Stále mi vyskakuje okno, že se můj pc snaží napadnout vir. Prosím o pomoc.
LOG:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Reichlovi at 2014-07-09 19:33:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 4 GB (1%) free of 286 GB
Total RAM: 4008 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:33:49, on 9.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\Users\Reichlovi\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe
C:\Users\Reichlovi\AppData\Local\Viber\Viber.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\trend micro\Reichlovi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: GomPicker - {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKCU\..\Run: [Google Update] "C:\Users\Reichlovi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Reichlovi\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Reichlovi\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"
O4 - HKCU\..\Run: [Viber] "C:\Users\Reichlovi\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: MobileGo Service.lnk = C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15700 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
taskeng.exe {FCF30C8C-CE99-4323-B910-E61611D4C753}
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {15CF3AA4-7E30-46C2-9114-ED74130F8219}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Reichlovi\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"
"C:\Users\Reichlovi\AppData\Local\Viber\Viber.exe" StartMinimized
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\Trend Micro\Titanium\TiMiniService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Windows\AsScrPro.exe"
"C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe"
\??\C:\Windows\system32\conhost.exe "1763061919-1405690686623806966-17531594286694295671034617331-469629431-621652167
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
WLIDSvcM.exe 2976
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
WDC.exe
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6f1e63cc-638a-470d-9f2b-9f55dcb51b2a -SystemEventPortName:HostProcess-30113d9c-4e28-45d8-b0ad-d2d251191b71 -IoCancelEventPortName:HostProcess-b4b5a636-e624-4bf2-bc8e-f8de398d7c6a -NonStateChangingEventPortName:HostProcess-97bf4612-a56b-47d0-a1f8-4e6ade6d56b5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0ba08fb4-ca8e-4236-9711-aa8205b4def5 -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Windows\system32\wuauclt.exe"
"C:\Users\Reichlovi\Desktop\RSITx64(1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4126292724-816047313-1187439271-1001Core.job - C:\Users\Reichlovi\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4126292724-816047313-1187439271-1001UA.job - C:\Users\Reichlovi\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4126292724-816047313-1187439271-1001Core.job - C:\Users\Reichlovi\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4126292724-816047313-1187439271-1001UA.job - C:\Users\Reichlovi\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\s1c4vp0j.default
prefs.js - "browser.search.useDBForOrder" - "false"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npwachk.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\s1c4vp0j.default\extensions\
matchersite@matchersite.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\s1c4vp0j.default\searchplugins\
conduit.xml
default-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17 235344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-07 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll [2010-09-17 264528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-17 185680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{259F616C-A300-44F5-B04A-ED001A26C85C}]
Solid Converter PDF - C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll [2006-11-02 259584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
SMART Notebook Download Utility - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll [2013-11-27 375600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-30 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-07 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17 234832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-30 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0181C6E-9218-4792-9F3C-E8DF52B2F1AC}]
GretechBHO Class - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll [2011-12-14 1184888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{259F616C-A300-44F5-B04A-ED001A26C85C} - Solid Converter PDF - C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll [2006-11-02 259584]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VizorHtmlDialog.exe"=C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [2010-10-08 1123664]
"Trend Micro Client Framework"=C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [2010-10-12 192520]
"Trend Micro Titanium"=C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [2010-09-17 322384]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-03-01 2189416]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-08-11 324096]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-12-13 2587944]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-07-28 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-07-28 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-07-28 416024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Reichlovi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-24 136176]
"Facebook Update"=C:\Users\Reichlovi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13 138096]
"AdobeBridge"= []
"BitTorrent"=C:\Users\Reichlovi\AppData\Roaming\BitTorrent\BitTorrent.exe [2014-07-03 1267032]
"BlazeServoTool"=C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [2010-03-06 286720]
"Viber"=C:\Users\Reichlovi\AppData\Local\Viber\Viber.exe [2013-12-02 936456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-10-23 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-04 11780712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [2011-02-23 731472]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2011-12-09 74752]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2010-04-12 180224]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-07 4086432]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe
MobileGo Service.lnk - C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-07-26 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-07-09 19:31:37 ----D---- C:\FRST
2014-07-07 18:42:38 ----D---- C:\Users\Reichlovi\AppData\Roaming\DropboxMaster
2014-07-07 18:42:04 ----D---- C:\Users\Reichlovi\AppData\Roaming\Dropbox
2014-07-07 18:25:32 ----A---- C:\Windows\avastSS.scr
2014-06-26 15:11:05 ----HDC---- C:\ProgramData\{43A86A90-A136-405D-A747-686C01CD999B}
2014-06-26 15:11:00 ----D---- C:\Program Files (x86)\Multiple Image Resizer .NET 4
2014-06-26 15:09:35 ----D---- C:\Program Files (x86)\MyPC Backup
2014-06-26 14:01:38 ----D---- C:\ProgramData\Nikon
2014-06-26 09:36:38 ----A---- C:\Windows\ViewNX2.INI
2014-06-26 09:17:16 ----D---- C:\Users\Reichlovi\AppData\Roaming\Nikon
2014-06-26 09:13:25 ----D---- C:\Program Files (x86)\ArcSoft
2014-06-26 09:11:21 ----D---- C:\Users\Reichlovi\AppData\Roaming\ArcSoft
2014-06-26 09:07:26 ----D---- C:\Windows\Downloaded Installations
2014-06-26 09:07:00 ----H---- C:\ProgramData\PKP_DLes.DAT
2014-06-26 09:07:00 ----D---- C:\ProgramData\Pick Bass
2014-06-26 09:06:13 ----D---- C:\Program Files\Common Files\Nikon
2014-06-26 09:06:13 ----D---- C:\Program Files (x86)\Nikon
2014-06-26 09:06:11 ----D---- C:\Program Files\Nikon
2014-06-26 09:06:09 ----A---- C:\Windows\SYSWOW64\ATL71.DLL
2014-06-26 09:05:58 ----H---- C:\ProgramData\PKP_DLev.DAT
2014-06-26 09:05:58 ----H---- C:\ProgramData\PKP_DLet.DAT
2014-06-26 09:05:58 ----D---- C:\ProgramData\Percussion Kit
2014-06-26 09:05:15 ----D---- C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
2014-06-26 09:02:53 ----H---- C:\ProgramData\PKP_DLeo.DAT
2014-06-26 09:02:53 ----D---- C:\ProgramData\Ultima_T15
2014-06-26 09:02:53 ----D---- C:\ProgramData\Tuner
2014-06-26 09:02:53 ----D---- C:\ProgramData\EnterNHelp
2014-06-25 11:31:35 ----D---- C:\Users\Reichlovi\AppData\Roaming\TeamViewer
2014-06-25 11:31:28 ----D---- C:\Program Files (x86)\TeamViewer
2014-06-25 08:25:47 ----D---- C:\ProgramData\Steam
2014-06-25 07:57:36 ----D---- C:\Program Files (x86)\F1 2013
2014-06-12 01:45:19 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-06-11 16:50:01 ----D---- C:\Program Files (x86)\SiteLookup
2014-06-11 16:49:53 ----D---- C:\Users\Reichlovi\AppData\Roaming\SimilarSites
2014-06-11 16:49:26 ----D---- C:\Program Files (x86)\Linkey
2014-06-11 16:49:05 ----D---- C:\Users\Reichlovi\AppData\Roaming\AVG
2014-06-11 16:48:42 ----D---- C:\ProgramData\AVG
2014-06-11 16:48:22 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-11 16:47:54 ----D---- C:\Users\Reichlovi\AppData\Roaming\OpenCandy
2014-06-11 07:31:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-06-11 07:31:15 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-06-11 07:31:15 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-06-11 07:31:14 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-06-11 07:31:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-06-11 07:31:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-06-11 07:31:14 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-11 07:31:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-06-11 07:31:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 07:31:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-06-11 07:31:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-06-11 07:31:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-06-11 07:31:12 ----A---- C:\Windows\system32\urlmon.dll
2014-06-11 07:31:11 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-06-11 07:31:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-06-11 07:31:11 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-06-11 07:31:11 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-06-11 07:31:11 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-11 07:31:11 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 07:31:11 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-06-11 07:31:11 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-11 07:31:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-06-11 07:31:10 ----A---- C:\Windows\system32\ie4uinit.exe
2014-06-11 07:31:09 ----A---- C:\Windows\system32\iesetup.dll
2014-06-11 07:31:08 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-06-11 07:31:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-06-11 07:31:08 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-06-11 07:31:08 ----A---- C:\Windows\system32\iertutil.dll
2014-06-11 07:31:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-06-11 07:31:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-06-11 07:31:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-06-11 07:31:07 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-06-11 07:31:07 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-11 07:31:07 ----A---- C:\Windows\system32\iernonce.dll
2014-06-11 07:31:05 ----A---- C:\Windows\system32\ieui.dll
2014-06-11 07:31:05 ----A---- C:\Windows\system32\ieframe.dll
2014-06-11 07:31:05 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-11 07:31:04 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-06-11 07:31:04 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-11 07:31:04 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-11 07:31:03 ----A---- C:\Windows\system32\vbscript.dll
2014-06-11 07:31:03 ----A---- C:\Windows\system32\jscript9diag.dll
2014-06-11 07:31:03 ----A---- C:\Windows\system32\jscript9.dll
2014-06-11 07:31:02 ----A---- C:\Windows\system32\wininet.dll
2014-06-11 07:31:02 ----A---- C:\Windows\system32\ieapfltr.dll
2014-06-11 07:31:01 ----A---- C:\Windows\system32\msrating.dll
2014-06-11 07:31:00 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 07:31:00 ----A---- C:\Windows\system32\mshtml.dll
2014-06-11 07:26:55 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-06-11 07:26:55 ----A---- C:\Windows\system32\usp10.dll
2014-06-11 07:26:54 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-11 07:26:54 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-11 07:26:46 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-06-11 07:26:46 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-06-11 07:26:46 ----A---- C:\Windows\system32\msxml6.dll
2014-06-11 07:26:46 ----A---- C:\Windows\system32\msxml3.dll
