VIRY.CZ

Pc občas zatuhne při vyhledávání v gúglu a někdy i naskočí modrá obrazovka smrti, takže prosím o preventivku.

Logfile of random's system information tool 1.06 (written by random/random)
Run by admin at 2013-02-04 20:34:02
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 167 GB (87%) free of 191 GB
Total RAM: 511 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:34:33, on 4.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17115)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\admin\Plocha\RSIT.exe
C:\Program Files\trend micro\admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.softonic.com/MON00005/tb_ ... rce=10&cc=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Nahlaš tuto stránku! - {78310ae3-7471-4a70-a728-4f8c71d95ec6} - mscoree.dll (file missing)
O9 - Extra 'Tools' menuitem: Červené tlačítko - nahlášení nezákoného obsahu - {78310ae3-7471-4a70-a728-4f8c71d95ec6} - mscoree.dll (file missing)
O9 - Extra button: FreshDownload - {84E50951-72EB-4E73-9E13-FEFC813CF012} - C:\Program Files\FreshDevices\FreshDownload\fd.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 8314 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-06-20 329480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-20 59144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-06-20 79624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-28 13684736]
"nwiz"=nwiz.exe /install []
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-11-02 59240]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-01-21 18789408]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-28 86016]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-12-03 33718272]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2011-10-24 421888]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\KEM.exe
LUMIX Simple Viewer.lnk - C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-08-17 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Documents and Settings\admin\Plocha\Hry\Widelands\widelands.exe"="C:\Documents and Settings\admin\Plocha\Hry\Widelands\widelands.exe:*:Enabled:widelands"
"C:\Documents and Settings\admin\Plocha\Hry\Freeciv-2.0.8-gtk2\civserver.exe"="C:\Documents and Settings\admin\Plocha\Hry\Freeciv-2.0.8-gtk2\civserver.exe:*:Enabled:civserver"
"C:\Program Files\Java\jre1.6.0_07\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_07\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ Library"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Documents and Settings\admin\Plocha\Hry\Ping-Pong\MainP.dat"="C:\Documents and Settings\admin\Plocha\Hry\Ping-Pong\MainP.dat:*:Disabled:fullrus"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\admin\Data aplikací\2YourFace\Updater.exe"="C:\Documents and Settings\admin\Data aplikací\2YourFace\Updater.exe:*:Enabled:Updater for 2YourFace"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2013-01-09 23:03:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$

======List of files/folders modified in the last 1 months======

2013-02-04 20:34:23 ----D---- C:\Program Files\trend micro
2013-02-04 20:34:08 ----D---- C:\WINDOWS\Prefetch
2013-02-04 20:02:21 ----D---- C:\WINDOWS\temp
2013-02-04 15:26:29 ----D---- C:\WINDOWS
2013-02-04 15:26:23 ----D---- C:\WINDOWS\system32
2013-02-04 03:32:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-02-01 14:16:29 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-01-31 22:48:08 ----D---- C:\Program Files\Mozilla Firefox
2013-01-26 19:30:56 ----D---- C:\WINDOWS\Minidump
2013-01-18 16:00:41 ----D---- C:\Config.Msi
2013-01-17 14:21:23 ----SHD---- C:\WINDOWS\Installer
2013-01-17 14:02:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-01-17 04:21:53 ----D---- C:\WINDOWS\system32\CatRoot2
2013-01-15 22:59:18 ----HD---- C:\WINDOWS\inf
2013-01-15 22:59:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-01-15 22:59:08 ----D---- C:\WINDOWS\ie7updates
2013-01-15 16:14:30 ----HD---- C:\WINDOWS\$hf_mig$
2013-01-13 23:34:55 ----SD---- C:\Documents and Settings\admin\Data aplikací\Microsoft
2013-01-13 23:34:55 ----D---- C:\Documents and Settings\admin\Data aplikací\Adobe
2013-01-13 23:27:04 ----D---- C:\Program Files\Common Files\Adobe
2013-01-13 23:26:33 ----D---- C:\Program Files\Adobe
2013-01-11 02:27:14 ----A---- C:\WINDOWS\system32\mshtml.dll
2013-01-11 00:11:50 ----D---- C:\WINDOWS\Debug
2013-01-10 23:58:32 ----D---- C:\Program Files\Mozilla Thunderbird
2013-01-10 15:38:33 ----D---- C:\WINDOWS\Microsoft.NET
2013-01-10 15:38:28 ----RSD---- C:\WINDOWS\assembly
2013-01-09 23:11:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-01-09 23:11:19 ----D---- C:\WINDOWS\WinSxS
2013-01-09 23:00:14 ----A---- C:\WINDOWS\system32\MRT.exe
2013-01-09 16:32:48 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-03-25 28520]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2004-06-08 13105]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-28 6280416]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-03-25 54400]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-03-25 22016]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-20 21248]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-11-25 1617408]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-05-10 3964736]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-06-26 1656960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-01-21 6039584]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2008-12-02 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2012-03-26 32768]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-09-14 116608]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-27 55144]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-06-20 153352]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-12-18 73728]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-28 163908]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-27 821608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-31 115608]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravím Plzeň, tohle fixni v HJT :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.softonic.com/MON00005/tb_ ... rce=10&cc=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: Nahlaš tuto stránku! - {78310ae3-7471-4a70-a728-4f8c71d95ec6} - mscoree.dll (file missing)
O9 - Extra 'Tools' menuitem: Červené tlačítko - nahlášení nezákoného obsahu - {78310ae3-7471-4a70-a728-4f8c71d95ec6} - mscoree.dll (file missing)
O9 - Extra button: FreshDownload - {84E50951-72EB-4E73-9E13-FEFC813CF012} - C:\Program Files\FreshDevices\FreshDownload\fd.exe (file missing)

HJT najdeš zde :

C:\Program Files\trend micro\admin.exe

Fix znamená že spustíš HJT Obrázek

jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

LightScribeService Direct Disc Labeling Service

Mozilla Maintenance Service

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

Také zdravím a zde je log z CF

ComboFix 13-02-03.03 - admin 04.02.2013 23:12:50.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.121 [GMT 1:00]
Spuštěný z: c:\documents and settings\admin\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\admin\WINDOWS
C:\install.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-04 do 2013-02-04 )))))))))))))))))))))))))))))))
.
.
2013-01-31 21:47 . 2013-01-31 21:47 74136 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2013-01-31 21:46 . 2013-01-31 21:46 157712 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe
2013-01-31 21:46 . 2013-01-31 21:46 96664 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 15:32 . 2012-04-23 07:23 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 15:32 . 2011-05-14 16:55 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 12:23 . 2004-08-18 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 11:55 . 2004-08-18 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2013-01-31 21:47 . 2012-07-20 15:40 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736]
"nwiz"="nwiz.exe" [2009-03-27 1657376]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"RTHDCPL"="RTHDCPL.EXE" [2010-01-21 18789408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-12-03 33718272]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\KEM.exe [2006-8-15 581632]
LUMIX Simple Viewer.lnk - c:\program files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2006-9-7 57344]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-17 113024]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Documents and Settings\\admin\\Plocha\\Hry\\Widelands\\widelands.exe"=
"c:\\Documents and Settings\\admin\\Plocha\\Hry\\Freeciv-2.0.8-gtk2\\civserver.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\admin\\Plocha\\Hry\\Ping-Pong\\MainP.dat"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\admin\\Data aplikací\\2YourFace\\Updater.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [13.8.2012 16:22 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9.8.2012 12:29 361032]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [23.11.2009 7:43 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23.11.2009 7:43 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [17.8.2011 22:47 116608]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\ACEDRV11.sys [23.1.2008 9:19 501560]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.8.2012 12:29 21256]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [14.9.2011 14:17 1617408]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [21.1.2010 13:35 1656960]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23.11.2009 7:43 12872]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MOZILLAMAINTENANCE
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 15:32]
.
2013-02-04 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-08-13 22:50]
.
.
------- Doplňkový sken -------
.
mLocal Page =
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
TCP: DhcpNameServer = 10.109.183.1 10.109.255.254
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\f1gq97d8.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: !HIDDEN! 2009-09-02 02:20; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-06-25 14:52; support@2yourface.com; c:\documents and settings\admin\Data aplikacĂÂ\2YourFace\ffextension
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.hpOld - hxxp://www.seznam.cz/
FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.Softonic.dspOld - uTorrentBar_DE Customized Web Search
FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic)
FF - user.js: extensions.Softonic_i.dnsErr - true
FF - user.js: extensions.Softonic_i.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - e0fde77d000000000000002522d7840e
FF - user.js: extensions.Softonic.instlDay - 15516
FF - user.js: extensions.Softonic.vrsn - 1.5.24.3
FF - user.js: extensions.Softonic.vrsni - 1.5.24.3
FF - user.js: extensions.Softonic_i.vrsnTs - 1.5.24.314:46
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - base
FF - user.js: extensions.Softonic.instlRef - MON00005
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-04 23:25
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-02-04 23:27:33
ComboFix-quarantined-files.txt 2013-02-04 22:27
ComboFix2.txt 2012-09-30 20:50
.
Před spuštěním: Volných bajtů: 174 912 409 600
Po spuštění: Volných bajtů: 174 940 430 336
.
- - End Of File - - 3A278763F007070D087FE35805B6FB88

Roli nebojte se nepřestal jsem komunikovat, pouze se z pracovních a osobních důvodů se sem dostanu nejdříve zítra večer (možná až pozítří kolem poledne). Ten DDos útok mi zkřížil docela plány, v první chvíli jsem se lekl, že mám v pc nějakou vyčuranou havět, která dokázala pochopit, že tyto stránky navštěvuji z důvodu abych jí buď ublížil nebo alespoň trochu opepřil život a tak mně zablokovala přístup

, ale taková havěť doufám ještě nebyla vynalezena

.

