Stránka 1 z 1

Reklamy na každé navštívené stránce

Napsal: 21 dub 2014 10:17
od jozefpepa
Dobrý den, prosím o kontrolu logu, mám problémy s reklamou v prohlížeči (na každé stránce vyskakují okna).




Logfile of random's system information tool 1.09 (written by random/random)
Run by Petra at 2014-04-21 11:04:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 44 GB (38%) free of 116 GB
Total RAM: 2009 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:04:59, on 21.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Petra\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Petra.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: W2PBrowser Browser Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O2 - BHO: Surftastic - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7792 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "keyword.URL" - "http://trovi.com/ResultsExt.aspx?ctid=C ... 595&UM=&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
Ask.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\extensions\
{707db484-2428-402d-afb5-d85b387544c7}
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\searchplugins\
Ask.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin.xml
mario-forever-customized-web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-06-25 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA609D72-8482-4076-8991-8CDAE5B93BCB}]
W2PBrowser Class - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-08-23 1236992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-06-25 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-04-21 11:04:53 ----D---- C:\rsit
2014-04-21 11:04:53 ----D---- C:\Program Files (x86)\trend micro
2014-04-21 11:03:10 ----A---- C:\ComboFix.txt
2014-04-21 10:58:17 ----D---- C:\$RECYCLE.BIN
2014-04-21 10:56:33 ----D---- C:\Windows\temp
2014-04-20 09:27:17 ----D---- C:\found.001
2014-04-19 19:54:46 ----D---- C:\Users\Petra\AppData\Roaming\MiniGet
2014-04-19 19:54:42 ----D---- C:\Program Files (x86)\MiniGet
2014-04-19 19:53:18 ----D---- C:\Program Files (x86)\Seznam.cz
2014-04-19 19:53:06 ----D---- C:\Users\Petra\AppData\Roaming\Seznam.cz
2014-04-09 08:31:53 ----A---- C:\Windows\SysWOW64\mshtml.dll
2014-04-09 08:31:36 ----A---- C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 08:31:34 ----A---- C:\Windows\SysWOW64\setup16.exe
2014-04-09 08:31:34 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 08:31:34 ----A---- C:\Windows\SysWOW64\kernel32.dll
2014-04-09 08:31:33 ----A---- C:\Windows\SysWOW64\wow32.dll
2014-04-09 08:31:33 ----A---- C:\Windows\SysWOW64\user.exe
2014-04-09 08:31:33 ----A---- C:\Windows\SysWOW64\instnm.exe

======List of files/folders modified in the last 1 month======

2014-04-21 11:04:53 ----D---- C:\Program Files (x86)
2014-04-21 11:04:17 ----D---- C:\Windows\System32
2014-04-21 11:04:17 ----D---- C:\Windows\inf
2014-04-21 11:03:14 ----D---- C:\Qoobox
2014-04-21 10:58:19 ----D---- C:\Windows
2014-04-21 10:58:19 ----A---- C:\Windows\system.ini
2014-04-21 10:58:17 ----D---- C:\Windows\erdnt
2014-04-21 10:56:33 ----D---- C:\Windows\Prefetch
2014-04-21 10:55:37 ----D---- C:\Windows\SysWOW64
2014-04-21 10:52:50 ----D---- C:\Windows\SysWOW64\drivers
2014-04-21 10:52:50 ----D---- C:\Windows\AppPatch
2014-04-21 10:52:49 ----D---- C:\Program Files (x86)\Common Files
2014-04-21 10:47:34 ----D---- C:\Windows\Tasks
2014-04-21 10:47:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-04-21 08:34:56 ----A---- C:\Windows\win.ini
2014-04-20 19:56:29 ----SHD---- C:\System Volume Information
2014-04-20 19:45:00 ----SHD---- C:\Windows\Installer
2014-04-20 19:45:00 ----SD---- C:\Users\Petra\AppData\Roaming\Microsoft
2014-04-19 19:52:59 ----RD---- C:\Program Files
2014-04-10 04:00:54 ----D---- C:\Windows\rescache
2014-04-10 03:23:29 ----D---- C:\Windows\winsxs
2014-04-10 03:20:56 ----D---- C:\Windows\SysWOW64\cs-CZ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\Windows\system32\Drivers\SABI.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R1 wStLibG64;wStLibG64; C:\Windows\system32\drivers\wStLibG64.sys []
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys []
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys []
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys []
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys []
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys []
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
S3 BrSerIb;Brother MFC Serial Interface Driver(WDM); C:\Windows\system32\DRIVERS\BrSerIb.sys []
S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM); C:\Windows\system32\DRIVERS\BrUsbSIb.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
S3 rtport;rtport; \??\C:\Windows\SysWOW64\drivers\rtport.sys [2010-10-15 15144]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys []
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys []
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys []
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-21 951584]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Reklamy na každé navštívené stránce