2014-06-11 07:26:45 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-06-11 07:26:45 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-06-11 07:26:45 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-11 07:26:45 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-11 07:21:42 ----A---- C:\Windows\system32\aepdu.dll
2014-06-11 07:21:41 ----A---- C:\Windows\system32\aeinv.dll
======List of files/folders modified in the last 1 month======
2014-07-09 19:33:46 ----D---- C:\Program Files\Trend Micro
2014-07-09 19:33:37 ----D---- C:\Windows\system32\catroot
2014-07-09 19:33:36 ----D---- C:\Windows\system32\catroot2
2014-07-09 19:33:26 ----D---- C:\Windows\winsxs
2014-07-09 19:32:31 ----D---- C:\Users\Reichlovi\AppData\Roaming\BitTorrent
2014-07-09 19:31:43 ----D---- C:\Windows
2014-07-09 19:29:11 ----D---- C:\Windows\Prefetch
2014-07-09 19:28:36 ----A---- C:\Windows\SYSWOW64\log.txt
2014-07-09 19:27:48 ----D---- C:\Users\Reichlovi\AppData\Roaming\ViberPC
2014-07-09 19:27:43 ----D---- C:\Windows\Temp
2014-07-09 19:26:44 ----D---- C:\Windows\system32\config
2014-07-09 19:26:11 ----D---- C:\Windows\system32\Tasks
2014-07-09 19:26:02 ----HD---- C:\ASUS.DAT
2014-07-07 18:26:40 ----D---- C:\Windows\system32\drivers
2014-07-07 18:25:33 ----A---- C:\Windows\system32\aswBoot.exe
2014-07-07 18:24:54 ----SHD---- C:\System Volume Information
2014-07-07 17:28:06 ----A---- C:\Windows\system32\acovcnt.exe
2014-06-30 18:32:01 ----RD---- C:\Program Files (x86)
2014-06-30 16:18:20 ----D---- C:\Windows\System32
2014-06-30 16:18:20 ----D---- C:\Windows\inf
2014-06-30 16:18:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-27 22:41:57 ----D---- C:\Users\Reichlovi\AppData\Roaming\Skype
2014-06-27 08:12:09 ----SHD---- C:\Windows\Installer
2014-06-27 08:12:09 ----SHD---- C:\Config.Msi
2014-06-27 04:53:52 ----A---- C:\Windows\system32\AutoRunFilter.ini
2014-06-27 04:53:48 ----A---- C:\Windows\system32\ServiceFilter.ini
2014-06-26 22:09:27 ----D---- C:\Program Files (x86)\The KMPlayer
2014-06-26 15:11:05 ----HD---- C:\ProgramData
2014-06-26 09:13:16 ----D---- C:\Program Files (x86)\Common Files
2014-06-26 09:13:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-06-26 09:06:13 ----D---- C:\Program Files\Common Files
2014-06-26 09:06:11 ----D---- C:\Program Files
2014-06-26 09:06:09 ----D---- C:\Windows\SysWOW64
2014-06-26 09:05:58 ----D---- C:\ProgramData\Plugins
2014-06-25 11:31:36 ----RSD---- C:\Windows\Fonts
2014-06-25 08:25:49 ----D---- C:\ProgramData\Codemasters
2014-06-25 07:56:16 ----D---- C:\Windows\system32\wdi
2014-06-12 22:23:42 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 03:21:46 ----D---- C:\Windows\rescache
2014-06-11 09:18:38 ----D---- C:\Program Files\Internet Explorer
2014-06-11 09:18:37 ----D---- C:\Windows\SYSWOW64\en-US
2014-06-11 09:18:35 ----D---- C:\Windows\system32\en-US
2014-06-11 09:18:33 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-11 09:18:30 ----D---- C:\Windows\system32\DriverStore
2014-06-11 08:09:54 ----D---- C:\Windows\system32\MRT
2014-06-11 08:07:13 ----A---- C:\Windows\system32\MRT.exe
2014-06-11 08:06:54 ----D---- C:\ProgramData\Microsoft Help
2014-06-11 08:04:51 ----SD---- C:\Windows\system32\CompatTel
2014-06-10 07:54:12 ----D---- C:\Windows\system32\wbem
2014-06-10 07:53:41 ----D---- C:\Windows\Tasks
2014-06-10 07:53:41 ----D---- C:\Windows\system32\wfp
2014-06-10 07:53:38 ----D---- C:\Users\Reichlovi\AppData\Roaming\Winamp
2014-06-10 07:53:38 ----D---- C:\ProgramData\P4G
2014-06-10 07:53:37 ----D---- C:\Windows\registration
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-07 22600]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-07 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-07 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-07 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-07 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-07 427360]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 91568]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2010-09-17 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-07 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-07 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-07 92008]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2010-09-17 90704]
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2010-09-17 144464]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-07-08 2228736]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-07-26 12288480]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-08 2795880]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys []
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys []
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys []
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys []
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys []
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2014-01-29 113280]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-11-30 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-07 50344]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-04-06 624856]
R2 ScReadSpool;SolidPDFConverterReadSpool; C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe [2006-11-02 184320]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-06-16 5037888]
R2 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16 257712]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 267480]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2014-02-27 1074480]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-24 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-12 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-25 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Neustálé upozornění na vit od AVAST.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Neustálé upozornění na vit od AVAST.
Radek Reichel
-
Rudy
- Site Admin
- Příspěvky: 119419
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Neustálé upozornění na vit od AVAST.
Zdravím!
Ta hláška antiviru znamená, že AV vyr zneškodnil, tudíž do PC se nic nedostalo. PC ovšem vyčistit potřebuje. Spusťte nejprve tuto utilitu:
Ta hláška antiviru znamená, že AV vyr zneškodnil, tudíž do PC se nic nedostalo. PC ovšem vyčistit potřebuje. Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Neustálé upozornění na vit od AVAST.
Rudy píše:Zdravím!
