s.r.o
2013-12-26 23:25 - 2013-12-26 23:25 - 00989787 _____ C:\Users\User\Downloads\Wooky.2.0.0.3.Setup.exe
2013-12-26 23:25 - 2013-12-26 23:25 - 00001153 _____ C:\Users\User\Desktop\Wooky.lnk
2013-12-26 23:25 - 2013-12-26 23:25 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wooky
2013-12-26 23:25 - 2013-12-26 23:25 - 00000000 ____D C:\Users\User\AppData\Local\Mobilbonus
2013-12-26 21:02 - 2013-12-26 22:20 - 729827328 _____ C:\Users\User\Downloads\Popelky-(Lying-to-Be-Perfect)-2010.avi
2013-12-26 20:15 - 2013-12-26 20:15 - 01098296 _____ (LiveSoftAction) C:\Users\User\Downloads\SILVERCREST STK 650 A1 ELECTRIC TEA MAKER user guide provided through czechmanuals.com (1).exe
2013-12-26 20:07 - 2013-12-26 20:07 - 01098296 _____ (LiveSoftAction) C:\Users\User\Downloads\SILVERCREST STK 650 A1 ELECTRIC TEA MAKER user guide provided through czechmanuals.com.exe
2013-12-26 18:37 - 2013-12-26 18:38 - 00003321 _____ C:\Users\User\Downloads\objednavka_0011995530 (1).html
2013-12-26 18:37 - 2013-12-26 18:37 - 00003321 _____ C:\Users\User\Downloads\objednavka_0011995530 (2).html
2013-12-21 22:04 - 2013-12-21 22:04 - 00003321 _____ C:\Users\User\Downloads\objednavka_0011995530.html
2013-12-20 20:14 - 2013-12-20 20:14 - 00004188 _____ C:\Users\User\Downloads\objednavka_0011987863.html
2013-12-20 17:05 - 2013-12-20 17:05 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2013-12-20 00:19 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-20 00:19 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-20 00:19 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-20 00:19 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-20 00:18 - 2013-12-31 14:30 - 00014904 _____ C:\Windows\IE11_main.log
2013-12-20 00:15 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-20 00:15 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-20 00:15 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-20 00:15 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-20 00:15 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-20 00:15 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-20 00:15 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-20 00:15 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-20 00:15 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-20 00:15 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-20 00:15 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-20 00:15 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
==================== One Month Modified Files and Folders =======
2014-01-19 02:40 - 2014-01-19 02:38 - 00020839 _____ C:\Users\User\Desktop\FRST.txt
2014-01-19 02:37 - 2014-01-19 02:37 - 00000000 ____D C:\FRST
2014-01-19 02:35 - 2014-01-19 02:35 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2014-01-19 02:34 - 2011-07-21 22:07 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2014-01-19 02:29 - 2014-01-19 02:36 - 02076160 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-01-19 02:29 - 2014-01-19 02:28 - 02076160 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-01-19 02:22 - 2010-03-01 19:46 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 02:11 - 2013-02-28 23:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-19 02:07 - 2010-01-13 19:16 - 01060232 _____ C:\Windows\WindowsUpdate.log
2014-01-18 23:11 - 2009-07-14 05:45 - 00015008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-18 23:11 - 2009-07-14 05:45 - 00015008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-18 23:04 - 2013-10-21 22:03 - 00001859 _____ C:\Windows\setupact.log
2014-01-18 23:04 - 2010-03-01 19:46 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-18 23:04 - 2010-01-13 19:33 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-18 23:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-18 23:02 - 2014-01-18 22:58 - 00000000 ____D C:\AdwCleaner
2014-01-18 23:01 - 2010-06-17 18:01 - 00000000 ____D C:\ProgramData\ICQ
2014-01-18 23:01 - 2010-01-16 22:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-18 22:05 - 2010-01-16 23:03 - 00000000 ____D C:\Users\User\Documents\janniccka
2014-01-18 21:50 - 2014-01-18 21:50 - 00000000 ____D C:\Windows\ERUNT
2014-01-18 21:49 - 2014-01-18 21:49 - 01236282 _____ C:\Users\User\Desktop\adwcleaner.exe
2014-01-18 21:48 - 2014-01-18 21:48 - 01037068 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-01-18 21:20 - 2014-01-18 20:58 - 00000000 ____D C:\rsit
2014-01-18 21:03 - 2014-01-18 20:48 - 00000000 ____D C:\Users\User\Desktop\RK_Quarantine
2014-01-18 20:58 - 2014-01-18 20:58 - 00000000 ____D C:\Program Files\trend micro
2014-01-18 20:57 - 2014-01-18 20:57 - 00935175 _____ C:\Users\User\Downloads\RSITx64.exe
2014-01-18 20:50 - 2014-01-18 20:50 - 00002007 _____ C:\Users\User\Desktop\RKreport[0]_S_01182014_205041.txt
2014-01-18 20:44 - 2014-01-18 20:44 - 03809280 _____ C:\Users\User\Downloads\RogueKiller.exe
2014-01-18 20:33 - 2010-01-16 22:05 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2014-01-18 00:45 - 2014-01-17 19:53 - 1333497856 _____ C:\Users\User\Downloads\Jeune.et.jolie.2013.Jen-.17.DVDRip.XviD.AC3.cz.tit_vlozeny.maNo.avi
2014-01-17 17:40 - 2009-07-14 05:45 - 00422016 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 19:46 - 2010-01-13 20:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 19:44 - 2013-08-18 11:17 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 19:37 - 2010-01-13 19:20 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 19:22 - 2014-01-15 19:22 - 01731072 _____ C:\Users\User\Downloads\blond1.pps
2014-01-15 19:20 - 2014-01-15 19:20 - 05836614 _____ C:\Users\User\Downloads\VĹĄe_je_OK._JeÄ_te_dĂĄl.....avi
2014-01-15 19:03 - 2014-01-15 19:03 - 02522112 _____ C:\Users\User\Downloads\VTIPY-PRO-PLNOLET��.pps
2014-01-15 19:01 - 2014-01-15 19:01 - 03148288 _____ C:\Users\User\Downloads\Hiroshima_ou_DetroitCZ.pps