Omlouvám se za to vykání, zapomněl jsem, že si tykáme a ještě jeden dotaz, v době toho DDos útoku jsem znova použil čistič CCleaner, neměl bych tedy vytvořit a vložit jsem novější log z CF po použití toho čističe.

TomášzePlzně píše:Roli nebojte se nepřestal jsem komunikovat, pouze se z pracovních a osobních důvodů se sem dostanu nejdříve zítra večer (možná až pozítří kolem poledne).

V pohodě já mám času dost, nehledě na to že jsem byl také služebně pryč.

TomášzePlzně píše:Ten DDos útok mi zkřížil docela plány, v první chvíli jsem se lekl, že mám v pc nějakou vyčuranou havět, která dokázala pochopit, že tyto stránky navštěvuji z důvodu abych jí buď ublížil nebo alespoň trochu opepřil život a tak mně zablokovala přístup , ale taková havěť doufám ještě nebyla vynalezena .

No šmejdi co dokáží zablokovat některé webové stránky bohužel existují.

TomášzePlzně píše:Omlouvám se za to vykání, zapomněl jsem, že si tykáme a ještě jeden dotaz, v době toho DDos útoku jsem znova použil čistič CCleaner, neměl bych tedy vytvořit a vložit jsem novější log z CF po použití toho čističe.

Není za co se omlouvat já všem na různých webech automaticky tykám, pokud se to někomu nelíbí napíše mi a já se polepším

To žes použil CCleaner nevadí, stejně ComboFix budeme kvůli dočištění spouštet znovu.

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

FireFox:: 
FF - ProfilePath - c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\f1gq97d8.default\
FF - prefs.js: browser.search.defaulturl -
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MON00005/tb_ ... rce=13&cc=
FF - user.js: extensions.Softonic.hpOld - hxxp://www.seznam.cz/
FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/MON00005/tb_ ... rce=13&cc=
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/MON00005/tb_ ... e=2&cc=&q=
FF - user.js: extensions.Softonic.dspOld - uTorrentBar_DE Customized Web Search
FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic)
FF - user.js: extensions.Softonic_i.dnsErr - true
FF - user.js: extensions.Softonic_i.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MON00005/tb_ ... rce=15&cc=
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MON00005/tb_ ... e=1&cc=&q=
FF - user.js: extensions.Softonic.id - e0fde77d000000000000002522d7840e
FF - user.js: extensions.Softonic.instlDay - 15516
FF - user.js: extensions.Softonic.vrsn - 1.5.24.3
FF - user.js: extensions.Softonic.vrsni - 1.5.24.3
FF - user.js: extensions.Softonic_i.vrsnTs - 1.5.24.314:46
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - base
FF - user.js: extensions.Softonic.instlRef - MON00005
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Já v diskuzi většinou počkám jakým způsobem budu osloven a pak se řídím heslem: Tyká mi - tykám mu taky, vyká mi - vykám mu taky, onikají nám - budeme jim onikat taky

. A teď jsem to porušil, a tak jsem vykal, což dělám vždy když musím druhého diskutujícího oslovit jako první.

Tak a tady je ten CF log

ComboFix 13-02-07.02 - admin 08.02.2013 23:48:12.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.217 [GMT 1:00]
Spuštěný z: c:\documents and settings\admin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\admin\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\admin\WINDOWS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-08 do 2013-02-08 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 15:32 . 2012-04-23 07:23 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 15:32 . 2011-05-14 16:55 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 12:23 . 2004-08-18 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 11:55 . 2004-08-18 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2013-02-06 00:47 . 2013-02-06 00:46 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736]
"nwiz"="nwiz.exe" [2009-03-27 1657376]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"RTHDCPL"="RTHDCPL.EXE" [2010-01-21 18789408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-12-03 33718272]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\KEM.exe [2006-8-15 581632]
LUMIX Simple Viewer.lnk - c:\program files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2006-9-7 57344]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-17 113024]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Documents and Settings\\admin\\Plocha\\Hry\\Widelands\\widelands.exe"=
"c:\\Documents and Settings\\admin\\Plocha\\Hry\\Freeciv-2.0.8-gtk2\\civserver.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\admin\\Plocha\\Hry\\Ping-Pong\\MainP.dat"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [13.8.2012 16:22 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9.8.2012 12:29 361032]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [23.11.2009 7:43 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23.11.2009 7:43 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [17.8.2011 22:47 116608]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\ACEDRV11.sys [23.1.2008 9:19 501560]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.8.2012 12:29 21256]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [14.9.2011 14:17 1617408]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [21.1.2010 13:35 1656960]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23.11.2009 7:43 12872]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 15:32]
.
2013-02-08 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-08-13 22:50]
.
.
------- Doplňkový sken -------
.
mLocal Page =
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
TCP: DhcpNameServer = 10.109.183.1 10.109.255.254
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\f1gq97d8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: !HIDDEN! 2009-09-02 02:20; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.hpOld - hxxp://www.seznam.cz/
FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.Softonic.dspOld - uTorrentBar_DE Customized Web Search
FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic)
FF - user.js: extensions.Softonic_i.dnsErr - true
FF - user.js: extensions.Softonic_i.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - e0fde77d000000000000002522d7840e
FF - user.js: extensions.Softonic.instlDay - 15516
FF - user.js: extensions.Softonic.vrsn - 1.5.24.3
FF - user.js: extensions.Softonic.vrsni - 1.5.24.3
FF - user.js: extensions.Softonic_i.vrsnTs - 1.5.24.314:46
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - base
FF - user.js: extensions.Softonic.instlRef - MON00005
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-08 23:59
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2696)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2013-02-09 00:02:11
ComboFix-quarantined-files.txt 2013-02-08 23:02
ComboFix2.txt 2013-02-04 22:27
ComboFix3.txt 2012-09-30 20:50
.
Před spuštěním: Volných bajtů: 174 135 279 616
Po spuštění: Volných bajtů: 174 110 732 288
.
- - End Of File - - E63FA3940331DF087B41123D51D5D864

Můžeš tu akci s tím skriptem udělat ještě jednou a dát pozor aby tam bylo vše co jsem napsal.

Nic se totiž nesmázlo, tak mi připadá že ten skript si nezkopíroval celý.

Tak tady je další CF log:

ComboFix 13-02-07.02 - admin 10.02.2013 15:43:39.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.92 [GMT 1:00]
Spuštěný z: c:\documents and settings\admin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\admin\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-10 do 2013-02-10 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 15:32 . 2012-04-23 07:23 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 15:32 . 2011-05-14 16:55 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 12:23 . 2004-08-18 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 11:55 . 2004-08-18 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2013-02-06 00:47 . 2013-02-06 00:46 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736]
"nwiz"="nwiz.exe" [2009-03-27 1657376]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"RTHDCPL"="RTHDCPL.EXE" [2010-01-21 18789408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-12-03 33718272]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\KEM.exe [2006-8-15 581632]
LUMIX Simple Viewer.lnk - c:\program files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2006-9-7 57344]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-17 113024]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Documents and Settings\\admin\\Plocha\\Hry\\Widelands\\widelands.exe"=
"c:\\Documents and Settings\\admin\\Plocha\\Hry\\Freeciv-2.0.8-gtk2\\civserver.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\admin\\Plocha\\Hry\\Ping-Pong\\MainP.dat"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [13.8.2012 16:22 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9.8.2012 12:29 361032]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [23.11.2009 7:43 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23.11.2009 7:43 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [17.8.2011 22:47 116608]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\ACEDRV11.sys [23.1.2008 9:19 501560]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.8.2012 12:29 21256]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [14.9.2011 14:17 1617408]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [21.1.2010 13:35 1656960]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23.11.2009 7:43 12872]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 15:32]
.
2013-02-10 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-08-13 22:50]
.
.
------- Doplňkový sken -------
.
mLocal Page =
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
TCP: DhcpNameServer = 10.109.183.1 10.109.255.254
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\f1gq97d8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: !HIDDEN! 2009-09-02 02:20; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-10 15:54
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3928)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2013-02-10 15:57:03
ComboFix-quarantined-files.txt 2013-02-10 14:57
ComboFix2.txt 2013-02-08 23:02
ComboFix3.txt 2013-02-04 22:27
ComboFix4.txt 2012-09-30 20:50
.
Před spuštěním: Volných bajtů: 173 846 274 048
Po spuštění: Volných bajtů: 173 818 228 736
.
- - End Of File - - 266466F4608AC682581532002EDA9E96

Tak je to správně

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo dole klikni na Search.

Po té proběhne sken a po jeho skončení na Tebe vypadne log, který mi sem zkopíruj.