Ta hláška antiviru znamená, že AV vyr zneškodnil, tudíž do PC se nic nedostalo. PC ovšem vyčistit potřebuje. Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
vkládám log
# AdwCleaner v3.215 - Report created 10/07/2014 at 11:50:36
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Reichlovi - REICHLOVI-PC
# Running from : C:\Users\Reichlovi\Desktop\adwcleaner_3.215.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Linkey
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\SmartTweak
Folder Deleted : C:\Program Files (x86)\WinToFlash Suggestor
Folder Deleted : C:\Users\REICHL~1\AppData\Local\Temp\AtuZi
Folder Deleted : C:\Users\Reichlovi\AppData\Local\Conduit
Folder Deleted : C:\Users\Reichlovi\AppData\Local\PackageAware
Folder Deleted : C:\Users\Reichlovi\AppData\Local\webplayer
Folder Deleted : C:\Users\Reichlovi\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Reichlovi\AppData\LocalLow\BitTorrentBar
Folder Deleted : C:\Users\Reichlovi\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Reichlovi\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Reichlovi\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Reichlovi\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\s1c4vp0j.default\ConduitCommon
Folder Deleted : C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\s1c4vp0j.default\Smartbar
Folder Deleted : C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\s1c4vp0j.default\Extensions\matchersite@matchersite.com
File Deleted : C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\s1c4vp0j.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\s1c4vp0j.default\searchplugins\default-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
File Deleted : C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\s1c4vp0j.default\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B7A4D6A-D526-4B9E-9798-D8016E741C2C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2741B1AB-AAEA-465B-9D29-24070D1D3387}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Linkey
Key Deleted : HKLM\Software\SystemK
Key Deleted : HKLM\Software\BitTorrentBar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v30.0 (cs)
[ File : C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\s1c4vp0j.default\prefs.js ]
Line Deleted : user_pref("CT2790392..clientLogIsEnabled", true);
Line Deleted : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2790392./9b+7e+x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e,x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e-x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e/x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e06cg5el8:.from_oldbar.enc", "bm1ram9vcm52dQ==");
Line Deleted : user_pref("CT2790392./9b+7e06cg5el;8i:k.from_oldbar.enc", "JH4tLyJqdHNxcHV1eHR8eyQvS0lHT0I1fV1cPQ==");
Line Deleted : user_pref("CT2790392./9b+7e0x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e1x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e2x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e3x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e4x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e5x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e6x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e7x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e8x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e9x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e:x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e;x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e<x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e=x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e>x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e?x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7e@x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7eax305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7ebe3g=;d9n9=d.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZJZXFzTTN9VlRROFBc");
Line Deleted : user_pref("CT2790392./9b+7ebx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7ecx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7edx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b+7etx305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392./9b-0?3g>d.from_oldbar.enc", "bmhrQHBxdEN6R3RIRiB1eSAhJX5PIyMqUSgkKioqXCpaLS9d");
Line Deleted : user_pref("CT2790392./9b-0?3g@6:5;.from_oldbar.enc", "AA==");
Line Deleted : user_pref("CT2790392./9b-0?3gfa7ef.from_oldbar.enc", "Ky4sPQ==");
Line Deleted : user_pref("CT2790392./9b-3=3eccja=f>.from_oldbar.enc", "JH4zPSxFL0E1J28pKiEsOT1EMHgyTEFCR34rLEhXS0hWXVw1U1JcY2JhWlxkP2pfYkJtbW1zYGpjS3hna2Q/bUM9Mz9ecHN9IUxZVWZ5KXx5KC8uV2RgcTYlXTU2dzwpY29udXQgNzRrUkE9[...]
Line Deleted : user_pref("CT2790392./9b/>01=9a6k6<im;krie@pdawm.from_oldbar.enc", "bmpocHN0dXZ3");
Line Deleted : user_pref("CT2790392./9b3=>@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEcgPj1HTk1MRUdPKlVKTS1YWFheS1VONmNSVk8=");
Line Deleted : user_pref("CT2790392./9b5ba==9cjag.from_oldbar.enc", "bj07PEF0bUV6dnlySEp4fkkgInog");
Line Deleted : user_pref("CT2790392./9b6b11g4c56b>f;p;anr@p.from_oldbar.enc", "bm1pb21sdHVvdXBzeQ==");
Line Deleted : user_pref("CT2790392./9b9643g3/9e.from_oldbar.enc", "ag==");
Line Deleted : user_pref("CT2790392./9b;45>:bi9i7ie.from_oldbar.enc", "Ky4sPQ==");
Line Deleted : user_pref("CT2790392./9b<:222h64<.from_oldbar.enc", "OT81Lz4=");
Line Deleted : user_pref("CT2790392./9b<:222h64<l8daj.from_oldbar.enc", "bXBwb3Z0cHl2dSp5d3J9e3V9fg==");
Line Deleted : user_pref("CT2790392./9b=+03eh8h8j?:.from_oldbar.enc", "REM=");
Line Deleted : user_pref("CT2790392./9b?+e2a52d8.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZkcHJ5UVVeXlI=");
Line Deleted : user_pref("CT2790392./9b?b0d:8aj62<h.from_oldbar.enc", "bQ==");
Line Deleted : user_pref("CT2790392./9ba@0<0bi6a7gn:6@l?.from_oldbar.enc", "bA==");
Line Deleted : user_pref("CT2790392.129309578575850709isEnableThisAppDialog", "{\"dataType\":\"string\",\"data\":true}");
Line Deleted : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Line Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);
Line Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);
Line Deleted : user_pref("CT2790392.CT2790392.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
Line Deleted : user_pref("CT2790392.CTID", "CT2790392");
Line Deleted : user_pref("CT2790392.ConfigurationLastCheckTime", "Thu Nov 07 2013 17:02:28 GMT+0100");
Line Deleted : user_pref("CT2790392.CurrentServerDate", "3-11-2013");
Line Deleted : user_pref("CT2790392.DSChangedManually", true);
Line Deleted : user_pref("CT2790392.DSInstall", true);
Line Deleted : user_pref("CT2790392.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2790392.DialogsGetterLastCheckTime", "Sat Nov 02 2013 00:03:51 GMT+0100");
Line Deleted : user_pref("CT2790392.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2790392.EMailNotifierPollDate", "Sat Dec 31 2011 21:10:39 GMT+0100");
Line Deleted : user_pref("CT2790392.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.FeedLastCount129313977501788460", 499);
Line Deleted : user_pref("CT2790392.FeedPollDate129313974171006416", "Sat Dec 31 2011 19:50:39 GMT+0100");
Line Deleted : user_pref("CT2790392.FeedPollDate129313975698350231", "Sat Dec 31 2011 19:50:39 GMT+0100");
Line Deleted : user_pref("CT2790392.FeedPollDate129313976370850190", "Sat Dec 31 2011 19:50:39 GMT+0100");
Line Deleted : user_pref("CT2790392.FeedPollDate129313976648818968", "Sat Dec 31 2011 19:50:39 GMT+0100");
Line Deleted : user_pref("CT2790392.FeedPollDate129313977444757117", "Sat Dec 31 2011 19:50:39 GMT+0100");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980389131455", "Sat Dec 31 2011 19:50:39 GMT+0100");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980655381977", "Sat Dec 31 2011 19:50:39 GMT+0100");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980886163259", "Sat Dec 31 2011 19:50:39 GMT+0100");