2014-01-12 20:07 - 2013-12-29 20:32 - 00022883 _____ C:\Users\User\Documents\sportka_2014.xlsx
2014-01-12 13:29 - 2010-01-23 17:01 - 00000000 ____D C:\Users\User\Documents\mamuška
2014-01-11 23:01 - 2013-08-11 15:11 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2014-01-11 15:58 - 2014-01-11 15:50 - 145175030 _____ C:\Users\User\Downloads\Haven.S01E03.Harmony.HDTV.XviD-FQM_PocketPC.avi
2014-01-11 01:42 - 2014-01-11 01:22 - 367476744 _____ C:\Users\User\Downloads\haven.s01e02.hdtv.xvid-fqm.avi
2014-01-11 01:22 - 2014-01-11 01:22 - 00043344 _____ C:\Users\User\Downloads\haven.s01e02.hdtv.xvid-fqm.srt
2014-01-11 00:37 - 2014-01-11 00:37 - 00045778 _____ C:\Users\User\Downloads\haven.s01e01.hdtv.xvid-fqm.srt
2014-01-10 23:36 - 2014-01-10 22:27 - 366875088 _____ C:\Users\User\Downloads\haven.s01e01.hdtv.xvid-fqm.avi
2014-01-10 17:05 - 2014-01-10 17:05 - 00000000 ____D C:\Program Files (x86)\VideoPlayerV3
2014-01-07 19:17 - 2014-01-07 19:17 - 01068544 _____ C:\Users\User\Downloads\Los10AutosMasCaros.pps
2014-01-07 19:13 - 2014-01-07 19:13 - 01088512 _____ C:\Users\User\Downloads\Ktera_ma_hezci_limuzinu.pps
2014-01-07 19:11 - 2014-01-07 19:11 - 02228615 _____ C:\Users\User\Downloads\Vybitá_autobaterie_-_ruské_startování_auta.wmv
2014-01-07 19:06 - 2014-01-07 19:06 - 02973609 _____ C:\Users\User\Downloads\penalta_.wmv
2014-01-02 20:41 - 2014-01-02 20:00 - 733892608 _____ C:\Users\User\Downloads\Příběh-O---The-Story-of-O-CZ.avi
2014-01-02 00:35 - 2010-01-17 01:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Winamp
2014-01-01 17:30 - 2013-12-15 13:44 - 00000000 ____D C:\CDSM
2013-12-31 14:30 - 2013-12-20 00:18 - 00014904 _____ C:\Windows\IE11_main.log
2013-12-30 22:22 - 2013-12-30 22:22 - 01085440 _____ C:\Users\User\Downloads\HARMONOGRAM_2009_2012.xls
2013-12-26 23:26 - 2013-12-26 23:26 - 00000000 ____D C:\Users\User\AppData\Local\Wooky_s.r.o
2013-12-26 23:25 - 2013-12-26 23:25 - 00989787 _____ C:\Users\User\Downloads\Wooky.2.0.0.3.Setup.exe
2013-12-26 23:25 - 2013-12-26 23:25 - 00001153 _____ C:\Users\User\Desktop\Wooky.lnk
2013-12-26 23:25 - 2013-12-26 23:25 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wooky
2013-12-26 23:25 - 2013-12-26 23:25 - 00000000 ____D C:\Users\User\AppData\Local\Mobilbonus
2013-12-26 22:20 - 2013-12-26 21:02 - 729827328 _____ C:\Users\User\Downloads\Popelky-(Lying-to-Be-Perfect)-2010.avi
2013-12-26 20:15 - 2013-12-26 20:15 - 01098296 _____ (LiveSoftAction) C:\Users\User\Downloads\SILVERCREST STK 650 A1 ELECTRIC TEA MAKER user guide provided through czechmanuals.com (1).exe
2013-12-26 20:07 - 2013-12-26 20:07 - 01098296 _____ (LiveSoftAction) C:\Users\User\Downloads\SILVERCREST STK 650 A1 ELECTRIC TEA MAKER user guide provided through czechmanuals.com.exe
2013-12-26 18:38 - 2013-12-26 18:37 - 00003321 _____ C:\Users\User\Downloads\objednavka_0011995530 (1).html
2013-12-26 18:37 - 2013-12-26 18:37 - 00003321 _____ C:\Users\User\Downloads\objednavka_0011995530 (2).html
2013-12-23 18:06 - 2009-07-14 16:18 - 04066754 _____ C:\Windows\system32\perfh005.dat
2013-12-23 18:06 - 2009-07-14 16:18 - 01284290 _____ C:\Windows\system32\perfc005.dat
2013-12-23 18:06 - 2009-07-14 06:13 - 00005632 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-21 22:04 - 2013-12-21 22:04 - 00003321 _____ C:\Users\User\Downloads\objednavka_0011995530.html
2013-12-20 20:14 - 2013-12-20 20:14 - 00004188 _____ C:\Users\User\Downloads\objednavka_0011987863.html
2013-12-20 17:05 - 2013-12-20 17:05 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2013-12-20 08:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-20 07:31 - 2013-10-21 22:03 - 00002394 _____ C:\Windows\PFRO.log
2013-12-20 00:00 - 2013-11-17 21:04 - 00000000 ____D C:\Users\User\AppData\Local\TomTom
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\MyHeritage_Version_7_0_0_7128_Size_37008752.exe
C:\Users\User\AppData\Local\Temp\ntdll_dump.dll
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\Setup1.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: COMODO Antivirus (Enabled - Up to date) {458BB331-2324-0753-3D5F-1472EB102AC0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\User\Desktop" je 174 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by User (administrator) on USER-PC on 19-01-2014 02:38:18
Running from C:\Users\User\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR ReadySHARE\Cloud\bin\lnhttpservice.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
() C:\Genius\ioCentre\gTaskBar.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(MyHeritage) C:\MyHeritage\Bin\FTBCheckUpdates.exe
() C:\Genius\ioCentre\gMouseTask.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Genius\ioCentre\gKbdTask.exe
(TODO: <Company name>) C:\Genius\ioCentre\gIoCentreFunMgm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Companion\companionuser.exe
(forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [118624 2009-07-24] (Microsoft Corporation)
HKLM-x32\...\Run: [ioCentre] - C:\Genius\ioCentre\gTaskBar.exe [60928 2009-09-03] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Family Tree Builder Update] - C:\MyHeritage\Bin\FTBCheckUpdates.exe [2532352 2013-09-09] (MyHeritage)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [] - [x]
AppInit_DLLs: C:\Windows\system32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0D0A270CEB96CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.myheritage.com
URLSearchHook: HKCU - MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files (x86)\Family Toolbar\tbhelper.dll ()
SearchScopes: HKLM-x32 - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms}
SearchScopes: HKCU - DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={se ... chr-comodo
SearchScopes: HKCU - {4F6E540F-23AE-47D7-90A0-A29926AE4FCB} URL = http://search.centrum.cz/index.php?char ... x&kibitz=0
SearchScopes: HKCU - {8AE6F03A-E8DE-4FBB-BDD1-5D6144A7B022} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={se ... chr-comodo
