VIRY.CZ

Dobrý den - prosím o kontrolu.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-09-2013
Ran by jindrich (administrator) on RODINA-54717216 on 08-09-2013 17:44:43
Running from C:\Documents and Settings\jindrich\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 6
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(PC Tools) C:\Program Files\PC Tools Security\pctsGui.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastUI.exe
(Google Inc.) C:\Documents and Settings\jindrich\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(SafetyNut Inc.) C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(PC Tools) C:\Program Files\PC Tools Security\pctsAuxs.exe
(PC Tools) C:\Program Files\PC Tools Security\pctsSvc.exe
(SafetyNut Inc.) C:\Program Files\Movies Toolbar\SafetyNut\safetynut.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Documents and Settings\jindrich\Dokumenty\Stažené soubory\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\ping.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ISTray] - C:\Program Files\PC Tools Security\pctsGui.exe [1589208 2010-12-01] (PC Tools)
HKLM\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corp.)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\jindrich\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [116648 2012-03-27] (Google Inc.)
HKCU\...\Run: [] -
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
MountPoints2: {112d90ff-d5a0-11e2-bc59-0050fc02431a} - F:\NokiaPCIA_Autorun.exe
MountPoints2: {26f7eaf5-d171-11e0-a868-0050fc02431a} - F:\Autorun.exe
MountPoints2: {ef52e8f0-d31f-11e0-a86b-0050fc02431a} - F:\start.exe
MountPoints2: {fa94fa3c-c65f-11e0-a845-0050fc02431a} - F:\Autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1369510492
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1369510492
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1369510492
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1369510492
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1369510492
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... ts=7929971
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... ts=7929971
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... ts=7929971
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... 2A2593F0DA
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... ts=7929971
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT3072253
BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL (ArcSoft, Inc.)
BHO: Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\PROGRA~1\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll ()
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\PROGRA~1\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll ()
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU -No Name - {F999A48B-1950-4D81-9971-79018F807B4B} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default
FF user.js: detected! => C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\user.js
FF NewTab: hxxp://isearch.babylon.com/?affID=120307&babsrc=NT_ss&mntrId=7809505e0000000000000050fc02431a
FF SearchEngineOrder.1: qvo6
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 883-99&t=4
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\jindrich\Local Settings\Data aplikací\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\jindrich\Local Settings\Data aplikací\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Yontoo - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\plugin@yontoo.com
FF Extension: Movies Toolbar (Dist. by Somoto Ltd.) - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}
FF Extension: uTorrentControl2 Community Toolbar - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
FF Extension: InnoGames International Community Toolbar - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}
FF Extension: uTorrentBar Community Toolbar - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF Extension: FreeOnlineRadioPlayerRecorder - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{f999a48b-1950-4d81-9971-79018f807b4b}
FF Extension: BS Player ControlBar Community Toolbar - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
FF Extension: SFT_de3 Community Toolbar - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{ff88a983-649d-4207-9336-9b999280b436}
FF Extension: check4change-owner - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\check4change-owner@mozdev.org.xpi
FF Extension: OneClickDownload - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\OneClickDownload@OneClickDownload.com.xpi
FF Extension: No Name - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF Extension: No Name - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
FF Extension: No Name - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{eb80b076-a444-444c-a590-5aee5d977d80}.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}] C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox
FF Extension: Internet Video Downloader - C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox
FF HKLM\...\Firefox\Extensions: [ocr@babylon.com] C:\Program Files\Babylon\Babylon-Pro\Utils\ocr@babylon.com

Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1369510492"
CHR DefaultSearchURL: (qvo6) - http://search.qvo6.com/web/?utm_source= ... earchTerms}
CHR DefaultSuggestURL: (qvo6) - "suggest_url": ""
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\jindrich\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\jindrich\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\jindrich\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Office Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\jindrich\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\DOCUME~1\jindrich\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\jindrich\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\jindrich\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\DOCUME~1\jindrich\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Documents and Settings\jindrich\Local Settings\Data aplikací\somotomoviestoolbar1\GC\toolbar.crx
CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\DOCUME~1\jindrich\LOCALS~1\Temp\crx5C.tmp
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files\Yontoo\YontooLayers.crx
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Documents and Settings\jindrich\Local Settings\Data aplikací\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx
CHR HKLM\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files\1ClickDownload\oneclickdownloader10.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\jindrich\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2255464 2011-08-03] (NVIDIA Corporation)
R2 SafetyNutManager; C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe [3394056 2013-08-20] (SafetyNut Inc.)
R2 sdAuxService; C:\Program Files\PC Tools Security\pctsAuxs.exe [366840 2010-03-15] (PC Tools)
R2 sdCoreService; C:\Program Files\PC Tools Security\pctsSvc.exe [1150936 2010-11-19] (PC Tools)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2011-08-14] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-07-04] (Disc Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2011-08-14] ()
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 nm; C:\Windows\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Corporation)
S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54400 2008-03-25] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [132096 2008-01-25] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2008-03-25] (NVIDIA Corporation)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [239168 2010-11-25] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS.sys [338880 2010-07-16] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA.sys [656320 2010-07-16] (PC Tools)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 Secdrv; C:\Windows\System32\DRIVERS\secdrv.sys [28400 2013-07-13] ()
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (The OpenVPN Project)
S3 vtcdrv; C:\Windows\System32\Drivers\vtcdrv.sys [18560 2008-05-09] (Windows (R) Codename Longhorn DDK provider)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-08 17:44 - 2013-09-08 14:11 - 00046048 _____ C:\Documents and Settings\jindrich\Plocha\logmodification.bat
2013-09-08 17:44 - 2013-09-08 00:28 - 01082239 _____ (Farbar) C:\Documents and Settings\jindrich\Plocha\FRST.exe
2013-09-08 17:28 - 2013-09-08 17:29 - 00000000 ____D C:\Program Files\Minibar
2013-09-08 17:27 - 2013-09-08 17:27 - 00000000 ____D C:\Documents and Settings\jindrich\Data aplikací\somotomoviestoolbar1
2013-09-08 17:26 - 2013-09-08 17:26 - 00000000 ____D C:\Program Files\Movies Toolbar
2013-08-28 20:02 - 2013-08-28 20:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-14 21:31 - 2013-08-14 21:46 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-14 21:28 - 2013-08-14 21:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862772$
2013-08-14 21:27 - 2013-08-14 21:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-14 21:26 - 2013-08-14 21:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-14 21:26 - 2013-08-14 21:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-14 21:24 - 2013-08-14 21:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$

==================== One Month Modified Files and Folders =======

2013-09-08 17:44 - 2013-09-08 17:44 - 00000000 ____D C:\FRST
2013-09-08 17:44 - 2011-05-28 17:51 - 00000000 ____D C:\Documents and Settings\jindrich\Plocha
2013-09-08 17:43 - 2012-08-13 20:06 - 00000000 ____D C:\Documents and Settings\jindrich\Dokumenty\Stažené soubory
2013-09-08 17:43 - 2011-05-28 17:51 - 00000000 ___HD C:\DOCUME~1\jindrich\LOCALS~1\Data aplikací
2013-09-08 17:35 - 2011-05-28 19:29 - 01026716 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-08 17:35 - 2011-05-28 17:51 - 00000000 ___RD C:\Documents and Settings\jindrich\Nabídka Start\Programy
2013-09-08 17:33 - 2013-03-17 16:36 - 00000374 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2013-09-08 17:33 - 2013-02-24 13:11 - 01798882 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-08 17:31 - 2011-05-28 18:34 - 00000000 ____D C:\Program Files\PC Tools Security
2013-09-08 17:30 - 2012-07-04 23:11 - 00000318 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-09-08 17:30 - 2011-05-28 17:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-08 17:30 - 2001-10-25 14:00 - 00002228 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-08 17:29 - 2013-09-08 17:28 - 00000000 ____D C:\Program Files\Minibar
2013-09-08 17:27 - 2013-09-08 17:27 - 00000000 ____D C:\Documents and Settings\jindrich\Data aplikací\somotomoviestoolbar1
2013-09-08 17:27 - 2011-05-28 19:28 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-09-08 17:27 - 2011-05-28 17:51 - 00000000 __RHD C:\Documents and Settings\jindrich\Data aplikací
2013-09-08 17:26 - 2013-09-08 17:26 - 00000000 ____D C:\Program Files\Movies Toolbar
2013-09-08 14:11 - 2013-09-08 17:44 - 00046048 _____ C:\Documents and Settings\jindrich\Plocha\logmodification.bat
2013-09-08 00:28 - 2013-09-08 17:44 - 01082239 _____ (Farbar) C:\Documents and Settings\jindrich\Plocha\FRST.exe
2013-09-06 21:19 - 2013-02-24 13:12 - 00032546 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-06 21:19 - 2011-05-28 17:51 - 00000178 ___SH C:\Documents and Settings\jindrich\ntuser.ini
2013-09-06 20:43 - 2011-05-29 17:45 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2013-09-06 20:41 - 2011-05-28 17:51 - 00000000 ____D C:\Documents and Settings\jindrich
2013-09-06 20:04 - 2011-05-28 17:46 - 00002504 _____ C:\WINDOWS\system32\CONFIG.NT
2013-09-01 15:36 - 2012-09-13 16:09 - 00000000 ____D C:\Program Files\PDFCreator
2013-09-01 15:35 - 2012-04-21 10:57 - 00000000 ____D C:\Program Files\CCleaner
2013-09-01 09:38 - 2013-03-10 13:57 - 00518144 _____ C:\Documents and Settings\jindrich\Plocha\Click.xls
2013-08-31 09:15 - 2013-02-26 11:33 - 00012864 _____ C:\drwtsn32.log
2013-08-30 09:48 - 2013-03-02 08:50 - 00177864 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-03-02 08:50 - 00066336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-03-02 08:50 - 00049376 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2011-05-28 18:35 - 00770344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2011-05-28 18:31 - 00369584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2011-05-28 18:31 - 00056080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2011-05-28 18:31 - 00049760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-08-30 09:48 - 2011-05-28 18:31 - 00029816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-08-30 09:47 - 2011-05-28 18:30 - 00229648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-08-30 09:47 - 2011-05-28 18:30 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-08-28 20:02 - 2013-08-28 20:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-28 20:02 - 2011-05-28 18:35 - 01366062 _____ C:\WINDOWS\system32\Drivers\Cat.DB
2013-08-28 20:01 - 2011-06-28 16:15 - 00000000 ____D C:\Documents and Settings\jindrich\Plocha\MAMCA
2013-08-28 08:30 - 2012-08-24 17:51 - 00000000 ____D C:\Documents and Settings\jindrich\Plocha\Stavospol
2013-08-28 08:26 - 2013-04-01 10:28 - 00000000 ____D C:\Program Files\DsNET Corp
2013-08-28 08:26 - 2011-05-28 19:28 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-08-26 11:43 - 2011-05-29 14:18 - 00000000 ___RD C:\Documents and Settings\jindrich\Dokumenty\Filmy
2013-08-26 09:55 - 2011-05-28 17:51 - 00000000 ___RD C:\Documents and Settings\jindrich\Dokumenty
2013-08-25 22:03 - 2011-05-28 17:49 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2013-08-19 18:12 - 2013-06-26 06:24 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-18 22:01 - 2013-08-07 18:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-14 21:46 - 2013-08-14 21:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-14 21:32 - 2011-05-29 13:34 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-08-14 21:29 - 2011-05-29 09:50 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 21:28 - 2013-08-14 21:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862772$
2013-08-14 21:27 - 2013-08-14 21:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-14 21:26 - 2013-08-14 21:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-14 21:26 - 2013-08-14 21:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-14 21:26 - 2011-05-29 09:46 - 00037246 _____ C:\WINDOWS\system32\TZLog.log