Dobré ráno,
zde je ten log

# AdwCleaner v2.112 - Logfile created 02/11/2013 at 06:57:28
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : admin - AMD3000
# Boot Mode : Normal
# Running from : C:\Documents and Settings\admin\Plocha\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
File Found : C:\user.js
Folder Found : C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\f1gq97d8.default\Conduit
Folder Found : C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\f1gq97d8.default\ConduitCommon
Folder Found : C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\f1gq97d8.default\ConduitEngine
Folder Found : C:\Documents and Settings\admin\Data aplikací\PriceGong
Folder Found : C:\Documents and Settings\admin\Local Settings\Data aplikací\Conduit
Folder Found : C:\Documents and Settings\admin\Save
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Trymedia
Folder Found : C:\Program Files\Crawler
Folder Found : C:\Program Files\Trymedia

***** [Registry] *****

Key Found : HKCU\Software\ICQToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
Key Found : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
Key Found : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
Key Found : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_launcher
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
Key Found : HKLM\SOFTWARE\Classes\toolband.tbtoolband
Key Found : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
Key Found : HKLM\SOFTWARE\Classes\toolband.useroptions
Key Found : HKLM\SOFTWARE\Classes\toolband.useroptions.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1392740
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\2YourFace
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.17115

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd

-\\ Mozilla Firefox v18.0.2 (cs)

File : C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\f1gq97d8.default\prefs.js