SearchScopes: HKCU - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MHTBPos00 Class - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
BHO-x32: Better Surf Plus - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Video Player - {79c3c480-6692-4bfe-97bb-1c9fb3d67be7} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ie\VideoPlayerV3beta795.dll ()
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Webexp Enhanced - {b58fd3a7-2cf3-40e4-b7c5-81872f0825fb} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ie\WebexpEnhancedV1alpha53.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
Handler: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - No File
Handler-x32: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B99B8F1B-A059-44AC-B563-6B0C69C7F08E}: [NameServer]8.26.56.26,156.154.70.22
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default
FF Homepage: hxxp://us.yahoo.com?fr=fp-comodo
FF DefaultSearchEngine: Yahoo
FF Keyword.URL: hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
FF SelectedSearchEngine: Yahoo
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\MyHeritage.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Adobe DLM (powered by getPlus(R)) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0lbey0h.default\Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010-10-29]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2010-01-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [2010-04-05]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-08]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-08-27]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-02-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-07-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2012-08-23]
FF Extension: Family Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} [2010-02-14]
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha53.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ff
FF Extension: Webexp Enhanced - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ff [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta795.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ff
FF Extension: Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ff [2014-01-10]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Vyhled\u00E1v\u00E1n\u00ED Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (Pen\u011B\u017Eenka Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [bbkgadobmliomlncmhlamenfchpnkkeo] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ch\VideoPlayerV3beta795.crx [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [jbeiobamjhndgjoimahopkdachmaegpj] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ch\WebexpEnhancedV1alpha53.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2013-12-19]
==================== Services (Whitelisted) =================
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
S2 gupdate1cab0e66fdd3a23; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2010-02-18] (Google Inc.)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 nosGetPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll [66112 2010-08-13] (NOS Microsystems Ltd.)
R2 ReadyNAS Remote Http Service; C:\Program Files (x86)\NETGEAR ReadySHARE\Cloud\bin\lnhttpservice.exe [100160 2011-07-19] (NETGEAR)
==================== Drivers (Whitelisted) ====================
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [22736 2012-11-08] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R3 Fwleaf; C:\Windows\System32\DRIVERS\fwleaf.sys [27200 2011-04-08] (NETGEAR)
R3 gHidPnp; C:\Windows\System32\Drivers\gHidPnp.Sys [25088 2009-06-27] ()
R3 gMouUsb; C:\Windows\System32\DRIVERS\gMouUsb.sys [14336 2009-06-25] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69152 2010-08-12] (Lavasoft AB)
R3 leafnets; C:\Windows\System32\DRIVERS\leafnets.sys [29696 2011-05-26] (Leaf Networks)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74240 2011-02-16] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-02-27] ()
S3 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [446152 2009-11-22] (Check Point Software Technologies LTD)
S3 ALSysIO; \??\C:\Users\User\AppData\Local\Temp\ALSysIO64.sys [x]
S3 WPRO_41_1742; system32\drivers\WPRO_41_1742.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-19 02:38 - 2014-01-19 02:40 - 00020839 _____ C:\Users\User\Desktop\FRST.txt
2014-01-19 02:37 - 2014-01-19 02:37 - 00000000 ____D C:\FRST
2014-01-19 02:36 - 2014-01-19 02:29 - 02076160 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-01-19 02:35 - 2014-01-19 02:35 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2014-01-19 02:28 - 2014-01-19 02:29 - 02076160 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-01-18 22:58 - 2014-01-18 23:02 - 00000000 ____D C:\AdwCleaner
2014-01-18 21:50 - 2014-01-18 21:50 - 00000000 ____D C:\Windows\ERUNT
2014-01-18 21:49 - 2014-01-18 21:49 - 01236282 _____ C:\Users\User\Desktop\adwcleaner.exe
2014-01-18 21:48 - 2014-01-18 21:48 - 01037068 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-01-18 20:58 - 2014-01-18 21:20 - 00000000 ____D C:\rsit
2014-01-18 20:58 - 2014-01-18 20:58 - 00000000 ____D C:\Program Files\trend micro
2014-01-18 20:57 - 2014-01-18 20:57 - 00935175 _____ C:\Users\User\Downloads\RSITx64.exe
2014-01-18 20:50 - 2014-01-18 20:50 - 00002007 _____ C:\Users\User\Desktop\RKreport[0]_S_01182014_205041.txt
2014-01-18 20:48 - 2014-01-18 21:03 - 00000000 ____D C:\Users\User\Desktop\RK_Quarantine
2014-01-18 20:44 - 2014-01-18 20:44 - 03809280 _____ C:\Users\User\Downloads\RogueKiller.exe
2014-01-17 19:53 - 2014-01-18 00:45 - 1333497856 _____ C:\Users\User\Downloads\Jeune.et.jolie.2013.Jen-.17.DVDRip.XviD.AC3.cz.tit_vlozeny.maNo.avi
2014-01-15 19:22 - 2014-01-15 19:22 - 01731072 _____ C:\Users\User\Downloads\blond1.pps