Line Deleted : user_pref("CT2790392.FeedPollDate129313981234756535", "Sat Dec 31 2011 19:50:39 GMT+0100");
Line Deleted : user_pref("CT2790392.FeedPollDate129313983226631720", "Sat Dec 31 2011 19:50:39 GMT+0100");
Line Deleted : user_pref("CT2790392.FeedPollDate129313983607725691", "Sat Dec 31 2011 19:50:39 GMT+0100");
Line Deleted : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Line Deleted : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Line Deleted : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Line Deleted : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Line Deleted : user_pref("CT2790392.FirstServerDate", "25-12-2011");
Line Deleted : user_pref("CT2790392.FirstTime", true);
Line Deleted : user_pref("CT2790392.FirstTimeFF3", true);
Line Deleted : user_pref("CT2790392.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2790392.HPChangedManually", false);
Line Deleted : user_pref("CT2790392.HPInstall", true);
Line Deleted : user_pref("CT2790392.HPProtectChoice", true);
Line Deleted : user_pref("CT2790392.HPProtectCount", 1);
Line Deleted : user_pref("CT2790392.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2790392.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT2790392.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Line Deleted : user_pref("CT2790392.Initialize", true);
Line Deleted : user_pref("CT2790392.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2790392.InstallationId", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2790392.InstallationType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2790392.InstalledDate", "Sun Dec 25 2011 16:21:18 GMT+0100");
Line Deleted : user_pref("CT2790392.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT2790392.IsGrouping", false);
Line Deleted : user_pref("CT2790392.IsInitSetupIni", true);
Line Deleted : user_pref("CT2790392.IsMulticommunity", false);
Line Deleted : user_pref("CT2790392.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2790392.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT2790392.IsProtectorsInit", true);
Line Deleted : user_pref("CT2790392.LanguagePackLastCheckTime", "Thu Nov 07 2013 17:02:28 GMT+0100");
Line Deleted : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2790392.LastLogin_3.12.0.7", "Tue Apr 24 2012 21:41:20 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.12.2.3", "Wed May 30 2012 22:03:05 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.13.0.6", "Mon Jul 16 2012 23:06:03 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.14.1.0", "Mon Aug 27 2012 21:08:15 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.15.1.0", "Wed Mar 06 2013 15:40:15 GMT+0100");
Line Deleted : user_pref("CT2790392.LastLogin_3.18.0.7", "Sun Jul 14 2013 21:19:33 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.19.0.3", "Tue Sep 10 2013 02:43:10 GMT+0200");
Line Deleted : user_pref("CT2790392.LastLogin_3.20.0.4", "Thu Nov 07 2013 17:02:28 GMT+0100");
Line Deleted : user_pref("CT2790392.LastLogin_3.8.1.0", "Sat Dec 31 2011 20:35:26 GMT+0100");
Line Deleted : user_pref("CT2790392.LatestVersion", "3.20.0.4");
Line Deleted : user_pref("CT2790392.Locale", "en");
Line Deleted : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT2790392.OriginalFirstVersion", "3.8.1.0");
Line Deleted : user_pref("CT2790392.SavedHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CT2790392.SearchAPILastCheckTime", "Thu Nov 07 2013 17:02:28 GMT+0100");
Line Deleted : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Line Deleted : user_pref("CT2790392.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=");
Line Deleted : user_pref("CT2790392.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Tue Sep 10 2013 02:43:09 GMT+0200");
Line Deleted : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT2790392.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
Line Deleted : user_pref("CT2790392.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2790392.SearchProtectorEnabled", false);
Line Deleted : user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT2790392.ServiceMapLastCheckTime", "Thu Nov 07 2013 17:02:28 GMT+0100");
Line Deleted : user_pref("CT2790392.SettingsLastCheckTime", "Thu Nov 07 2013 17:02:27 GMT+0100");
Line Deleted : user_pref("CT2790392.SettingsLastUpdate", "1383134256");
Line Deleted : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Sun Dec 25 2011 16:20:55 GMT+0100");
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT2790392.UserID", "UN48809389915497575");
Line Deleted : user_pref("CT2790392.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT2790392.WeatherNetwork", "");
Line Deleted : user_pref("CT2790392.WeatherPollDate", "Sat Dec 31 2011 20:52:42 GMT+0100");
Line Deleted : user_pref("CT2790392.WeatherUnit", "C");
Line Deleted : user_pref("CT2790392._9b90e_.3c;7b=?ofb>>rhiqs.from_oldbar.enc", "OT81Lz4=");
Line Deleted : user_pref("CT2790392._9b_7e.:2z527.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392._9b_7e.x305.from_oldbar.enc", "JCM=");
Line Deleted : user_pref("CT2790392.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT2790392.alertChannelId", "1182482");
Line Deleted : user_pref("CT2790392.appApproved.129309578575850709", true);
Line Deleted : user_pref("CT2790392.autoDisableScopes", -1);
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e+x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e,x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e-x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e.:2z527", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e.x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e/x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e06cg5el8:", "6E6D6B6A6F6F726E7675");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737170757578747C7B242F4B49474F42357D5D5C3D");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e0x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e1x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e2x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e3x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e4x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e5x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e6x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e7x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e8x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e9x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e:x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e;x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e<x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e=x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e>x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e?x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7e@x305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7eax305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7ebx305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7ecx305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7edx305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b+7etx305", "2423");
Line Deleted : user_pref("CT2790392.backendstorage./9b-0?3g>d", "6E686B40707174437A477448462075792021257E4F23232A5128242A2A2A5C2A5A2D2F5D");
Line Deleted : user_pref("CT2790392.backendstorage./9b-0?3g@6:5;", "");
Line Deleted : user_pref("CT2790392.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Line Deleted : user_pref("CT2790392.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D443078324C4142477E2B2C48574B48565D5C3553525C6362615A5C643F6A5F62426D6D6D73606A634B78676B643F6D433D333F5E70737D2[...]
Line Deleted : user_pref("CT2790392.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Line Deleted : user_pref("CT2790392.backendstorage./9b3=>@44i48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
Line Deleted : user_pref("CT2790392.backendstorage./9b5ba==9cjag", "6E3D3B3C41746D457A767972484A787E4920227A20");
Line Deleted : user_pref("CT2790392.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D696F6D6C74756F75707379");
Line Deleted : user_pref("CT2790392.backendstorage./9b90e@.3c;7b=?ofb>>rhiqs", "393F352F3E");
Line Deleted : user_pref("CT2790392.backendstorage./9b9643g3/9e", "6A");
Line Deleted : user_pref("CT2790392.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Line Deleted : user_pref("CT2790392.backendstorage./9b<:222h64<", "393F352F3E");
Line Deleted : user_pref("CT2790392.backendstorage./9b<:222h64<l8daj", "6D70706F7674707976752A7977727D7B757D7E");
Line Deleted : user_pref("CT2790392.backendstorage./9b=+03eh8h8j?:", "4443");
Line Deleted : user_pref("CT2790392.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Line Deleted : user_pref("CT2790392.backendstorage./9b?b0d:8aj62<h", "6D");
Line Deleted : user_pref("CT2790392.backendstorage./9ba@0<0bi6a7gn:6@l?", "6C");
Line Deleted : user_pref("CT2790392.backendstorage.cb_firstuse0100", "31");
Line Deleted : user_pref("CT2790392.backendstorage.cbcountry_000", "435A");
Line Deleted : user_pref("CT2790392.backendstorage.cbcountry_001", "435A");
Line Deleted : user_pref("CT2790392.backendstorage.cbfirsttime", "53756E2044656320323520323031312031363A32333A313220474D542B30313030");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appsconfig", "7B2241707073436F6E66696775726174696F6E223A5B7B226964223A2245617379746F626F6F6B5F7461726765746564222C2275726C223A22687474703A2F2F636F6E6430312E6[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstate_pricegong", "6F6E");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstatereporttime", "31333833383430323433303438");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_calledsetupservice", "31");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_currentbadgevalue", "31");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_currentversion", "312E31312E342E32");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_existingusersrecoverydone", "31");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_first_time", "31");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_globalkeysmigratedtolocalstorage", "31");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_lastlogintime", "31333833383430323433343731");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C696379223A7B2254657874223A22436F6E74656E7420506F6C696379227D2C226761646765744465736372697074696F6E5072696[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_mamenabled", "66616C7365");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_newapps", "5B7B226964223A2257696E646F7753686F70706572222C226E616D65223A224465616C2046696E646572222C226465736372697074696F6E223A22496E7374616E746C7920636F6D70[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.10.4.0", "7B22537461747573223A22737563636565646564222C2244617461223A7B2263757272656E7444617465223A223230313331303235222C22696E74657276616C223A32343[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.11.4.2", "7B22537461747573223A22737563636565646564222C2244617461223A7B2263757272656E7444617465223A223230313331313037222C22696E74657276616C223A32343[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A223231355F2D31222C22697354657374[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.8.0.4", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2235345F30222C22697354657374223A[...]
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_showclosebutton", "74727565");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_stamp", "38345F30");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_user_approval_interacted", "31");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_userid", "66326164316235372D373663332D343439612D616530662D653564343435323039663032");
Line Deleted : user_pref("CT2790392.backendstorage.mam_gk_welcomedialogmode", "31");
Line Deleted : user_pref("CT2790392.backendstorage.pairingkey", "31413836343933463143373535444334334635343245463234383335303542463646443839393635");
Line Deleted : user_pref("CT2790392.backendstorage.pg_enable", "74727565");
Line Deleted : user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F6775692F");
Line Deleted : user_pref("CT2790392.backendstorage.searchappstate", "33");
Line Deleted : user_pref("CT2790392.backendstorage.searchapptracking", "73656E74");
Line Deleted : user_pref("CT2790392.backendstorage.sf_just_installed", "46414C5345");
Line Deleted : user_pref("CT2790392.backendstorage.sf_status", "454E41424C4544");
Line Deleted : user_pref("CT2790392.backendstorage.sf_user_id", "6369645F3231303230313332303236313938323933333436");
Line Deleted : user_pref("CT2790392.backendstorage.url_history", "687474703A2F2F7777772E66616365626F6F6B2E636F6D2F3F7265663D746E5F746E6D6E");
Line Deleted : user_pref("CT2790392.backendstorage.url_history0001", "687474703A2F2F7777772E6E6F76696E6B792E637A2F6B6F6B74656A6C2F3331383533302D6D616C792D74796772696B2D70726F73656C2D7A6B6F75736B616D692D762D706C61766[...]