Found : user_pref("CT1392740.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT1392740.CTID", "CT1392740");
Found : user_pref("CT1392740.Chat.Meebo.ServerLastCheckTime", "");
Found : user_pref("CT1392740.Chat.Meebo.ServerLastResponseTime", "Wed Mar 24 2010 16:42:05 GMT+0100");
Found : user_pref("CT1392740.Chat.Meebo.rooms.2030dff2c5edb1", 25);
Found : user_pref("CT1392740.Chat.Meebo.rooms.30plusa87dca4f", 15);
Found : user_pref("CT1392740.Chat.Meebo.rooms.entertainmentc0ed09fb", 10);
Found : user_pref("CT1392740.Chat.Meebo.rooms.health3693b665", 0);
Found : user_pref("CT1392740.Chat.Meebo.rooms.musicj375cf270", 6);
Found : user_pref("CT1392740.Chat.Meebo.rooms.myplaycitycommunitychat738b7c0f", 0);
Found : user_pref("CT1392740.Chat.Meebo.rooms.newsxu117b840d", 35);
Found : user_pref("CT1392740.Chat.Meebo.rooms.sports522528d3", 5);
Found : user_pref("CT1392740.Chat.Meebo.rooms.technology8bb9fd5b", 2);
Found : user_pref("CT1392740.Chat.Meebo.rooms.teenagers833b8249", 31);
Found : user_pref("CT1392740.Chat.Meebo.rooms.travel8c2e48db", 2);
Found : user_pref("CT1392740.Chat.Meebo.rooms.videogames2fe066e0", 0);
Found : user_pref("CT1392740.Chat.ServerLastCheckTime", "Wed Mar 24 2010 20:26:45 GMT+0100");
Found : user_pref("CT1392740.CurrentServerDate", "11-2-2011");
Found : user_pref("CT1392740.DialogsAlignMode", "LTR");
Found : user_pref("CT1392740.DownloadReferralCookieData", "");
Found : user_pref("CT1392740.ExternalComponentPollDate128992039413544031", "Wed Mar 24 2010 16:41:08 GMT+010[...]
Found : user_pref("CT1392740.FirstServerDate", "24-3-2010");
Found : user_pref("CT1392740.FirstTime", true);
Found : user_pref("CT1392740.FirstTimeFF3", true);
Found : user_pref("CT1392740.FirstTimeSettingsDone", true);
Found : user_pref("CT1392740.GroupingServerCheckInterval", 1440);
Found : user_pref("CT1392740.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT1392740.Initialize", true);
Found : user_pref("CT1392740.InitializeCommonPrefs", true);
Found : user_pref("CT1392740.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT1392740.InstalledDate", "Sat Jan 30 2010 21:42:42 GMT+0100");
Found : user_pref("CT1392740.InvalidateCache", false);
Found : user_pref("CT1392740.IsGrouping", false);
Found : user_pref("CT1392740.IsMulticommunity", false);
Found : user_pref("CT1392740.IsOpenThankYouPage", true);
Found : user_pref("CT1392740.IsOpenUninstallPage", true);
Found : user_pref("CT1392740.LanguagePackLastCheckTime", "Thu Feb 10 2011 19:01:15 GMT+0100");
Found : user_pref("CT1392740.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT1392740.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT1392740.LastLogin_2.2.0.9", "Sat Jan 30 2010 22:19:51 GMT+0100");
Found : user_pref("CT1392740.LastLogin_2.5.6.0", "Sun Aug 22 2010 14:24:46 GMT+0200");
Found : user_pref("CT1392740.LastLogin_2.5.8.6", "Tue Apr 27 2010 23:16:05 GMT+0200");
Found : user_pref("CT1392740.LastLogin_2.7.2.0", "Fri Feb 11 2011 17:50:13 GMT+0100");
Found : user_pref("CT1392740.LatestVersion", "3.2.5.2");
Found : user_pref("CT1392740.Locale", "en-us");
Found : user_pref("CT1392740.LoginCache", 4);
Found : user_pref("CT1392740.MCDetectTooltipHeight", "83");
Found : user_pref("CT1392740.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT1392740.MCDetectTooltipWidth", "295");
Found : user_pref("CT1392740.RadioIsPodcast", false);
Found : user_pref("CT1392740.RadioLastCheckTime", "Thu Feb 10 2011 19:01:15 GMT+0100");
Found : user_pref("CT1392740.RadioLastUpdateIPServer", "3");
Found : user_pref("CT1392740.RadioLastUpdateServer", "3");
Found : user_pref("CT1392740.RadioMediaID", "9957");
Found : user_pref("CT1392740.RadioMediaType", "Media Player");
Found : user_pref("CT1392740.RadioMenuSelectedID", "EBRadioMenu_CT1392740_RECENT9957");
Found : user_pref("CT1392740.RadioShrinked", "expanded");
Found : user_pref("CT1392740.RadioStationName", "Country");
Found : user_pref("CT1392740.RadioStationURL", "hxxp://www.sky.fm/wma/country.asx");
Found : user_pref("CT1392740.SHRINK_TOOLBAR", 1);
Found : user_pref("CT1392740.SearchBoxWidth", 100);
Found : user_pref("CT1392740.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT1392740.SearchFromAddressBarIsInit", true);
Found : user_pref("CT1392740.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT139[...]
Found : user_pref("CT1392740.SearchInNewTabEnabled", true);
Found : user_pref("CT1392740.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT1392740.SearchInNewTabLastCheckTime", "Thu Feb 10 2011 19:01:14 GMT+0100");
Found : user_pref("CT1392740.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT1392740.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT1392740.SettingsCheckIntervalMin", 120);
Found : user_pref("CT1392740.SettingsLastCheckTime", "Fri Feb 11 2011 17:50:06 GMT+0100");
Found : user_pref("CT1392740.SettingsLastUpdate", "1295944292");
Found : user_pref("CT1392740.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT1392740.ThirdPartyComponentsLastCheck", "Wed Feb 09 2011 02:27:13 GMT+0100");
Found : user_pref("CT1392740.ThirdPartyComponentsLastUpdate", "1278604166");
Found : user_pref("CT1392740.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Found : user_pref("CT1392740.UserID", "UN01893108170049584");
Found : user_pref("CT1392740.ValidationData_Search", 0);
Found : user_pref("CT1392740.ValidationData_Toolbar", 2);
Found : user_pref("CT1392740.WeatherNetwork", "");
Found : user_pref("CT1392740.WeatherPollDate", "Fri Feb 11 2011 17:50:16 GMT+0100");
Found : user_pref("CT1392740.WeatherUnit", "C");
Found : user_pref("CT1392740.alertChannelId", "3352");
Found : user_pref("CT1392740.clientLogIsEnabled", true);
Found : user_pref("CT1392740.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT1392740.components.1000034", false);
Found : user_pref("CT1392740.myStuffEnabled", true);
Found : user_pref("CT1392740.myStuffPublihserMinWidth", 400);
Found : user_pref("CT1392740.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT1392740.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT1392740.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT1392740.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2405280.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2405280.CTID", "CT2405280");
Found : user_pref("CT2405280.CurrentServerDate", "28-4-2010");
Found : user_pref("CT2405280.DialogsAlignMode", "LTR");
Found : user_pref("CT2405280.EMailNotifierPollDate", "Tue Apr 27 2010 23:16:07 GMT+0200");
Found : user_pref("CT2405280.FeedLastCount1783261708582779529", 1608);
Found : user_pref("CT2405280.FeedPollDate1783261706866434151", "Tue Apr 27 2010 23:16:07 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261707012811589", "Tue Apr 27 2010 23:16:07 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261707384123612", "Tue Apr 27 2010 23:16:07 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261707412150447", "Tue Apr 27 2010 23:16:09 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261707418280754", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261707599928299", "Tue Apr 27 2010 23:16:10 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261707617263572", "Tue Apr 27 2010 23:16:08 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261707752362117", "Tue Apr 27 2010 23:16:09 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261707795264368", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261707808925892", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261707869626670", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261707927596866", "Tue Apr 27 2010 23:16:07 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261707979233386", "Tue Apr 27 2010 23:16:07 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708034493544", "Tue Apr 27 2010 23:16:08 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708039069553", "Tue Apr 27 2010 23:16:08 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708204445100", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708227524777", "Tue Apr 27 2010 23:16:10 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708292165278", "Tue Apr 27 2010 23:16:09 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708353935180", "Tue Apr 27 2010 23:16:09 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708439778168", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708441073195", "Tue Apr 27 2010 23:16:07 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708501569511", "Tue Apr 27 2010 23:16:10 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708831214041", "Tue Apr 27 2010 23:16:10 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708861663992", "Tue Apr 27 2010 23:16:09 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708872995288", "Tue Apr 27 2010 23:16:10 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708956613188", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261708999019736", "Tue Apr 27 2010 23:16:08 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261709029944985", "Tue Apr 27 2010 23:16:10 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261709040316547", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261709118321128", "Tue Apr 27 2010 23:16:10 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261709147189875", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261709273103006", "Tue Apr 27 2010 23:16:10 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261709334228118", "Tue Apr 27 2010 23:16:09 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261709396042055", "Tue Apr 27 2010 23:16:08 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261709489005996", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261709505836033", "Tue Apr 27 2010 23:16:07 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261709733509620", "Tue Apr 27 2010 23:16:09 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261709917159621", "Tue Apr 27 2010 23:16:07 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261709924030613", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261709992975824", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261710020959596", "Tue Apr 27 2010 23:16:07 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261710022683544", "Tue Apr 27 2010 23:16:08 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261710146768558", "Tue Apr 27 2010 23:16:09 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261710237979418", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261710281192798", "Tue Apr 27 2010 23:16:07 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261710293301155", "Tue Apr 27 2010 23:16:08 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261710367954069", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261710537116573", "Tue Apr 27 2010 23:16:07 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261710539360442", "Tue Apr 27 2010 23:16:09 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261710710752156", "Tue Apr 27 2010 23:16:09 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261710876567422", "Tue Apr 27 2010 23:16:08 GMT+0200");
Found : user_pref("CT2405280.FeedPollDate1783261710898547036", "Tue Apr 27 2010 23:16:08 GMT+0200");
Found : user_pref("CT2405280.FeedTTL1783261706866434151", 30);
Found : user_pref("CT2405280.FeedTTL1783261707418280754", 60);
Found : user_pref("CT2405280.FeedTTL1783261707617263572", 15);
Found : user_pref("CT2405280.FeedTTL1783261707752362117", 1440);
Found : user_pref("CT2405280.FeedTTL1783261707927596866", 30);
Found : user_pref("CT2405280.FeedTTL1783261707979233386", 5);
Found : user_pref("CT2405280.FeedTTL1783261708034493544", 30);
Found : user_pref("CT2405280.FeedTTL1783261708039069553", 15);
Found : user_pref("CT2405280.FeedTTL1783261708439778168", 15);
Found : user_pref("CT2405280.FeedTTL1783261708441073195", 15);
Found : user_pref("CT2405280.FeedTTL1783261708872995288", 5);
Found : user_pref("CT2405280.FeedTTL1783261709147189875", 60);
Found : user_pref("CT2405280.FeedTTL1783261709334228118", 10);
Found : user_pref("CT2405280.FeedTTL1783261709396042055", 15);
Found : user_pref("CT2405280.FeedTTL1783261709505836033", 5);
Found : user_pref("CT2405280.FeedTTL1783261709917159621", 5);
Found : user_pref("CT2405280.FeedTTL1783261710281192798", 2);
Found : user_pref("CT2405280.FeedTTL1783261710537116573", 15);
Found : user_pref("CT2405280.FeedTTL1783261710898547036", 15);
Found : user_pref("CT2405280.FirstServerDate", "26-4-2010");
Found : user_pref("CT2405280.FirstTime", true);
Found : user_pref("CT2405280.FirstTimeFF3", true);
Found : user_pref("CT2405280.FixPageNotFoundErrors", true);
Found : user_pref("CT2405280.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2405280.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2405280.Initialize", true);
Found : user_pref("CT2405280.InitializeCommonPrefs", true);
Found : user_pref("CT2405280.InstalledDate", "Mon Apr 26 2010 21:23:06 GMT+0200");
Found : user_pref("CT2405280.InvalidateCache", false);
Found : user_pref("CT2405280.IsGrouping", false);
Found : user_pref("CT2405280.IsMulticommunity", false);
Found : user_pref("CT2405280.IsOpenThankYouPage", false);
Found : user_pref("CT2405280.IsOpenUninstallPage", true);
Found : user_pref("CT2405280.LanguagePackLastCheckTime", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2405280.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2405280.LastLogin_2.5.8.6", "Tue Apr 27 2010 23:16:05 GMT+0200");
Found : user_pref("CT2405280.LatestVersion", "2.1.0.18");
Found : user_pref("CT2405280.Locale", "en-us");
Found : user_pref("CT2405280.LoginCache", 4);
Found : user_pref("CT2405280.MCDetectTooltipHeight", "83");
Found : user_pref("CT2405280.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2405280.MCDetectTooltipWidth", "295");
Found : user_pref("CT2405280.RadioIsPodcast", false);
Found : user_pref("CT2405280.RadioLastCheckTime", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2405280.RadioLastUpdateServer", "129167775315800000");
Found : user_pref("CT2405280.RadioMediaID", "20503713");
Found : user_pref("CT2405280.RadioMediaType", "Media Player");
Found : user_pref("CT2405280.RadioMenuSelectedID", "EBRadioMenu_CT240528020503713");
Found : user_pref("CT2405280.RadioStationName", "Virgin%20Radio%20Classic%20Rock");
Found : user_pref("CT2405280.RadioStationURL", "hxxp://www.smgradio.com/core/audio/wmp/live.asx?service=vcbb[...]
Found : user_pref("CT2405280.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2405280.SavedHomepage", "resource:/browserconfig.properties");
Found : user_pref("CT2405280.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2405280.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2405280.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT240[...]
Found : user_pref("CT2405280.SearchInNewTabEnabled", true);
Found : user_pref("CT2405280.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2405280.SearchInNewTabLastCheckTime", "Tue Apr 27 2010 23:16:05 GMT+0200");
Found : user_pref("CT2405280.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2405280.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2405280.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2405280.SettingsLastCheckTime", "Tue Apr 27 2010 23:16:04 GMT+0200");
Found : user_pref("CT2405280.SettingsLastUpdate", "1272296727");
Found : user_pref("CT2405280.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2405280.ThirdPartyComponentsLastCheck", "Mon Apr 26 2010 21:23:05 GMT+0200");
Found : user_pref("CT2405280.ThirdPartyComponentsLastUpdate", "1272296727");
Found : user_pref("CT2405280.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2405280.UserID", "UN11373759627991387");
Found : user_pref("CT2405280.ValidationData_Toolbar", 2);
Found : user_pref("CT2405280.WeatherNetwork", "");
Found : user_pref("CT2405280.WeatherPollDate", "Tue Apr 27 2010 23:16:06 GMT+0200");
Found : user_pref("CT2405280.WeatherUnit", "C");
Found : user_pref("CT2405280.alertChannelId", "799768");
Found : user_pref("CT2405280.clientLogIsEnabled", true);
Found : user_pref("CT2405280.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2405280.myStuffEnabled", true);
Found : user_pref("CT2405280.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2405280.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2405280.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2405280.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2405280.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2851647..clientLogIsEnabled", false);
Found : user_pref("CT2851647..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2851647..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2851647.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2851647.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2851647.AppTrackingLastCheckTime", "Sun Jul 29 2012 11:32:41 GMT+0200");
Found : user_pref("CT2851647.CT2851647", "CT2851647");
Found : user_pref("CT2851647.CurrentServerDate", "7-8-2012");
Found : user_pref("CT2851647.DSChangedManually", false);
Found : user_pref("CT2851647.DSInstall", true);
Found : user_pref("CT2851647.DSProtectChoice", true);
Found : user_pref("CT2851647.DSProtectCount", 3);
Found : user_pref("CT2851647.DialogsAlignMode", "LTR");
Found : user_pref("CT2851647.DialogsGetterLastCheckTime", "Tue Aug 07 2012 19:05:41 GMT+0200");
Found : user_pref("CT2851647.DownloadReferralCookieData", "");
Found : user_pref("CT2851647.EMailNotifierPollDate", "Tue Aug 07 2012 19:05:41 GMT+0200");
Found : user_pref("CT2851647.FeedLastCount2532783744689806690", 501);
Found : user_pref("CT2851647.FeedPollDate2429156812186649977", "Tue Aug 07 2012 19:05:42 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813040823546", "Tue Aug 07 2012 19:05:41 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813130095866", "Tue Aug 07 2012 19:05:41 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813224203613", "Tue Aug 07 2012 19:05:41 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813230837251", "Tue Aug 07 2012 19:05:41 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813454291735", "Tue Aug 07 2012 19:05:41 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813729834876", "Tue Aug 07 2012 19:05:41 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813860870021", "Tue Aug 07 2012 19:05:42 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156814264681793", "Tue Aug 07 2012 19:05:42 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156814863075366", "Tue Aug 07 2012 19:05:41 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156815257761081", "Tue Aug 07 2012 19:05:41 GMT+0200");
Found : user_pref("CT2851647.FeedTTL2429156813040823546", 15);
Found : user_pref("CT2851647.FeedTTL2429156813130095866", 10);
Found : user_pref("CT2851647.FeedTTL2429156813454291735", 5);
Found : user_pref("CT2851647.FeedTTL2429156814264681793", 5);
Found : user_pref("CT2851647.FirstServerDate", "3-4-2012");
Found : user_pref("CT2851647.FirstTime", true);
Found : user_pref("CT2851647.FirstTimeFF3", true);
Found : user_pref("CT2851647.FixPageNotFoundErrors", false);
Found : user_pref("CT2851647.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2851647.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2851647.HPInstall", false);
Found : user_pref("CT2851647.HPProtectChoice", true);
Found : user_pref("CT2851647.HPProtectCount", 3);
Found : user_pref("CT2851647.HasUserGlobalKeys", true);
Found : user_pref("CT2851647.HomePageProtectorEnabled", false);
Found : user_pref("CT2851647.HomepageBeforeUnload", "hxxp://www.seznam.cz/");
Found : user_pref("CT2851647.Initialize", true);
Found : user_pref("CT2851647.InitializeCommonPrefs", true);
Found : user_pref("CT2851647.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2851647.InstallationType", "Unknown");
Found : user_pref("CT2851647.InstalledDate", "Mon Apr 02 2012 23:36:43 GMT+0200");
Found : user_pref("CT2851647.IsAlertDBUpdated", true);
Found : user_pref("CT2851647.IsGrouping", false);
Found : user_pref("CT2851647.IsInitSetupIni", true);
Found : user_pref("CT2851647.IsMulticommunity", false);
Found : user_pref("CT2851647.IsOpenThankYouPage", true);
Found : user_pref("CT2851647.IsOpenUninstallPage", true);
Found : user_pref("CT2851647.IsProtectorsInit", true);
Found : user_pref("CT2851647.LanguagePackLastCheckTime", "Tue Aug 07 2012 19:05:41 GMT+0200");
Found : user_pref("CT2851647.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2851647.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2851647.LastLogin_3.10.0.1", "Wed Apr 18 2012 00:01:36 GMT+0200");
Found : user_pref("CT2851647.LastLogin_3.12.0.7", "Mon May 14 2012 13:32:58 GMT+0200");
Found : user_pref("CT2851647.LastLogin_3.12.2.3", "Fri Jun 01 2012 00:56:12 GMT+0200");
Found : user_pref("CT2851647.LastLogin_3.13.0.6", "Tue Jul 17 2012 16:15:55 GMT+0200");
Found : user_pref("CT2851647.LastLogin_3.14.1.0", "Tue Aug 07 2012 19:05:40 GMT+0200");
Found : user_pref("CT2851647.LatestVersion", "3.14.1.0");
Found : user_pref("CT2851647.Locale", "de");
Found : user_pref("CT2851647.MCDetectTooltipHeight", "83");
Found : user_pref("CT2851647.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2851647.MCDetectTooltipWidth", "295");
Found : user_pref("CT2851647.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2851647.OriginalFirstVersion", "3.10.0.1");
Found : user_pref("CT2851647.SearchCaption", "uTorrentBar_DE Customized Web Search");
Found : user_pref("CT2851647.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Found : user_pref("CT2851647.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2851647.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
Found : user_pref("CT2851647.SearchInNewTabEnabled", true);
Found : user_pref("CT2851647.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2851647.SearchInNewTabLastCheckTime", "Tue Aug 07 2012 19:05:39 GMT+0200");
Found : user_pref("CT2851647.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2851647.SearchProtectorEnabled", true);
Found : user_pref("CT2851647.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2851647.SendProtectorDataViaLogin", true);
Found : user_pref("CT2851647.ServiceMapLastCheckTime", "Tue Aug 07 2012 19:05:40 GMT+0200");
Found : user_pref("CT2851647.SettingsLastCheckTime", "Tue Aug 07 2012 19:05:38 GMT+0200");
Found : user_pref("CT2851647.SettingsLastUpdate", "1342353909");
Found : user_pref("CT2851647.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13");
Found : user_pref("CT2851647.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2851647.ThirdPartyComponentsLastCheck", "Tue Jul 24 2012 03:01:50 GMT+0200");
Found : user_pref("CT2851647.ThirdPartyComponentsLastUpdate", "1331806000");
Found : user_pref("CT2851647.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2851647.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2851647");
Found : user_pref("CT2851647.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2851647.UserID", "UN24587525111252972");
Found : user_pref("CT2851647.ValidationData_Toolbar", 1);
Found : user_pref("CT2851647.WeatherNetwork", "");
Found : user_pref("CT2851647.WeatherPollDate", "Tue Aug 07 2012 19:05:42 GMT+0200");
Found : user_pref("CT2851647.WeatherUnit", "C");
Found : user_pref("CT2851647.alertChannelId", "1243681");
Found : user_pref("CT2851647.backendstorage.cbcountry_000", "435A");
Found : user_pref("CT2851647.backendstorage.cbcountry_001", "435A");
Found : user_pref("CT2851647.backendstorage.cbfirsttime", "4D6F6E2041707220303220323031322032333A33363A34362[...]
Found : user_pref("CT2851647.backendstorage.url_history0001", "687474703A2F2F7777772E676F6F676C652E637A2F757[...]
Found : user_pref("CT2851647.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2851647.globalFirstTimeInfoLastCheckTime", "Sat Aug 04 2012 01:20:11 GMT+0200");
Found : user_pref("CT2851647.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2851647.initDone", true);
Found : user_pref("CT2851647.isAppTrackingManagerOn", true);
Found : user_pref("CT2851647.myStuffEnabled", true);
Found : user_pref("CT2851647.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2851647.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2851647.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2851647.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2851647.navigateToUrlOnSearch", false);
Found : user_pref("CT2851647.oldAppsList", "129351532244963279,129351532245275780,1000234,129791456886122866[...]
Found : user_pref("CT2851647.revertSettingsEnabled", true);
Found : user_pref("CT2851647.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2851647.searchProtectorEnableByLogin", true);
Found : user_pref("CT2851647.testingCtid", "");
Found : user_pref("CT2851647.toolbarAppMetaDataLastCheckTime", "Tue Aug 07 2012 19:05:41 GMT+0200");
Found : user_pref("CT2851647.toolbarContextMenuLastCheckTime", "Wed Aug 01 2012 15:11:26 GMT+0200");
Found : user_pref("CT2851647.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentBar_DE Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2851647/CT2851647[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1243681/1239354/CZ", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851647", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851647",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"d12[...]
Found : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\admin\\Data aplika[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT1392740,CT2405280,ConduitEngine,CT2851647");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2405280,CT2851647");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2851647");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Apr 01 2011 01:45:26 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jun 20 2011 13:13:00 GMT+0200");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Jun 29 2011 14:25:45 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "c9d16d87-1dd0-4d62-8d6a-1d2520894a62");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Apr 16 2012 22:49:26 GMT+0200");
Found : user_pref("CommunityToolbar.globalUserId", "a20bd3c2-595d-4c50-8f64-186a424a01d8");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2851647");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Aug 04 2012 01:20:1[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Aug 07 2012 19:05:49 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Aug 07 2012 19:05:41 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "b7e41a2a-d263-4bf4-a1ca-869f9ff4717f");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.seznam.cz/");
Found : user_pref("CommunityToolbar.originalSearchEngine", "ICQ Search");
Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Jun 29 2011 14:25:56 GMT+0200");
Found : user_pref("ConduitEngine.CTID", "ConduitEngine");
Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Mon Jun 27 2011 23:18:41 GMT+0200");
Found : user_pref("ConduitEngine.FirstServerDate", "04/01/2011 02");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Fri Apr 01 2011 01:45:27 GMT+0200");
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Jun 29 2011 14:25:46 GMT+0200");
Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Wed Jun 29 2011 14:25:46 GMT+0200");
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Jun 29 2011 14:25:46 GMT+0200");
Found : user_pref("ConduitEngine.UserID", "UN39688978900828634");
Found : user_pref("ConduitEngine.componentAlertEnabled", false);
Found : user_pref("ConduitEngine.engineLocale", "cs");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Jun 29 2011 14:25:46 GMT+0200");
Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Wed Jun 29 2011 14:25:46 GMT+0200");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110021&tt=06061[...]
Found : user_pref("extensions.Softonic.cntry", "CZ");
Found : user_pref("extensions.Softonic.envrmnt", "production");
Found : user_pref("extensions.Softonic.hdrMd5", "C4DC4B15D25099F2372C5E189F385B04");
Found : user_pref("extensions.Softonic.hmpg", true);
Found : user_pref("extensions.Softonic.hrdid", "e0fde77d000000000000002522d7840e");
Found : user_pref("extensions.Softonic.isdcmntcmplt", "false");
Found : user_pref("extensions.Softonic.lastVrsnTs", "1.5.24.314:46:20");
Found : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Found : user_pref("extensions.Softonic.newTab", true);
Found : user_pref("extensions.Softonic.newtab", true);
Found : user_pref("extensions.Softonic.savedVrsnTs", "1");
Found : user_pref("extensions.Softonic.sg", "cz");
Found : user_pref("extensions.Softonic.similarsitesstorage-pid2", "af14018eadb2d102");
Found : user_pref("extensions.Softonic.smplGrp", "none");
Found : user_pref("extensions.Softonic.smplgrp", "none");
Found : user_pref("extensions.Softonic.srch", "");
Found : user_pref("extensions.Softonic.vrsnTs", "1.5.24.314:46:20");
Found : user_pref("extensions.Softonic.vrsnts", "1.5.24.314:46:20");