2014-01-15 19:20 - 2014-01-15 19:20 - 05836614 _____ C:\Users\User\Downloads\VĹĄe_je_OK._JeÄ_te_dĂĄl.....avi
2014-01-15 19:03 - 2014-01-15 19:03 - 02522112 _____ C:\Users\User\Downloads\VTIPY-PRO-PLNOLET��.pps
2014-01-15 19:01 - 2014-01-15 19:01 - 03148288 _____ C:\Users\User\Downloads\Hiroshima_ou_DetroitCZ.pps
2014-01-15 09:16 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 09:16 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 09:16 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 09:16 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 09:16 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 09:16 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 09:16 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 09:16 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 09:16 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-11 15:50 - 2014-01-11 15:58 - 145175030 _____ C:\Users\User\Downloads\Haven.S01E03.Harmony.HDTV.XviD-FQM_PocketPC.avi
2014-01-11 01:22 - 2014-01-11 01:42 - 367476744 _____ C:\Users\User\Downloads\haven.s01e02.hdtv.xvid-fqm.avi
2014-01-11 01:22 - 2014-01-11 01:22 - 00043344 _____ C:\Users\User\Downloads\haven.s01e02.hdtv.xvid-fqm.srt
2014-01-11 00:37 - 2014-01-11 00:37 - 00045778 _____ C:\Users\User\Downloads\haven.s01e01.hdtv.xvid-fqm.srt
2014-01-10 22:27 - 2014-01-10 23:36 - 366875088 _____ C:\Users\User\Downloads\haven.s01e01.hdtv.xvid-fqm.avi
2014-01-10 17:05 - 2014-01-10 17:05 - 00000000 ____D C:\Program Files (x86)\VideoPlayerV3
2014-01-07 19:17 - 2014-01-07 19:17 - 01068544 _____ C:\Users\User\Downloads\Los10AutosMasCaros.pps
2014-01-07 19:13 - 2014-01-07 19:13 - 01088512 _____ C:\Users\User\Downloads\Ktera_ma_hezci_limuzinu.pps
2014-01-07 19:11 - 2014-01-07 19:11 - 02228615 _____ C:\Users\User\Downloads\Vybitá_autobaterie_-_ruské_startování_auta.wmv
2014-01-07 19:06 - 2014-01-07 19:06 - 02973609 _____ C:\Users\User\Downloads\penalta_.wmv
2014-01-02 20:00 - 2014-01-02 20:41 - 733892608 _____ C:\Users\User\Downloads\Příběh-O---The-Story-of-O-CZ.avi
2013-12-30 22:22 - 2013-12-30 22:22 - 01085440 _____ C:\Users\User\Downloads\HARMONOGRAM_2009_2012.xls
2013-12-29 20:32 - 2014-01-12 20:07 - 00022883 _____ C:\Users\User\Documents\sportka_2014.xlsx
2013-12-26 23:26 - 2013-12-26 23:26 - 00000000 ____D C:\Users\User\AppData\Local\Wooky_s.r.o
2013-12-26 23:25 - 2013-12-26 23:25 - 00989787 _____ C:\Users\User\Downloads\Wooky.2.0.0.3.Setup.exe
2013-12-26 23:25 - 2013-12-26 23:25 - 00001153 _____ C:\Users\User\Desktop\Wooky.lnk
2013-12-26 23:25 - 2013-12-26 23:25 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wooky
2013-12-26 23:25 - 2013-12-26 23:25 - 00000000 ____D C:\Users\User\AppData\Local\Mobilbonus
2013-12-26 21:02 - 2013-12-26 22:20 - 729827328 _____ C:\Users\User\Downloads\Popelky-(Lying-to-Be-Perfect)-2010.avi
2013-12-26 20:15 - 2013-12-26 20:15 - 01098296 _____ (LiveSoftAction) C:\Users\User\Downloads\SILVERCREST STK 650 A1 ELECTRIC TEA MAKER user guide provided through czechmanuals.com (1).exe
2013-12-26 20:07 - 2013-12-26 20:07 - 01098296 _____ (LiveSoftAction) C:\Users\User\Downloads\SILVERCREST STK 650 A1 ELECTRIC TEA MAKER user guide provided through czechmanuals.com.exe
2013-12-26 18:37 - 2013-12-26 18:38 - 00003321 _____ C:\Users\User\Downloads\objednavka_0011995530 (1).html
2013-12-26 18:37 - 2013-12-26 18:37 - 00003321 _____ C:\Users\User\Downloads\objednavka_0011995530 (2).html
2013-12-21 22:04 - 2013-12-21 22:04 - 00003321 _____ C:\Users\User\Downloads\objednavka_0011995530.html
2013-12-20 20:14 - 2013-12-20 20:14 - 00004188 _____ C:\Users\User\Downloads\objednavka_0011987863.html
2013-12-20 17:05 - 2013-12-20 17:05 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2013-12-20 00:19 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-20 00:19 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-20 00:19 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-20 00:19 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-20 00:18 - 2013-12-31 14:30 - 00014904 _____ C:\Windows\IE11_main.log
2013-12-20 00:15 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-20 00:15 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-20 00:15 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-20 00:15 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-20 00:15 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-20 00:15 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-20 00:15 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-20 00:15 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-20 00:15 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-20 00:15 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-20 00:15 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-20 00:15 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-20 00:15 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-20 00:15 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
==================== One Month Modified Files and Folders =======
2014-01-19 02:40 - 2014-01-19 02:38 - 00020839 _____ C:\Users\User\Desktop\FRST.txt
2014-01-19 02:37 - 2014-01-19 02:37 - 00000000 ____D C:\FRST
2014-01-19 02:35 - 2014-01-19 02:35 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2014-01-19 02:34 - 2011-07-21 22:07 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2014-01-19 02:29 - 2014-01-19 02:36 - 02076160 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-01-19 02:29 - 2014-01-19 02:28 - 02076160 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-01-19 02:22 - 2010-03-01 19:46 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 02:11 - 2013-02-28 23:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-19 02:07 - 2010-01-13 19:16 - 01060232 _____ C:\Windows\WindowsUpdate.log
2014-01-18 23:11 - 2009-07-14 05:45 - 00015008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-18 23:11 - 2009-07-14 05:45 - 00015008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-18 23:04 - 2013-10-21 22:03 - 00001859 _____ C:\Windows\setupact.log