2013-08-14 21:24 - 2013-08-14 21:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$

Files to move or delete:
====================
C:\DOCUME~1\jindrich\LOCALS~1\Temp\appshat-distribution.exe
C:\DOCUME~1\jindrich\LOCALS~1\Temp\MoviesToolbarSetup_Somoto.exe
C:\DOCUME~1\jindrich\LOCALS~1\Temp\NEventMessages.dll
C:\DOCUME~1\jindrich\LOCALS~1\Temp\NOSEventMessages.dll
C:\DOCUME~1\jindrich\LOCALS~1\Temp\OptimizerPro.exe
C:\DOCUME~1\jindrich\LOCALS~1\Temp\Optimizer_Pro.exe
C:\DOCUME~1\jindrich\LOCALS~1\Temp\PDFCreator-1_3_2_setup.exe
C:\DOCUME~1\jindrich\LOCALS~1\Temp\UpdateCheckerSetup.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-17 16:49] - [2008-04-14 05:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2004-08-17 16:49] - [2008-04-14 05:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2004-08-17 16:49] - [2008-04-14 05:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2004-08-17 16:49] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2004-08-17 16:49] - [2008-04-14 05:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2004-08-17 16:49] - [2008-04-14 05:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-17 16:44] - [2008-04-14 04:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.9 (09.07.2013:1)
OS: Microsoft Windows XP x86
Ran by jindrich on po 09.09.2013 at 18:11:08,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-507921405-1202660629-839522115-1003\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2737658
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2786678
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3031778
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3072253
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files

Successfully disinfected: [Shortcut] C:\Documents and Settings\jindrich\Data aplikacˇ\Microsoft\Internet Explorer\Quick Launch\Spustit prohlˇ§eź Internet Explorer.lnk



~~~ Folders

Failed to delete: [Folder] "C:\Program Files\movies toolbar"



~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\qvo6.xml"
Successfully deleted: [File] C:\Documents and Settings\jindrich\Data aplikacˇ\mozilla\firefox\profiles\rg662xqg.default\user.js
Successfully deleted: [File] C:\Documents and Settings\jindrich\Data aplikacˇ\mozilla\firefox\profiles\rg662xqg.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Documents and Settings\jindrich\Data aplikacˇ\mozilla\firefox\profiles\rg662xqg.default\searchplugins\conduit.xml
Successfully deleted: [Folder] C:\Documents and Settings\jindrich\Data aplikacˇ\mozilla\firefox\profiles\rg662xqg.default\conduitcommon
Successfully deleted: [Folder] C:\Documents and Settings\jindrich\Data aplikacˇ\mozilla\firefox\profiles\rg662xqg.default\extensions\plugin@yontoo.com
Successfully deleted: [Folder] C:\Documents and Settings\jindrich\Data aplikacˇ\mozilla\firefox\profiles\rg662xqg.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [Folder] C:\Documents and Settings\jindrich\Data aplikacˇ\mozilla\firefox\profiles\rg662xqg.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\ocr@babylon.com
Successfully deleted the following from C:\Documents and Settings\jindrich\Data aplikacˇ\mozilla\firefox\profiles\rg662xqg.default\prefs.js

user_pref("CT1750559..clientLogIsEnabled", false);
user_pref("CT1750559..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT1750559..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT1750559.CTID", "CT1750559");
user_pref("CT1750559.CurrentServerDate", "28-7-2011");
user_pref("CT1750559.DialogsAlignMode", "LTR");
user_pref("CT1750559.DownloadReferralCookieData", "");
user_pref("CT1750559.FirstServerDate", "28-7-2011");
user_pref("CT1750559.FirstTime", true);
user_pref("CT1750559.FirstTimeFF3", true);
user_pref("CT1750559.FixPageNotFoundErrors", true);
user_pref("CT1750559.GroupingServerCheckInterval", 1440);
user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT1750559.HasUserGlobalKeys", true);
user_pref("CT1750559.Initialize", true);
user_pref("CT1750559.InitializeCommonPrefs", true);
user_pref("CT1750559.InstallationAndCookieDataSentCount", 1);
user_pref("CT1750559.InstallationType", "UnknownIntegration");
user_pref("CT1750559.InstalledDate", "Thu Jul 28 2011 14:11:20 GMT+0200");
user_pref("CT1750559.InvalidateCache", false);
user_pref("CT1750559.IsGrouping", false);
user_pref("CT1750559.IsMulticommunity", false);
user_pref("CT1750559.IsOpenThankYouPage", true);
user_pref("CT1750559.IsOpenUninstallPage", true);
user_pref("CT1750559.LanguagePackLastCheckTime", "Thu Jul 28 2011 14:11:21 GMT+0200");
user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT1750559.LastLogin_3.2.5.2", "Thu Jul 28 2011 14:11:19 GMT+0200");
user_pref("CT1750559.LatestVersion", "3.3.3.2");
user_pref("CT1750559.Locale", "en-us");
user_pref("CT1750559.MCDetectTooltipHeight", "83");
user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT1750559.MCDetectTooltipWidth", "295");
user_pref("CT1750559.RadioIsPodcast", false);
user_pref("CT1750559.RadioLastCheckTime", "Thu Jul 28 2011 14:11:21 GMT+0200");
user_pref("CT1750559.RadioLastUpdateIPServer", "3");
user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
user_pref("CT1750559.RadioMediaID", "11237206");
user_pref("CT1750559.RadioMediaType", "Media Player");
user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
user_pref("CT1750559.SavedHomepage", "hxxp://www.google.cz/");
user_pref("CT1750559.SearchFromAddressBarIsInit", true);
user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&q=");
user_pref("CT1750559.SearchInNewTabEnabled", true);
user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
user_pref("CT1750559.SearchInNewTabLastCheckTime", "Thu Jul 28 2011 14:11:21 GMT+0200");
user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT1750559.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT1750559.ServiceMapLastCheckTime", "Thu Jul 28 2011 14:11:19 GMT+0200");
user_pref("CT1750559.SettingsLastCheckTime", "Thu Jul 28 2011 17:01:14 GMT+0200");
user_pref("CT1750559.SettingsLastUpdate", "1311168857");
user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Thu Jul 28 2011 14:11:19 GMT+0200");
user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1246786978");
user_pref("CT1750559.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
user_pref("CT1750559.UserID", "UN55915251857702927");
user_pref("CT1750559.ValidationData_Toolbar", 1);
user_pref("CT1750559.WeatherNetwork", "");
user_pref("CT1750559.WeatherPollDate", "Thu Jul 28 2011 14:11:21 GMT+0200");
user_pref("CT1750559.WeatherUnit", "C");
user_pref("CT1750559.alertChannelId", "31130");
user_pref("CT1750559.backendstorage.amazonnew_all", "313332383739312C313339323537312C313339323737312C313338323834312C313338373635312C313339323936312C313334343039312C3133383136
user_pref("CT1750559.backendstorage.appbuttondisablenull", "30");
user_pref("CT1750559.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "434C4F5345");
user_pref("CT1750559.components.1000082", false);
user_pref("CT1750559.components.1000234", false);
user_pref("CT1750559.components.128798613156656718", false);
user_pref("CT1750559.components.128798615652125058", false);
user_pref("CT1750559.components.128799483018569087", false);
user_pref("CT1750559.components.128799492222006997", false);
user_pref("CT1750559.components.128799492477944433", false);
user_pref("CT1750559.components.128799492822006721", false);
user_pref("CT1750559.components.128799493365913112", false);
user_pref("CT1750559.components.128799493510443926", false);
user_pref("CT1750559.components.128799493660600615", false);
user_pref("CT1750559.components.129242840850880190", false);
user_pref("CT1750559.components.129290204230081749", false);
user_pref("CT1750559.components.129495727276863004", false);
user_pref("CT1750559.components.129502713039250930", false);
user_pref("CT1750559.components.129536377873044161", false);
user_pref("CT1750559.components.129544988592463877", false);
user_pref("CT1750559.components.9090386727888738451", false);
user_pref("CT1750559.myStuffEnabled", true);
user_pref("CT1750559.myStuffPublihserMinWidth", 400);
user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT1750559.testingCtid", "");
user_pref("CT1750559.toolbarAppMetaDataLastCheckTime", "Thu Jul 28 2011 14:11:19 GMT+0200");
user_pref("CT1750559.toolbarContextMenuLastCheckTime", "Thu Jul 28 2011 14:11:22 GMT+0200");
user_pref("CT1750559.usagesFlag", 2);
user_pref("CT2737658..clientLogIsEnabled", true);
user_pref("CT2737658..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2737658..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2737658.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2737658.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2737658.AppTrackingLastCheckTime", "Fri Jan 27 2012 06:18:17 GMT+0100");
user_pref("CT2737658.BrowserCompStateIsOpen_129674830183032820", true);
user_pref("CT2737658.CTID", "CT2737658");
user_pref("CT2737658.CurrentServerDate", "27-1-2012");
user_pref("CT2737658.DSInstall", true);
user_pref("CT2737658.DialogsAlignMode", "LTR");
user_pref("CT2737658.DialogsGetterLastCheckTime", "Fri Jan 27 2012 06:18:10 GMT+0100");
user_pref("CT2737658.DownloadReferralCookieData", "");
user_pref("CT2737658.FeedLastCount129531111962231774", 140);
user_pref("CT2737658.FeedPollDate128932492092456574", "Fri Jan 27 2012 06:18:08 GMT+0100");
user_pref("CT2737658.FeedPollDate129066712740779554", "Fri Jan 27 2012 06:18:08 GMT+0100");
user_pref("CT2737658.FeedPollDate129182867803381395", "Fri Jan 27 2012 06:43:12 GMT+0100");
user_pref("CT2737658.FeedPollDate129531111962241536", "Fri Jan 27 2012 06:18:08 GMT+0100");
user_pref("CT2737658.FeedPollDate129531111962251297", "Fri Jan 27 2012 06:18:08 GMT+0100");
user_pref("CT2737658.FeedPollDate129531111962251298", "Fri Jan 27 2012 06:18:08 GMT+0100");
user_pref("CT2737658.FeedPollDate129531111962251299", "Fri Jan 27 2012 06:18:08 GMT+0100");
user_pref("CT2737658.FeedPollDate129531111962251300", "Fri Jan 27 2012 06:18:08 GMT+0100");
user_pref("CT2737658.FeedTTL128932492092456574", 40);
user_pref("CT2737658.FeedTTL129066712740779554", 40);
user_pref("CT2737658.FeedTTL129182867803381395", 40);
user_pref("CT2737658.FeedTTL129531111962241536", 40);
user_pref("CT2737658.FeedTTL129531111962251297", 40);
user_pref("CT2737658.FeedTTL129531111962251298", 40);
user_pref("CT2737658.FeedTTL129531111962251299", 40);
user_pref("CT2737658.FeedTTL129531111962251300", 40);
user_pref("CT2737658.FirstServerDate", "27-1-2012");
user_pref("CT2737658.FirstTime", true);
user_pref("CT2737658.FirstTimeFF3", true);
user_pref("CT2737658.FixPageNotFoundErrors", true);
user_pref("CT2737658.GroupingServerCheckInterval", 1440);
user_pref("CT2737658.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2737658.HPChangedManually", false);
user_pref("CT2737658.HPInstall", true);
user_pref("CT2737658.HasUserGlobalKeys", true);
user_pref("CT2737658.HomePageProtectorEnabled", true);
user_pref("CT2737658.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2737658&SearchSource=13");
user_pref("CT2737658.Initialize", true);
user_pref("CT2737658.InitializeCommonPrefs", true);
user_pref("CT2737658.InstallationAndCookieDataSentCount", 1);
user_pref("CT2737658.InstallationId", "ConduitNSISIntegration");
user_pref("CT2737658.InstallationType", "ConduitXPEIntegration");
user_pref("CT2737658.InstalledDate", "Fri Jan 27 2012 06:18:05 GMT+0100");
user_pref("CT2737658.InvalidateCache", false);
user_pref("CT2737658.IsGrouping", false);
user_pref("CT2737658.IsInitSetupIni", true);
user_pref("CT2737658.IsMulticommunity", false);
user_pref("CT2737658.IsOpenThankYouPage", false);
user_pref("CT2737658.IsOpenUninstallPage", true);
user_pref("CT2737658.IsProtectorsInit", true);
user_pref("CT2737658.LanguagePackLastCheckTime", "Fri Jan 27 2012 06:18:07 GMT+0100");
user_pref("CT2737658.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2737658.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2737658.LastLogin_3.9.0.3", "Fri Jan 27 2012 06:18:07 GMT+0100");
user_pref("CT2737658.LatestVersion", "3.9.0.3");
user_pref("CT2737658.Locale", "en");
user_pref("CT2737658.MCDetectTooltipHeight", "83");
user_pref("CT2737658.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2737658.MCDetectTooltipWidth", "295");
user_pref("CT2737658.MyStuffEnabledAtInstallation", true);
user_pref("CT2737658.OriginalFirstVersion", "3.9.0.3");
user_pref("CT2737658.RadioIsPodcast", false);
user_pref("CT2737658.RadioLastCheckTime", "Fri Jan 27 2012 06:18:07 GMT+0100");
user_pref("CT2737658.RadioLastUpdateIPServer", "3");
user_pref("CT2737658.RadioLastUpdateServer", "129259829623770000");
user_pref("CT2737658.RadioMediaID", "21145355");
user_pref("CT2737658.RadioMediaType", "Media Player");
user_pref("CT2737658.RadioMenuSelectedID", "EBRadioMenu_CT273765821145355");
user_pref("CT2737658.RadioShrinkedFromSetup", false);
user_pref("CT2737658.RadioStationName", "Classic%20Rock");
user_pref("CT2737658.RadioStationURL", "hxxp://www.gotradio.com/player/launch.asp?id=22&cr=lb");
user_pref("CT2737658.SavedHomepage", "hxxp://cs.google.mozilla.com/firefox?client=firefox-a&rls=com.google:cs:official");
user_pref("CT2737658.SearchCaption", "FreeOnlineRadioPlayerRecorder Customized Web Search");
user_pref("CT2737658.SearchEngineBeforeUnload", "FreeOnlineRadioPlayerRecorder Customized Web Search");
user_pref("CT2737658.SearchFromAddressBarIsInit", true);
user_pref("CT2737658.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&SearchSource=2&q=");
user_pref("CT2737658.SearchInNewTabEnabled", true);
user_pref("CT2737658.SearchInNewTabIntervalMM", 1440);
user_pref("CT2737658.SearchInNewTabLastCheckTime", "Fri Jan 27 2012 06:18:08 GMT+0100");
user_pref("CT2737658.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2737658.SearchProtectorEnabled", true);
user_pref("CT2737658.SearchProtectorToolbarDisabled", false);
user_pref("CT2737658.SendProtectorDataViaLogin", true);
user_pref("CT2737658.ServiceMapLastCheckTime", "Fri Jan 27 2012 06:18:03 GMT+0100");
user_pref("CT2737658.SettingsLastCheckTime", "Fri Jan 27 2012 06:18:04 GMT+0100");
user_pref("CT2737658.SettingsLastUpdate", "1326723880");
user_pref("CT2737658.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2737658&SearchSource=13");
user_pref("CT2737658.ThirdPartyComponentsInterval", 504);
user_pref("CT2737658.ThirdPartyComponentsLastCheck", "Fri Jan 27 2012 06:18:03 GMT+0100");