-\\ Google Chrome v21.0.1180.60

File : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [42678 octets] - [11/02/2013 06:57:28]

########## EOF - C:\AdwCleaner[R1].txt - [42739 octets] ##########

Ještě poslední úklid a mělo by být hotovo.

Znovu spusť AdwCleaner ale tentokrát klikni na Delete,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té na Tebe opět vypadne log který mi sem zkopíruj.

Tak tady je ten log.
A zapomněl jsem vypnout štíty Avastu! a jeho logo na ploše po restartu nějak podivně vybledlo - to jsem asi zoral co?

# AdwCleaner v2.112 - Logfile created 02/11/2013 at 22:25:52
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : admin - AMD3000
# Boot Mode : Normal
# Running from : C:\Documents and Settings\admin\Plocha\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
File Deleted : C:\user.js
Folder Deleted : C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\f1gq97d8.default\Conduit
Folder Deleted : C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\f1gq97d8.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\f1gq97d8.default\ConduitEngine
Folder Deleted : C:\Documents and Settings\admin\Data aplikací\PriceGong
Folder Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\Documents and Settings\admin\Save
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Trymedia
Folder Deleted : C:\Program Files\Crawler
Folder Deleted : C:\Program Files\Trymedia

***** [Registry] *****

Key Deleted : HKCU\Software\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
Key Deleted : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
Key Deleted : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_launcher
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.tbtoolband
Key Deleted : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.useroptions
Key Deleted : HKLM\SOFTWARE\Classes\toolband.useroptions.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1392740
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\2YourFace
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.17115

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.2 (cs)

File : C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\f1gq97d8.default\prefs.js

C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\f1gq97d8.default\user.js ... Deleted !