2014-01-18 23:04 - 2010-03-01 19:46 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-18 23:04 - 2010-01-13 19:33 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-18 23:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-18 23:02 - 2014-01-18 22:58 - 00000000 ____D C:\AdwCleaner
2014-01-18 23:01 - 2010-06-17 18:01 - 00000000 ____D C:\ProgramData\ICQ
2014-01-18 23:01 - 2010-01-16 22:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-18 22:05 - 2010-01-16 23:03 - 00000000 ____D C:\Users\User\Documents\janniccka
2014-01-18 21:50 - 2014-01-18 21:50 - 00000000 ____D C:\Windows\ERUNT
2014-01-18 21:49 - 2014-01-18 21:49 - 01236282 _____ C:\Users\User\Desktop\adwcleaner.exe
2014-01-18 21:48 - 2014-01-18 21:48 - 01037068 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-01-18 21:20 - 2014-01-18 20:58 - 00000000 ____D C:\rsit
2014-01-18 21:03 - 2014-01-18 20:48 - 00000000 ____D C:\Users\User\Desktop\RK_Quarantine
2014-01-18 20:58 - 2014-01-18 20:58 - 00000000 ____D C:\Program Files\trend micro
2014-01-18 20:57 - 2014-01-18 20:57 - 00935175 _____ C:\Users\User\Downloads\RSITx64.exe
2014-01-18 20:50 - 2014-01-18 20:50 - 00002007 _____ C:\Users\User\Desktop\RKreport[0]_S_01182014_205041.txt
2014-01-18 20:44 - 2014-01-18 20:44 - 03809280 _____ C:\Users\User\Downloads\RogueKiller.exe
2014-01-18 20:33 - 2010-01-16 22:05 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2014-01-18 00:45 - 2014-01-17 19:53 - 1333497856 _____ C:\Users\User\Downloads\Jeune.et.jolie.2013.Jen-.17.DVDRip.XviD.AC3.cz.tit_vlozeny.maNo.avi
2014-01-17 17:40 - 2009-07-14 05:45 - 00422016 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 19:46 - 2010-01-13 20:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 19:44 - 2013-08-18 11:17 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 19:37 - 2010-01-13 19:20 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 19:22 - 2014-01-15 19:22 - 01731072 _____ C:\Users\User\Downloads\blond1.pps
2014-01-15 19:20 - 2014-01-15 19:20 - 05836614 _____ C:\Users\User\Downloads\VĹĄe_je_OK._JeÄ_te_dĂĄl.....avi
2014-01-15 19:03 - 2014-01-15 19:03 - 02522112 _____ C:\Users\User\Downloads\VTIPY-PRO-PLNOLET��.pps
2014-01-15 19:01 - 2014-01-15 19:01 - 03148288 _____ C:\Users\User\Downloads\Hiroshima_ou_DetroitCZ.pps
2014-01-12 20:07 - 2013-12-29 20:32 - 00022883 _____ C:\Users\User\Documents\sportka_2014.xlsx
2014-01-12 13:29 - 2010-01-23 17:01 - 00000000 ____D C:\Users\User\Documents\mamuška
2014-01-11 23:01 - 2013-08-11 15:11 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2014-01-11 15:58 - 2014-01-11 15:50 - 145175030 _____ C:\Users\User\Downloads\Haven.S01E03.Harmony.HDTV.XviD-FQM_PocketPC.avi
2014-01-11 01:42 - 2014-01-11 01:22 - 367476744 _____ C:\Users\User\Downloads\haven.s01e02.hdtv.xvid-fqm.avi
2014-01-11 01:22 - 2014-01-11 01:22 - 00043344 _____ C:\Users\User\Downloads\haven.s01e02.hdtv.xvid-fqm.srt
2014-01-11 00:37 - 2014-01-11 00:37 - 00045778 _____ C:\Users\User\Downloads\haven.s01e01.hdtv.xvid-fqm.srt
2014-01-10 23:36 - 2014-01-10 22:27 - 366875088 _____ C:\Users\User\Downloads\haven.s01e01.hdtv.xvid-fqm.avi
2014-01-10 17:05 - 2014-01-10 17:05 - 00000000 ____D C:\Program Files (x86)\VideoPlayerV3
2014-01-07 19:17 - 2014-01-07 19:17 - 01068544 _____ C:\Users\User\Downloads\Los10AutosMasCaros.pps
2014-01-07 19:13 - 2014-01-07 19:13 - 01088512 _____ C:\Users\User\Downloads\Ktera_ma_hezci_limuzinu.pps
2014-01-07 19:11 - 2014-01-07 19:11 - 02228615 _____ C:\Users\User\Downloads\Vybitá_autobaterie_-_ruské_startování_auta.wmv
2014-01-07 19:06 - 2014-01-07 19:06 - 02973609 _____ C:\Users\User\Downloads\penalta_.wmv
2014-01-02 20:41 - 2014-01-02 20:00 - 733892608 _____ C:\Users\User\Downloads\Příběh-O---The-Story-of-O-CZ.avi
2014-01-02 00:35 - 2010-01-17 01:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Winamp
2014-01-01 17:30 - 2013-12-15 13:44 - 00000000 ____D C:\CDSM
2013-12-31 14:30 - 2013-12-20 00:18 - 00014904 _____ C:\Windows\IE11_main.log
2013-12-30 22:22 - 2013-12-30 22:22 - 01085440 _____ C:\Users\User\Downloads\HARMONOGRAM_2009_2012.xls
2013-12-26 23:26 - 2013-12-26 23:26 - 00000000 ____D C:\Users\User\AppData\Local\Wooky_s.r.o
2013-12-26 23:25 - 2013-12-26 23:25 - 00989787 _____ C:\Users\User\Downloads\Wooky.2.0.0.3.Setup.exe
2013-12-26 23:25 - 2013-12-26 23:25 - 00001153 _____ C:\Users\User\Desktop\Wooky.lnk
2013-12-26 23:25 - 2013-12-26 23:25 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wooky
2013-12-26 23:25 - 2013-12-26 23:25 - 00000000 ____D C:\Users\User\AppData\Local\Mobilbonus
2013-12-26 22:20 - 2013-12-26 21:02 - 729827328 _____ C:\Users\User\Downloads\Popelky-(Lying-to-Be-Perfect)-2010.avi
2013-12-26 20:15 - 2013-12-26 20:15 - 01098296 _____ (LiveSoftAction) C:\Users\User\Downloads\SILVERCREST STK 650 A1 ELECTRIC TEA MAKER user guide provided through czechmanuals.com (1).exe
2013-12-26 20:07 - 2013-12-26 20:07 - 01098296 _____ (LiveSoftAction) C:\Users\User\Downloads\SILVERCREST STK 650 A1 ELECTRIC TEA MAKER user guide provided through czechmanuals.com.exe
2013-12-26 18:38 - 2013-12-26 18:37 - 00003321 _____ C:\Users\User\Downloads\objednavka_0011995530 (1).html
2013-12-26 18:37 - 2013-12-26 18:37 - 00003321 _____ C:\Users\User\Downloads\objednavka_0011995530 (2).html
2013-12-23 18:06 - 2009-07-14 16:18 - 04066754 _____ C:\Windows\system32\perfh005.dat
2013-12-23 18:06 - 2009-07-14 16:18 - 01284290 _____ C:\Windows\system32\perfc005.dat
2013-12-23 18:06 - 2009-07-14 06:13 - 00005632 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-21 22:04 - 2013-12-21 22:04 - 00003321 _____ C:\Users\User\Downloads\objednavka_0011995530.html
2013-12-20 20:14 - 2013-12-20 20:14 - 00004188 _____ C:\Users\User\Downloads\objednavka_0011987863.html
2013-12-20 17:05 - 2013-12-20 17:05 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2013-12-20 08:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-20 07:31 - 2013-10-21 22:03 - 00002394 _____ C:\Windows\PFRO.log
2013-12-20 00:00 - 2013-11-17 21:04 - 00000000 ____D C:\Users\User\AppData\Local\TomTom
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\MyHeritage_Version_7_0_0_7128_Size_37008752.exe
C:\Users\User\AppData\Local\Temp\ntdll_dump.dll
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\Setup1.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: COMODO Antivirus (Enabled - Up to date) {458BB331-2324-0753-3D5F-1472EB102AC0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\User\Desktop" je 174 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (7.11 KiB) Staženo 18 x
Re: vyskakující reklamy, PV
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Family Tree Builder Update] - C:\MyHeritage\Bin\FTBCheckUpdates.exe [2532352 2013-09-09] (MyHeritage) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKCU\...\Run: [] - [x] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0D0A270CEB96CA01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.myheritage.com URLSearchHook: HKCU - MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files (x86)\Family Toolbar\tbhelper.dll () SearchScopes: HKLM-x32 - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms} SearchScopes: HKCU - DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo SearchScopes: HKCU - {4F6E540F-23AE-47D7-90A0-A29926AE4FCB} URL = http://search.centrum.cz/index.php?charset=utf-8&q={searchTerms}&mt=2&mts=1&sec=mix&kibitz=0 SearchScopes: HKCU - {8AE6F03A-E8DE-4FBB-BDD1-5D6144A7B022} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194 SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo SearchScopes: HKCU - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms} BHO-x32: MHTBPos00 Class - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll () BHO-x32: Better Surf Plus - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll No File BHO-x32: Video Player - {79c3c480-6692-4bfe-97bb-1c9fb3d67be7} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ie\VideoPlayerV3beta795.dll () BHO-x32: Webexp Enhanced - {b58fd3a7-2cf3-40e4-b7c5-81872f0825fb} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ie\WebexpEnhancedV1alpha53.dll () Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Handler: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - No File FF Homepage: hxxp://us.yahoo.com?fr=fp-comodo FF DefaultSearchEngine: Yahoo FF Keyword.URL: hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p= FF SelectedSearchEngine: Yahoo FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha53.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ff FF Extension: Webexp Enhanced - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ff [2013-12-20] FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta795.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ff FF Extension: Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ff [2014-01-10] CHR HKLM-x32\...\Chrome\Extension: [bbkgadobmliomlncmhlamenfchpnkkeo] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ch\VideoPlayerV3beta795.crx [2011-12-15] CHR HKLM-x32\...\Chrome\Extension: [jbeiobamjhndgjoimahopkdachmaegpj] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ch\WebexpEnhancedV1alpha53.crx [2013-12-19] CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2013-12-19] C:\Program Files (x86)\VideoPlayerV3 C:\Program Files (x86)\WebexpEnhancedV1 C:\Program Files (x86)\BetterSurf 2014-01-19 02:35 - 2014-01-19 02:35 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe 2014-01-19 02:28 - 2014-01-19 02:29 - 02076160 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2014-01-18 21:49 - 2014-01-18 21:49 - 01236282 _____ C:\Users\User\Desktop\adwcleaner.exe 2014-01-18 21:48 - 2014-01-18 21:48 - 01037068 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe 2014-01-18 20:57 - 2014-01-18 20:57 - 00935175 _____ C:\Users\User\Downloads\RSITx64.exe 2014-01-18 20:50 - 2014-01-18 20:50 - 00002007 _____ C:\Users\User\Desktop\RKreport[0]_S_01182014_205041.txt 2014-01-18 20:48 - 2014-01-18 21:03 - 00000000 ____D C:\Users\User\Desktop\RK_Quarantine 2014-01-18 20:44 - 2014-01-18 20:44 - 03809280 _____ C:\Users\User\Downloads\RogueKiller.exe C:\Users\User\AppData\Local\Temp\MyHeritage_Version_7_0_0_7128_Size_37008752.exe C:\Users\User\AppData\Local\Temp\ntdll_dump.dll C:\Users\User\AppData\Local\Temp\Quarantine.exe C:\Users\User\AppData\Local\Temp\Setup1.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f DisableService: gupdate1cab0e66fdd3a23 Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: vyskakující reklamy, PV
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2014 04
Ran by User at 2014-01-20 18:16:00 Run:1
Running from C:\Users\User\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Family Tree Builder Update] - C:\MyHeritage\Bin\FTBCheckUpdates.exe [2532352 2013-09-09] (MyHeritage)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [] - [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0D0A270CEB96CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.myheritage.com
URLSearchHook: HKCU - MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files (x86)\Family Toolbar\tbhelper.dll ()
SearchScopes: HKLM-x32 - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms}
SearchScopes: HKCU - DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={se ... chr-comodo
SearchScopes: HKCU - {4F6E540F-23AE-47D7-90A0-A29926AE4FCB} URL = http://search.centrum.cz/index.php?char ... x&kibitz=0
SearchScopes: HKCU - {8AE6F03A-E8DE-4FBB-BDD1-5D6144A7B022} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={se ... chr-comodo
SearchScopes: HKCU - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms}
BHO-x32: MHTBPos00 Class - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