user_pref("CT2737658.ThirdPartyComponentsLastUpdate", "1312887586");
user_pref("CT2737658.ToolbarShrinkedFromSetup", false);
user_pref("CT2737658.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2737658");
user_pref("CT2737658.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2737658.UserID", "UN99363671597167688");
user_pref("CT2737658.ValidationData_Toolbar", 1);
user_pref("CT2737658.alertChannelId", "1129903");
user_pref("CT2737658.backendstorage.2737658a129531115111807042000000paramsgk0", "7B2275706461746552657154696D65223A313332373634313439313931302C227570646174655265737054696D6522
user_pref("CT2737658.backendstorage.autocompletepro_enable", "31");
user_pref("CT2737658.backendstorage.autocompletepro_enable_auto", "31");
user_pref("CT2737658.backendstorage.rss_pub_config", "7B2273657474696E6773223A7B2269636F6E223A22687474703A2F2F73746F726167652E636F6E647569742E636F6D2F35382F3237332F43543237333
user_pref("CT2737658.backendstorage.rssapp2737658a129531115111807042000000cat0", "2535422537422532327479706525323225334125323272737325323225324325323276657273696F6E25323225334
user_pref("CT2737658.backendstorage.rssapp2737658a129531115111807042000000cat1", "2535422537422532327479706525323225334125323272737325323225324325323276657273696F6E25323225334
user_pref("CT2737658.backendstorage.rssapp2737658a129531115111807042000000cat2", "2535422537422532327479706525323225334125323272737325323225324325323276657273696F6E25323225334
user_pref("CT2737658.backendstorage.rssapp2737658a129531115111807042000000cat3", "2535422537422532327479706525323225334125323272737325323225324325323276657273696F6E25323225334
user_pref("CT2737658.backendstorage.rssapp2737658a129531115111807042000000embeddedversion", "322E352E30");
user_pref("CT2737658.backendstorage.rssapp2737658a129531115111807042000000feedsobj", "2537422532326368616E6E656C7325323225334125374225323269642532322533412532326368616E6E656C7
user_pref("CT2737658.backendstorage.rssapp2737658a129531115111807042000000lastreporttime", "3133323736343134393331333120");
user_pref("CT2737658.backendstorage.rssapp2737658a129531115111807042000000newfeeds", "6E65774665656473");
user_pref("CT2737658.backendstorage.rssapp2737658a129531115111807042000000readitemsarr", "253742253232687474702533412532462532467777772E6E7974696D65732E636F6D25324632303132253
user_pref("CT2737658.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2737658.globalFirstTimeInfoLastCheckTime", "Fri Jan 27 2012 06:18:06 GMT+0100");
user_pref("CT2737658.homepageProtectorEnableByLogin", true);
user_pref("CT2737658.initDone", true);
user_pref("CT2737658.isAppTrackingManagerOn", true);
user_pref("CT2737658.isFirstRadioInstallation", false);
user_pref("CT2737658.myStuffEnabled", true);
user_pref("CT2737658.myStuffPublihserMinWidth", 400);
user_pref("CT2737658.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2737658.myStuffServiceIntervalMM", 1440);
user_pref("CT2737658.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2737658.revertSettingsEnabled", true);
user_pref("CT2737658.searchProtectorDialogDelayInSec", 10);
user_pref("CT2737658.searchProtectorEnableByLogin", true);
user_pref("CT2737658.testingCtid", "");
user_pref("CT2737658.toolbarAppMetaDataLastCheckTime", "Fri Jan 27 2012 06:18:06 GMT+0100");
user_pref("CT2737658.toolbarContextMenuLastCheckTime", "Fri Jan 27 2012 06:18:07 GMT+0100");
user_pref("CT2737658.usagesFlag", 2);
user_pref("CT2786678..clientLogIsEnabled", true);
user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2786678.AppTrackingLastCheckTime", "Thu Nov 17 2011 08:39:42 GMT+0100");
user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
user_pref("CT2786678.CTID", "CT2786678");
user_pref("CT2786678.CurrentServerDate", "17-11-2011");
user_pref("CT2786678.DSInstall", false);
user_pref("CT2786678.DialogsAlignMode", "LTR");
user_pref("CT2786678.DialogsGetterLastCheckTime", "Thu Nov 17 2011 08:39:18 GMT+0100");
user_pref("CT2786678.DownloadReferralCookieData", "");
user_pref("CT2786678.EMailNotifierPollDate", "Thu Nov 17 2011 08:39:20 GMT+0100");
user_pref("CT2786678.FeedLastCount5690698542593514850", 158);
user_pref("CT2786678.FeedPollDate2429156812186649977", "Thu Nov 17 2011 08:39:29 GMT+0100");
user_pref("CT2786678.FeedPollDate2429156813040823546", "Thu Nov 17 2011 09:39:32 GMT+0100");
user_pref("CT2786678.FeedPollDate2429156813130095866", "Thu Nov 17 2011 08:39:28 GMT+0100");
user_pref("CT2786678.FeedPollDate2429156813224203613", "Thu Nov 17 2011 08:39:28 GMT+0100");
user_pref("CT2786678.FeedPollDate2429156813230837251", "Thu Nov 17 2011 08:39:28 GMT+0100");
user_pref("CT2786678.FeedPollDate2429156813454291735", "Thu Nov 17 2011 09:39:33 GMT+0100");
user_pref("CT2786678.FeedPollDate2429156813729834876", "Thu Nov 17 2011 08:39:28 GMT+0100");
user_pref("CT2786678.FeedPollDate2429156813860870021", "Thu Nov 17 2011 08:39:29 GMT+0100");
user_pref("CT2786678.FeedPollDate2429156814264681793", "Thu Nov 17 2011 08:39:28 GMT+0100");
user_pref("CT2786678.FeedPollDate2429156814863075366", "Thu Nov 17 2011 08:39:28 GMT+0100");
user_pref("CT2786678.FeedPollDate2429156815257761081", "Thu Nov 17 2011 08:39:28 GMT+0100");
user_pref("CT2786678.FeedTTL2429156813040823546", 15);
user_pref("CT2786678.FeedTTL2429156813130095866", 10);
user_pref("CT2786678.FeedTTL2429156813454291735", 5);
user_pref("CT2786678.FeedTTL2429156814264681793", 5);
user_pref("CT2786678.FirstServerDate", "17-11-2011");
user_pref("CT2786678.FirstTime", true);
user_pref("CT2786678.FirstTimeFF3", true);
user_pref("CT2786678.FixPageNotFoundErrors", false);
user_pref("CT2786678.GroupingServerCheckInterval", 1440);
user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2786678.HPInstall", false);
user_pref("CT2786678.HasUserGlobalKeys", true);
user_pref("CT2786678.Initialize", true);
user_pref("CT2786678.InitializeCommonPrefs", true);
user_pref("CT2786678.InstallationAndCookieDataSentCount", 1);
user_pref("CT2786678.InstallationType", "UnknownIntegration");
user_pref("CT2786678.InstalledDate", "Thu Nov 17 2011 08:39:20 GMT+0100");
user_pref("CT2786678.IsGrouping", false);
user_pref("CT2786678.IsInitSetupIni", true);
user_pref("CT2786678.IsMulticommunity", false);
user_pref("CT2786678.IsOpenThankYouPage", true);
user_pref("CT2786678.IsOpenUninstallPage", false);
user_pref("CT2786678.LanguagePackLastCheckTime", "Thu Nov 17 2011 08:39:31 GMT+0100");
user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2786678.LastLogin_3.8.0.8", "Thu Nov 17 2011 08:39:31 GMT+0100");
user_pref("CT2786678.LatestVersion", "3.8.0.8");
user_pref("CT2786678.Locale", "en");
user_pref("CT2786678.MCDetectTooltipHeight", "83");
user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2786678.MCDetectTooltipWidth", "295");
user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
user_pref("CT2786678.OriginalFirstVersion", "3.8.0.8");
user_pref("CT2786678.SearchCaption", " ");
user_pref("CT2786678.SearchFromAddressBarIsInit", true);
user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=");
user_pref("CT2786678.SearchInNewTabEnabled", true);
user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
user_pref("CT2786678.SearchInNewTabLastCheckTime", "Thu Nov 17 2011 08:39:33 GMT+0100");
user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
user_pref("CT2786678.SendProtectorDataViaLogin", true);
user_pref("CT2786678.ServiceMapLastCheckTime", "Thu Nov 17 2011 08:39:01 GMT+0100");
user_pref("CT2786678.SettingsLastCheckTime", "Thu Nov 17 2011 08:39:14 GMT+0100");
user_pref("CT2786678.SettingsLastUpdate", "1314985690");
user_pref("CT2786678.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13");
user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Thu Nov 17 2011 08:39:01 GMT+0100");
user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1312887586");
user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2786678.UserID", "UN50961899069644019");
user_pref("CT2786678.WeatherNetwork", "");
user_pref("CT2786678.WeatherPollDate", "Thu Nov 17 2011 08:39:29 GMT+0100");
user_pref("CT2786678.WeatherUnit", "C");
user_pref("CT2786678.alertChannelId", "1178763");
user_pref("CT2786678.backendstorage.cbfirsttime", "546875204E6F7620313720323031312030383A33393A333420474D542B30313030");
user_pref("CT2786678.backendstorage.pairingkey", "43424144373946383530334543393734383331364243423543383433414532454135343634353143");
user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Thu Nov 17 2011 08:39:18 GMT+0100");
user_pref("CT2786678.homepageProtectorEnableByLogin", true);
user_pref("CT2786678.initDone", true);
user_pref("CT2786678.isAppTrackingManagerOn", true);
user_pref("CT2786678.myStuffEnabled", true);
user_pref("CT2786678.myStuffPublihserMinWidth", 400);
user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2786678.revertSettingsEnabled", true);
user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
user_pref("CT2786678.searchProtectorEnableByLogin", true);
user_pref("CT2786678.testingCtid", "");
user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Thu Nov 17 2011 08:39:18 GMT+0100");
user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Thu Nov 17 2011 08:39:32 GMT+0100");
user_pref("CT2832595..clientLogIsEnabled", false);
user_pref("CT2832595..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2832595..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2832595.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2832595.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2832595.AppTrackingLastCheckTime", "Sun Nov 20 2011 13:22:01 GMT+0100");
user_pref("CT2832595.CT2832595", "CT2832595");
user_pref("CT2832595.CurrentServerDate", "20-11-2011");
user_pref("CT2832595.DSInstall", true);
user_pref("CT2832595.DialogsAlignMode", "LTR");
user_pref("CT2832595.DialogsGetterLastCheckTime", "Sun Nov 20 2011 13:21:49 GMT+0100");
user_pref("CT2832595.DownloadReferralCookieData", "");
user_pref("CT2832595.FirstServerDate", "20-11-2011");
user_pref("CT2832595.FirstTime", true);
user_pref("CT2832595.FirstTimeFF3", true);
user_pref("CT2832595.FixPageNotFoundErrors", false);
user_pref("CT2832595.GroupingServerCheckInterval", 1440);
user_pref("CT2832595.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2832595.HPInstall", false);
user_pref("CT2832595.HasUserGlobalKeys", true);
user_pref("CT2832595.HomePageProtectorEnabled", false);
user_pref("CT2832595.HomepageBeforeUnload", "hxxp://cs.google.mozilla.com/firefox?client=firefox-a&rls=com.google:cs:official");
user_pref("CT2832595.Initialize", true);
user_pref("CT2832595.InitializeCommonPrefs", true);
user_pref("CT2832595.InstallationAndCookieDataSentCount", 1);
user_pref("CT2832595.InstallationType", "Unknown");
user_pref("CT2832595.InstalledDate", "Sun Nov 20 2011 13:21:52 GMT+0100");
user_pref("CT2832595.IsAlertDBUpdated", true);
user_pref("CT2832595.IsGrouping", false);
user_pref("CT2832595.IsInitSetupIni", true);
user_pref("CT2832595.IsMulticommunity", false);
user_pref("CT2832595.IsOpenThankYouPage", true);
user_pref("CT2832595.IsOpenUninstallPage", true);
user_pref("CT2832595.IsProtectorsInit", true);
user_pref("CT2832595.LanguagePackLastCheckTime", "Sun Nov 20 2011 13:21:52 GMT+0100");
user_pref("CT2832595.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2832595.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2832595.LastLogin_3.8.0.8", "Sun Nov 20 2011 13:22:15 GMT+0100");
user_pref("CT2832595.LatestVersion", "3.5.0.12");
user_pref("CT2832595.Locale", "en");
user_pref("CT2832595.MCDetectTooltipHeight", "83");
user_pref("CT2832595.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2832595.MCDetectTooltipWidth", "295");
user_pref("CT2832595.MyStuffEnabledAtInstallation", true);
user_pref("CT2832595.OriginalFirstVersion", "3.8.0.8");
user_pref("CT2832595.SearchCaption", "InnoGames International Customized Web Search");
user_pref("CT2832595.SearchEngineBeforeUnload", "InnoGames International Customized Web Search");
user_pref("CT2832595.SearchFromAddressBarIsInit", true);
user_pref("CT2832595.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2832595&q=");
user_pref("CT2832595.SearchInNewTabEnabled", true);
user_pref("CT2832595.SearchInNewTabIntervalMM", 1440);
user_pref("CT2832595.SearchInNewTabLastCheckTime", "Sun Nov 20 2011 13:22:15 GMT+0100");
user_pref("CT2832595.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2832595.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
user_pref("CT2832595.SearchProtectorEnabled", true);
user_pref("CT2832595.SearchProtectorToolbarDisabled", false);
user_pref("CT2832595.SendProtectorDataViaLogin", true);
user_pref("CT2832595.ServiceMapLastCheckTime", "Sun Nov 20 2011 13:21:39 GMT+0100");
user_pref("CT2832595.SettingsLastCheckTime", "Sun Nov 20 2011 13:21:44 GMT+0100");
user_pref("CT2832595.SettingsLastUpdate", "1320075085");
user_pref("CT2832595.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2832595&SearchSource=13");
user_pref("CT2832595.ThirdPartyComponentsInterval", 504);
user_pref("CT2832595.ThirdPartyComponentsLastCheck", "Sun Nov 20 2011 13:21:39 GMT+0100");
user_pref("CT2832595.ThirdPartyComponentsLastUpdate", "1312887586");
user_pref("CT2832595.ToolbarShrinkedFromSetup", false);
user_pref("CT2832595.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2832595");
user_pref("CT2832595.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2832595.UserID", "UN86997832726002275");
user_pref("CT2832595.ValidationData_Toolbar", 2);
user_pref("CT2832595.alertChannelId", "1224658");
user_pref("CT2832595.backendstorage.activetoolbar", "677265706F");
user_pref("CT2832595.backendstorage.grepolis_market", "637A");
user_pref("CT2832595.backendstorage.toolbar_market", "637A");
user_pref("CT2832595.backendstorage.toolbarurl", "687474703A2F2F746F6F6C6261722E696E6E6F67616D65732E64652F746F6F6C626172732F677265706F6C69732F746F6F6C6261722E706870");
user_pref("CT2832595.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2832595.globalFirstTimeInfoLastCheckTime", "Sun Nov 20 2011 13:21:49 GMT+0100");
user_pref("CT2832595.homepageProtectorEnableByLogin", true);
user_pref("CT2832595.initDone", true);
user_pref("CT2832595.isAppTrackingManagerOn", true);
user_pref("CT2832595.myStuffEnabled", true);
user_pref("CT2832595.myStuffPublihserMinWidth", 400);
user_pref("CT2832595.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2832595.myStuffServiceIntervalMM", 1440);
user_pref("CT2832595.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2832595.revertSettingsEnabled", true);