Line Deleted : user_pref("CT2790392.backendstorage.url_history_time", "31333235333632313633303339");
Line Deleted : user_pref("CT2790392.backendstorage.uttorrents", "7B226275696C64223A32383730362C226C6162656C223A5B5D2C22746F7272656E7473223A5B5B223742374338454631433846314146464546324342394341394443363034413630433042[...]
Line Deleted : user_pref("CT2790392.cb_firstuse0100.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2790392.cbcountry_000.from_oldbar.enc", "Q1o=");
Line Deleted : user_pref("CT2790392.cbcountry_001.from_oldbar.enc", "Q1o=");
Line Deleted : user_pref("CT2790392.cbfirsttime.from_oldbar.enc", "U3VuIERlYyAyNSAyMDExIDE2OjIzOjEyIEdNVCswMTAw");
Line Deleted : user_pref("CT2790392.countryCode", "CZ");
Line Deleted : user_pref("CT2790392.firstTimeDialogOpened", true);
Line Deleted : user_pref("CT2790392.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT2790392.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT2790392.fullUserID", "UN48809389915497575.UP.2034085152");
Line Deleted : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Sat Dec 31 2011 20:35:26 GMT+0100");
Line Deleted : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2790392.initDone", true);
Line Deleted : user_pref("CT2790392.installId", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2790392.installType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2790392.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT2790392.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT2790392.isCollapsed_129309578575850709", "{\"dataType\":\"string\",\"data\":false}");
Line Deleted : user_pref("CT2790392.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT2790392.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT2790392.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2790392.keyword", true);
Line Deleted : user_pref("CT2790392.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=UN48809389915497575&SSPV=&Lay=1&UM=\"}");
Line Deleted : user_pref("CT2790392.lastVersion", "10.20.101.5");
Line Deleted : user_pref("CT2790392.mam_gk_appsconfig.from_oldbar.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJFYXN5dG9ib29rX3RhcmdldGVkIiwidXJsIjoiaHR0cDovL2NvbmQwMS5ldGJ4bWwuY29tL2NvbmR1aXRfYnVuZGxlL3dlYi9jaGVhcC[...]
Line Deleted : user_pref("CT2790392.mam_gk_appsdefaultenabled.from_oldbar.enc", "bnVsbA==");
Line Deleted : user_pref("CT2790392.mam_gk_appstate_couponbuddy.from_oldbar.enc", "b24=");
Line Deleted : user_pref("CT2790392.mam_gk_appstate_pricegong.from_oldbar.enc", "b24=");
Line Deleted : user_pref("CT2790392.mam_gk_appstatereporttime.from_oldbar.enc", "MTM4Mzg0MDI0MzA0OA==");
Line Deleted : user_pref("CT2790392.mam_gk_calledsetupservice.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2790392.mam_gk_currentbadgevalue.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2790392.mam_gk_currentversion.from_oldbar.enc", "MS4xMS40LjI=");
Line Deleted : user_pref("CT2790392.mam_gk_existingusersrecoverydone.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2790392.mam_gk_first_time.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2790392.mam_gk_globalkeysmigratedtolocalstorage.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2790392.mam_gk_lastlogintime.from_oldbar.enc", "MTM4Mzg0MDI0MzQ3MQ==");
Line Deleted : user_pref("CT2790392.mam_gk_localization.from_oldbar.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMg[...]
Line Deleted : user_pref("CT2790392.mam_gk_mamenabled.from_oldbar.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT2790392.mam_gk_newapps.from_oldbar.enc", "W3siaWQiOiJXaW5kb3dTaG9wcGVyIiwibmFtZSI6IkRlYWwgRmluZGVyIiwiZGVzY3JpcHRpb24iOiJJbnN0YW50bHkgY29tcGFyZSBwcmljZXMgb24gYW55IHByb2R1Y3Qgb24gNzUsMDAwI[...]
Line Deleted : user_pref("CT2790392.mam_gk_showclosebutton.from_oldbar.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT2790392.mam_gk_showwelcomegadget.from_oldbar.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT2790392.mam_gk_stamp.from_oldbar.enc", "ODRfMA==");
Line Deleted : user_pref("CT2790392.mam_gk_user_approval_interacted.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2790392.mam_gk_userid.from_oldbar.enc", "ZjJhZDFiNTctNzZjMy00NDlhLWFlMGYtZTVkNDQ1MjA5ZjAy");
Line Deleted : user_pref("CT2790392.mam_gk_welcomedialogmode.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2790392.myStuffEnabled", true);
Line Deleted : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2790392.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://BitTorrentBar.OurToolbar.com/\",\"EB_T[...]
Line Deleted : user_pref("CT2790392.oldAppsList", "129298377186075601,129298377186388102,1000234,129298377186544355,1000034,129526968991422666,129309578575850709,129313977501788460,129309577647413174,129309565073350[...]