Napsal: 21 dub 2014 10:21
od Rudy
Zdravím!
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Reklamy na každé navštívené stránce

Napsal: 21 dub 2014 10:35
od jozefpepa
# AdwCleaner v3.101 - Report created 21/04/2014 at 11:32:07
# Updated 20/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Petra - PETRA-PC
# Running from : C:\Users\Petra\Desktop\AdwCleaner (2).exe
# Option : Clean

***** [ Services ] *****

Service Deleted : wStLibG64

***** [ Files / Folders ] *****

[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Users\Petra\.android
Folder Deleted : C:\Users\Petra\AppData\Local\iLivid
Folder Deleted : C:\Users\Petra\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Petra\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Petra\Documents\Mobogenie
Folder Deleted : C:\Users\Petra\Documents\Youcam
Folder Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\ConduitCommon
Folder Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\ICQToolbarData
Folder Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\Smartbar
Folder Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\ValueApps
Folder Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\CT2247187
Folder Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\Extensions\{707db484-2428-402d-afb5-d85b387544c7}
File Deleted : C:\Users\Public\Desktop\iLivid.lnk
File Deleted : C:\Users\Petra\daemonprocess.txt
File Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\searchplugins\Ask.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Ask.xml
File Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2247187
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\ICQ\ICQToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v7.0.1 (cs)

[ File : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\prefs.js ]

Line Deleted : user_pref("CT2247187..clientLogIsEnabled", true);
Line Deleted : user_pref("CT2247187..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2247187..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2247187.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT2247187.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2247187.AppTrackingLastCheckTime", "Mon Feb 06 2012 16:38:22 GMT+0100");
Line Deleted : user_pref("CT2247187.BrowserCompStateIsOpen_129666192279313208", true);
Line Deleted : user_pref("CT2247187.BrowserCompStateIsOpen_129737852131523932", true);
Line Deleted : user_pref("CT2247187.BrowserCompStateIsOpen_129737852278370778", true);
Line Deleted : user_pref("CT2247187.BrowserCompStateIsOpen_130100560707087583", true);
Line Deleted : user_pref("CT2247187.BrowserCompStateIsOpen_1359634297000", true);
Line Deleted : user_pref("CT2247187.CT2247187", "CT2247187");
Line Deleted : user_pref("CT2247187.CommunitiesChangesLastCheckTime", "Tue Dec 17 2013 17:56:47 GMT+0100");
Line Deleted : user_pref("CT2247187.CommunitiesChangesLastUrl", "hxxp://grouping.services.conduit.com/GroupingRequest.ctp?type=ToolbarsInfo&ctids=CT2247187");
Line Deleted : user_pref("CT2247187.CommunityChanged", true);
Line Deleted : user_pref("CT2247187.CurrentServerDate", "17-12-2013");
Line Deleted : user_pref("CT2247187.DSChangedManually", false);
Line Deleted : user_pref("CT2247187.DSInstall", true);
Line Deleted : user_pref("CT2247187.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2247187.DialogsGetterLastCheckTime", "Tue Dec 17 2013 17:56:48 GMT+0100");
Line Deleted : user_pref("CT2247187.DownloadDomainsCheckInterval", "168");
Line Deleted : user_pref("CT2247187.DownloadDomainsListLastCheckTime", "Tue Dec 17 2013 17:56:47 GMT+0100");
Line Deleted : user_pref("CT2247187.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2247187.EMailNotifierPollDate", "Sat Apr 21 2012 19:23:54 GMT+0200");
Line Deleted : user_pref("CT2247187.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2247187.FirstServerDate", "28-11-2011");
Line Deleted : user_pref("CT2247187.FirstTime", true);
Line Deleted : user_pref("CT2247187.FirstTimeFF3", true);
Line Deleted : user_pref("CT2247187.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2247187.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2247187.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2247187.HPChangedManually", false);
Line Deleted : user_pref("CT2247187.HPInstall", true);
Line Deleted : user_pref("CT2247187.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2247187.HomePageProtectorEnabled", true);
Line Deleted : user_pref("CT2247187.HomepageBeforeUnload", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("CT2247187.Initialize", true);
Line Deleted : user_pref("CT2247187.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2247187.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2247187.InstallationType", "Unknown");
Line Deleted : user_pref("CT2247187.InstalledDate", "Mon Nov 28 2011 16:36:31 GMT+0100");
Line Deleted : user_pref("CT2247187.InvalidateCache", false);
Line Deleted : user_pref("CT2247187.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT2247187.IsGrouping", false);
Line Deleted : user_pref("CT2247187.IsInitSetupIni", true);
Line Deleted : user_pref("CT2247187.IsMulticommunity", true);
Line Deleted : user_pref("CT2247187.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2247187.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2247187.IsProtectorsInit", true);
Line Deleted : user_pref("CT2247187.LanguagePackLastCheckTime", "Tue Dec 17 2013 17:56:48 GMT+0100");
Line Deleted : user_pref("CT2247187.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2247187.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2247187.LastLogin_3.13.0.6", "Wed Aug 08 2012 16:12:29 GMT+0200");
Line Deleted : user_pref("CT2247187.LastLogin_3.14.1.0", "Sun Sep 30 2012 17:13:39 GMT+0200");
Line Deleted : user_pref("CT2247187.LastLogin_3.15.1.0", "Fri May 17 2013 13:47:06 GMT+0200");
Line Deleted : user_pref("CT2247187.LastLogin_3.18.0.7", "Wed Aug 14 2013 08:56:07 GMT+0200");
Line Deleted : user_pref("CT2247187.LastLogin_3.19.0.3", "Tue Dec 17 2013 17:56:48 GMT+0100");
Line Deleted : user_pref("CT2247187.LastLogin_3.8.0.8", "Sat Apr 21 2012 19:23:55 GMT+0200");
Line Deleted : user_pref("CT2247187.LatestVersion", "3.20.0.4");
Line Deleted : user_pref("CT2247187.Locale", "en");
Line Deleted : user_pref("CT2247187.MAX_NUMBER_OF_ALERTS_129666192279313208", "1_1323450192281");
Line Deleted : user_pref("CT2247187.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2247187.MCDetectTooltipShow", true);
Line Deleted : user_pref("CT2247187.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2247187.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2247187.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT2247187.OriginalFirstVersion", "3.8.0.8");
Line Deleted : user_pref("CT2247187.RadioIsPodcast", false);
Line Deleted : user_pref("CT2247187.RadioLastCheckTime", "Fri Apr 20 2012 21:38:42 GMT+0200");
Line Deleted : user_pref("CT2247187.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT2247187.RadioLastUpdateServer", "128929877726170000");
Line Deleted : user_pref("CT2247187.RadioMediaID", "10957728");
Line Deleted : user_pref("CT2247187.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT2247187.RadioMenuSelectedID", "EBRadioMenu_CT224718710957728");
Line Deleted : user_pref("CT2247187.RadioShrinkedFromSetup", false);
Line Deleted : user_pref("CT2247187.RadioStationName", "Rap%20(Uncensored)");
Line Deleted : user_pref("CT2247187.RadioStationURL", "hxxp://www.1club.fm/go/tunein.aspx?station=raw");
Line Deleted : user_pref("CT2247187.RestartDialogFirstTime", "false");
Line Deleted : user_pref("CT2247187.RestartDialogShouldDisplay", "false");
Line Deleted : user_pref("CT2247187.SavedHomepage", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("CT2247187.SearchCaption", "Mario Forever Customized Web Search");
Line Deleted : user_pref("CT2247187.SearchEngineBeforeUnload", "ICQ Search");
Line Deleted : user_pref("CT2247187.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2247187.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=2&q=");
Line Deleted : user_pref("CT2247187.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2247187.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2247187.SearchInNewTabLastCheckTime", "Tue Dec 17 2013 17:56:47 GMT+0100");
Line Deleted : user_pref("CT2247187.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT2247187.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2247187.SearchProtectorEnabled", true);
Line Deleted : user_pref("CT2247187.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT2247187.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT2247187.ServiceMapLastCheckTime", "Tue Dec 17 2013 17:56:47 GMT+0100");
Line Deleted : user_pref("CT2247187.SettingsLastCheckTime", "Tue Dec 17 2013 17:56:47 GMT+0100");
Line Deleted : user_pref("CT2247187.SettingsLastUpdate", "1387288677");
Line Deleted : user_pref("CT2247187.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2247187&SearchSource=13");
Line Deleted : user_pref("CT2247187.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2247187.ThirdPartyComponentsLastCheck", "Sun Apr 15 2012 09:38:41 GMT+0200");
Line Deleted : user_pref("CT2247187.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT2247187.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT2247187.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT2247187.UserID", "UN26968881057734595");
Line Deleted : user_pref("CT2247187.ValidationData_Toolbar", 1);
Line Deleted : user_pref("CT2247187.WeatherNetwork", "");
Line Deleted : user_pref("CT2247187.WeatherPollDate", "Sat Apr 21 2012 19:23:56 GMT+0200");
Line Deleted : user_pref("CT2247187.WeatherUnit", "C");
Line Deleted : user_pref("CT2247187.activationstep.from_oldbar.enc", "NQ==");
Line Deleted : user_pref("CT2247187.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT2247187.alertChannelId", "644679");
Line Deleted : user_pref("CT2247187.autocompletepro_enable.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2247187.autocompletepro_enable_auto.from_oldbar.enc", "MQ==");
Line Deleted : user_pref("CT2247187.backendstorage.activationstep", "35");
Line Deleted : user_pref("CT2247187.backendstorage.autocompletepro_enable", "31");
Line Deleted : user_pref("CT2247187.backendstorage.autocompletepro_enable_auto", "31");
Line Deleted : user_pref("CT2247187.backendstorage.cbfirsttime", "4672692046656220313720323031322031383A31323A303320474D542B30313030");
Line Deleted : user_pref("CT2247187.backendstorage.firstrun", "31333232343934353935313636");
Line Deleted : user_pref("CT2247187.backendstorage.hxxp://conduit_anybodyoutthere_com.guid", "313333343638323431323339372D653163643365656331653234");
Line Deleted : user_pref("CT2247187.backendstorage.hxxp://conduit_anybodyoutthere_com.instts", "31333334363836393936333232");
Line Deleted : user_pref("CT2247187.backendstorage.loadtimes", "3537");
Line Deleted : user_pref("CT2247187.backendstorage.shoppingapp.gk.exipres", "53756E2041707220323220323031322031393A30363A343820474D542B30323030");
Line Deleted : user_pref("CT2247187.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Line Deleted : user_pref("CT2247187.backendstorage.uniqueid", "43424330343337313542323841463134");
Line Deleted : user_pref("CT2247187.browser.search.defaultthis.engineName", true);
Line Deleted : user_pref("CT2247187.cbfirsttime.from_oldbar.enc", "RnJpIEZlYiAxNyAyMDEyIDE4OjEyOjAzIEdNVCswMTAw");
Line Deleted : user_pref("CT2247187.components.1000034", true);
Line Deleted : user_pref("CT2247187.components.1000234", true);
Line Deleted : user_pref("CT2247187.countryCode", "CZ");
Line Deleted : user_pref("CT2247187.enableAlerts", "always");
Line Deleted : user_pref("CT2247187.firstTimeDialogOpened", true);
Line Deleted : user_pref("CT2247187.firstrun.from_oldbar.enc", "MTMyMjQ5NDU5NTE2Ng==");
Line Deleted : user_pref("CT2247187.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT2247187.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT2247187.fullUserID", "UN26968881057734595.UP.20620049");
Line Deleted : user_pref("CT2247187.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2247187.globalFirstTimeInfoLastCheckTime", "Sun Apr 15 2012 09:38:43 GMT+0200");
Line Deleted : user_pref("CT2247187.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2247187.hxxp___conduit_anybodyoutthere_com.guid.from_oldbar.enc", "MTMzNDY4MjQxMjM5Ny1lMWNkM2VlYzFlMjQ=");
Line Deleted : user_pref("CT2247187.hxxp___conduit_anybodyoutthere_com.instts.from_oldbar.enc", "MTMzNDY4Njk5NjMyMg==");
Line Deleted : user_pref("CT2247187.initDone", true);
Line Deleted : user_pref("CT2247187.installType", "Unknown");
Line Deleted : user_pref("CT2247187.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT2247187.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT2247187.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2247187.isFirstRadioInstallation", false);
Line Deleted : user_pref("CT2247187.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT2247187.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT2247187.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2247187.keyword", true);
Line Deleted : user_pref("CT2247187.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?gd=&ctid=CT2247187&octid=CT2247187&ISID=ISID_ID&SearchSource=15&CUI=UN26968881057734595&Lay=1&[...]
Line Deleted : user_pref("CT2247187.lastVersion", "10.29.0.520");
Line Deleted : user_pref("CT2247187.loadtimes.from_oldbar.enc", "NTc=");
Line Deleted : user_pref("CT2247187.myStuffEnabled", true);
Line Deleted : user_pref("CT2247187.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2247187.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2247187.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2247187.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2247187.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://MarioForever.OurToolbar.com/\",\"EB_TO[...]
Line Deleted : user_pref("CT2247187.oldAppsList", "200,128834881989343894,128834881989343895,111,129415741154562666,129482767434387624,129472911381737500,129143810623275080,129470857361013040,129066416652342809,1288[...]
Line Deleted : user_pref("CT2247187.originalHomepage", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("CT2247187.originalSearchAddressUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.6&q=");
Line Deleted : user_pref("CT2247187.originalSearchEngine", "ICQ Search");
Line Deleted : user_pref("CT2247187.performedDomainChangesMigration", "true");
Line Deleted : user_pref("CT2247187.revertSettingsEnabled", true);
Line Deleted : user_pref("CT2247187.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT2247187.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT2247187.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT2247187.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2247187.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT2247187.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2247187.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT2247187.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2247187.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2247187.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2247187.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2247187\"}");
Line Deleted : user_pref("CT2247187.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://MarioForever.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2247187.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Mario Forever \"}");
Line Deleted : user_pref("CT2247187.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2247187.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT2247187.serviceLayer_services_Configuration_lastUpdate", "1398015929963");
Line Deleted : user_pref("CT2247187.serviceLayer_services_login_10.20.101.5_lastUpdate", "1389365581920");
Line Deleted : user_pref("CT2247187.serviceLayer_services_login_10.29.0.520_lastUpdate", "1398070063975");
Line Deleted : user_pref("CT2247187.serviceLayer_services_searchAPI_lastUpdate", "1398015929849");
Line Deleted : user_pref("CT2247187.serviceLayer_services_serviceMap_lastUpdate", "1398015929692");
Line Deleted : user_pref("CT2247187.serviceLayer_services_toolbarSettings_lastUpdate", "1398070064020");
Line Deleted : user_pref("CT2247187.serviceLayer_services_translation_lastUpdate", "1398015929710");
Line Deleted : user_pref("CT2247187.settingsINI", true);
Line Deleted : user_pref("CT2247187.showToolbarPermission", "false");
Line Deleted : user_pref("CT2247187.smartbar.CTID", "CT2247187");
Line Deleted : user_pref("CT2247187.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT2247187.smartbar.homepage", true);
Line Deleted : user_pref("CT2247187.smartbar.toolbarName", "Mario Forever ");
Line Deleted : user_pref("CT2247187.testingCtid", "");
Line Deleted : user_pref("CT2247187.toolbarAppMetaDataLastCheckTime", "Tue Dec 17 2013 17:56:48 GMT+0100");
Line Deleted : user_pref("CT2247187.toolbarBornServerTime", "28-11-2011");
Line Deleted : user_pref("CT2247187.toolbarContextMenuLastCheckTime", "Sun Apr 15 2012 09:38:43 GMT+0200");
Line Deleted : user_pref("CT2247187.toolbarCurrentServerTime", "21-4-2014");
Line Deleted : user_pref("CT2247187.toolbarLoginClientTime", "Thu Dec 26 2013 11:01:09 GMT+0100");
Line Deleted : user_pref("CT2247187.uniqueid.from_oldbar.enc", "Q0JDMDQzNzE1QjI4QUYxNA==");
Line Deleted : user_pref("CT2247187.upgradeFromOBVersion", true);
Line Deleted : user_pref("CT2247187.usagesFlag", 2);
Line Deleted : user_pref("CT2247187_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1398072514459,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2247187&SearchSource=13");
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "Mario Forever Customized Web Search");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2247187/CT2247187", "\"4b7c4a94edd2964233a85450c9ec65a83\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/644679/640541/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2247187", "\"1365582473\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "m4Df43NZ+9lr21ZNdyYrjA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "V3ke+ogt4ejn0sB1xPR3nw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "bM8wQLfFAEKgVLVF/G5zig==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "9zRvKErdMb8hJOq85ft5Vg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"80133a6b165cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"80b45d28468cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"2a1a0d7b586ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"9f8d2729abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.0.8", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2247187", "\"52c3f1538cb4af4ada257fcbc6b15d49\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2247187&octid=CT2247187", "\"1322145739\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/equalizer_dead.gif", "\"09586ee4e19c81:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/minimize.gif", "\"09586ee4e19c81:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/play.gif", "\"09586ee4e19c81:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/stop.gif", "\"09586ee4e19c81:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/vol.gif", "\"09586ee4e19c81:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"968402cf2834e7ec0f38a19f0e9a9eb0\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Petra\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\ht0pxxls.default\\conduitCommon\\modules\\3.8.0.8");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.6&q=");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2247187");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2247187");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2247187");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "0b8a661a-f6ac-4727-97b6-881e941bfc44");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2247187");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Apr 15 2012 09:38:42 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Apr 21 2012 19:24:03 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Apr 20 2012 21:38:42 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "7dee8e7d-c13e-4e02-9582-2d51ed7601b8");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "ICQ Search");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?CUI=UN26968881057734595&ctid=CT2247187&SearchSource=13");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "Mario Forever Customized Web Search");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=3&q={searchTerms}&CUI=UN26968881057734595");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.6&q=");
Line Deleted : user_pref("Smartbar.TBHomepagesList", "hxxp://search.conduit.com/?CUI=UN26968881057734595&ctid=CT2247187&SearchSource=13");
Line Deleted : user_pref("Smartbar.TBSearchEngineList", "Mario Forever Customized Web Search");
Line Deleted : user_pref("Smartbar.TBSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=3&q={searchTerms}&CUI=UN26968881057734595");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT2247187");
Line Deleted : user_pref("browser.search.defaultenginename", "Mario Forever Customized Web Search");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "Mario Forever Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", true);
Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1397930136);
Line Deleted : user_pref("icqtoolbar.history", "Seznam%20Najdu%20Tam%20Co%20Neznam||Era%20||Era%20Online%20Bankovnictv%C3%AD||era%20internetove%20bankovnictv%C3%AD||%C4%8Dpp%20b%C5%99eclav||seznam.cz||seznam||c||Sez[...]
Line Deleted : user_pref("icqtoolbar.hpChange", true);
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1346137798");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "7.0.1");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "130617649513061761351308052185222");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1398015928);
Line Deleted : user_pref("icqtoolbar.userHpApproved", true);
Line Deleted : user_pref("icqtoolbar.version", "1.5.3");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("keyword.URL", "hxxp://trovi.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=2&CUI=UN26968881057734595&UM=&q=");
Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT2247187");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2247187&SearchSource=13,hxxp://search.conduit.com/?CUI=UN26968881057734595&ctid=CT2247187&SearchSource=13");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=2&CU[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT2247187");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT2247187");
Line Deleted : user_pref("smartbar.homepageList", "hxxp://search.conduit.com/?ctid=CT2247187&SearchSource=13,hxxp://search.conduit.com/?CUI=UN26968881057734595&ctid=CT2247187&SearchSource=13");
Line Deleted : user_pref("smartbar.machineId", "DXLKFY3D+O8J5NQZAIE9XXNZZKERNBSUSQOLSC6GYEGC0KUJCGQR6DRZOAVGWLIWZ76FTOOJF41UNC13EIBL9Q");
Line Deleted : user_pref("smartbar.searchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=2&CUI=UN269[...]
Line Deleted : user_pref("valueApps.CT2247187.mam_gk_currentVersion", "312E31332E302E3137");
Line Deleted : user_pref("valueApps.CT2247187.mam_gk_currentVersion.storedInFile", false);
Line Deleted : user_pref("valueApps.CT2247187.mam_gk_migrated_from_ls", "31");
Line Deleted : user_pref("valueApps.CT2247187.mam_gk_migrated_from_ls.storedInFile", false);
Line Deleted : user_pref("valueApps.CT2247187.mam_gk_userBornDate", "4E2F41");
Line Deleted : user_pref("valueApps.CT2247187.mam_gk_userBornDate.storedInFile", false);

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [34968 octets] - [21/04/2014 11:30:37]
AdwCleaner[S0].txt - [35270 octets] - [21/04/2014 11:32:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [35331 octets] ##########

Re: Reklamy na každé navštívené stránce

Napsal: 21 dub 2014 11:22
od Rudy
Dejte nový log RSIT.

Re: Reklamy na každé navštívené stránce

Napsal: 21 dub 2014 11:44
od jozefpepa
Log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petra at 2014-04-21 12:42:30
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 44 GB (38%) free of 116 GB
Total RAM: 2009 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:42:31, on 21.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Users\Petra\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Petra.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: W2PBrowser Browser Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O2 - BHO: Surftastic - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7838 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\searchplugins\
mario-forever-customized-web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-06-25 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA609D72-8482-4076-8991-8CDAE5B93BCB}]
W2PBrowser Class - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-08-23 1236992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-06-25 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-04-21 11:30:31 ----D---- C:\AdwCleaner
2014-04-21 11:04:53 ----D---- C:\rsit
2014-04-21 11:04:53 ----D---- C:\Program Files (x86)\trend micro
2014-04-21 11:03:10 ----A---- C:\ComboFix.txt
2014-04-21 10:58:17 ----D---- C:\$RECYCLE.BIN
2014-04-21 10:56:33 ----D---- C:\Windows\temp
2014-04-20 09:27:17 ----D---- C:\found.001
2014-04-19 19:54:46 ----D---- C:\Users\Petra\AppData\Roaming\MiniGet
2014-04-19 19:54:42 ----D---- C:\Program Files (x86)\MiniGet
2014-04-19 19:53:18 ----D---- C:\Program Files (x86)\Seznam.cz
2014-04-19 19:53:06 ----D---- C:\Users\Petra\AppData\Roaming\Seznam.cz
2014-04-09 08:31:53 ----A---- C:\Windows\SysWOW64\mshtml.dll
2014-04-09 08:31:36 ----A---- C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 08:31:34 ----A---- C:\Windows\SysWOW64\setup16.exe
2014-04-09 08:31:34 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 08:31:34 ----A---- C:\Windows\SysWOW64\kernel32.dll
2014-04-09 08:31:33 ----A---- C:\Windows\SysWOW64\wow32.dll
2014-04-09 08:31:33 ----A---- C:\Windows\SysWOW64\user.exe
2014-04-09 08:31:33 ----A---- C:\Windows\SysWOW64\instnm.exe

======List of files/folders modified in the last 1 month======

2014-04-21 11:37:49 ----D---- C:\Windows\System32
2014-04-21 11:37:49 ----D---- C:\Windows\inf
2014-04-21 11:32:13 ----D---- C:\ProgramData
2014-04-21 11:32:13 ----D---- C:\Program Files (x86)
2014-04-21 11:28:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-04-21 11:03:14 ----D---- C:\Qoobox
2014-04-21 10:58:19 ----D---- C:\Windows
2014-04-21 10:58:19 ----A---- C:\Windows\system.ini
2014-04-21 10:58:17 ----D---- C:\Windows\erdnt
2014-04-21 10:56:33 ----D---- C:\Windows\Prefetch
2014-04-21 10:55:37 ----D---- C:\Windows\SysWOW64
2014-04-21 10:52:50 ----D---- C:\Windows\SysWOW64\drivers
2014-04-21 10:52:50 ----D---- C:\Windows\AppPatch
2014-04-21 10:52:49 ----D---- C:\Program Files (x86)\Common Files
2014-04-21 10:47:34 ----D---- C:\Windows\Tasks
2014-04-21 08:34:56 ----A---- C:\Windows\win.ini
2014-04-20 19:56:29 ----SHD---- C:\System Volume Information
2014-04-20 19:45:00 ----SHD---- C:\Windows\Installer
2014-04-20 19:45:00 ----SD---- C:\Users\Petra\AppData\Roaming\Microsoft
2014-04-19 19:52:59 ----RD---- C:\Program Files
2014-04-10 04:00:54 ----D---- C:\Windows\rescache
2014-04-10 03:23:29 ----D---- C:\Windows\winsxs
2014-04-10 03:20:56 ----D---- C:\Windows\SysWOW64\cs-CZ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\Windows\system32\Drivers\SABI.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys []
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys []
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys []
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys []
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys []
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
S3 BrSerIb;Brother MFC Serial Interface Driver(WDM); C:\Windows\system32\DRIVERS\BrSerIb.sys []
S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM); C:\Windows\system32\DRIVERS\BrUsbSIb.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
S3 rtport;rtport; \??\C:\Windows\SysWOW64\drivers\rtport.sys [2010-10-15 15144]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys []
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys []
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys []
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-21 951584]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Reklamy na každé navštívené stránce

Napsal: 21 dub 2014 16:08
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Re: Reklamy na každé navštívené stránce

Napsal: 21 dub 2014 18:55
od jozefpepa
log z OTM:

All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6673938-a52b-4dc6-af05-783e7e2c8b65}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData
->Temp folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Petra
->Temp folder emptied: 461158 bytes
->Temporary Internet Files folder emptied: 462967456 bytes
->Java cache emptied: 9842555 bytes
->FireFox cache emptied: 95938852 bytes
->Google Chrome cache emptied: 106019736 bytes
->Flash cache emptied: 46900 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3528 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46068 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 763 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42328503 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 684.00 mb


[EMPTYFLASH]

User: All Users

User: AppData

User: Default

User: Default User

User: Petra
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 04212014_195021

Files moved on Reboot...
C:\Users\Petra\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Petra\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

Registry entries deleted on Reboot...

Re: Reklamy na každé navštívené stránce

Napsal: 21 dub 2014 18:56
od jozefpepa
pardon log z RSIT :-):

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petra at 2014-04-21 19:56:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 45 GB (39%) free of 116 GB
Total RAM: 2009 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:56:03, on 21.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Users\Petra\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Petra.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: W2PBrowser Browser Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7582 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\ht0pxxls.default\searchplugins\
mario-forever-customized-web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-06-25 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA609D72-8482-4076-8991-8CDAE5B93BCB}]
W2PBrowser Class - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-08-23 1236992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-06-25 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-04-21 19:50:21 ----D---- C:\_OTM
2014-04-21 11:30:31 ----D---- C:\AdwCleaner
2014-04-21 11:04:53 ----D---- C:\rsit
2014-04-21 11:04:53 ----D---- C:\Program Files (x86)\trend micro
2014-04-21 11:03:10 ----A---- C:\ComboFix.txt
2014-04-21 10:58:17 ----D---- C:\$RECYCLE.BIN
2014-04-21 10:56:33 ----D---- C:\Windows\temp
2014-04-20 09:27:17 ----D---- C:\found.001
2014-04-19 19:54:46 ----D---- C:\Users\Petra\AppData\Roaming\MiniGet
2014-04-19 19:54:42 ----D---- C:\Program Files (x86)\MiniGet
2014-04-19 19:53:18 ----D---- C:\Program Files (x86)\Seznam.cz
2014-04-19 19:53:06 ----D---- C:\Users\Petra\AppData\Roaming\Seznam.cz
2014-04-09 08:31:53 ----A---- C:\Windows\SysWOW64\mshtml.dll
2014-04-09 08:31:36 ----A---- C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 08:31:34 ----A---- C:\Windows\SysWOW64\setup16.exe
2014-04-09 08:31:34 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 08:31:34 ----A---- C:\Windows\SysWOW64\kernel32.dll
2014-04-09 08:31:33 ----A---- C:\Windows\SysWOW64\wow32.dll
2014-04-09 08:31:33 ----A---- C:\Windows\SysWOW64\user.exe
2014-04-09 08:31:33 ----A---- C:\Windows\SysWOW64\instnm.exe

======List of files/folders modified in the last 1 month======

2014-04-21 19:56:03 ----D---- C:\Windows\Prefetch
2014-04-21 19:50:52 ----D---- C:\Windows\SysWOW64
2014-04-21 19:50:21 ----D---- C:\Windows\Tasks
2014-04-21 11:37:49 ----D---- C:\Windows\System32
2014-04-21 11:37:49 ----D---- C:\Windows\inf
2014-04-21 11:32:13 ----D---- C:\ProgramData
2014-04-21 11:32:13 ----D---- C:\Program Files (x86)
2014-04-21 11:28:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-04-21 11:03:14 ----D---- C:\Qoobox
2014-04-21 10:58:19 ----D---- C:\Windows
2014-04-21 10:58:19 ----A---- C:\Windows\system.ini
2014-04-21 10:58:17 ----D---- C:\Windows\erdnt
2014-04-21 10:52:50 ----D---- C:\Windows\SysWOW64\drivers
2014-04-21 10:52:50 ----D---- C:\Windows\AppPatch
2014-04-21 10:52:49 ----D---- C:\Program Files (x86)\Common Files
2014-04-21 08:34:56 ----A---- C:\Windows\win.ini
2014-04-20 19:56:29 ----SHD---- C:\System Volume Information
2014-04-20 19:45:00 ----SHD---- C:\Windows\Installer
2014-04-20 19:45:00 ----SD---- C:\Users\Petra\AppData\Roaming\Microsoft
2014-04-19 19:52:59 ----RD---- C:\Program Files
2014-04-10 04:00:54 ----D---- C:\Windows\rescache
2014-04-10 03:23:29 ----D---- C:\Windows\winsxs
2014-04-10 03:20:56 ----D---- C:\Windows\SysWOW64\cs-CZ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\Windows\system32\Drivers\SABI.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys []
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys []
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys []
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys []
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys []
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
S3 BrSerIb;Brother MFC Serial Interface Driver(WDM); C:\Windows\system32\DRIVERS\BrSerIb.sys []
S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM); C:\Windows\system32\DRIVERS\BrUsbSIb.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
S3 rtport;rtport; \??\C:\Windows\SysWOW64\drivers\rtport.sys [2010-10-15 15144]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys []
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys []
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys []
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-21 951584]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Reklamy na každé navštívené stránce

Napsal: 21 dub 2014 19:10
od Rudy
Dvouklikem na soubor C:\Program Files (x86)\trend micro\Petra.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
R3 - URLSearchHook: (no name) - - (no file)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Re: Reklamy na každé navštívené stránce

Napsal: 21 dub 2014 19:57
od jozefpepa
Provedeno, je to tedy vše? pc funguje perfektně bez problémů :-) moc děkuji :-)

Re: Reklamy na každé navštívené stránce

Napsal: 21 dub 2014 20:16
od Rudy
Pokud není jiný problém, je to vše. :)