user_pref("CT2832595.searchProtectorDialogDelayInSec", 10);
user_pref("CT2832595.searchProtectorEnableByLogin", true);
user_pref("CT2832595.testingCtid", "");
user_pref("CT2832595.toolbarAppMetaDataLastCheckTime", "Sun Nov 20 2011 13:21:49 GMT+0100");
user_pref("CT2832595.toolbarContextMenuLastCheckTime", "Sun Nov 20 2011 13:21:52 GMT+0100");
user_pref("CT2832595.usagesFlag", 2);
user_pref("CT3031778..clientLogIsEnabled", true);
user_pref("CT3031778..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT3031778..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT3031778.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT3031778.AppTrackingLastCheckTime", "Thu Aug 18 2011 18:38:46 GMT+0200");
user_pref("CT3031778.BrowserCompStateIsOpen_5191964115979146831", true);
user_pref("CT3031778.CTID", "CT3031778");
user_pref("CT3031778.CurrentServerDate", "18-8-2011");
user_pref("CT3031778.DialogsAlignMode", "LTR");
user_pref("CT3031778.DialogsGetterLastCheckTime", "Thu Aug 18 2011 18:38:37 GMT+0200");
user_pref("CT3031778.DownloadReferralCookieData", "");
user_pref("CT3031778.EMailNotifierPollDate", "Thu Aug 18 2011 18:38:36 GMT+0200");
user_pref("CT3031778.FirstServerDate", "18-8-2011");
user_pref("CT3031778.FirstTime", true);
user_pref("CT3031778.FirstTimeFF3", true);
user_pref("CT3031778.FixPageNotFoundErrors", false);
user_pref("CT3031778.GroupingServerCheckInterval", 1440);
user_pref("CT3031778.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT3031778.HasUserGlobalKeys", true);
user_pref("CT3031778.Initialize", true);
user_pref("CT3031778.InitializeCommonPrefs", true);
user_pref("CT3031778.InstallationAndCookieDataSentCount", 1);
user_pref("CT3031778.InstallationId", "CT3031778_SFT_de3.exe");
user_pref("CT3031778.InstallationType", "ConduitIntegration");
user_pref("CT3031778.InstalledDate", "Thu Aug 18 2011 18:38:36 GMT+0200");
user_pref("CT3031778.InvalidateCache", false);
user_pref("CT3031778.IsGrouping", false);
user_pref("CT3031778.IsInitSetupIni", true);
user_pref("CT3031778.IsMulticommunity", false);
user_pref("CT3031778.IsOpenThankYouPage", false);
user_pref("CT3031778.IsOpenUninstallPage", true);
user_pref("CT3031778.LanguagePackLastCheckTime", "Thu Aug 18 2011 18:38:38 GMT+0200");
user_pref("CT3031778.LanguagePackReloadIntervalMM", 1440);
user_pref("CT3031778.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT3031778.LastLogin_3.6.0.10", "Thu Aug 18 2011 18:38:37 GMT+0200");
user_pref("CT3031778.LatestVersion", "3.6.0.10");
user_pref("CT3031778.Locale", "de");
user_pref("CT3031778.MCDetectTooltipHeight", "83");
user_pref("CT3031778.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT3031778.MCDetectTooltipWidth", "295");
user_pref("CT3031778.MyStuffEnabledAtInstallation", true);
user_pref("CT3031778.OriginalFirstVersion", "3.6.0.10");
user_pref("CT3031778.RadioIsPodcast", false);
user_pref("CT3031778.RadioLastCheckTime", "Thu Aug 18 2011 18:38:38 GMT+0200");
user_pref("CT3031778.RadioLastUpdateIPServer", "3");
user_pref("CT3031778.RadioLastUpdateServer", "3");
user_pref("CT3031778.RadioMediaID", "9962");
user_pref("CT3031778.RadioMediaType", "Media Player");
user_pref("CT3031778.RadioMenuSelectedID", "EBRadioMenu_CT30317789962");
user_pref("CT3031778.RadioShrinkedFromSetup", false);
user_pref("CT3031778.RadioStationName", "California%20Rock");
user_pref("CT3031778.RadioStationURL", "hxxp://feedlive.net/california.asx");
user_pref("CT3031778.SavedHomepage", "hxxp://www.google.cz/");
user_pref("CT3031778.SearchFromAddressBarIsInit", true);
user_pref("CT3031778.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3031778&SearchSource=2&q=");
user_pref("CT3031778.SearchInNewTabEnabled", true);
user_pref("CT3031778.SearchInNewTabIntervalMM", 1440);
user_pref("CT3031778.SearchInNewTabLastCheckTime", "Thu Aug 18 2011 18:38:38 GMT+0200");
user_pref("CT3031778.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT3031778.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT3031778.ServiceMapLastCheckTime", "Thu Aug 18 2011 18:38:32 GMT+0200");
user_pref("CT3031778.SettingsLastCheckTime", "Thu Aug 18 2011 18:38:34 GMT+0200");
user_pref("CT3031778.SettingsLastUpdate", "1313569868");
user_pref("CT3031778.ThirdPartyComponentsInterval", 504);
user_pref("CT3031778.ThirdPartyComponentsLastCheck", "Thu Aug 18 2011 18:38:32 GMT+0200");
user_pref("CT3031778.ThirdPartyComponentsLastUpdate", "1255344657");
user_pref("CT3031778.ToolbarShrinkedFromSetup", false);
user_pref("CT3031778.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3031778");
user_pref("CT3031778.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT3031778.UserID", "UN52528472634892118");
user_pref("CT3031778.alertChannelId", "1423357");
user_pref("CT3031778.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT3031778.globalFirstTimeInfoLastCheckTime", "Thu Aug 18 2011 18:38:37 GMT+0200");
user_pref("CT3031778.homepageProtectorEnableByLogin", true);
user_pref("CT3031778.initDone", true);
user_pref("CT3031778.isAppTrackingManagerOn", true);
user_pref("CT3031778.isFirstRadioInstallation", false);
user_pref("CT3031778.myStuffEnabled", true);
user_pref("CT3031778.myStuffPublihserMinWidth", 400);
user_pref("CT3031778.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT3031778.myStuffServiceIntervalMM", 1440);
user_pref("CT3031778.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT3031778.searchProtectorDialogDelayInSec", 10);
user_pref("CT3031778.searchProtectorEnableByLogin", true);
user_pref("CT3031778.testingCtid", "");
user_pref("CT3031778.toolbarAppMetaDataLastCheckTime", "Thu Aug 18 2011 18:38:36 GMT+0200");
user_pref("CT3031778.toolbarContextMenuLastCheckTime", "Thu Aug 18 2011 18:38:38 GMT+0200");
user_pref("CT3031778.usagesFlag", 1);
user_pref("CT3072253..clientLogIsEnabled", false);
user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
user_pref("CT3072253.CTID", "CT3072253");
user_pref("CT3072253.CurrentServerDate", "28-12-2012");
user_pref("CT3072253.DSInstall", true);
user_pref("CT3072253.DialogsAlignMode", "LTR");
user_pref("CT3072253.DialogsGetterLastCheckTime", "Wed Dec 26 2012 09:52:23 GMT+0100");
user_pref("CT3072253.DownloadReferralCookieData", "");
user_pref("CT3072253.FirstServerDate", "12-7-2012");
user_pref("CT3072253.FirstTime", true);
user_pref("CT3072253.FirstTimeFF3", true);
user_pref("CT3072253.FirstTimeHiddenVer", true);
user_pref("CT3072253.FixPageNotFoundErrors", true);
user_pref("CT3072253.GroupingServerCheckInterval", 1440);
user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT3072253.HPInstall", true);
user_pref("CT3072253.HasUserGlobalKeys", true);
user_pref("CT3072253.HomePageProtectorEnabled", true);
user_pref("CT3072253.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
user_pref("CT3072253.Initialize", true);
user_pref("CT3072253.InitializeCommonPrefs", true);
user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
user_pref("CT3072253.InstallationId", "fft557.tmp.exe");
user_pref("CT3072253.InstallationType", "XPE");
user_pref("CT3072253.InstalledDate", "Thu Jul 12 2012 19:08:35 GMT+0200");
user_pref("CT3072253.IsGrouping", false);
user_pref("CT3072253.IsInitSetupIni", true);
user_pref("CT3072253.IsMulticommunity", false);
user_pref("CT3072253.IsOpenThankYouPage", true);
user_pref("CT3072253.IsOpenUninstallPage", false);
user_pref("CT3072253.IsProtectorsInit", true);
user_pref("CT3072253.LanguagePackLastCheckTime", "Thu Dec 27 2012 10:15:03 GMT+0100");
user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT3072253.LastLogin_3.13.0.6", "Tue Jul 17 2012 16:04:24 GMT+0200");
user_pref("CT3072253.LastLogin_3.14.1.0", "Tue Aug 28 2012 06:17:34 GMT+0200");
user_pref("CT3072253.LastLogin_3.15.1.0", "Fri Dec 28 2012 08:16:44 GMT+0100");
user_pref("CT3072253.LatestVersion", "3.16.0.3");
user_pref("CT3072253.Locale", "en");
user_pref("CT3072253.MCDetectTooltipHeight", "83");
user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT3072253.MCDetectTooltipWidth", "295");
user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
user_pref("CT3072253.OriginalFirstVersion", "3.13.0.6");
user_pref("CT3072253.SavedHomepage", "www.google.cz");
user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
user_pref("CT3072253.SearchEngineBeforeUnload", "uTorrentControl2 Customized Web Search");
user_pref("CT3072253.SearchFromAddressBarIsInit", true);
user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=");
user_pref("CT3072253.SearchInNewTabEnabled", true);
user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
user_pref("CT3072253.SearchInNewTabLastCheckTime", "Thu Dec 27 2012 16:29:50 GMT+0100");
user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT3072253.SearchProtectorEnabled", true);
user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
user_pref("CT3072253.SendProtectorDataViaLogin", true);
user_pref("CT3072253.ServiceMapLastCheckTime", "Thu Dec 27 2012 10:14:51 GMT+0100");
user_pref("CT3072253.SettingsLastCheckTime", "Fri Dec 28 2012 08:16:31 GMT+0100");
user_pref("CT3072253.SettingsLastUpdate", "1356544299");
user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Thu Jul 12 2012 19:08:34 GMT+0200");
user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997");
user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT3072253.UserID", "UN10665550947548408");
user_pref("CT3072253.ValidationData_Search", 1);
user_pref("CT3072253.ValidationData_Toolbar", 0);
user_pref("CT3072253.alertChannelId", "1463702");
user_pref("CT3072253.autoDisableScopes", 0);
user_pref("CT3072253.backendstorage.cbcountry_001", "435A");
user_pref("CT3072253.backendstorage.cbfirsttime", "546875204A756C20313220323031322031393A30383A343820474D542B30323030");
user_pref("CT3072253.backendstorage.url_history0001", "687474703A2F2F7365617263682E636F6E647569742E636F6D2F526573756C74732E617370783F713D4D6572696469616E2532302D25323054686525
user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Thu Jul 12 2012 19:08:37 GMT+0200");
user_pref("CT3072253.homepageProtectorEnableByLogin", true);
user_pref("CT3072253.initDone", true);
user_pref("CT3072253.isAppTrackingManagerOn", true);
user_pref("CT3072253.myStuffEnabled", true);
user_pref("CT3072253.myStuffPublihserMinWidth", 400);
user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT3072253.navigateToUrlOnSearch", false);
user_pref("CT3072253.revertSettingsEnabled", true);
user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
user_pref("CT3072253.searchProtectorEnableByLogin", true);
user_pref("CT3072253.testingCtid", "");
user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Thu Dec 27 2012 10:15:03 GMT+0100");
user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Thu Jul 12 2012 19:08:41 GMT+0200");
user_pref("CT3072253.usagesFlag", 2);
user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3031778&SearchSource=13,hxxp://search.conduit.com/?ctid=CT2737658&SearchSource=13,hxxp://
user_pref("CommunityToolbar.ConduitSearchList", "SFT_de3 Customized Web Search,InnoGames International Customized Web Search,FreeOnlineRadioPlayerRecorder Customized Web Searc
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2737658/CT2737658", "\"1326723881\"");
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253", "\"9864a42b0ad0b374554fdf6d0d3b3e1f3\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1129903/1125592/CZ", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/CZ", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1224658/1220331/CZ", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1423357/1419012/CZ", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/CZ", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/31130/30609/CZ", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1750559", "\"1310025259\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2737658", "\"1323009428\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", "\"1313448428\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2832595", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3031778", "\"1313060813\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", "\"1336063965\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=de", "hrY3aRo68pvVAKwJTjMFmA==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "G9mW7heT/8xIX1frcduu0A==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "wVmmvqqOMqrv5xct1cJIHg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=de", "uwY9T5AsudBxjradvWCAOA==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=de", "D/tN3YiKFksK+RjZytPhIA==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "UgzXjW7BIkfdx+x39Ruv3w==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "Dclc8oo4TTv7+mAkSlUSWg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=de", "ZdrYrsEQox0wVf3yXX8zTQ==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "FqddrIU7eyJgaaLyHDeVMQ==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"80161a5ed5ccc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.0.8", "\"80ee9485875dcc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"80ee9485875dcc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2737658", "\"13a760730d9291f1df061003ecf304ce\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678", "\"189bc05ed9753368aadfb2b80f08021d\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2832595", "\"189bc05ed9753368aadfb2b80f08021d\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3031778", "\"634485749189530000\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253", "\"f1c77625c0e9bd1c80a2fd6901845fa9\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634471230107830000\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1750559&octid=CT1750559", "\"1311168857\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2786678&octid=CT2786678", "\"1314985691\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2832595&octid=CT2832595", "\"1320075086\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT3031778&octid=CT3031778", "\"1313569868\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "\"802b1fef4e19c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif", "\"802b1fef4e19c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "\"802b1fef4e19c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "\"802b1fef4e19c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\"802b1fef4e19c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"de0e84712d7e370dbb0f97f16ff901c9\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"634492029952000000\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"72ca2169d5e982b913bfb550c87453a2\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"634461627320900000\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"5d7f7cbc653c7f20e29cc02ecbd8c4b9\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/14293310.xml", "\"209498eb46541641e2b3ee935f5591d2\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"c658a0133ff11478891246b18d680fbc\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"64aadcdb45ec1f001c840b6d328ecc9c\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"b4423aaa7d99a9597e376e44da67818b\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"1ecde417f3074b250127f8e1e2e2d7cc\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/428333.xml", "\"7376316a7682010634c022cea744190d\"");