Line Deleted : user_pref("CT2790392.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CT2790392.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT2790392.originalSearchEngine", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CT2790392.pairingkey.from_oldbar.enc", "MUE4NjQ5M0YxQzc1NURDNDNGNTQyRUYyNDgzNTA1QkY2RkQ4OTk2NQ==");
Line Deleted : user_pref("CT2790392.pg_enable.from_oldbar.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT2790392.revertSettingsEnabled", true);
Line Deleted : user_pref("CT2790392.scriptsource.from_oldbar.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv");
Line Deleted : user_pref("CT2790392.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT2790392.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT2790392.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2790392.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT2790392.searchappstate.from_oldbar.enc", "Mw==");
Line Deleted : user_pref("CT2790392.searchapptracking.from_oldbar.enc", "c2VudA==");
Line Deleted : user_pref("CT2790392.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2790392\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BitTorrentBar.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BitTorrentBar \"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_services_Configuration_lastUpdate", "1384553535465");
Line Deleted : user_pref("CT2790392.serviceLayer_services_login_10.20.101.5_lastUpdate", "1384553535469");
Line Deleted : user_pref("CT2790392.serviceLayer_services_searchAPI_lastUpdate", "1384553535287");
Line Deleted : user_pref("CT2790392.serviceLayer_services_serviceMap_lastUpdate", "1384553535188");
Line Deleted : user_pref("CT2790392.serviceLayer_services_toolbarSettings_lastUpdate", "1384553535660");
Line Deleted : user_pref("CT2790392.serviceLayer_services_translation_lastUpdate", "1384553535449");
Line Deleted : user_pref("CT2790392.settingsINI", true);
Line Deleted : user_pref("CT2790392.sf_just_installed.from_oldbar.enc", "RkFMU0U=");
Line Deleted : user_pref("CT2790392.sf_status.from_oldbar.enc", "RU5BQkxFRA==");
Line Deleted : user_pref("CT2790392.sf_user_id.from_oldbar.enc", "Y2lkXzIxMDIwMTMyMDI2MTk4MjkzMzQ2");
Line Deleted : user_pref("CT2790392.showToolbarPermission", "false");
Line Deleted : user_pref("CT2790392.smartbar.CTID", "CT2790392");
Line Deleted : user_pref("CT2790392.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT2790392.smartbar.toolbarName", "BitTorrentBar ");
Line Deleted : user_pref("CT2790392.testingCtid", "");
Line Deleted : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Thu Nov 07 2013 17:02:28 GMT+0100");
Line Deleted : user_pref("CT2790392.toolbarBornServerTime", "25-12-2011");
Line Deleted : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Sun Dec 25 2011 16:21:23 GMT+0100");
Line Deleted : user_pref("CT2790392.toolbarCurrentServerTime", "16-11-2013");
Line Deleted : user_pref("CT2790392.toolbarLoginClientTime", "Sun Nov 10 2013 08:52:08 GMT+0100");
Line Deleted : user_pref("CT2790392.upgradeFromOBVersion", true);
Line Deleted : user_pref("CT2790392.url_history.from_oldbar.enc", "aHR0cDovL3d3dy5mYWNlYm9vay5jb20vP3JlZj10bl90bm1u");
Line Deleted : user_pref("CT2790392.url_history0001.from_oldbar.enc", "aHR0cDovL3d3dy5ub3Zpbmt5LmN6L2tva3RlamwvMzE4NTMwLW1hbHktdHlncmlrLXByb3NlbC16a291c2thbWktdi1wbGF2YW5pLXNlLXNpbGVueW0tdnlyYXplbS12LW9jaWNoLmh0bWw6[...]
Line Deleted : user_pref("CT2790392.url_history_time.from_oldbar.enc", "MTMyNTM2MjE2MzAzOQ==");
Line Deleted : user_pref("CT2790392.usagesFlag", 2);
Line Deleted : user_pref("CT2790392.uttorrents.from_oldbar.enc", "eyJidWlsZCI6Mjg3MDYsImxhYmVsIjpbXSwidG9ycmVudHMiOltbIjdCN0M4RUYxQzhGMUFGRkVGMkNCOUNBOURDNjA0QTYwQzBCRUNGN0YiLDIwMSwiQ2VybmkuYmFyb25pLkhEVFYuMTA4MGkue[...]
Line Deleted : user_pref("CT2790392_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1384553528855,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "BitTorrentBar Customized Web Search");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392", "\"55d1e77506d88427ad2ce072dae6a3363\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1182482/1178159/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", "\"1361459328\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"2a1a0d7b586ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"9f8d2729abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.1.0", "\"80ee9485875dcc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"5b6c7fc799d642c664ba7e131c771382\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Reichlovi\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\s1c4vp0j.default\\conduitCommon\\modules\\3.8.1.0");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.1.0");
Line Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://youtube.conduitapps.com/v115/gadget.php?appMode=standard ", "483x531");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.facebook.sessionKey", "2.AQAHO03spuQOxPDd.86400.1325379600.0-1477464382");
Line Deleted : user_pref("CommunityToolbar.facebook.sessionSecret", "ETCFhzcujhjGQUpaqx0_Gg__");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Dec 31 2011 09:28:40 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.facebook.userId", "1477464382");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "1e86143c-9425-40e5-b9c4-7af9ce856789");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Dec 25 2011 16:21:34 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Dec 31 2011 11:22:20 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Dec 31 2011 12:29:37 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "e6486db8-859f-4bd4-bb1f-b258851fe8b8");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT2790392");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "BitTorrentBar Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.search.order.1", "default-search.net");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT2790392");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&CU[...]
Line Deleted : user_pref("smartbar.machineId", "XKUAAJUXFA7KGHCZKSPJCLFCV9RFJYMTHSZBWZYGLP+P1FKLB2B+MUFWMUJF2CNCAFZBZQLNYZUZRL4TUQU8JQ");
-\\ Google Chrome v
[ File : C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&hl=en&SelfSearch=1&SearchSource=49&ctid=CT2790392
*************************
AdwCleaner[R0].txt - [51209 octets] - [10/07/2014 11:48:56]
AdwCleaner[S0].txt - [51510 octets] - [10/07/2014 11:50:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [51571 octets] ##########
Radek Reichel
-
Rudy
- Site Admin
- Příspěvky: 119419
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Neustálé upozornění na vit od AVAST.
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?