Deleted : user_pref("CT1392740.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT1392740.CTID", "CT1392740");
Deleted : user_pref("CT1392740.Chat.Meebo.ServerLastCheckTime", "");
Deleted : user_pref("CT1392740.Chat.Meebo.ServerLastResponseTime", "Wed Mar 24 2010 16:42:05 GMT+0100");
Deleted : user_pref("CT1392740.Chat.Meebo.rooms.2030dff2c5edb1", 25);
Deleted : user_pref("CT1392740.Chat.Meebo.rooms.30plusa87dca4f", 15);
Deleted : user_pref("CT1392740.Chat.Meebo.rooms.entertainmentc0ed09fb", 10);
Deleted : user_pref("CT1392740.Chat.Meebo.rooms.health3693b665", 0);
Deleted : user_pref("CT1392740.Chat.Meebo.rooms.musicj375cf270", 6);
Deleted : user_pref("CT1392740.Chat.Meebo.rooms.myplaycitycommunitychat738b7c0f", 0);
Deleted : user_pref("CT1392740.Chat.Meebo.rooms.newsxu117b840d", 35);
Deleted : user_pref("CT1392740.Chat.Meebo.rooms.sports522528d3", 5);
Deleted : user_pref("CT1392740.Chat.Meebo.rooms.technology8bb9fd5b", 2);
Deleted : user_pref("CT1392740.Chat.Meebo.rooms.teenagers833b8249", 31);
Deleted : user_pref("CT1392740.Chat.Meebo.rooms.travel8c2e48db", 2);
Deleted : user_pref("CT1392740.Chat.Meebo.rooms.videogames2fe066e0", 0);
Deleted : user_pref("CT1392740.Chat.ServerLastCheckTime", "Wed Mar 24 2010 20:26:45 GMT+0100");
Deleted : user_pref("CT1392740.CurrentServerDate", "11-2-2011");
Deleted : user_pref("CT1392740.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1392740.DownloadReferralCookieData", "");
Deleted : user_pref("CT1392740.ExternalComponentPollDate128992039413544031", "Wed Mar 24 2010 16:41:08 GMT+010[...]
Deleted : user_pref("CT1392740.FirstServerDate", "24-3-2010");
Deleted : user_pref("CT1392740.FirstTime", true);
Deleted : user_pref("CT1392740.FirstTimeFF3", true);
Deleted : user_pref("CT1392740.FirstTimeSettingsDone", true);
Deleted : user_pref("CT1392740.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT1392740.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT1392740.Initialize", true);
Deleted : user_pref("CT1392740.InitializeCommonPrefs", true);
Deleted : user_pref("CT1392740.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT1392740.InstalledDate", "Sat Jan 30 2010 21:42:42 GMT+0100");
Deleted : user_pref("CT1392740.InvalidateCache", false);
Deleted : user_pref("CT1392740.IsGrouping", false);
Deleted : user_pref("CT1392740.IsMulticommunity", false);
Deleted : user_pref("CT1392740.IsOpenThankYouPage", true);
Deleted : user_pref("CT1392740.IsOpenUninstallPage", true);
Deleted : user_pref("CT1392740.LanguagePackLastCheckTime", "Thu Feb 10 2011 19:01:15 GMT+0100");
Deleted : user_pref("CT1392740.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT1392740.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT1392740.LastLogin_2.2.0.9", "Sat Jan 30 2010 22:19:51 GMT+0100");
Deleted : user_pref("CT1392740.LastLogin_2.5.6.0", "Sun Aug 22 2010 14:24:46 GMT+0200");
Deleted : user_pref("CT1392740.LastLogin_2.5.8.6", "Tue Apr 27 2010 23:16:05 GMT+0200");
Deleted : user_pref("CT1392740.LastLogin_2.7.2.0", "Fri Feb 11 2011 17:50:13 GMT+0100");
Deleted : user_pref("CT1392740.LatestVersion", "3.2.5.2");
Deleted : user_pref("CT1392740.Locale", "en-us");
Deleted : user_pref("CT1392740.LoginCache", 4);
Deleted : user_pref("CT1392740.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT1392740.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT1392740.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT1392740.RadioIsPodcast", false);
Deleted : user_pref("CT1392740.RadioLastCheckTime", "Thu Feb 10 2011 19:01:15 GMT+0100");
Deleted : user_pref("CT1392740.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT1392740.RadioLastUpdateServer", "3");
Deleted : user_pref("CT1392740.RadioMediaID", "9957");
Deleted : user_pref("CT1392740.RadioMediaType", "Media Player");
Deleted : user_pref("CT1392740.RadioMenuSelectedID", "EBRadioMenu_CT1392740_RECENT9957");
Deleted : user_pref("CT1392740.RadioShrinked", "expanded");
Deleted : user_pref("CT1392740.RadioStationName", "Country");
Deleted : user_pref("CT1392740.RadioStationURL", "hxxp://www.sky.fm/wma/country.asx");
Deleted : user_pref("CT1392740.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT1392740.SearchBoxWidth", 100);
Deleted : user_pref("CT1392740.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT1392740.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT1392740.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT139[...]
Deleted : user_pref("CT1392740.SearchInNewTabEnabled", true);
Deleted : user_pref("CT1392740.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT1392740.SearchInNewTabLastCheckTime", "Thu Feb 10 2011 19:01:14 GMT+0100");
Deleted : user_pref("CT1392740.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT1392740.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT1392740.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT1392740.SettingsLastCheckTime", "Fri Feb 11 2011 17:50:06 GMT+0100");
Deleted : user_pref("CT1392740.SettingsLastUpdate", "1295944292");
Deleted : user_pref("CT1392740.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT1392740.ThirdPartyComponentsLastCheck", "Wed Feb 09 2011 02:27:13 GMT+0100");
Deleted : user_pref("CT1392740.ThirdPartyComponentsLastUpdate", "1278604166");
Deleted : user_pref("CT1392740.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Deleted : user_pref("CT1392740.UserID", "UN01893108170049584");
Deleted : user_pref("CT1392740.ValidationData_Search", 0);
Deleted : user_pref("CT1392740.ValidationData_Toolbar", 2);
Deleted : user_pref("CT1392740.WeatherNetwork", "");
Deleted : user_pref("CT1392740.WeatherPollDate", "Fri Feb 11 2011 17:50:16 GMT+0100");
Deleted : user_pref("CT1392740.WeatherUnit", "C");
Deleted : user_pref("CT1392740.alertChannelId", "3352");
Deleted : user_pref("CT1392740.clientLogIsEnabled", true);
Deleted : user_pref("CT1392740.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT1392740.components.1000034", false);
Deleted : user_pref("CT1392740.myStuffEnabled", true);
Deleted : user_pref("CT1392740.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT1392740.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT1392740.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT1392740.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT1392740.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2405280.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2405280.CTID", "CT2405280");
Deleted : user_pref("CT2405280.CurrentServerDate", "28-4-2010");
Deleted : user_pref("CT2405280.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2405280.EMailNotifierPollDate", "Tue Apr 27 2010 23:16:07 GMT+0200");
Deleted : user_pref("CT2405280.FeedLastCount1783261708582779529", 1608);
Deleted : user_pref("CT2405280.FeedPollDate1783261706866434151", "Tue Apr 27 2010 23:16:07 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261707012811589", "Tue Apr 27 2010 23:16:07 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261707384123612", "Tue Apr 27 2010 23:16:07 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261707412150447", "Tue Apr 27 2010 23:16:09 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261707418280754", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261707599928299", "Tue Apr 27 2010 23:16:10 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261707617263572", "Tue Apr 27 2010 23:16:08 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261707752362117", "Tue Apr 27 2010 23:16:09 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261707795264368", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261707808925892", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261707869626670", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261707927596866", "Tue Apr 27 2010 23:16:07 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261707979233386", "Tue Apr 27 2010 23:16:07 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708034493544", "Tue Apr 27 2010 23:16:08 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708039069553", "Tue Apr 27 2010 23:16:08 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708204445100", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708227524777", "Tue Apr 27 2010 23:16:10 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708292165278", "Tue Apr 27 2010 23:16:09 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708353935180", "Tue Apr 27 2010 23:16:09 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708439778168", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708441073195", "Tue Apr 27 2010 23:16:07 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708501569511", "Tue Apr 27 2010 23:16:10 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708831214041", "Tue Apr 27 2010 23:16:10 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708861663992", "Tue Apr 27 2010 23:16:09 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708872995288", "Tue Apr 27 2010 23:16:10 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708956613188", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261708999019736", "Tue Apr 27 2010 23:16:08 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261709029944985", "Tue Apr 27 2010 23:16:10 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261709040316547", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261709118321128", "Tue Apr 27 2010 23:16:10 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261709147189875", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261709273103006", "Tue Apr 27 2010 23:16:10 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261709334228118", "Tue Apr 27 2010 23:16:09 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261709396042055", "Tue Apr 27 2010 23:16:08 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261709489005996", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261709505836033", "Tue Apr 27 2010 23:16:07 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261709733509620", "Tue Apr 27 2010 23:16:09 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261709917159621", "Tue Apr 27 2010 23:16:07 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261709924030613", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261709992975824", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261710020959596", "Tue Apr 27 2010 23:16:07 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261710022683544", "Tue Apr 27 2010 23:16:08 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261710146768558", "Tue Apr 27 2010 23:16:09 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261710237979418", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261710281192798", "Tue Apr 27 2010 23:16:07 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261710293301155", "Tue Apr 27 2010 23:16:08 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261710367954069", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261710537116573", "Tue Apr 27 2010 23:16:07 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261710539360442", "Tue Apr 27 2010 23:16:09 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261710710752156", "Tue Apr 27 2010 23:16:09 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261710876567422", "Tue Apr 27 2010 23:16:08 GMT+0200");
Deleted : user_pref("CT2405280.FeedPollDate1783261710898547036", "Tue Apr 27 2010 23:16:08 GMT+0200");
Deleted : user_pref("CT2405280.FeedTTL1783261706866434151", 30);
Deleted : user_pref("CT2405280.FeedTTL1783261707418280754", 60);
Deleted : user_pref("CT2405280.FeedTTL1783261707617263572", 15);
Deleted : user_pref("CT2405280.FeedTTL1783261707752362117", 1440);
Deleted : user_pref("CT2405280.FeedTTL1783261707927596866", 30);
Deleted : user_pref("CT2405280.FeedTTL1783261707979233386", 5);
Deleted : user_pref("CT2405280.FeedTTL1783261708034493544", 30);
Deleted : user_pref("CT2405280.FeedTTL1783261708039069553", 15);
Deleted : user_pref("CT2405280.FeedTTL1783261708439778168", 15);
Deleted : user_pref("CT2405280.FeedTTL1783261708441073195", 15);
Deleted : user_pref("CT2405280.FeedTTL1783261708872995288", 5);
Deleted : user_pref("CT2405280.FeedTTL1783261709147189875", 60);
Deleted : user_pref("CT2405280.FeedTTL1783261709334228118", 10);
Deleted : user_pref("CT2405280.FeedTTL1783261709396042055", 15);
Deleted : user_pref("CT2405280.FeedTTL1783261709505836033", 5);
Deleted : user_pref("CT2405280.FeedTTL1783261709917159621", 5);
Deleted : user_pref("CT2405280.FeedTTL1783261710281192798", 2);
Deleted : user_pref("CT2405280.FeedTTL1783261710537116573", 15);
Deleted : user_pref("CT2405280.FeedTTL1783261710898547036", 15);
Deleted : user_pref("CT2405280.FirstServerDate", "26-4-2010");
Deleted : user_pref("CT2405280.FirstTime", true);
Deleted : user_pref("CT2405280.FirstTimeFF3", true);
Deleted : user_pref("CT2405280.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2405280.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2405280.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2405280.Initialize", true);
Deleted : user_pref("CT2405280.InitializeCommonPrefs", true);
Deleted : user_pref("CT2405280.InstalledDate", "Mon Apr 26 2010 21:23:06 GMT+0200");
Deleted : user_pref("CT2405280.InvalidateCache", false);
Deleted : user_pref("CT2405280.IsGrouping", false);
Deleted : user_pref("CT2405280.IsMulticommunity", false);
Deleted : user_pref("CT2405280.IsOpenThankYouPage", false);
Deleted : user_pref("CT2405280.IsOpenUninstallPage", true);
Deleted : user_pref("CT2405280.LanguagePackLastCheckTime", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2405280.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2405280.LastLogin_2.5.8.6", "Tue Apr 27 2010 23:16:05 GMT+0200");
Deleted : user_pref("CT2405280.LatestVersion", "2.1.0.18");
Deleted : user_pref("CT2405280.Locale", "en-us");
Deleted : user_pref("CT2405280.LoginCache", 4);
Deleted : user_pref("CT2405280.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2405280.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2405280.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2405280.RadioIsPodcast", false);
Deleted : user_pref("CT2405280.RadioLastCheckTime", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2405280.RadioLastUpdateServer", "129167775315800000");
Deleted : user_pref("CT2405280.RadioMediaID", "20503713");
Deleted : user_pref("CT2405280.RadioMediaType", "Media Player");
Deleted : user_pref("CT2405280.RadioMenuSelectedID", "EBRadioMenu_CT240528020503713");
Deleted : user_pref("CT2405280.RadioStationName", "Virgin%20Radio%20Classic%20Rock");
Deleted : user_pref("CT2405280.RadioStationURL", "hxxp://www.smgradio.com/core/audio/wmp/live.asx?service=vcbb[...]
Deleted : user_pref("CT2405280.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2405280.SavedHomepage", "resource:/browserconfig.properties");
Deleted : user_pref("CT2405280.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2405280.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2405280.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT240[...]
Deleted : user_pref("CT2405280.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2405280.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2405280.SearchInNewTabLastCheckTime", "Tue Apr 27 2010 23:16:05 GMT+0200");
Deleted : user_pref("CT2405280.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2405280.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2405280.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2405280.SettingsLastCheckTime", "Tue Apr 27 2010 23:16:04 GMT+0200");
Deleted : user_pref("CT2405280.SettingsLastUpdate", "1272296727");
Deleted : user_pref("CT2405280.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2405280.ThirdPartyComponentsLastCheck", "Mon Apr 26 2010 21:23:05 GMT+0200");
Deleted : user_pref("CT2405280.ThirdPartyComponentsLastUpdate", "1272296727");
Deleted : user_pref("CT2405280.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT2405280.UserID", "UN11373759627991387");
Deleted : user_pref("CT2405280.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2405280.WeatherNetwork", "");
Deleted : user_pref("CT2405280.WeatherPollDate", "Tue Apr 27 2010 23:16:06 GMT+0200");
Deleted : user_pref("CT2405280.WeatherUnit", "C");
Deleted : user_pref("CT2405280.alertChannelId", "799768");
Deleted : user_pref("CT2405280.clientLogIsEnabled", true);
Deleted : user_pref("CT2405280.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2405280.myStuffEnabled", true);
Deleted : user_pref("CT2405280.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2405280.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2405280.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2405280.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2405280.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2851647..clientLogIsEnabled", false);
Deleted : user_pref("CT2851647..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2851647..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2851647.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2851647.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2851647.AppTrackingLastCheckTime", "Sun Jul 29 2012 11:32:41 GMT+0200");
Deleted : user_pref("CT2851647.CT2851647", "CT2851647");
Deleted : user_pref("CT2851647.CurrentServerDate", "7-8-2012");
Deleted : user_pref("CT2851647.DSChangedManually", false);
Deleted : user_pref("CT2851647.DSInstall", true);
Deleted : user_pref("CT2851647.DSProtectChoice", true);
Deleted : user_pref("CT2851647.DSProtectCount", 3);
Deleted : user_pref("CT2851647.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2851647.DialogsGetterLastCheckTime", "Tue Aug 07 2012 19:05:41 GMT+0200");
Deleted : user_pref("CT2851647.DownloadReferralCookieData", "");
Deleted : user_pref("CT2851647.EMailNotifierPollDate", "Tue Aug 07 2012 19:05:41 GMT+0200");
Deleted : user_pref("CT2851647.FeedLastCount2532783744689806690", 501);
Deleted : user_pref("CT2851647.FeedPollDate2429156812186649977", "Tue Aug 07 2012 19:05:42 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813040823546", "Tue Aug 07 2012 19:05:41 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813130095866", "Tue Aug 07 2012 19:05:41 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813224203613", "Tue Aug 07 2012 19:05:41 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813230837251", "Tue Aug 07 2012 19:05:41 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813454291735", "Tue Aug 07 2012 19:05:41 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813729834876", "Tue Aug 07 2012 19:05:41 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813860870021", "Tue Aug 07 2012 19:05:42 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156814264681793", "Tue Aug 07 2012 19:05:42 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156814863075366", "Tue Aug 07 2012 19:05:41 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156815257761081", "Tue Aug 07 2012 19:05:41 GMT+0200");
Deleted : user_pref("CT2851647.FeedTTL2429156813040823546", 15);
Deleted : user_pref("CT2851647.FeedTTL2429156813130095866", 10);
Deleted : user_pref("CT2851647.FeedTTL2429156813454291735", 5);
Deleted : user_pref("CT2851647.FeedTTL2429156814264681793", 5);
Deleted : user_pref("CT2851647.FirstServerDate", "3-4-2012");
Deleted : user_pref("CT2851647.FirstTime", true);
Deleted : user_pref("CT2851647.FirstTimeFF3", true);
Deleted : user_pref("CT2851647.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2851647.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2851647.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2851647.HPInstall", false);
Deleted : user_pref("CT2851647.HPProtectChoice", true);
Deleted : user_pref("CT2851647.HPProtectCount", 3);
Deleted : user_pref("CT2851647.HasUserGlobalKeys", true);
Deleted : user_pref("CT2851647.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2851647.HomepageBeforeUnload", "hxxp://www.seznam.cz/");
Deleted : user_pref("CT2851647.Initialize", true);
Deleted : user_pref("CT2851647.InitializeCommonPrefs", true);
Deleted : user_pref("CT2851647.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2851647.InstallationType", "Unknown");
Deleted : user_pref("CT2851647.InstalledDate", "Mon Apr 02 2012 23:36:43 GMT+0200");
Deleted : user_pref("CT2851647.IsAlertDBUpdated", true);
Deleted : user_pref("CT2851647.IsGrouping", false);
Deleted : user_pref("CT2851647.IsInitSetupIni", true);
Deleted : user_pref("CT2851647.IsMulticommunity", false);
Deleted : user_pref("CT2851647.IsOpenThankYouPage", true);
Deleted : user_pref("CT2851647.IsOpenUninstallPage", true);
Deleted : user_pref("CT2851647.IsProtectorsInit", true);
Deleted : user_pref("CT2851647.LanguagePackLastCheckTime", "Tue Aug 07 2012 19:05:41 GMT+0200");
Deleted : user_pref("CT2851647.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2851647.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2851647.LastLogin_3.10.0.1", "Wed Apr 18 2012 00:01:36 GMT+0200");
Deleted : user_pref("CT2851647.LastLogin_3.12.0.7", "Mon May 14 2012 13:32:58 GMT+0200");
Deleted : user_pref("CT2851647.LastLogin_3.12.2.3", "Fri Jun 01 2012 00:56:12 GMT+0200");
Deleted : user_pref("CT2851647.LastLogin_3.13.0.6", "Tue Jul 17 2012 16:15:55 GMT+0200");
Deleted : user_pref("CT2851647.LastLogin_3.14.1.0", "Tue Aug 07 2012 19:05:40 GMT+0200");
Deleted : user_pref("CT2851647.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2851647.Locale", "de");
Deleted : user_pref("CT2851647.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2851647.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2851647.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2851647.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2851647.OriginalFirstVersion", "3.10.0.1");
Deleted : user_pref("CT2851647.SearchCaption", "uTorrentBar_DE Customized Web Search");
Deleted : user_pref("CT2851647.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Deleted : user_pref("CT2851647.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2851647.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
Deleted : user_pref("CT2851647.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2851647.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2851647.SearchInNewTabLastCheckTime", "Tue Aug 07 2012 19:05:39 GMT+0200");
Deleted : user_pref("CT2851647.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2851647.SearchProtectorEnabled", true);
Deleted : user_pref("CT2851647.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2851647.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2851647.ServiceMapLastCheckTime", "Tue Aug 07 2012 19:05:40 GMT+0200");
Deleted : user_pref("CT2851647.SettingsLastCheckTime", "Tue Aug 07 2012 19:05:38 GMT+0200");
Deleted : user_pref("CT2851647.SettingsLastUpdate", "1342353909");
Deleted : user_pref("CT2851647.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13");
Deleted : user_pref("CT2851647.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2851647.ThirdPartyComponentsLastCheck", "Tue Jul 24 2012 03:01:50 GMT+0200");
Deleted : user_pref("CT2851647.ThirdPartyComponentsLastUpdate", "1331806000");
Deleted : user_pref("CT2851647.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2851647.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2851647");
Deleted : user_pref("CT2851647.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2851647.UserID", "UN24587525111252972");
Deleted : user_pref("CT2851647.ValidationData_Toolbar", 1);
Deleted : user_pref("CT2851647.WeatherNetwork", "");
Deleted : user_pref("CT2851647.WeatherPollDate", "Tue Aug 07 2012 19:05:42 GMT+0200");
Deleted : user_pref("CT2851647.WeatherUnit", "C");
Deleted : user_pref("CT2851647.alertChannelId", "1243681");
Deleted : user_pref("CT2851647.backendstorage.cbcountry_000", "435A");
Deleted : user_pref("CT2851647.backendstorage.cbcountry_001", "435A");
Deleted : user_pref("CT2851647.backendstorage.cbfirsttime", "4D6F6E2041707220303220323031322032333A33363A34362[...]
Deleted : user_pref("CT2851647.backendstorage.url_history0001", "687474703A2F2F7777772E676F6F676C652E637A2F757[...]
Deleted : user_pref("CT2851647.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2851647.globalFirstTimeInfoLastCheckTime", "Sat Aug 04 2012 01:20:11 GMT+0200");
Deleted : user_pref("CT2851647.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2851647.initDone", true);
Deleted : user_pref("CT2851647.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2851647.myStuffEnabled", true);
Deleted : user_pref("CT2851647.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2851647.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2851647.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2851647.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2851647.navigateToUrlOnSearch", false);
Deleted : user_pref("CT2851647.oldAppsList", "129351532244963279,129351532245275780,1000234,129791456886122866[...]
Deleted : user_pref("CT2851647.revertSettingsEnabled", true);
Deleted : user_pref("CT2851647.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2851647.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2851647.testingCtid", "");
Deleted : user_pref("CT2851647.toolbarAppMetaDataLastCheckTime", "Tue Aug 07 2012 19:05:41 GMT+0200");
Deleted : user_pref("CT2851647.toolbarContextMenuLastCheckTime", "Wed Aug 01 2012 15:11:26 GMT+0200");
Deleted : user_pref("CT2851647.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentBar_DE Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2851647/CT2851647[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1243681/1239354/CZ", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851647", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851647",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"d12[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\admin\\Data aplika[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1392740,CT2405280,ConduitEngine,CT2851647");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2405280,CT2851647");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2851647");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Apr 01 2011 01:45:26 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jun 20 2011 13:13:00 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Jun 29 2011 14:25:45 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "c9d16d87-1dd0-4d62-8d6a-1d2520894a62");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Apr 16 2012 22:49:26 GMT+0200");
Deleted : user_pref("CommunityToolbar.globalUserId", "a20bd3c2-595d-4c50-8f64-186a424a01d8");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2851647");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Aug 04 2012 01:20:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Aug 07 2012 19:05:49 GMT+020[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Aug 07 2012 19:05:41 GMT+0200");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "b7e41a2a-d263-4bf4-a1ca-869f9ff4717f");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.seznam.cz/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "ICQ Search");
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Jun 29 2011 14:25:56 GMT+0200");
Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Mon Jun 27 2011 23:18:41 GMT+0200");
Deleted : user_pref("ConduitEngine.FirstServerDate", "04/01/2011 02");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Fri Apr 01 2011 01:45:27 GMT+0200");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Jun 29 2011 14:25:46 GMT+0200");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Wed Jun 29 2011 14:25:46 GMT+0200");
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Jun 29 2011 14:25:46 GMT+0200");
Deleted : user_pref("ConduitEngine.UserID", "UN39688978900828634");
Deleted : user_pref("ConduitEngine.componentAlertEnabled", false);
Deleted : user_pref("ConduitEngine.engineLocale", "cs");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Jun 29 2011 14:25:46 GMT+0200");
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Wed Jun 29 2011 14:25:46 GMT+0200");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110021&tt=06061[...]
Deleted : user_pref("extensions.Softonic.cntry", "CZ");
Deleted : user_pref("extensions.Softonic.envrmnt", "production");
Deleted : user_pref("extensions.Softonic.hdrMd5", "C4DC4B15D25099F2372C5E189F385B04");
Deleted : user_pref("extensions.Softonic.hmpg", true);
Deleted : user_pref("extensions.Softonic.hrdid", "e0fde77d000000000000002522d7840e");
Deleted : user_pref("extensions.Softonic.isdcmntcmplt", "false");
Deleted : user_pref("extensions.Softonic.lastVrsnTs", "1.5.24.314:46:20");
Deleted : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Deleted : user_pref("extensions.Softonic.newTab", true);
Deleted : user_pref("extensions.Softonic.newtab", true);
Deleted : user_pref("extensions.Softonic.savedVrsnTs", "1");
Deleted : user_pref("extensions.Softonic.sg", "cz");
Deleted : user_pref("extensions.Softonic.similarsitesstorage-pid2", "af14018eadb2d102");
Deleted : user_pref("extensions.Softonic.smplGrp", "none");
Deleted : user_pref("extensions.Softonic.smplgrp", "none");
Deleted : user_pref("extensions.Softonic.srch", "");
Deleted : user_pref("extensions.Softonic.vrsnTs", "1.5.24.314:46:20");
Deleted : user_pref("extensions.Softonic.vrsnts", "1.5.24.314:46:20");

-\\ Google Chrome v21.0.1180.60

File : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [42809 octets] - [11/02/2013 06:57:28]
AdwCleaner[S1].txt - [43933 octets] - [11/02/2013 22:25:52]

########## EOF - C:\AdwCleaner[S1].txt - [43994 octets] ##########

Ale zdá se, že Avast! funguje normálně, že to bude asi OK

Pokud Avast jede normálně bude to v pohodě, on by totiž na tohle neměl mít extra vliv.

No a jaký je stav PC ?

VIRY.CZ

prosím o preventivku RSIT logu

prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu

Re: prosím o preventivku RSIT logu