user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"48650e94b1703d578f57c5a3f2962978\"");
user_pref("CommunityToolbar.EngineOwner", "CT1750559");
user_pref("CommunityToolbar.EngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
user_pref("CommunityToolbar.EngineOwnerToolbarId", "bs_player");
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\jindrich\\Data aplikací\\Mozilla\\Firefox\\Profiles\\rg662xqg.default\\conduitCommon\\modules
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
user_pref("CommunityToolbar.OriginalEngineOwner", "CT1750559");
user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bs_player");
user_pref("CommunityToolbar.ToolbarsList", "CT1750559,CT3031778,CT2786678,CT2832595,CT2737658,CT3072253");
user_pref("CommunityToolbar.ToolbarsList2", "CT1750559,CT3031778,CT2786678,CT2832595,CT2737658,CT3072253");
user_pref("CommunityToolbar.ToolbarsList4", "CT3031778,CT2786678,CT2832595,CT2737658,CT3072253");
user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jul 28 2011 15:11:21 GMT+0200");
user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jul 28 2011 14:11:18 GMT+0200");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "f241499d-4896-4153-90e9-b5b353176f41");
user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Nov 17 2011 08:39:32 GMT+0100");
user_pref("CommunityToolbar.globalUserId", "6fc0b92e-0d2d-4fa2-a17a-db21f82f7bb9");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Jul 12 2012 19:08:40 GMT+0200");
user_pref("CommunityToolbar.notifications.alertEnabled", false);
user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Jul 12 2012 19:08:43 GMT+0200");
user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Jul 12 2012 19:08:37 GMT+0200");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "e82b80ea-7296-485e-9b43-09cfb8d59038");
user_pref("CommunityToolbar.originalHomepage", "hxxp://cs.google.mozilla.com/firefox?client=firefox-a&rls=com.google:cs:official");
user_pref("CommunityToolbar.originalSearchEngine", "SFT_de3 Customized Web Search");
user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Fri Jan 27 2012 06:18:09 GMT+0100");
user_pref("CommunityToolbar.twitter.user_14293310.LastCheckTime", "Fri Jan 27 2012 06:18:09 GMT+0100");
user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Fri Jan 27 2012 06:18:09 GMT+0100");
user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Fri Jan 27 2012 06:18:09 GMT+0100");
user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Fri Jan 27 2012 06:18:09 GMT+0100");
user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Fri Jan 27 2012 06:18:09 GMT+0100");
user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Fri Jan 27 2012 06:18:09 GMT+0100");
user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Fri Jan 27 2012 06:18:09 GMT+0100");
user_pref("browser.newtab.url", "hxxp://isearch.babylon.com/?affID=120307&babsrc=NT_ss&mntrId=7809505e0000000000000050fc02431a");
user_pref("browser.search.defaultthis.engineName", "uTorrentControl2 Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}");
user_pref("browser.search.order.1", "qvo6");
user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 883-99&t=4");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.autoRvrt", "false");
user_pref("extensions.BabylonToolbar.bbDpng", "4");
user_pref("extensions.BabylonToolbar.cntry", "CZ");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dpkLst", "");
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.ffxUnstlRst", true);
user_pref("extensions.BabylonToolbar.hdrMd5", "ADE305F932A7F5794141B49E074B33DD");
user_pref("extensions.BabylonToolbar.id", "7809505e0000000000000050fc02431a");
user_pref("extensions.BabylonToolbar.instlDay", "15740");
user_pref("extensions.BabylonToolbar.instlRef", "na");
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.11.1017:53:46");
user_pref("extensions.BabylonToolbar.newTab", false);
user_pref("extensions.BabylonToolbar.pnu_uninst", "{\"newVrsn\":\"6\",\"lastVrsn\":\"6\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgT
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.rvrt", "false");
user_pref("extensions.BabylonToolbar.sg", "azb");
user_pref("extensions.BabylonToolbar.smplGrp", "none");
user_pref("extensions.BabylonToolbar.tlbrId", "uninst");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=7809505e0000000000000050fc02431a&q=");
user_pref("extensions.BabylonToolbar.vrsn", "1.8.11.10");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.11.1017:53:46");
user_pref("extensions.BabylonToolbar.vrsni", "1.8.11.10");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=118373&tl=5076660z100717x7426232");
user_pref("extensions.BabylonToolbar_i.srcExt", "def");
user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");
user_pref("extentions.y2layers.installId", "0a9bb056-ba29-41b4-b993-e237de57d9c7");





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 09.09.2013 at 18:21:27,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.003 - Report created 09/09/2013 at 18:43:12
# Updated 07/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32

bits)
# Username : jindrich - RODINA-54717216
# Running from : C:\Documents and

Settings\jindrich\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data

aplikací\Ask
Folder Deleted : C:\Documents and Settings\All Users\Data

aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data

aplikací\eSafe
Folder Deleted : C:\Documents and Settings\All Users\Data

aplikací\IBUpdaterService
Folder Deleted : C:\Documents and Settings\All Users\Data

aplikací\Tarma Installer
Folder Deleted : C:\Program Files\Omiga Plus
Folder Deleted : C:\Program Files\Common Files\337
Folder Deleted : C:\Documents and Settings\jindrich\Local

Settings\Data aplikací\Conduit
Folder Deleted : C:\Documents and Settings\jindrich\Local

Settings\Data aplikací\cre
Folder Deleted : C:\Documents and Settings\jindrich\Local

Settings\Data aplikací\Minibar
Folder Deleted : C:\Documents and Settings\jindrich\Local

Settings\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\jindrich\Local

Settings\Data aplikací\PackageAware
Folder Deleted : C:\Documents and Settings\jindrich\Local

Settings\Data aplikací\FreeOnlineRadioPlayerRecorder
Folder Deleted : C:\Documents and Settings\jindrich\Data

aplikací\337
Folder Deleted : C:\Documents and Settings\jindrich\Data

aplikací\eIntaller
Folder Deleted : C:\Documents and Settings\jindrich\Data

aplikací\Omiga Plus
Folder Deleted : C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Conduit
Folder Deleted : C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\jetpack
Folder Deleted : C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\CT2832595
Folder Deleted : C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\CT2737658
Folder Deleted : C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\CT1750559
Folder Deleted : C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\CT3031778
Folder Deleted : C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{9

42cd1d4-9cc1-4d31-876a-ea8f489f7a59}
Folder Deleted : C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{f

999a48b-1950-4d81-9971-79018f807b4b}
Folder Deleted : C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{f

ed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Folder Deleted : C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{f

f88a983-649d-4207-9336-9b999280b436}
File Deleted : C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\On

eClickDownload@OneClickDownload.com.xpi
File Deleted : C:\Program Files\Mozilla

Firefox\searchplugins\Babylon.xml
File Deleted : C:\Program Files\Mozilla

Firefox\searchplugins\qvo6.xml

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Documents and

Settings\jindrich\Nabídka Start\Programy\Internet Explorer.lnk
Shortcut Disinfected : C:\Documents and

Settings\jindrich\Nabídka Start\Programy\Příslušenství\Systémové

nástroje\Internet Explorer (bez doplňků).lnk
Shortcut Disinfected : C:\Documents and

Settings\jindrich\Nabídka Start\Programy\Google Chrome\Google

Chrome.lnk

***** [ Registry ] *****

Key Deleted :

HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipkl

odoedlc
Key Deleted :

HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfg

nkiboco
Value Deleted : HKCU\Software\Microsoft\Internet

Explorer\Extensions\CmdMapping

[{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session

Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session

Manager\AppCertDlls [x86]
Key Deleted :

HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Desk

Svc
Key Deleted :

HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D

0}
Key Deleted :

HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-90896680682

6}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72B

D}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA

4}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B

4}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD

7}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181

B}
Key Deleted :

HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D

8CD93}
Key Deleted :

HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA47

68F5C}
Key Deleted :

HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157F

AD67B}
Key Deleted :

HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6D

B2982}
Key Deleted :

HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878

B8D48}
Key Deleted :

HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B2

65ED5}
Key Deleted :

HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F6

3F377}
Key Deleted :

HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C62

71785}
Key Deleted :

HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC

2B3}
Key Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F999A4

8B-1950-4D81-9971-79018F807B4B}
Key Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD7

2061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{

DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{5981DA45-BBA1-4D6C-941C-DE08297FCD82}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{BF27B65F-CEE7-4A83-A29A-0F113AD9AFD2}
Value Deleted : HKCU\Software\Microsoft\Internet

Explorer\Toolbar\WebBrowser

[{F999A48B-1950-4D81-9971-79018F807B4B}]
Data Restored :

HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.E

XE\shell\open\command
Value Deleted :

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\F

irewallPolicy\StandardProfile\AuthorizedApplications\List

[C:\Program Files\1ClickDownload\1ClickDownloader.exe]
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\FreeOnlineRadioPlayerRecorder
Key Deleted : HKLM\Software\omigaplusSvc
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\FreeOnlineRadioPlayerRecorder
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\DealPly
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\DealPly
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\FreeOnlineRadioPlayerRecorder Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet

Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet

Explorer\Search [CustomizeSearch]

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\prefs.js ]


[ File : C:\Documents and Settings\Administrator\Data

aplikací\Mozilla\Firefox\Profiles\2k1zq125.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\jindrich\Local Settings\Data

aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted : search_url
Deleted : keyword
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [9022 octets] - [09/09/2013 18:42:10]
AdwCleaner[S0].txt - [8228 octets] - [09/09/2013 18:43:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8288

octets] ##########

Spustte prosim znovu FRSTLauncher.exe a dejte mi sem log

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:

09-09-2013 01
Ran by jindrich (administrator) on RODINA-54717216 on 10-09-2013

20:59:14
Running from C:\Documents and Settings\jindrich\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS

Language: Czech
Internet Explorer Version 6
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\Alwil

Software\Avast5\AvastSvc.exe
(PC Tools) C:\Program Files\PC Tools Security\pctsGui.exe
(AVAST Software) C:\Program Files\Alwil

Software\Avast5\avastUI.exe
(Google Inc.) C:\Documents and Settings\jindrich\Local

Settings\Data aplikací\Google\Update\GoogleUpdate.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection

Service\Bin\ACService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Google Inc.) C:\Program

Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero

BackItUp\NBService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA

Updatus\daemonu.exe
(SafetyNut Inc.) C:\Program Files\Movies

Toolbar\SafetyNut\SafetyNutManager.exe
(PC Tools) C:\Program Files\PC Tools Security\pctsAuxs.exe
(PC Tools) C:\Program Files\PC Tools Security\pctsSvc.exe
(SafetyNut Inc.) C:\Program Files\Movies

Toolbar\SafetyNut\safetynut.exe
(Nokia) C:\Program Files\PC Connectivity

Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity

Solution\Transports\NclUSBSrv.exe
(Mozilla Corporation) C:\Program Files\Mozilla

Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ISTray] - C:\Program Files\PC Tools

Security\pctsGui.exe [1589208 2010-12-01] (PC Tools)
HKLM\...\Run: [avast] - C:\Program Files\Alwil

Software\Avast5\avastUI.exe [4858968 2013-08-30] (AVAST

Software)
HKLM\...\Run: [ArcSoft Connection Service] - C:\Program

Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

[207424 2010-10-27] (ArcSoft Inc.)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corp.)