BHO-x32: Better Surf Plus - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll No File
BHO-x32: Video Player - {79c3c480-6692-4bfe-97bb-1c9fb3d67be7} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ie\VideoPlayerV3beta795.dll ()
BHO-x32: Webexp Enhanced - {b58fd3a7-2cf3-40e4-b7c5-81872f0825fb} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ie\WebexpEnhancedV1alpha53.dll ()
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - No File
FF Homepage: hxxp://us.yahoo.com?fr=fp-comodo
FF DefaultSearchEngine: Yahoo
FF Keyword.URL: hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
FF SelectedSearchEngine: Yahoo
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha53.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ff
FF Extension: Webexp Enhanced - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ff [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta795.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ff
FF Extension: Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ff [2014-01-10]
CHR HKLM-x32\...\Chrome\Extension: [bbkgadobmliomlncmhlamenfchpnkkeo] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ch\VideoPlayerV3beta795.crx [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [jbeiobamjhndgjoimahopkdachmaegpj] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ch\WebexpEnhancedV1alpha53.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2013-12-19]
C:\Program Files (x86)\VideoPlayerV3
C:\Program Files (x86)\WebexpEnhancedV1
C:\Program Files (x86)\BetterSurf
2014-01-19 02:35 - 2014-01-19 02:35 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2014-01-19 02:28 - 2014-01-19 02:29 - 02076160 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-01-18 21:49 - 2014-01-18 21:49 - 01236282 _____ C:\Users\User\Desktop\adwcleaner.exe
2014-01-18 21:48 - 2014-01-18 21:48 - 01037068 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-01-18 20:57 - 2014-01-18 20:57 - 00935175 _____ C:\Users\User\Downloads\RSITx64.exe
2014-01-18 20:50 - 2014-01-18 20:50 - 00002007 _____ C:\Users\User\Desktop\RKreport[0]_S_01182014_205041.txt
2014-01-18 20:48 - 2014-01-18 21:03 - 00000000 ____D C:\Users\User\Desktop\RK_Quarantine
2014-01-18 20:44 - 2014-01-18 20:44 - 03809280 _____ C:\Users\User\Downloads\RogueKiller.exe
C:\Users\User\AppData\Local\Temp\MyHeritage_Version_7_0_0_7128_Size_37008752.exe
C:\Users\User\AppData\Local\Temp\ntdll_dump.dll
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\Setup1.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f
DisableService: gupdate1cab0e66fdd3a23
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Family Tree Builder Update => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4F6E540F-23AE-47D7-90A0-A29926AE4FCB} => Key deleted successfully.
HKCR\CLSID\{4F6E540F-23AE-47D7-90A0-A29926AE4FCB} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8AE6F03A-E8DE-4FBB-BDD1-5D6144A7B022} => Key deleted successfully.
HKCR\CLSID\{8AE6F03A-E8DE-4FBB-BDD1-5D6144A7B022} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A} => Key deleted successfully.
HKCR\CLSID\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} => Key deleted successfully.
HKCR\CLSID\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0C37B053-FD68-456a-82E1-D788EE342E6F} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1824FF90-C98E-48A6-838F-E3B6572B0C77} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79c3c480-6692-4bfe-97bb-1c9fb3d67be7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{79c3c480-6692-4bfe-97bb-1c9fb3d67be7} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b58fd3a7-2cf3-40e4-b7c5-81872f0825fb} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{b58fd3a7-2cf3-40e4-b7c5-81872f0825fb} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKCR\PROTOCOLS\Handler\leaf => Key deleted successfully.
HKCR\CLSID\{3c4a8a13-029e-430d-b8c1-46e834d20b31} => Key not found.
Firefox homepage deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox Keyword.URL deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@bettersurfplus.com => Value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha53.net => Value deleted successfully.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ff => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@VideoPlayerV3beta795.net => Value deleted successfully.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ff => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbkgadobmliomlncmhlamenfchpnkkeo => Key deleted successfully.
"C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ch\VideoPlayerV3beta795.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbeiobamjhndgjoimahopkdachmaegpj => Key deleted successfully.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ch\WebexpEnhancedV1alpha53.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl => Key deleted successfully.
"C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx" => File/Directory not found.
C:\Program Files (x86)\VideoPlayerV3 => Moved successfully.
C:\Program Files (x86)\WebexpEnhancedV1 => Moved successfully.
"C:\Program Files (x86)\BetterSurf" => File/Directory not found.
"C:\Users\User\Desktop\FRSTLauncher.exe" => File/Directory not found.
C:\Users\User\Downloads\FRST64.exe => Moved successfully.
C:\Users\User\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\User\Desktop\JRT.exe => Moved successfully.
C:\Users\User\Downloads\RSITx64.exe => Moved successfully.
C:\Users\User\Desktop\RKreport[0]_S_01182014_205041.txt => Moved successfully.
C:\Users\User\Desktop\RK_Quarantine => Moved successfully.
C:\Users\User\Downloads\RogueKiller.exe => Moved successfully.
C:\Users\User\AppData\Local\Temp\MyHeritage_Version_7_0_0_7128_Size_37008752.exe => Moved successfully.
C:\Users\User\AppData\Local\Temp\ntdll_dump.dll => Moved successfully.
C:\Users\User\AppData\Local\Temp\Quarantine.exe => Moved successfully.
"C:\Users\User\AppData\Local\Temp\Setup1.exe" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
gupdate1cab0e66fdd3a23 service was disabled
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Ran by User at 2014-01-20 18:16:00 Run:1
Running from C:\Users\User\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Family Tree Builder Update] - C:\MyHeritage\Bin\FTBCheckUpdates.exe [2532352 2013-09-09] (MyHeritage)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [] - [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0D0A270CEB96CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.myheritage.com
URLSearchHook: HKCU - MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files (x86)\Family Toolbar\tbhelper.dll ()
SearchScopes: HKLM-x32 - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms}
SearchScopes: HKCU - DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={se ... chr-comodo
SearchScopes: HKCU - {4F6E540F-23AE-47D7-90A0-A29926AE4FCB} URL = http://search.centrum.cz/index.php?char ... x&kibitz=0
SearchScopes: HKCU - {8AE6F03A-E8DE-4FBB-BDD1-5D6144A7B022} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={se ... chr-comodo
SearchScopes: HKCU - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms}
BHO-x32: MHTBPos00 Class - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
BHO-x32: Better Surf Plus - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll No File
BHO-x32: Video Player - {79c3c480-6692-4bfe-97bb-1c9fb3d67be7} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ie\VideoPlayerV3beta795.dll ()
BHO-x32: Webexp Enhanced - {b58fd3a7-2cf3-40e4-b7c5-81872f0825fb} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ie\WebexpEnhancedV1alpha53.dll ()
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - No File
FF Homepage: hxxp://us.yahoo.com?fr=fp-comodo
FF DefaultSearchEngine: Yahoo
FF Keyword.URL: hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
FF SelectedSearchEngine: Yahoo
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha53.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ff
FF Extension: Webexp Enhanced - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ff [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta795.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ff
FF Extension: Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ff [2014-01-10]
CHR HKLM-x32\...\Chrome\Extension: [bbkgadobmliomlncmhlamenfchpnkkeo] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ch\VideoPlayerV3beta795.crx [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [jbeiobamjhndgjoimahopkdachmaegpj] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ch\WebexpEnhancedV1alpha53.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2013-12-19]
C:\Program Files (x86)\VideoPlayerV3
C:\Program Files (x86)\WebexpEnhancedV1
C:\Program Files (x86)\BetterSurf
2014-01-19 02:35 - 2014-01-19 02:35 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2014-01-19 02:28 - 2014-01-19 02:29 - 02076160 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-01-18 21:49 - 2014-01-18 21:49 - 01236282 _____ C:\Users\User\Desktop\adwcleaner.exe
2014-01-18 21:48 - 2014-01-18 21:48 - 01037068 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-01-18 20:57 - 2014-01-18 20:57 - 00935175 _____ C:\Users\User\Downloads\RSITx64.exe
2014-01-18 20:50 - 2014-01-18 20:50 - 00002007 _____ C:\Users\User\Desktop\RKreport[0]_S_01182014_205041.txt
2014-01-18 20:48 - 2014-01-18 21:03 - 00000000 ____D C:\Users\User\Desktop\RK_Quarantine
2014-01-18 20:44 - 2014-01-18 20:44 - 03809280 _____ C:\Users\User\Downloads\RogueKiller.exe
C:\Users\User\AppData\Local\Temp\MyHeritage_Version_7_0_0_7128_Size_37008752.exe
C:\Users\User\AppData\Local\Temp\ntdll_dump.dll
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\Setup1.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f
DisableService: gupdate1cab0e66fdd3a23
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Family Tree Builder Update => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4F6E540F-23AE-47D7-90A0-A29926AE4FCB} => Key deleted successfully.
HKCR\CLSID\{4F6E540F-23AE-47D7-90A0-A29926AE4FCB} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8AE6F03A-E8DE-4FBB-BDD1-5D6144A7B022} => Key deleted successfully.
HKCR\CLSID\{8AE6F03A-E8DE-4FBB-BDD1-5D6144A7B022} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A} => Key deleted successfully.
HKCR\CLSID\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} => Key deleted successfully.
HKCR\CLSID\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0C37B053-FD68-456a-82E1-D788EE342E6F} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1824FF90-C98E-48A6-838F-E3B6572B0C77} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79c3c480-6692-4bfe-97bb-1c9fb3d67be7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{79c3c480-6692-4bfe-97bb-1c9fb3d67be7} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b58fd3a7-2cf3-40e4-b7c5-81872f0825fb} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{b58fd3a7-2cf3-40e4-b7c5-81872f0825fb} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKCR\PROTOCOLS\Handler\leaf => Key deleted successfully.
HKCR\CLSID\{3c4a8a13-029e-430d-b8c1-46e834d20b31} => Key not found.
Firefox homepage deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox Keyword.URL deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@bettersurfplus.com => Value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha53.net => Value deleted successfully.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ff => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@VideoPlayerV3beta795.net => Value deleted successfully.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ff => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbkgadobmliomlncmhlamenfchpnkkeo => Key deleted successfully.
"C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta795\ch\VideoPlayerV3beta795.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbeiobamjhndgjoimahopkdachmaegpj => Key deleted successfully.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha53\ch\WebexpEnhancedV1alpha53.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl => Key deleted successfully.
"C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx" => File/Directory not found.
C:\Program Files (x86)\VideoPlayerV3 => Moved successfully.
C:\Program Files (x86)\WebexpEnhancedV1 => Moved successfully.
"C:\Program Files (x86)\BetterSurf" => File/Directory not found.
"C:\Users\User\Desktop\FRSTLauncher.exe" => File/Directory not found.
C:\Users\User\Downloads\FRST64.exe => Moved successfully.
C:\Users\User\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\User\Desktop\JRT.exe => Moved successfully.
C:\Users\User\Downloads\RSITx64.exe => Moved successfully.
C:\Users\User\Desktop\RKreport[0]_S_01182014_205041.txt => Moved successfully.
C:\Users\User\Desktop\RK_Quarantine => Moved successfully.
C:\Users\User\Downloads\RogueKiller.exe => Moved successfully.
C:\Users\User\AppData\Local\Temp\MyHeritage_Version_7_0_0_7128_Size_37008752.exe => Moved successfully.
C:\Users\User\AppData\Local\Temp\ntdll_dump.dll => Moved successfully.
C:\Users\User\AppData\Local\Temp\Quarantine.exe => Moved successfully.
"C:\Users\User\AppData\Local\Temp\Setup1.exe" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
gupdate1cab0e66fdd3a23 service was disabled
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: vyskakující reklamy, PV
Jak se chova PC??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: vyskakující reklamy, PV
reklamy už nevyskakují, PV se taky už neobjevil.... PC vypadá ok
Re: vyskakující reklamy, PV
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: vyskakující reklamy, PV
Moc Vám děkuji za pomoc a přeji hezký večer!
Re: vyskakující reklamy, PV
Zase nekdy 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?