HKCU\...\Run: [Google Update] - C:\Documents and

Settings\jindrich\Local Settings\Data

aplikací\Google\Update\GoogleUpdate.exe [116648 2012-03-27]

(Google Inc.)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia

Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
MountPoints2: {112d90ff-d5a0-11e2-bc59-0050fc02431a} -

F:\NokiaPCIA_Autorun.exe
MountPoints2: {26f7eaf5-d171-11e0-a868-0050fc02431a} -

F:\Autorun.exe
MountPoints2: {ef52e8f0-d31f-11e0-a86b-0050fc02431a} -

F:\start.exe
MountPoints2: {fa94fa3c-c65f-11e0-a845-0050fc02431a} -

F:\Autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

http://www.google.com/ie
HKCU\Software\Microsoft\Internet

Explorer\Main,SearchMigratedDefaultURL =

http://www.google.com/search?q={searchT ... ie7&rls=co

m.microsoft:en-US&ie=utf8&oe=utf8
HKCU\Software\Microsoft\Internet

Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

%SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Search_URL =

http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =

http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
SearchScopes: HKLM - DefaultScope value is missing.
BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} -

C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL (ArcSoft,

Inc.)
BHO: Movies Toolbar (Dist. by Somoto Ltd.) -

{3444c3c5-6c56-4a16-a453-832b05bf6ea4} -

C:\PROGRA~1\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll No

File
BHO: Java(tm) Plug-In SSV Helper -

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program

Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -

{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program

Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383}

- C:\Windows\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383}

- C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
DPF: {17492023-C23A-453E-A040-C7C580BBF700}

http://download.microsoft.com/download/ ... 0D6D-4117-

8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}

http://java.sun.com/update/1.7.0/jinsta ... ndows-i586.

cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}

http://java.sun.com/update/1.6.0/jinsta ... ndows-i586.

cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}

http://java.sun.com/update/1.7.0/jinsta ... ndows-i586.

cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

http://java.sun.com/update/1.6.0/jinsta ... ndows-i586.

cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}

https://fpdownload.macromedia.com/pub/s ... lash/swfla

sh.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default
FF Plugin: @adobe.com/FlashPlayer -

C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -

C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems,

Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program

Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program

Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program

Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program

Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft

Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -

C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation

Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program

Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 -

C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

(Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -

C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

(Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader

10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -

C:\Documents and Settings\jindrich\Local Settings\Data

aplikací\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google

Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -

C:\Documents and Settings\jindrich\Local Settings\Data

aplikací\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google

Inc.)
FF SearchPlugin: C:\Program Files\mozilla

firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla

firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla

firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla

firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Movies Toolbar (Dist. by Somoto Ltd.) -

C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{3

444c3c5-6c56-4a16-a453-832b05bf6ea4}
FF Extension: check4change-owner - C:\Documents and

Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\ch

eck4change-owner@mozdev.org.xpi
FF Extension: No Name - C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{2

0a82645-c095-46ed-80e3-08825760534b}.xpi
FF Extension: No Name - C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{5

C655500-E712-41e7-9349-CE462F844B19}.xpi
FF Extension: No Name - C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{d

10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Documents and Settings\jindrich\Data

aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{e

b80b076-a444-444c-a590-5aee5d977d80}.xpi
FF Extension: Java Console - C:\Program Files\Mozilla

Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions:

[{20a82645-c095-46ed-80e3-08825760534b}]

c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation

Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant -

c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation

Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] C:\Program

Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil

Software\Avast5\WebRep\FF
FF HKLM\...\Firefox\Extensions:

[{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}] C:\Program

Files\ArcSoft\Media Converter for Philips\Internet Video

Downloader\Plugin_FireFox
FF Extension: Internet Video Downloader - C:\Program

Files\ArcSoft\Media Converter for Philips\Internet Video

Downloader\Plugin_FireFox

Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (qvo6) - http://www.google.com
CHR DefaultSuggestURL: (qvo6) - "suggest_url": ""
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and

Settings\jindrich\Local Settings\Data

aplikac\u00ED\Google\Chrome\Application\29.0.1547.66\ppGoogleNaC

lPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and

Settings\jindrich\Local Settings\Data

aplikac\u00ED\Google\Chrome\Application\29.0.1547.66\pdf.dll No

File
CHR Plugin: (Shockwave Flash) - C:\Documents and

Settings\jindrich\Local Settings\Data

aplikac\u00ED\Google\Chrome\Application\29.0.1547.66\gcswf32.dll

No File
CHR Plugin: (Shockwave Flash) -

C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No

File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader

10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox

Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

(Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program

Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program

Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program

Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft

Corporation)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla

Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Office Genuine Advantage) - C:\Program

Files\Mozilla Firefox\plugins\npOGAPlugin.dll (Microsoft

Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows

Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows

Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and

Settings\jindrich\Local Settings\Data

aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll No

File
CHR Plugin: (Google Earth Plugin) - C:\Program

Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program

Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Windows Presentation Foundation) -

C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation

Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) -

C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems,

Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft

Silverlight\4.0.60310.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\DOCUME~1\jindrich\LOCALS~1\Data

aplikací\Google\Chrome\User

Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) -

C:\DOCUME~1\jindrich\LOCALS~1\Data aplikací\Google\Chrome\User

Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.2

0_0
CHR Extension: (Chrome In-App Payments service) -

C:\DOCUME~1\jindrich\LOCALS~1\Data aplikací\Google\Chrome\User

Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.1

0_0
CHR Extension: (Gmail) - C:\DOCUME~1\jindrich\LOCALS~1\Data

aplikací\Google\Chrome\User

Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension:

[aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Documents and

Settings\jindrich\Local Settings\Data

aplikací\somotomoviestoolbar1\GC\toolbar.crx
CHR HKLM\...\Chrome\Extension:

[bejbohlohkkgompgecdcbbglkpjfjgdj] -

C:\DOCUME~1\jindrich\LOCALS~1\Temp\crx5C.tmp
CHR HKLM\...\Chrome\Extension:

[pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Documents and

Settings\jindrich\Local Settings\Data

aplikací\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and

Settings\jindrich\Local Settings\Data

aplikací\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted)

=================

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection

Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil

Software\Avast5\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA

Updatus\daemonu.exe [2255464 2011-08-03] (NVIDIA Corporation)
R2 SafetyNutManager; C:\Program Files\Movies

Toolbar\SafetyNut\SafetyNutManager.exe [3394056 2013-08-20]

(SafetyNut Inc.)
R2 sdAuxService; C:\Program Files\PC Tools Security\pctsAuxs.exe

[366840 2010-03-15] (PC Tools)
R2 sdCoreService; C:\Program Files\PC Tools Security\pctsSvc.exe

[1150936 2010-11-19] (PC Tools)
R2 JavaQuickStarterService; "C:\Program

Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program

Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480

2009-11-18] (Creative)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816

2013-08-30] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576

2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336

2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760

2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376

2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344

2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584

2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080

2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864

2013-08-30] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984

2011-08-14] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys

[243128 2013-07-04] (Disc Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416

2011-08-14] ()
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800

2009-11-18] (Creative Technology Ltd.)
S3 nm; C:\Windows\System32\DRIVERS\NMnt.sys [40320 2008-04-13]

(Microsoft Corporation)
S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54400

2008-03-25] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [132096

2008-01-25] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016

2008-03-25] (NVIDIA Corporation)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [239168

2010-11-25] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS.sys [338880

2010-07-16] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA.sys [656320

2010-07-16] (PC Tools)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992

2004-08-03] (Realtek Semiconductor Corporation)
S3 Secdrv; C:\Windows\System32\DRIVERS\secdrv.sys [28400

2013-07-13] ()
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35088

2013-04-30] (The OpenVPN Project)
S3 vtcdrv; C:\Windows\System32\Drivers\vtcdrv.sys [18560

2008-05-09] (Windows (R) Codename Longhorn DDK provider)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384

2008-04-13] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders

========

2013-09-10 20:58 - 2013-09-09 16:55 - 01082349 _____ (Farbar)

C:\Documents and Settings\jindrich\Plocha\FRST.exe
2013-09-10 20:56 - 2013-09-10 20:57 - 00000000 ____D C:\rsit
2013-09-09 18:47 - 2013-09-09 18:47 - 00008368 _____

C:\Documents and Settings\jindrich\Plocha\AdwCleaner[S0].txt
2013-09-09 18:41 - 2013-09-09 18:44 - 00000000 ____D

C:\AdwCleaner
2013-09-09 18:41 - 2013-09-09 18:41 - 00064242 _____

C:\Documents and Settings\jindrich\Plocha\JRT.txt
2013-09-09 18:40 - 2013-09-09 18:40 - 01037278 _____

C:\Documents and Settings\jindrich\Plocha\adwcleaner.exe
2013-09-09 18:08 - 2013-09-09 18:44 - 00000216 _____

C:\WINDOWS\wiadebug.log
2013-09-09 18:08 - 2013-09-09 18:08 - 00000048 _____

C:\WINDOWS\wiaservc.log
2013-09-09 18:08 - 2013-09-09 18:08 - 00000000 _____

C:\WINDOWS\Sti_Trace.log
2013-09-09 18:03 - 2013-09-09 18:03 - 00000000 ____D

C:\WINDOWS\ERUNT
2013-09-09 18:02 - 2013-09-09 18:02 - 01029490 _____ (Thisisu)

C:\Documents and Settings\jindrich\Plocha\JRT.exe
2013-09-08 17:44 - 2013-09-08 17:44 - 00000000 ____D C:\FRST
2013-09-08 17:27 - 2013-09-08 17:27 - 00000000 ____D

C:\Documents and Settings\jindrich\Data

aplikací\somotomoviestoolbar1
2013-09-08 17:26 - 2013-09-08 17:26 - 00000000 ____D C:\Program

Files\Movies Toolbar
2013-08-28 20:02 - 2013-08-28 20:02 - 00000000 __HDC

C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-14 21:31 - 2013-08-14 21:46 - 00000000 ____D

C:\WINDOWS\system32\MRT
2013-08-14 21:28 - 2013-08-14 21:28 - 00000000 __HDC

C:\WINDOWS\$NtUninstallKB2862772$
2013-08-14 21:27 - 2013-08-14 21:27 - 00000000 __HDC

C:\WINDOWS\$NtUninstallKB2850869$
2013-08-14 21:26 - 2013-08-14 21:26 - 00000000 __HDC

C:\WINDOWS\$NtUninstallKB2863058$
2013-08-14 21:26 - 2013-08-14 21:26 - 00000000 __HDC

C:\WINDOWS\$NtUninstallKB2859537$
2013-08-14 21:24 - 2013-08-14 21:24 - 00000000 __HDC

C:\WINDOWS\$NtUninstallKB2849470$

==================== One Month Modified Files and Folders

=======

2013-09-10 20:59 - 2011-05-28 17:51 - 00000000 ____D

C:\Documents and Settings\jindrich\Plocha
2013-09-10 20:58 - 2012-08-13 20:06 - 00000000 ____D

C:\Documents and Settings\jindrich\Dokumenty\Stažené soubory
2013-09-10 20:58 - 2011-05-28 17:51 - 00000000 ___HD

C:\DOCUME~1\jindrich\LOCALS~1\Data aplikací
2013-09-10 20:57 - 2013-09-10 20:56 - 00000000 ____D C:\rsit
2013-09-10 20:56 - 2012-04-21 12:38 - 00000000 ____D C:\Program

Files\trend micro
2013-09-10 20:04 - 2012-07-04 23:11 - 00000318 ____H

C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-09-10 20:02 - 2013-02-24 13:11 - 01940098 _____

C:\WINDOWS\WindowsUpdate.log
2013-09-09 18:50 - 2011-05-28 19:29 - 01026716 _____

C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-09 18:48 - 2013-03-17 16:36 - 00000374 _____

C:\WINDOWS\system32\Drivers\etc\hosts.ics
2013-09-09 18:47 - 2013-09-09 18:47 - 00008368 _____

C:\Documents and Settings\jindrich\Plocha\AdwCleaner[S0].txt
2013-09-09 18:47 - 2011-05-28 18:34 - 00000000 ____D C:\Program

Files\PC Tools Security
2013-09-09 18:46 - 2011-05-28 17:49 - 00000006 ____H

C:\WINDOWS\Tasks\SA.DAT
2013-09-09 18:44 - 2013-09-09 18:41 - 00000000 ____D

C:\AdwCleaner
2013-09-09 18:44 - 2013-09-09 18:08 - 00000216 _____

C:\WINDOWS\wiadebug.log
2013-09-09 18:44 - 2013-02-24 13:12 - 00032546 _____

C:\WINDOWS\SchedLgU.Txt
2013-09-09 18:44 - 2011-05-28 17:51 - 00000178 ___SH

C:\Documents and Settings\jindrich\ntuser.ini
2013-09-09 18:43 - 2012-06-05 06:31 - 00000000 ____D

C:\Documents and Settings\jindrich\Nabídka Start\Programy\Google

Chrome
2013-09-09 18:43 - 2011-08-26 08:38 - 00000875 _____

C:\Documents and Settings\jindrich\Nabídka

Start\Programy\Internet Explorer.lnk
2013-09-09 18:43 - 2011-05-28 19:28 - 00000000 __RHD

C:\Documents and Settings\All Users\Data aplikací
2013-09-09 18:43 - 2011-05-28 17:51 - 00000000 __RHD

C:\Documents and Settings\jindrich\Data aplikací
2013-09-09 18:43 - 2011-05-28 17:51 - 00000000 ___RD

C:\Documents and Settings\jindrich\Nabídka Start\Programy
2013-09-09 18:41 - 2013-09-09 18:41 - 00064242 _____

C:\Documents and Settings\jindrich\Plocha\JRT.txt
2013-09-09 18:40 - 2013-09-09 18:40 - 01037278 _____

C:\Documents and Settings\jindrich\Plocha\adwcleaner.exe
2013-09-09 18:08 - 2013-09-09 18:08 - 00000048 _____

C:\WINDOWS\wiaservc.log
2013-09-09 18:08 - 2013-09-09 18:08 - 00000000 _____

C:\WINDOWS\Sti_Trace.log
2013-09-09 18:03 - 2013-09-09 18:03 - 00000000 ____D

C:\WINDOWS\ERUNT
2013-09-09 18:02 - 2013-09-09 18:02 - 01029490 _____ (Thisisu)

C:\Documents and Settings\jindrich\Plocha\JRT.exe
2013-09-09 16:55 - 2013-09-10 20:58 - 01082349 _____ (Farbar)

C:\Documents and Settings\jindrich\Plocha\FRST.exe
2013-09-08 17:54 - 2011-05-29 17:45 - 00000069 _____

C:\WINDOWS\NeroDigital.ini
2013-09-08 17:44 - 2013-09-08 17:44 - 00000000 ____D C:\FRST
2013-09-08 17:30 - 2001-10-25 14:00 - 00002228 _____

C:\WINDOWS\system32\wpa.dbl
2013-09-08 17:27 - 2013-09-08 17:27 - 00000000 ____D

C:\Documents and Settings\jindrich\Data

aplikací\somotomoviestoolbar1
2013-09-08 17:26 - 2013-09-08 17:26 - 00000000 ____D C:\Program

Files\Movies Toolbar
2013-09-06 20:41 - 2011-05-28 17:51 - 00000000 ____D

C:\Documents and Settings\jindrich
2013-09-06 20:04 - 2011-05-28 17:46 - 00002504 _____

C:\WINDOWS\system32\CONFIG.NT
2013-09-01 15:36 - 2012-09-13 16:09 - 00000000 ____D C:\Program

Files\PDFCreator
2013-09-01 15:35 - 2012-04-21 10:57 - 00000000 ____D C:\Program

Files\CCleaner
2013-09-01 09:38 - 2013-03-10 13:57 - 00518144 _____

C:\Documents and Settings\jindrich\Plocha\Click.xls
2013-08-31 09:15 - 2013-02-26 11:33 - 00012864 _____

C:\drwtsn32.log
2013-08-30 09:48 - 2013-03-02 08:50 - 00177864 _____

C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-03-02 08:50 - 00066336 _____ (AVAST

Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-03-02 08:50 - 00049376 _____

C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2011-05-28 18:35 - 00770344 _____ (AVAST

Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2011-05-28 18:31 - 00369584 _____ (AVAST

Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2011-05-28 18:31 - 00056080 _____ (AVAST

Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2011-05-28 18:31 - 00049760 _____ (AVAST

Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-08-30 09:48 - 2011-05-28 18:31 - 00029816 _____ (AVAST

Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-08-30 09:47 - 2011-05-28 18:30 - 00229648 _____ (AVAST

Software) C:\WINDOWS\system32\aswBoot.exe
2013-08-30 09:47 - 2011-05-28 18:30 - 00041664 _____ (AVAST

Software) C:\WINDOWS\avastSS.scr
2013-08-28 20:02 - 2013-08-28 20:02 - 00000000 __HDC

C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-28 20:02 - 2011-05-28 18:35 - 01366062 _____

C:\WINDOWS\system32\Drivers\Cat.DB
2013-08-28 20:01 - 2011-06-28 16:15 - 00000000 ____D

C:\Documents and Settings\jindrich\Plocha\MAMCA
2013-08-28 08:30 - 2012-08-24 17:51 - 00000000 ____D

C:\Documents and Settings\jindrich\Plocha\Stavospol
2013-08-28 08:26 - 2013-04-01 10:28 - 00000000 ____D C:\Program

Files\DsNET Corp
2013-08-28 08:26 - 2011-05-28 19:28 - 00000000 ____D

C:\Documents and Settings\All Users\Plocha
2013-08-26 11:43 - 2011-05-29 14:18 - 00000000 ___RD

C:\Documents and Settings\jindrich\Dokumenty\Filmy
2013-08-26 09:55 - 2011-05-28 17:51 - 00000000 ___RD

C:\Documents and Settings\jindrich\Dokumenty
2013-08-25 22:03 - 2011-05-28 17:49 - 00000000 ___HD

C:\Documents and Settings\LocalService\Local Settings\Data

aplikací
2013-08-19 18:12 - 2013-06-26 06:24 - 00000000 ____D C:\Program

Files\Mozilla Maintenance Service
2013-08-18 22:01 - 2013-08-07 18:38 - 00000000 ____D C:\Program

Files\Mozilla Firefox
2013-08-14 21:46 - 2013-08-14 21:31 - 00000000 ____D

C:\WINDOWS\system32\MRT
2013-08-14 21:32 - 2011-05-29 13:34 - 00000000 ____D

C:\WINDOWS\Microsoft.NET
2013-08-14 21:29 - 2011-05-29 09:50 - 75778376 _____ (Microsoft

Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 21:28 - 2013-08-14 21:28 - 00000000 __HDC

C:\WINDOWS\$NtUninstallKB2862772$
2013-08-14 21:27 - 2013-08-14 21:27 - 00000000 __HDC

C:\WINDOWS\$NtUninstallKB2850869$
2013-08-14 21:26 - 2013-08-14 21:26 - 00000000 __HDC

C:\WINDOWS\$NtUninstallKB2863058$
2013-08-14 21:26 - 2013-08-14 21:26 - 00000000 __HDC

C:\WINDOWS\$NtUninstallKB2859537$
2013-08-14 21:26 - 2011-05-29 09:46 - 00037246 _____

C:\WINDOWS\system32\TZLog.log
2013-08-14 21:24 - 2013-08-14 21:24 - 00000000 __HDC

C:\WINDOWS\$NtUninstallKB2849470$

Files to move or delete:
====================
C:\DOCUME~1\jindrich\LOCALS~1\Temp\appshat-distribution.exe
C:\DOCUME~1\jindrich\LOCALS~1\Temp\MoviesToolbarSetup_Somoto.exe
C:\DOCUME~1\jindrich\LOCALS~1\Temp\NEventMessages.dll
C:\DOCUME~1\jindrich\LOCALS~1\Temp\NOSEventMessages.dll
C:\DOCUME~1\jindrich\LOCALS~1\Temp\OptimizerPro.exe
C:\DOCUME~1\jindrich\LOCALS~1\Temp\Optimizer_Pro.exe
C:\DOCUME~1\jindrich\LOCALS~1\Temp\PDFCreator-1_3_2_setup.exe
C:\DOCUME~1\jindrich\LOCALS~1\Temp\Quarantine.exe
C:\DOCUME~1\jindrich\LOCALS~1\Temp\UpdateCheckerSetup.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-17 16:49] - [2008-04-14 05:22] - 1034240 ____A

(Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2004-08-17 16:49] - [2008-04-14 05:22] - 0507904 ____A

(Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2004-08-17 16:49] - [2008-04-14 05:22] - 0014336 ____A

(Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2004-08-17 16:49] - [2009-02-09 13:25] - 0111104 ____A

(Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2004-08-17 16:49] - [2008-04-14 05:22] - 0578560 ____A

(Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2004-08-17 16:49] - [2008-04-14 05:22] - 0026112 ____A

(Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-17 16:44] - [2008-04-14 04:12] - 0052480 ____A

(Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== Alternate Data Streams (whitelisted) ====


==================== Loaded Modules (whitelisted) ============


==================== Scheduled Tasks (whitelisted) ===========


==================== Supplementary Scan (All) ================

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\ArcSoft Connection Service
C:\Program Files\Common Files\ArcSoft\Connection

Service\Bin\ACDaemon.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D

8A56B10AA}
"C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\CleanSetup
cmd /C rmdir /S /Q "C:\Documents and Settings\jindrich\Local

Settings\Temp\nro.tmp\" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Documents and Settings\jindrich\Data

aplikac\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Documents and Settings\jindrich\Data

aplikac\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\DAEMON Tools Pro Agent
"C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\DependencyCheck
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\Family Tree Builder Update
C:\FRAPS\FRAPS.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\Fraps
"C:\Documents and Settings\jindrich\Local Settings\Data

aplikac\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\Google Update
"C:\Program Files\Google\Drive\googledrivesync.exe" /autostart

[x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\GoogleDriveSync
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\HP Software Update
C:\Documents and Settings\jindrich\Local Settings\Data

aplikac\MediaGet2\mediaget.exe --minimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\MediaGet2
"C:\Program Files\Messenger\msmsgs.exe" /background [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\MSMSGS
"C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\NBKeyScan
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\NeroFilterCheck
"C:\Program Files\Nokia\PC Internet Access\NPCIA.exe" /b [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\NokiaPCInternetAccess
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\NokiaSuite.exe
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\NvCplDaemon
"C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d

listicka 1 szn-software-listicka cz.seznam.software.autoupdate

[x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\NvMediaCenter
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\RTHDCPL
"C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Documents and Settings\jindrich\Data

aplikac\Yontoo\YontooDesktop.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\SunJavaUpdateSched
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\uTorrent
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\Yontoo Desktop
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupfolder\C:^Documents and Settings^All

Users^Nabdka Start^Programy^Po sputn^HP Digital Imaging

Monitor.lnk
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupfolder\C:^Documents and Settings^All

Users^Nabdka Start^Programy^Po sputn^Philips SA52XX Device

Manager.lnk
C:\PROGRA~1\Philips\SA52XX~1\SA52XX~1.EXE


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\nm
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\nm.

sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\{1a

3e09be-1e45-494b-9174-d7385b45bbf5}


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Po

licies\explorer]
"HonorAutoRunSetting"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=dword:00000001
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAcce

ss\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAcce

ss\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedacce

ss\parameters\firewallpolicy\domainprofile\authorizedapplication

s\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.e

xe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network

Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedacce

ss\parameters\firewallpolicy\standardprofile\authorizedapplicati

ons\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.e

xe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network

Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Common

Files\\soft602\\langserv.exe"="C:\\Program Files\\Common

Files\\soft602\\langserv.exe:*:Enabled:Software602 Spell

Checker"
"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpns

vr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA

Updatus\\daemonu.exe"="C:\\Program Files\\NVIDIA

Corporation\\NVIDIA Updatus\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\Documents and Settings\\jindrich\\Local Settings\\Data

aplikac\\MediaGet2\\mediaget.exe"="C:\\Documents and

Settings\\jindrich\\Local Settings\\Data

aplikac\\MediaGet2\\mediaget.exe:*:Enabled:MediaGet torrent

client"
"C:\\Program Files\\Sudden Strike\\game_exe.exe"="C:\\Program

Files\\Sudden Strike\\game_exe.exe:*:Enabled:Game_Exe"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dp

laysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\\Program Files\\Google\\Google

Earth\\client\\googleearth.exe"="C:\\Program

Files\\Google\\Google

Earth\\client\\googleearth.exe:*:Enabled:Google Earth"
"C:\\Documents and

Settings\\jindrich\\Dokumenty\\SSTNSGame.exe"="C:\\Documents and

Settings\\jindrich\\Dokumenty\\SSTNSGame.exe:*:Enabled:Sudden

Strike 3 Game"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program

Files\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent"
"C:\\Program Files\\FireFly Studios\\Stronghold

Crusader\\Stronghold Crusader.exe"="C:\\Program Files\\FireFly

Studios\\Stronghold Crusader\\Stronghold

Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\\Program Files\\Hasbro Interactive\\RollerCoaster

Tycoon\\rct.exe"="C:\\Program Files\\Hasbro

Interactive\\RollerCoaster Tycoon\\rct.exe:*:Enabled:rct"
"C:\\Program Files\\Nero\\Nero8\\Nero

ShowTime\\ShowTime.exe"="C:\\Program Files\\Nero\\Nero8\\Nero

ShowTime\\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\\Documents and Settings\\jindrich\\Local

Settings\\Temp\\7zS46BB\\HPDiagnosticCoreUI.exe"="C:\\Documents

and Settings\\jindrich\\Local

Settings\\Temp\\7zS46BB\\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS

"
"C:\\Documents and Settings\\jindrich\\Local

Settings\\Temp\\7zS5066\\HPDiagnosticCoreUI.exe"="C:\\Documents

and Settings\\jindrich\\Local

Settings\\Temp\\7zS5066\\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS

"
"C:\\Documents and Settings\\jindrich\\Local

Settings\\Temp\\7zS08BD\\HPDiagnosticCoreUI.exe"="C:\\Documents

and Settings\\jindrich\\Local

Settings\\Temp\\7zS08BD\\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS

"
"C:\\Program Files\\Empire Interactive\\Sudden Strike

3\\SS3Game.exe"="C:\\Program Files\\Empire Interactive\\Sudden

Strike 3\\SS3Game.exe:*:Enabled:Sudden Strike 3 Game"
"C:\\Games\\World_of_Tanks\\WorldOfTanks.exe"="C:\\Games\\World_

of_Tanks\\WorldOfTanks.exe:*:Disabled:World of Tanks"
"C:\\Games\\World_of_Tanks\\WOTLauncher.exe"="C:\\Games\\World_o

f_Tanks\\WOTLauncher.exe:*:Disabled:World of Tanks Launcher"
"C:\\Counter-Strike 1.6\\csko.exe"="C:\\Counter-Strike

1.6\\csko.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Movies

Toolbar\\SafetyNut\\SRTOOL~1\\IE\\dtUser.exe"="C:\\Program

Files\\Movies

Toolbar\\SafetyNut\\SRTOOL~1\\IE\\dtUser.exe:*:Enabled:Movies

Toolbar (Dist. by Somoto Ltd.) DTX Broker"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAcce

ss\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\Lis

t]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAcce

ss\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\L

ist]
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Drivers32]
"midimapper"="midimap.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msadpcm"="msadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.trspch"="tssoft32.acm"
"vidc.cvid"="iccvid.dll"
"vidc.I420"="msh263.drv"
"vidc.iv31"="ir32_32.dll"
"vidc.iv32"="ir32_32.dll"
"vidc.iv41"="ir41_32.ax"
"vidc.iyuv"="iyuv_32.dll"
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"vidc.uyvy"="msyuv.dll"
"vidc.yuy2"="msyuv.dll"
"vidc.yvu9"="tsbyuv.dll"
"vidc.yvyu"="msyuv.dll"
"wavemapper"="msacm32.drv"
"msacm.msg723"="msg723.acm"
"vidc.M263"="msh263.drv"
"vidc.M261"="msh261.drv"
"msacm.msaudio1"="msaud32.acm"
"msacm.sl_anet"="sl_anet.acm"
"msacm.iac2"="C:\\WINDOWS\\system32\\iac25_32.ax"
"vidc.iv50"="ir50_32.dll"
"msacm.l3acm"="l3codeca.acm"
"VIDC.FPS1"="frapsvid.dll"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Drivers32\Terminal Server]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Drivers32\Terminal Server\RDP]
"wave"="rdpsnd.dll"
"mixer"="rdpsnd.dll"
"MaxBandwidth"=dword:000056b9
"wavemapper"="msacm32.drv"
"EnableMP3Codec"=dword:00000001
"midimapper"="midimap.dll"


==================== Drive and Memory info ===================




==================== End Of Log ==============================

Nejak se rozhodilo formatovani Muzete prosim oba logy (FRST.txt i Addition.txt) zabalit a dat do prilohy prispevku? Pripadne mi poslete oba logy na mail.

Dekuji

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKCU\...\Run: [Google Update] - C:\Documents and Settings\jindrich\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [116648 2012-03-27] (Google Inc.)
  HKCU\...\Run: [] - [x]
  HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
  HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
  MountPoints2: {112d90ff-d5a0-11e2-bc59-0050fc02431a} - F:\NokiaPCIA_Autorun.exe
  MountPoints2: {26f7eaf5-d171-11e0-a868-0050fc02431a} - F:\Autorun.exe
  MountPoints2: {ef52e8f0-d31f-11e0-a86b-0050fc02431a} - F:\start.exe
  MountPoints2: {fa94fa3c-c65f-11e0-a845-0050fc02431a} - F:\Autorun.exe
  
  HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
  HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
  HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
  SearchScopes: HKLM - DefaultScope value is missing.
  
  FF Extension: Movies Toolbar (Dist. by Somoto Ltd.) - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}
  
  CHR DefaultSearchURL: (qvo6) - http://www.google.com
  CHR DefaultSuggestURL: (qvo6) -       "suggest_url": ""
  CHR HKLM\...\Chrome\Extension: [aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Documents and Settings\jindrich\Local Settings\Data aplikací\somotomoviestoolbar1\GC\toolbar.crx
  CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\DOCUME~1\jindrich\LOCALS~1\Temp\crx5C.tmp
  CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Documents and Settings\jindrich\Local Settings\Data aplikací\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx
  
  2013-09-08 17:27 - 2013-09-08 17:27 - 00000000 ____D C:\Documents and Settings\jindrich\Data aplikací\somotomoviestoolbar1
  2013-09-08 17:26 - 2013-09-08 17:26 - 00000000 ____D C:\Program Files\Movies Toolbar
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CleanSetup" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DependencyCheck" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fraps" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGet2" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaPCInternetAccess" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yontoo Desktop" /f
  
  Hosts:
  CMD: shutdown /r /f /t 2
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-09-2013 01
Ran by jindrich at 2013-09-12 20:16:34 Run:1
Running from C:\Documents and Settings\jindrich\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [Google Update] - C:\Documents and Settings\jindrich\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [116648 2012-03-27] (Google Inc.)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
MountPoints2: {112d90ff-d5a0-11e2-bc59-0050fc02431a} - F:\NokiaPCIA_Autorun.exe
MountPoints2: {26f7eaf5-d171-11e0-a868-0050fc02431a} - F:\Autorun.exe
MountPoints2: {ef52e8f0-d31f-11e0-a86b-0050fc02431a} - F:\start.exe
MountPoints2: {fa94fa3c-c65f-11e0-a845-0050fc02431a} - F:\Autorun.exe

HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
SearchScopes: HKLM - DefaultScope value is missing.

FF Extension: Movies Toolbar (Dist. by Somoto Ltd.) - C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}

CHR DefaultSearchURL: (qvo6) - http://www.google.com
CHR DefaultSuggestURL: (qvo6) - "suggest_url": ""
CHR HKLM\...\Chrome\Extension: [aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Documents and Settings\jindrich\Local Settings\Data aplikací\somotomoviestoolbar1\GC\toolbar.crx
CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\DOCUME~1\jindrich\LOCALS~1\Temp\crx5C.tmp
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Documents and Settings\jindrich\Local Settings\Data aplikací\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx

2013-09-08 17:27 - 2013-09-08 17:27 - 00000000 ____D C:\Documents and Settings\jindrich\Data aplikací\somotomoviestoolbar1
2013-09-08 17:26 - 2013-09-08 17:26 - 00000000 ____D C:\Program Files\Movies Toolbar

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CleanSetup" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DependencyCheck" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fraps" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGet2" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaPCInternetAccess" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yontoo Desktop" /f

Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDriveTypeAutoRun => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{112d90ff-d5a0-11e2-bc59-0050fc02431a} => Key deleted successfully.
HKCR\CLSID\{112d90ff-d5a0-11e2-bc59-0050fc02431a} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26f7eaf5-d171-11e0-a868-0050fc02431a} => Key deleted successfully.
HKCR\CLSID\{26f7eaf5-d171-11e0-a868-0050fc02431a} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef52e8f0-d31f-11e0-a86b-0050fc02431a} => Key deleted successfully.
HKCR\CLSID\{ef52e8f0-d31f-11e0-a86b-0050fc02431a} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa94fa3c-c65f-11e0-a845-0050fc02431a} => Key deleted successfully.
HKCR\CLSID\{fa94fa3c-c65f-11e0-a845-0050fc02431a} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultURL => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Documents and Settings\jindrich\Data aplikací\Mozilla\Firefox\Profiles\rg662xqg.default\Extensions\{3444c3c5-6c56-4a16-a453-832b05bf6ea4} => Moved successfully.
CHR DefaultSearchURL: (qvo6) - http://www.google.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSuggestURL: (qvo6) - "suggest_url": "" ==> The Chrome "Settings" can be used to fix the entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic => Key deleted successfully.
C:\Documents and Settings\jindrich\Local Settings\Data aplikací\somotomoviestoolbar1\GC\toolbar.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj => Key deleted successfully.
"C:\DOCUME~1\jindrich\LOCALS~1\Temp\crx5C.tmp" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc => Key deleted successfully.
"C:\Documents and Settings\jindrich\Local Settings\Data aplikací\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx" => File/Directory not found.
C:\Documents and Settings\jindrich\Data aplikací\somotomoviestoolbar1 => Moved successfully.
C:\Program Files\Movies Toolbar => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CleanSetup" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DependencyCheck" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fraps" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGet2" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaPCInternetAccess" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yontoo Desktop" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Děkuji. vše jsem udělal a počítač zrychlil.

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat