Logfile of random's system information tool 1.09 (written by random/random)
Run by Wareza at 2012-11-04 19:16:29
Microsoft Windows 7 Home Premium
System drive C: has 85 GB (36%) free of 238 GB
Total RAM: 4091 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:16:38, on 4.11.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Windows\System32\PrintDisp.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Wareza.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [FontExpertType1Loader] C:\Program Files (x86)\FontExpert\Type1Loader.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1119
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Wareza\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{19D18547-F755-46BA-9807-56DDCB85DD57}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{32C913EE-9640-4023-93A9-F7A94D537652}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFA22BA6-5B0C-4C2C-8FEA-D0E3056B4F5D}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{19D18547-F755-46BA-9807-56DDCB85DD57}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{19D18547-F755-46BA-9807-56DDCB85DD57}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: CrypKey License - Unknown owner - C:\Windows\system32\crypserv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: Transbase TECDOC CD 1_2011 Service - Unknown owner - D:\TECDOC_CD\1_2011\db\tbmux32.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 19054 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 26963408
\??\C:\Windows\system32\conhost.exe "-1490285535-2698038282402454241445827462-14075644774704507901347758192946366343
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {92A4A03B-8139-4F5C-9E6A-CA58750810B7}
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\crypserv.exe
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe"
C:\Windows\SysWOW64\nlssrv32.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\PrintCtrl.exe
C:\Windows\SysWOW64\PSIService.exe
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2924
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Windows\System32\PrintDisp.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"taskhost.exe"
C:\Windows\system32\msiexec.exe /V
"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /addGadget
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe"
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=057c8c5d-a66a-4b5e-8f73-db00ec7cf339 /coreSdkOptions=4126 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\72cb2c7d-c7bc-407c-bbab-6516b95ce060-18e0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=4470dd31-89e1-4410-a05d-e720ff6c1363 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\3f2d1578-83ac-454d-9255-e6240aa02874-4d4-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6504.bb47c00.397960309 "C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\npsitesafety.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 6504 "\\.\pipe\gecko-crash-server-pipe.6504" plugin
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6504.1048da00.498136579 "C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\plugins\np-mswmp.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 6504 "\\.\pipe\gecko-crash-server-pipe.6504" plugin
"C:\Users\Wareza\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3893988867-3537961221-3907201996-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3893988867-3537961221-3907201996-1000UA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, FasterFox_Lite@BigRedBrent:3.9.1Lite, DTToolbar@toolbarnet.com:1.1.3.0244, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.03, engine@conduit.com:3.2.5.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 2475029&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@protectdisc.com/NPMPDRM]
"Description"=MPDRM License Acquisition Plugin
"Path"=C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198]
"Description"=15.0.0.198
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
KavAntiBanner@Kaspersky.ru
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
nsjsrealplayerplugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg-secure-search.xml
babylon.xml
fcmdSrchddr.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\
FasterFox_Lite@BigRedBrent
ffxtlbr@Facemoods.com
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{e001c731-5e37-4538-a5cb-8168736a2360}
C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\
askcom.xml
conduit.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin.xml
mailru---.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll [2010-10-26 262144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll [2012-11-04 1796552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll [2012-11-04 1796552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-10 520760]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-04-19 136136]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-27 2184520]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2011-01-03 976896]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Google Update"=C:\Users\Wareza\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-02 136176]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-15 98304]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"FontExpertType1Loader"=C:\Program Files (x86)\FontExpert\Type1Loader.exe [2010-05-14 294208]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-12-10 296056]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-03-06 421736]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"ROC_roc_ssl_v12"=C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe [2012-11-04 1020512]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-08-29 3039352]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2012-11-04 997320]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1119 []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll,C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\System32\klogon.dll [2010-07-01 233656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRkrn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRSVC]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-11-04 19:16:30 ----D---- C:\Program Files\trend micro
2012-11-04 19:11:32 ----D---- C:\Users\Wareza\AppData\Roaming\AVG2013
2012-11-04 19:09:12 ----D---- C:\ProgramData\AVG Secure Search
2012-11-04 19:08:56 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2012-11-04 19:08:51 ----D---- C:\Program Files (x86)\AVG Secure Search
2012-11-04 19:06:38 ----HD---- C:\$AVG
2012-11-04 19:05:11 ----D---- C:\Program Files (x86)\AVG
2012-11-04 18:55:00 ----D---- C:\rsit
2012-11-04 11:13:25 ----A---- C:\Windows\unins000.exe
2012-11-04 11:13:25 ----A---- C:\Windows\unins000.dat
2012-11-04 10:54:25 ----A---- C:\Windows\SYSWOW64\WRusr.dll
2012-11-04 10:54:25 ----A---- C:\Windows\system32\WRusr.dll
2012-11-04 10:43:50 ----A---- C:\Windows\system32\drivers\WRkrn.sys
2012-11-04 10:43:49 ----D---- C:\ProgramData\WRData
2012-11-04 10:36:07 ----D---- C:\Users\Wareza\AppData\Roaming\QuickScan
2012-11-04 00:25:27 ----D---- C:\ProgramData\ESET
2012-11-03 19:53:23 ----A---- C:\scu.dat
2012-11-03 17:54:33 ----N---- C:\Windows\system32\1796.tmp
2012-11-03 17:40:53 ----N---- C:\Windows\system32\952D.tmp
2012-11-03 12:39:40 ----D---- C:\Users\Wareza\AppData\Roaming\TuneUp Software
2012-11-03 12:37:18 ----D---- C:\ProgramData\AVG2013
2012-11-01 23:50:02 ----D---- C:\Windows\Minidump
2012-11-01 22:26:03 ----A---- C:\autoexec.bat
2012-11-01 22:24:17 ----D---- C:\Windows\DDABC66756B3412282B02F5782EA2F9A.TMP
2012-11-01 12:05:32 ----D---- C:\Program Files (x86)\facemoods.com
2012-11-01 12:05:29 ----D---- C:\Program Files (x86)\JDownloader
2012-10-31 21:01:18 ----D---- C:\Users\Wareza\AppData\Roaming\VitySoft
2012-10-30 13:31:10 ----D---- C:\Windows\SYSWOW64\gs
2012-10-30 13:31:10 ----A---- C:\Windows\SYSWOW64\gswin32c.exe
2012-10-30 13:28:55 ----A---- C:\Windows\SYSWOW64\msxml2.dll
2012-10-30 13:28:36 ----A---- C:\Windows\SYSWOW64\vbar332.dll
2012-10-27 11:00:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-17 21:00:27 ----D---- C:\Users\Wareza\AppData\Roaming\EMCO
2012-10-17 20:55:08 ----D---- C:\ProgramData\IObit
2012-10-17 20:55:06 ----D---- C:\Program Files (x86)\IObit
2012-10-17 20:40:19 ----A---- C:\Windows\ntbtlog.txt
======List of files/folders modified in the last 1 month======
2012-11-04 19:16:33 ----D---- C:\Windows\Temp
2012-11-04 19:16:30 ----RD---- C:\Program Files
2012-11-04 19:11:59 ----SHD---- C:\Windows\Installer
2012-11-04 19:11:59 ----SHD---- C:\Config.Msi
2012-11-04 19:11:39 ----D---- C:\ProgramData\MFAData
2012-11-04 19:10:07 ----D---- C:\Windows\system32\Tasks
2012-11-04 19:09:12 ----HD---- C:\ProgramData
2012-11-04 19:08:56 ----D---- C:\Windows\system32\drivers
2012-11-04 19:08:51 ----RD---- C:\Program Files (x86)
2012-11-04 19:07:55 ----D---- C:\Windows\inf
2012-11-04 19:07:47 ----D---- C:\Windows\system32\DriverStore
2012-11-04 19:06:02 ----AD---- C:\Windows\System32
2012-11-04 19:05:43 ----SHD---- C:\System Volume Information
2012-11-04 18:56:41 ----D---- C:\Windows\system32\catroot
2012-11-04 16:04:34 ----D---- C:\Users\Wareza\AppData\Roaming\uTorrent
2012-11-04 15:17:50 ----D---- C:\Windows\SysWOW64
2012-11-04 15:17:50 ----AD---- C:\Windows
2012-11-04 15:17:32 ----D---- C:\Users\Wareza\AppData\Roaming\Skype
2012-11-04 15:13:33 ----D---- C:\Windows\system32\catroot2
2012-11-04 11:05:39 ----D---- C:\ProgramData\AVAST Software
2012-11-04 10:23:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-03 17:34:41 ----D---- C:\Users\Wareza\AppData\Roaming\DAEMON Tools Lite
2012-11-03 12:39:13 ----D---- C:\Program Files (x86)\Common Files
2012-11-03 12:28:47 ----D---- C:\ProgramData\AVG2012
2012-11-03 12:26:05 ----D---- C:\Windows\SYSWOW64\drivers
2012-11-03 12:26:02 ----D---- C:\Windows\system32\drivers\AVG
2012-11-02 16:37:58 ----D---- C:\ProgramData\Windows Codecs
2012-11-02 14:26:31 ----D---- C:\ProgramData\CanonIJPLM
2012-11-02 13:16:40 ----D---- C:\Windows\Prefetch
2012-11-01 23:53:23 ----SD---- C:\Users\Wareza\AppData\Roaming\Microsoft
2012-11-01 23:20:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-30 23:50:30 ----A---- C:\Windows\system32\aswBoot.exe
2012-10-24 19:01:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-10-24 19:00:57 ----D---- C:\Program Files (x86)\IMSIDesign
2012-10-17 20:54:43 ----D---- C:\Program Files (x86)\Unlocker
2012-10-17 20:23:05 ----D---- C:\Program Files (x86)\Share Rapid Uploader
2012-10-08 20:08:10 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 27216]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-08-09 230240]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-08-10 40288]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2010-06-09 460888]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore64.sys [2011-11-14 367912]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-08-13 150880]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-08-09 175968]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-08-10 105312]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-08-10 199520]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2012-11-04 30568]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-17 279616]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2010-06-09 11864]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2010-04-22 27736]
R1 NetworkX;NetworkX; C:\Windows\System32\ckldrv.sys [2010-03-19 30272]
R1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [2012-07-15 55384]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; C:\Windows\system32\DRIVERS\aksdf.sys [2006-12-13 65024]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-12-04 314368]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-08-07 3058168]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2010-08-21 34152]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-02-03 60408]
S0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-08-09 60768]
S0 TfFsMon;TfFsMon; C:\Windows\system32\drivers\TfFsMon.sys []
S0 TFSysMon;TfSysMon; C:\Windows\system32\drivers\TfSysMon.sys []
S2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS [2008-11-23 97792]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-15 6403072]
S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\Windows\syswow64\1796.tmp []
S3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD64.sys [2011-09-28 70760]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 TfNetMon;TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys []
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-15 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-27 55144]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-08-20 5751928]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-08-20 184304]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 CrypKey License;CrypKey License; C:\Windows\system32\crypserv.exe [2010-03-18 126976]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2012-02-07 66560]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-04-24 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-04-24 107832]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2009-10-28 65536]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-04 711112]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-06 934760]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-02-25 196464]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-08-20 1286392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-04 136176]
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S2 Transbase TECDOC CD 1_2011 Service;Transbase TECDOC CD 1_2011 Service; D:\TECDOC_CD\1_2011\db\tbmux32.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-04 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
Zdravim 
Trvate na antiviru avg ? U nas neni moc obliben - vyssi zatez systemu, slabsi detekce. Ja bych byl pro zmenu, ale vy rozhodnete
Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam
Trvate na antiviru avg ? U nas neni moc obliben - vyssi zatez systemu, slabsi detekce. Ja bych byl pro zmenu, ale vy rozhodnete Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam
- Nahrado za Spybota doporucuji SAS
- SuperAntiSpyare - info o nem [url]http://www.viry.cz/forum
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Dobrý den,
Spybot jsem nahradil SAS.
AVG rád změním, můžete mi doporučit kompletní ochranu jak FREE, tak placené.
Děkuji
Spybot jsem nahradil SAS.
AVG rád změním, můžete mi doporučit kompletní ochranu jak FREE, tak placené.
Děkuji
Re: Prosím o kontrolu
Firewall ve W7 je uz na slusne urovni, takze jej muzete doplnit Avastem Free Pokud chcete placenou ochranu tak NIS, KIS, Avast Security ci ESS Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Search
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
# AdwCleaner v2.006 - Logfile created 11/06/2012 at 11:07:37
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Wareza - HOME
# Boot Mode : Normal
# Running from : C:\Users\Wareza\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Users\Wareza\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\Askcom.xml
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\Conduit.xml
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\daemon-search.xml
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin.xml
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin-3.xml
File Found : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Found : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found : C:\Program Files (x86)\facemoods.com
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\Users\Wareza\AppData\Local\APN
Folder Found : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Folder Found : C:\Users\Wareza\AppData\Local\MyAshampoo
Folder Found : C:\Users\Wareza\AppData\LocalLow\Conduit
Folder Found : C:\Users\Wareza\AppData\LocalLow\ConduitEngine
Folder Found : C:\Users\Wareza\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Wareza\AppData\LocalLow\MyAshampoo
Folder Found : C:\Users\Wareza\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Conduit
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\ConduitCommon
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\ConduitEngine
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\CT2475029
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\ffxtlbr@Facemoods.com
***** [Registry] *****
Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\MyAshampoo
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\facemoods.com
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0840990-AC2E-449D-B1A7-ADC6F24653E6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\MyAshampoo
Key Found : HKCU\Software\Zugo
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Key Found : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Found : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Found : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Found : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\facemoods.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F0840990-AC2E-449D-B1A7-ADC6F24653E6}
Key Found : HKLM\Software\MyAshampoo
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C3FD13D-9D7D-4A35-B6AC-A68EF9807C0D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA14C429-FD32-4586-A0A8-02E0AE596D41}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Found : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Found : HKLM\SOFTWARE\Software
Key Found : HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.facemoods.com/?a=ddr
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.facemoods.com/?a=ddr&f=2
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
-\\ Mozilla Firefox v16.0.2 (cs)
Profile name : default
File : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\prefs.js
Found : user_pref("CT2475029..clientLogIsEnabled", false);
Found : user_pref("CT2475029..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2475029..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2475029.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2475029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2475029.BrowserCompStateIsOpen_129781019473889442", true);
Found : user_pref("CT2475029.CT2481020.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481020.alertChannelId", "874426");
Found : user_pref("CT2475029.CT2481024.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481024.alertChannelId", "874430");
Found : user_pref("CT2475029.CT2481025.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481025.alertChannelId", "874431");
Found : user_pref("CT2475029.CT2481029.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481029.alertChannelId", "874435");
Found : user_pref("CT2475029.CT2481031.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481031.alertChannelId", "874437");
Found : user_pref("CT2475029.CT2481032.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481032.alertChannelId", "874438");
Found : user_pref("CT2475029.CT2481033.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481033.alertChannelId", "874439");
Found : user_pref("CT2475029.CT2481034.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481034.alertChannelId", "874440");
Found : user_pref("CT2475029.CT2481035.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481035.alertChannelId", "874441");
Found : user_pref("CT2475029.CT2481037.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481037.alertChannelId", "874443");
Found : user_pref("CT2475029.CTID", "ct2475029");
Found : user_pref("CT2475029.CommunitiesChangesLastCheckTime", "Tue Nov 06 2012 10:39:55 GMT+0100");
Found : user_pref("CT2475029.CommunitiesChangesLastUrl", "hxxp://grouping.services.conduit.com/GroupingReque[...]
Found : user_pref("CT2475029.CommunityChanged", true);
Found : user_pref("CT2475029.CurrentServerDate", "6-11-2012");
Found : user_pref("CT2475029.DialogsAlignMode", "LTR");
Found : user_pref("CT2475029.DialogsGetterLastCheckTime", "Sun Nov 04 2012 19:02:13 GMT+0100");
Found : user_pref("CT2475029.DownloadDomainsCheckInterval", "168");
Found : user_pref("CT2475029.DownloadDomainsListLastCheckTime", "Thu Nov 01 2012 17:59:29 GMT+0100");
Found : user_pref("CT2475029.DownloadDomainsListLastServerUpdateTime", "1201073583");
Found : user_pref("CT2475029.DownloadReferralCookieData", "");
Found : user_pref("CT2475029.EMailNotifierPollDate", "Thu Feb 17 2011 00:49:10 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129132307482029379", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129132307482029381", "Fri Aug 10 2012 17:59:07 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129132307482029382", "Fri Aug 10 2012 17:59:07 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129133095459686870", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129133095459686871", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129137437659687146", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129137437659687147", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129137437659687148", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129255180214602500", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214602506", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214602512", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214602518", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214602524", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214602530", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603404", "Thu Feb 17 2011 00:49:19 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603410", "Thu Feb 17 2011 00:49:19 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603416", "Thu Feb 17 2011 00:49:19 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603422", "Thu Feb 17 2011 00:49:19 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603428", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603434", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603440", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603446", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603452", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603458", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603464", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603470", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603476", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603482", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603488", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603494", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758786", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758792", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758798", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758804", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758810", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758816", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758822", "Tue Feb 15 2011 12:08:18 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758828", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758834", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758840", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758846", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758852", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758858", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758864", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758870", "Tue Feb 15 2011 12:08:19 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758876", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758882", "Wed Feb 16 2011 22:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758888", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758894", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758900", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758906", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758912", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758918", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758924", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758930", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758936", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758942", "Wed Feb 16 2011 22:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758948", "Wed Feb 16 2011 22:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758954", "Wed Feb 16 2011 22:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758960", "Wed Feb 16 2011 22:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedTTL129132307482029379", 40);
Found : user_pref("CT2475029.FeedTTL129132307482029381", 40);
Found : user_pref("CT2475029.FeedTTL129132307482029382", 40);
Found : user_pref("CT2475029.FeedTTL129133095459686870", 40);
Found : user_pref("CT2475029.FeedTTL129133095459686871", 40);
Found : user_pref("CT2475029.FeedTTL129137437659687146", 40);
Found : user_pref("CT2475029.FeedTTL129137437659687147", 40);
Found : user_pref("CT2475029.FeedTTL129137437659687148", 40);
Found : user_pref("CT2475029.FeedTTL129255180214602500", 15);
Found : user_pref("CT2475029.FeedTTL129255180214602512", 2);
Found : user_pref("CT2475029.FeedTTL129255180214602518", 5);
Found : user_pref("CT2475029.FeedTTL129255180214602524", 5);
Found : user_pref("CT2475029.FeedTTL129255180214603416", 15);
Found : user_pref("CT2475029.FeedTTL129255180214603428", 60);
Found : user_pref("CT2475029.FeedTTL129255180214603482", 60);
Found : user_pref("CT2475029.FeedTTL129255180214603488", 15);
Found : user_pref("CT2475029.FeedTTL129255180214603494", 2);
Found : user_pref("CT2475029.FeedTTL129255180214758786", 5);
Found : user_pref("CT2475029.FeedTTL129255180214758798", 30);
Found : user_pref("CT2475029.FeedTTL129255180214758804", 30);
Found : user_pref("CT2475029.FeedTTL129255180214758810", 2);
Found : user_pref("CT2475029.FeedTTL129255180214758828", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758840", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758846", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758852", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758870", 1440);
Found : user_pref("CT2475029.FeedTTL129255180214758900", 10);
Found : user_pref("CT2475029.FeedTTL129255180214758918", 5);
Found : user_pref("CT2475029.FirstServerDate", "31-1-2011");
Found : user_pref("CT2475029.FirstTime", true);
Found : user_pref("CT2475029.FirstTimeFF3", true);
Found : user_pref("CT2475029.FixPageNotFoundErrors", true);
Found : user_pref("CT2475029.GroupingLastCheckTime", "Mon Nov 05 2012 23:31:04 GMT+0100");
Found : user_pref("CT2475029.GroupingLastErrorCode", "");
Found : user_pref("CT2475029.GroupingLastResponse", false);
Found : user_pref("CT2475029.GroupingLastServerUpdateTime", "129423394297730000");
Found : user_pref("CT2475029.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2475029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2475029.HasUserGlobalKeys", true);
Found : user_pref("CT2475029.Initialize", true);
Found : user_pref("CT2475029.InitializeCommonPrefs", true);
Found : user_pref("CT2475029.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2475029.InstallationType", "Unknown");
Found : user_pref("CT2475029.InstalledDate", "Mon Jan 31 2011 10:30:38 GMT+0100");
Found : user_pref("CT2475029.IsAlertDBUpdated", true);
Found : user_pref("CT2475029.IsGrouping", true);
Found : user_pref("CT2475029.IsMulticommunity", true);
Found : user_pref("CT2475029.IsOpenThankYouPage", false);
Found : user_pref("CT2475029.IsOpenUninstallPage", true);
Found : user_pref("CT2475029.LanguagePackLastCheckTime", "Mon Jan 31 2011 10:30:42 GMT+0100");
Found : user_pref("CT2475029.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2475029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2475029.LastLogin_2.5.6.0", "Thu Feb 17 2011 00:04:10 GMT+0100");
Found : user_pref("CT2475029.LastLogin_3.12.2.3", "Mon May 28 2012 13:33:58 GMT+0200");
Found : user_pref("CT2475029.LastLogin_3.13.0.6", "Sun Jul 15 2012 14:22:39 GMT+0200");
Found : user_pref("CT2475029.LastLogin_3.14.1.0", "Wed Aug 22 2012 10:10:35 GMT+0200");
Found : user_pref("CT2475029.LastLogin_3.15.1.0", "Tue Nov 06 2012 10:40:01 GMT+0100");
Found : user_pref("CT2475029.LatestVersion", "3.14.1.0");
Found : user_pref("CT2475029.Locale", "en");
Found : user_pref("CT2475029.LoginCache", 4);
Found : user_pref("CT2475029.MCDetectTooltipHeight", "83");
Found : user_pref("CT2475029.MCDetectTooltipShow", true);
Found : user_pref("CT2475029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2475029.MCDetectTooltipWidth", "295");
Found : user_pref("CT2475029.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2475029.RadioIsPodcast", false);
Found : user_pref("CT2475029.RadioMediaID", "13098944");
Found : user_pref("CT2475029.RadioMediaType", "Media Player");
Found : user_pref("CT2475029.RadioMenuSelectedID", "EBRadioMenu_CT247502913098944");
Found : user_pref("CT2475029.RadioShrinkedFromSetup", false);
Found : user_pref("CT2475029.RadioStationName", "Mellesleg%20-%20Rapp");
Found : user_pref("CT2475029.RadioStationURL", "hxxp://195.228.254.168:8060/");
Found : user_pref("CT2475029.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2475029.SavedHomepage", "hxxp://www.seznam.cz/");
Found : user_pref("CT2475029.SearchBoxWidth", 101);
Found : user_pref("CT2475029.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2475029.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2475029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT247[...]
Found : user_pref("CT2475029.SearchInNewTabEnabled", true);
Found : user_pref("CT2475029.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2475029.SearchInNewTabLastCheckTime", "Mon Jan 31 2011 10:30:42 GMT+0100");
Found : user_pref("CT2475029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2475029.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2475029.ServiceMapLastCheckTime", "Tue Nov 06 2012 10:39:54 GMT+0100");
Found : user_pref("CT2475029.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2475029.SettingsLastCheckTime", "Mon Jan 31 2011 10:30:36 GMT+0100");
Found : user_pref("CT2475029.SettingsLastUpdate", "1295971309");
Found : user_pref("CT2475029.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2475029.ThirdPartyComponentsLastCheck", "Mon Jan 31 2011 10:30:36 GMT+0100");
Found : user_pref("CT2475029.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2475029.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2475029");
Found : user_pref("CT2475029.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2475029.UserID", "UN76728684228939032");
Found : user_pref("CT2475029.ValidationData_Search", 0);
Found : user_pref("CT2475029.ValidationData_Toolbar", 2);
Found : user_pref("CT2475029.WeatherNetwork", "");
Found : user_pref("CT2475029.WeatherPollDate", "Wed Feb 16 2011 10:49:37 GMT+0100");
Found : user_pref("CT2475029.WeatherUnit", "C");
Found : user_pref("CT2475029.alertChannelId", "868510");
Found : user_pref("CT2475029.backendstorage.cbcountry_001", "435A");
Found : user_pref("CT2475029.backendstorage.cbfirsttime", "4D6F6E204A756C20333020323031322031383A30393A31352[...]
Found : user_pref("CT2475029.backendstorage.facebook_mode", "32");
Found : user_pref("CT2475029.backendstorage.facebook_user_first_login_date", "30322F30332F32303131");
Found : user_pref("CT2475029.backendstorage.facebook_user_locale", "656E");
Found : user_pref("CT2475029.backendstorage.facebook_user_survey_visit", "4E4F545F56495349544544");
Found : user_pref("CT2475029.backendstorage.shoppingapp.gk.exipres", "5361742041756720313120323031322031393A[...]
Found : user_pref("CT2475029.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Found : user_pref("CT2475029.backendstorage.url_history0001", "687474703A2F2F7777772E70726F66696D65642E637A2[...]
Found : user_pref("CT2475029.clientLogIsEnabled", false);
Found : user_pref("CT2475029.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2475029.ct2475029.DialogsAlignMode", "LTR");
Found : user_pref("CT2475029.ct2475029.FeedLastCount129133095456874337", 400);
Found : user_pref("CT2475029.ct2475029.FeedLastCount6244576562585401993", 2084);
Found : user_pref("CT2475029.ct2475029.GroupingInvalidateCache", false);
Found : user_pref("CT2475029.ct2475029.GroupingLastCheckTime", "Mon Nov 05 2012 23:31:04 GMT+0100");
Found : user_pref("CT2475029.ct2475029.GroupingLastErrorCode", "");
Found : user_pref("CT2475029.ct2475029.GroupingLastResponse", false);
Found : user_pref("CT2475029.ct2475029.GroupingLastServerUpdateTime", "129423394297730000");
Found : user_pref("CT2475029.ct2475029.InvalidateCache", false);
Found : user_pref("CT2475029.ct2475029.LanguagePackLastCheckTime", "Tue Nov 06 2012 00:04:28 GMT+0100");
Found : user_pref("CT2475029.ct2475029.Locale", "en");
Found : user_pref("CT2475029.ct2475029.RadioLastCheckTime", "Fri Aug 10 2012 14:38:07 GMT+0200");
Found : user_pref("CT2475029.ct2475029.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2475029.ct2475029.RadioLastUpdateServer", "129054397178370000");
Found : user_pref("CT2475029.ct2475029.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_[...]
Found : user_pref("CT2475029.ct2475029.SearchInNewTabLastCheckTime", "Tue Nov 06 2012 00:04:24 GMT+0100");
Found : user_pref("CT2475029.ct2475029.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2475029.ct2475029.SettingsLastCheckTime", "Tue Nov 06 2012 10:39:55 GMT+0100");
Found : user_pref("CT2475029.ct2475029.SettingsLastUpdate", "1352140586");
Found : user_pref("CT2475029.ct2475029.ThirdPartyComponentsLastCheck", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.ct2475029.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2475029.ct2475029.globalFirstTimeInfoLastCheckTime", "Fri Aug 10 2012 17:59:07 GMT+0200[...]
Found : user_pref("CT2475029.ct2475029.toolbarAppMetaDataLastCheckTime", "Tue Nov 06 2012 00:04:28 GMT+0100"[...]
Found : user_pref("CT2475029.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2475029.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2475029.initDone", true);
Found : user_pref("CT2475029.isAppTrackingManagerOn", true);
Found : user_pref("CT2475029.isFirstRadioInstallation", false);
Found : user_pref("CT2475029.myStuffEnabled", true);
Found : user_pref("CT2475029.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2475029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2475029.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2475029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2475029.oldAppsList", "200,129053524177369346,129053524177525597,111,129584873345514033[...]
Found : user_pref("CT2475029.revertSettingsEnabled", true);
Found : user_pref("CT2475029.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2475029.searchProtectorEnableByLogin", true);
Found : user_pref("CT2475029.testingCtid", "");
Found : user_pref("CT2475029.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2475029.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/ct2475029/CT2475029[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2475029", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2475029",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"e20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"f9e1a36ec06a38d3adba[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"bd2215467e134e6a02f[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"7987ce87e8df44550bc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"23532b1ba9b061d0305[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"9d06022978f4e2b38f7[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"ad856abd064a6673fdc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/759251.xml", "\"36fe80a0093f8bd7fc7dd[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"bcfce78f43bf99037ad92[...]
Found : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Wareza\\AppData\\Roaming\\Mozilla\\[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2475029,ConduitEngine");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2475029");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue May 31 2011 22:12:59 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jun 23 2011 07:52:43 GMT+0200");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 22:52:33 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "35c4eb9a-0d72-4973-ba0a-19d2291f2c4d");
Found : user_pref("CommunityToolbar.globalUserId", "19607590-4897-4342-9f5c-553478a90262");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2475029");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Aug 06 2012 19:05:3[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Aug 10 2012 14:38:08 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "6b119060-a8f0-4cd4-9be9-49d87def179d");
Found : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200"[...]
Found : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_759251.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200")[...]
Found : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200")[...]
Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue Jun 07 2011 10:27:51 GMT+0200");
Found : user_pref("ConduitEngine.CTID", "ConduitEngine");
Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Jun 22 2011 20:39:53 GMT+0200");
Found : user_pref("ConduitEngine.FirstServerDate", "03/06/2011 17");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Sun Mar 06 2011 15:47:59 GMT+0100");
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Jun 23 2011 07:52:45 GMT+0200");
Found : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Mar 24 2011 10:28:03 GMT+0100");
Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Jun 23 2011 22:52:44 GMT+0200");
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Jun 23 2011 22:52:44 GMT+0200");
Found : user_pref("ConduitEngine.UserID", "UN91527810880447143");
Found : user_pref("ConduitEngine.componentAlertEnabled", true);
Found : user_pref("ConduitEngine.engineLocale", "cs");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Jun 23 2011 07:52:45 GMT+0200");
Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Jun 23 2011 19:52:44 GMT+0200");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Found : user_pref("ConduitEngine.usagesFlag", 2);
Found : user_pref("browser.babylon.HPOnNewTab", "isearch.babylon.com");
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Found : user_pref("browser.search.defaultthis.engineName", "MyAshampoo Customized Web Search");
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://isearch.babylon.com/?babsrc=NT_ss&mntrId=[...]
Found : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Found : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=5");
Found : user_pref("extensions.facemoods.aflt", "ddrnw");
Found : user_pref("extensions.facemoods.dfltSrch", true);
Found : user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");
Found : user_pref("extensions.facemoods.dnsErr", true);
Found : user_pref("extensions.facemoods.firstRun", true);
Found : user_pref("extensions.facemoods.hmpg", true);
Found : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=ddrnw");
Found : user_pref("extensions.facemoods.id", "6623aa4900000000000000266c774594");
Found : user_pref("extensions.facemoods.instlDay", "15336");
Found : user_pref("extensions.facemoods.lastActv", "25");
Found : user_pref("extensions.facemoods.mntz", "");
Found : user_pref("extensions.facemoods.newTab", true);
Found : user_pref("extensions.facemoods.newTabUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=2");
Found : user_pref("extensions.facemoods.prtnrId", "facemoods.com");
Found : user_pref("extensions.facemoods.searchProviderAdded", true);
Found : user_pref("extensions.facemoods.sid", "e1234954cae1474a9e0c190e7d4e34b6");
Found : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=3");
Found : user_pref("extensions.facemoods.vrsn", "1.4.17.11");
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&q=");
-\\ Google Chrome v22.0.1229.94
File : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.16] : urls_to_restore_on_startup = [ "hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=6623aa4900000000000000266c774594" ]
Found [l.47] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
Found [l.50] : keyword = "isearch.avg.com",
Found [l.53] : search_url = "hxxp://isearch.avg.com/search?cid={E6402BEE-6428-42F2-B24F-3705CD0D8A80}&mid=51e5aeb30c9947d6b924d16f2a93ac67-285e8263b01dbcab34478d3bc35575d287722b5e&lang=cs&ds=AVG&pr=pr&d=2012-11-02 14:24:07&v=13.2.0.4&sap=dsp&q={searchTerms}",
Found [l.2195] : urls_to_restore_on_startup = [ "hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=6623aa4900000000000000266c774594" ]
*************************
AdwCleaner[R1].txt - [45310 octets] - [06/11/2012 11:07:37]
########## EOF - C:\AdwCleaner[R1].txt - [45371 octets] ##########
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Wareza - HOME
# Boot Mode : Normal
# Running from : C:\Users\Wareza\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Users\Wareza\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\Askcom.xml
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\Conduit.xml
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\daemon-search.xml
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin.xml
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin-3.xml
File Found : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Found : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found : C:\Program Files (x86)\facemoods.com
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\Users\Wareza\AppData\Local\APN
Folder Found : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Folder Found : C:\Users\Wareza\AppData\Local\MyAshampoo
Folder Found : C:\Users\Wareza\AppData\LocalLow\Conduit
Folder Found : C:\Users\Wareza\AppData\LocalLow\ConduitEngine
Folder Found : C:\Users\Wareza\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Wareza\AppData\LocalLow\MyAshampoo
Folder Found : C:\Users\Wareza\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Conduit
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\ConduitCommon
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\ConduitEngine
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\CT2475029
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\ffxtlbr@Facemoods.com
***** [Registry] *****
Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\MyAshampoo
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\facemoods.com
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0840990-AC2E-449D-B1A7-ADC6F24653E6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\MyAshampoo
Key Found : HKCU\Software\Zugo
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Key Found : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Found : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Found : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Found : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\facemoods.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F0840990-AC2E-449D-B1A7-ADC6F24653E6}
Key Found : HKLM\Software\MyAshampoo
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C3FD13D-9D7D-4A35-B6AC-A68EF9807C0D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA14C429-FD32-4586-A0A8-02E0AE596D41}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Found : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Found : HKLM\SOFTWARE\Software
Key Found : HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.facemoods.com/?a=ddr
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.facemoods.com/?a=ddr&f=2
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
-\\ Mozilla Firefox v16.0.2 (cs)
Profile name : default
File : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\prefs.js
Found : user_pref("CT2475029..clientLogIsEnabled", false);
Found : user_pref("CT2475029..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2475029..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2475029.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2475029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2475029.BrowserCompStateIsOpen_129781019473889442", true);
Found : user_pref("CT2475029.CT2481020.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481020.alertChannelId", "874426");
Found : user_pref("CT2475029.CT2481024.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481024.alertChannelId", "874430");
Found : user_pref("CT2475029.CT2481025.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481025.alertChannelId", "874431");
Found : user_pref("CT2475029.CT2481029.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481029.alertChannelId", "874435");
Found : user_pref("CT2475029.CT2481031.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481031.alertChannelId", "874437");
Found : user_pref("CT2475029.CT2481032.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481032.alertChannelId", "874438");
Found : user_pref("CT2475029.CT2481033.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481033.alertChannelId", "874439");
Found : user_pref("CT2475029.CT2481034.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481034.alertChannelId", "874440");
Found : user_pref("CT2475029.CT2481035.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481035.alertChannelId", "874441");
Found : user_pref("CT2475029.CT2481037.CommunityChanged", true);
Found : user_pref("CT2475029.CT2481037.alertChannelId", "874443");
Found : user_pref("CT2475029.CTID", "ct2475029");
Found : user_pref("CT2475029.CommunitiesChangesLastCheckTime", "Tue Nov 06 2012 10:39:55 GMT+0100");
Found : user_pref("CT2475029.CommunitiesChangesLastUrl", "hxxp://grouping.services.conduit.com/GroupingReque[...]
Found : user_pref("CT2475029.CommunityChanged", true);
Found : user_pref("CT2475029.CurrentServerDate", "6-11-2012");
Found : user_pref("CT2475029.DialogsAlignMode", "LTR");
Found : user_pref("CT2475029.DialogsGetterLastCheckTime", "Sun Nov 04 2012 19:02:13 GMT+0100");
Found : user_pref("CT2475029.DownloadDomainsCheckInterval", "168");
Found : user_pref("CT2475029.DownloadDomainsListLastCheckTime", "Thu Nov 01 2012 17:59:29 GMT+0100");
Found : user_pref("CT2475029.DownloadDomainsListLastServerUpdateTime", "1201073583");
Found : user_pref("CT2475029.DownloadReferralCookieData", "");
Found : user_pref("CT2475029.EMailNotifierPollDate", "Thu Feb 17 2011 00:49:10 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129132307482029379", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129132307482029381", "Fri Aug 10 2012 17:59:07 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129132307482029382", "Fri Aug 10 2012 17:59:07 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129133095459686870", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129133095459686871", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129137437659687146", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129137437659687147", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129137437659687148", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.FeedPollDate129255180214602500", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214602506", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214602512", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214602518", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214602524", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214602530", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603404", "Thu Feb 17 2011 00:49:19 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603410", "Thu Feb 17 2011 00:49:19 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603416", "Thu Feb 17 2011 00:49:19 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603422", "Thu Feb 17 2011 00:49:19 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603428", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603434", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603440", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603446", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603452", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603458", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603464", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603470", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603476", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603482", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603488", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214603494", "Thu Feb 17 2011 00:49:24 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758786", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758792", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758798", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758804", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758810", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758816", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758822", "Tue Feb 15 2011 12:08:18 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758828", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758834", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758840", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758846", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758852", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758858", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758864", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758870", "Tue Feb 15 2011 12:08:19 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758876", "Thu Feb 17 2011 00:49:25 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758882", "Wed Feb 16 2011 22:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758888", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758894", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758900", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758906", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758912", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758918", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758924", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758930", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758936", "Thu Feb 17 2011 00:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758942", "Wed Feb 16 2011 22:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758948", "Wed Feb 16 2011 22:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758954", "Wed Feb 16 2011 22:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedPollDate129255180214758960", "Wed Feb 16 2011 22:49:26 GMT+0100");
Found : user_pref("CT2475029.FeedTTL129132307482029379", 40);
Found : user_pref("CT2475029.FeedTTL129132307482029381", 40);
Found : user_pref("CT2475029.FeedTTL129132307482029382", 40);
Found : user_pref("CT2475029.FeedTTL129133095459686870", 40);
Found : user_pref("CT2475029.FeedTTL129133095459686871", 40);
Found : user_pref("CT2475029.FeedTTL129137437659687146", 40);
Found : user_pref("CT2475029.FeedTTL129137437659687147", 40);
Found : user_pref("CT2475029.FeedTTL129137437659687148", 40);
Found : user_pref("CT2475029.FeedTTL129255180214602500", 15);
Found : user_pref("CT2475029.FeedTTL129255180214602512", 2);
Found : user_pref("CT2475029.FeedTTL129255180214602518", 5);
Found : user_pref("CT2475029.FeedTTL129255180214602524", 5);
Found : user_pref("CT2475029.FeedTTL129255180214603416", 15);
Found : user_pref("CT2475029.FeedTTL129255180214603428", 60);
Found : user_pref("CT2475029.FeedTTL129255180214603482", 60);
Found : user_pref("CT2475029.FeedTTL129255180214603488", 15);
Found : user_pref("CT2475029.FeedTTL129255180214603494", 2);
Found : user_pref("CT2475029.FeedTTL129255180214758786", 5);
Found : user_pref("CT2475029.FeedTTL129255180214758798", 30);
Found : user_pref("CT2475029.FeedTTL129255180214758804", 30);
Found : user_pref("CT2475029.FeedTTL129255180214758810", 2);
Found : user_pref("CT2475029.FeedTTL129255180214758828", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758840", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758846", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758852", 15);
Found : user_pref("CT2475029.FeedTTL129255180214758870", 1440);
Found : user_pref("CT2475029.FeedTTL129255180214758900", 10);
Found : user_pref("CT2475029.FeedTTL129255180214758918", 5);
Found : user_pref("CT2475029.FirstServerDate", "31-1-2011");
Found : user_pref("CT2475029.FirstTime", true);
Found : user_pref("CT2475029.FirstTimeFF3", true);
Found : user_pref("CT2475029.FixPageNotFoundErrors", true);
Found : user_pref("CT2475029.GroupingLastCheckTime", "Mon Nov 05 2012 23:31:04 GMT+0100");
Found : user_pref("CT2475029.GroupingLastErrorCode", "");
Found : user_pref("CT2475029.GroupingLastResponse", false);
Found : user_pref("CT2475029.GroupingLastServerUpdateTime", "129423394297730000");
Found : user_pref("CT2475029.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2475029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2475029.HasUserGlobalKeys", true);
Found : user_pref("CT2475029.Initialize", true);
Found : user_pref("CT2475029.InitializeCommonPrefs", true);
Found : user_pref("CT2475029.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2475029.InstallationType", "Unknown");
Found : user_pref("CT2475029.InstalledDate", "Mon Jan 31 2011 10:30:38 GMT+0100");
Found : user_pref("CT2475029.IsAlertDBUpdated", true);
Found : user_pref("CT2475029.IsGrouping", true);
Found : user_pref("CT2475029.IsMulticommunity", true);
Found : user_pref("CT2475029.IsOpenThankYouPage", false);
Found : user_pref("CT2475029.IsOpenUninstallPage", true);
Found : user_pref("CT2475029.LanguagePackLastCheckTime", "Mon Jan 31 2011 10:30:42 GMT+0100");
Found : user_pref("CT2475029.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2475029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2475029.LastLogin_2.5.6.0", "Thu Feb 17 2011 00:04:10 GMT+0100");
Found : user_pref("CT2475029.LastLogin_3.12.2.3", "Mon May 28 2012 13:33:58 GMT+0200");
Found : user_pref("CT2475029.LastLogin_3.13.0.6", "Sun Jul 15 2012 14:22:39 GMT+0200");
Found : user_pref("CT2475029.LastLogin_3.14.1.0", "Wed Aug 22 2012 10:10:35 GMT+0200");
Found : user_pref("CT2475029.LastLogin_3.15.1.0", "Tue Nov 06 2012 10:40:01 GMT+0100");
Found : user_pref("CT2475029.LatestVersion", "3.14.1.0");
Found : user_pref("CT2475029.Locale", "en");
Found : user_pref("CT2475029.LoginCache", 4);
Found : user_pref("CT2475029.MCDetectTooltipHeight", "83");
Found : user_pref("CT2475029.MCDetectTooltipShow", true);
Found : user_pref("CT2475029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2475029.MCDetectTooltipWidth", "295");
Found : user_pref("CT2475029.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2475029.RadioIsPodcast", false);
Found : user_pref("CT2475029.RadioMediaID", "13098944");
Found : user_pref("CT2475029.RadioMediaType", "Media Player");
Found : user_pref("CT2475029.RadioMenuSelectedID", "EBRadioMenu_CT247502913098944");
Found : user_pref("CT2475029.RadioShrinkedFromSetup", false);
Found : user_pref("CT2475029.RadioStationName", "Mellesleg%20-%20Rapp");
Found : user_pref("CT2475029.RadioStationURL", "hxxp://195.228.254.168:8060/");
Found : user_pref("CT2475029.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2475029.SavedHomepage", "hxxp://www.seznam.cz/");
Found : user_pref("CT2475029.SearchBoxWidth", 101);
Found : user_pref("CT2475029.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2475029.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2475029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT247[...]
Found : user_pref("CT2475029.SearchInNewTabEnabled", true);
Found : user_pref("CT2475029.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2475029.SearchInNewTabLastCheckTime", "Mon Jan 31 2011 10:30:42 GMT+0100");
Found : user_pref("CT2475029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2475029.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2475029.ServiceMapLastCheckTime", "Tue Nov 06 2012 10:39:54 GMT+0100");
Found : user_pref("CT2475029.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2475029.SettingsLastCheckTime", "Mon Jan 31 2011 10:30:36 GMT+0100");
Found : user_pref("CT2475029.SettingsLastUpdate", "1295971309");
Found : user_pref("CT2475029.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2475029.ThirdPartyComponentsLastCheck", "Mon Jan 31 2011 10:30:36 GMT+0100");
Found : user_pref("CT2475029.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2475029.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2475029");
Found : user_pref("CT2475029.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2475029.UserID", "UN76728684228939032");
Found : user_pref("CT2475029.ValidationData_Search", 0);
Found : user_pref("CT2475029.ValidationData_Toolbar", 2);
Found : user_pref("CT2475029.WeatherNetwork", "");
Found : user_pref("CT2475029.WeatherPollDate", "Wed Feb 16 2011 10:49:37 GMT+0100");
Found : user_pref("CT2475029.WeatherUnit", "C");
Found : user_pref("CT2475029.alertChannelId", "868510");
Found : user_pref("CT2475029.backendstorage.cbcountry_001", "435A");
Found : user_pref("CT2475029.backendstorage.cbfirsttime", "4D6F6E204A756C20333020323031322031383A30393A31352[...]
Found : user_pref("CT2475029.backendstorage.facebook_mode", "32");
Found : user_pref("CT2475029.backendstorage.facebook_user_first_login_date", "30322F30332F32303131");
Found : user_pref("CT2475029.backendstorage.facebook_user_locale", "656E");
Found : user_pref("CT2475029.backendstorage.facebook_user_survey_visit", "4E4F545F56495349544544");
Found : user_pref("CT2475029.backendstorage.shoppingapp.gk.exipres", "5361742041756720313120323031322031393A[...]
Found : user_pref("CT2475029.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Found : user_pref("CT2475029.backendstorage.url_history0001", "687474703A2F2F7777772E70726F66696D65642E637A2[...]
Found : user_pref("CT2475029.clientLogIsEnabled", false);
Found : user_pref("CT2475029.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2475029.ct2475029.DialogsAlignMode", "LTR");
Found : user_pref("CT2475029.ct2475029.FeedLastCount129133095456874337", 400);
Found : user_pref("CT2475029.ct2475029.FeedLastCount6244576562585401993", 2084);
Found : user_pref("CT2475029.ct2475029.GroupingInvalidateCache", false);
Found : user_pref("CT2475029.ct2475029.GroupingLastCheckTime", "Mon Nov 05 2012 23:31:04 GMT+0100");
Found : user_pref("CT2475029.ct2475029.GroupingLastErrorCode", "");
Found : user_pref("CT2475029.ct2475029.GroupingLastResponse", false);
Found : user_pref("CT2475029.ct2475029.GroupingLastServerUpdateTime", "129423394297730000");
Found : user_pref("CT2475029.ct2475029.InvalidateCache", false);
Found : user_pref("CT2475029.ct2475029.LanguagePackLastCheckTime", "Tue Nov 06 2012 00:04:28 GMT+0100");
Found : user_pref("CT2475029.ct2475029.Locale", "en");
Found : user_pref("CT2475029.ct2475029.RadioLastCheckTime", "Fri Aug 10 2012 14:38:07 GMT+0200");
Found : user_pref("CT2475029.ct2475029.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2475029.ct2475029.RadioLastUpdateServer", "129054397178370000");
Found : user_pref("CT2475029.ct2475029.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_[...]
Found : user_pref("CT2475029.ct2475029.SearchInNewTabLastCheckTime", "Tue Nov 06 2012 00:04:24 GMT+0100");
Found : user_pref("CT2475029.ct2475029.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2475029.ct2475029.SettingsLastCheckTime", "Tue Nov 06 2012 10:39:55 GMT+0100");
Found : user_pref("CT2475029.ct2475029.SettingsLastUpdate", "1352140586");
Found : user_pref("CT2475029.ct2475029.ThirdPartyComponentsLastCheck", "Fri Aug 10 2012 17:59:06 GMT+0200");
Found : user_pref("CT2475029.ct2475029.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2475029.ct2475029.globalFirstTimeInfoLastCheckTime", "Fri Aug 10 2012 17:59:07 GMT+0200[...]
Found : user_pref("CT2475029.ct2475029.toolbarAppMetaDataLastCheckTime", "Tue Nov 06 2012 00:04:28 GMT+0100"[...]
Found : user_pref("CT2475029.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2475029.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2475029.initDone", true);
Found : user_pref("CT2475029.isAppTrackingManagerOn", true);
Found : user_pref("CT2475029.isFirstRadioInstallation", false);
Found : user_pref("CT2475029.myStuffEnabled", true);
Found : user_pref("CT2475029.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2475029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2475029.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2475029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2475029.oldAppsList", "200,129053524177369346,129053524177525597,111,129584873345514033[...]
Found : user_pref("CT2475029.revertSettingsEnabled", true);
Found : user_pref("CT2475029.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2475029.searchProtectorEnableByLogin", true);
Found : user_pref("CT2475029.testingCtid", "");
Found : user_pref("CT2475029.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2475029.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/ct2475029/CT2475029[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2475029", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2475029",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"e20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"f9e1a36ec06a38d3adba[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"bd2215467e134e6a02f[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"7987ce87e8df44550bc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"23532b1ba9b061d0305[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"9d06022978f4e2b38f7[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"ad856abd064a6673fdc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/759251.xml", "\"36fe80a0093f8bd7fc7dd[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"bcfce78f43bf99037ad92[...]
Found : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Wareza\\AppData\\Roaming\\Mozilla\\[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2475029,ConduitEngine");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2475029");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue May 31 2011 22:12:59 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jun 23 2011 07:52:43 GMT+0200");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 22:52:33 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "35c4eb9a-0d72-4973-ba0a-19d2291f2c4d");
Found : user_pref("CommunityToolbar.globalUserId", "19607590-4897-4342-9f5c-553478a90262");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2475029");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Aug 06 2012 19:05:3[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Aug 10 2012 14:38:08 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "6b119060-a8f0-4cd4-9be9-49d87def179d");
Found : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200"[...]
Found : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Found : user_pref("CommunityToolbar.twitter.user_759251.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200")[...]
Found : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200")[...]
Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue Jun 07 2011 10:27:51 GMT+0200");
Found : user_pref("ConduitEngine.CTID", "ConduitEngine");
Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Jun 22 2011 20:39:53 GMT+0200");
Found : user_pref("ConduitEngine.FirstServerDate", "03/06/2011 17");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Sun Mar 06 2011 15:47:59 GMT+0100");
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Jun 23 2011 07:52:45 GMT+0200");
Found : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Mar 24 2011 10:28:03 GMT+0100");
Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Jun 23 2011 22:52:44 GMT+0200");
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Jun 23 2011 22:52:44 GMT+0200");
Found : user_pref("ConduitEngine.UserID", "UN91527810880447143");
Found : user_pref("ConduitEngine.componentAlertEnabled", true);
Found : user_pref("ConduitEngine.engineLocale", "cs");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Jun 23 2011 07:52:45 GMT+0200");
Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Jun 23 2011 19:52:44 GMT+0200");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Found : user_pref("ConduitEngine.usagesFlag", 2);
Found : user_pref("browser.babylon.HPOnNewTab", "isearch.babylon.com");
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Found : user_pref("browser.search.defaultthis.engineName", "MyAshampoo Customized Web Search");
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://isearch.babylon.com/?babsrc=NT_ss&mntrId=[...]
Found : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Found : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=5");
Found : user_pref("extensions.facemoods.aflt", "ddrnw");
Found : user_pref("extensions.facemoods.dfltSrch", true);
Found : user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");
Found : user_pref("extensions.facemoods.dnsErr", true);
Found : user_pref("extensions.facemoods.firstRun", true);
Found : user_pref("extensions.facemoods.hmpg", true);
Found : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=ddrnw");
Found : user_pref("extensions.facemoods.id", "6623aa4900000000000000266c774594");
Found : user_pref("extensions.facemoods.instlDay", "15336");
Found : user_pref("extensions.facemoods.lastActv", "25");
Found : user_pref("extensions.facemoods.mntz", "");
Found : user_pref("extensions.facemoods.newTab", true);
Found : user_pref("extensions.facemoods.newTabUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=2");
Found : user_pref("extensions.facemoods.prtnrId", "facemoods.com");
Found : user_pref("extensions.facemoods.searchProviderAdded", true);
Found : user_pref("extensions.facemoods.sid", "e1234954cae1474a9e0c190e7d4e34b6");
Found : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=3");
Found : user_pref("extensions.facemoods.vrsn", "1.4.17.11");
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&q=");
-\\ Google Chrome v22.0.1229.94
File : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.16] : urls_to_restore_on_startup = [ "hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=6623aa4900000000000000266c774594" ]
Found [l.47] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
Found [l.50] : keyword = "isearch.avg.com",
Found [l.53] : search_url = "hxxp://isearch.avg.com/search?cid={E6402BEE-6428-42F2-B24F-3705CD0D8A80}&mid=51e5aeb30c9947d6b924d16f2a93ac67-285e8263b01dbcab34478d3bc35575d287722b5e&lang=cs&ds=AVG&pr=pr&d=2012-11-02 14:24:07&v=13.2.0.4&sap=dsp&q={searchTerms}",
Found [l.2195] : urls_to_restore_on_startup = [ "hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=6623aa4900000000000000266c774594" ]
*************************
AdwCleaner[R1].txt - [45310 octets] - [06/11/2012 11:07:37]
########## EOF - C:\AdwCleaner[R1].txt - [45371 octets] ##########
Re: Prosím o kontrolu
Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Delete
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
# AdwCleaner v2.006 - Logfile created 11/06/2012 at 13:40:09
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Wareza - HOME
# Boot Mode : Normal
# Running from : C:\Users\Wareza\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Users\Wareza\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\facemoods.com
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Users\Wareza\AppData\Local\APN
Folder Deleted : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Folder Deleted : C:\Users\Wareza\AppData\Local\MyAshampoo
Folder Deleted : C:\Users\Wareza\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Wareza\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Wareza\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Wareza\AppData\LocalLow\MyAshampoo
Folder Deleted : C:\Users\Wareza\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Conduit
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\ConduitCommon
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\ConduitEngine
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\CT2475029
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\ffxtlbr@Facemoods.com
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\staged
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\facemoods.com
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0840990-AC2E-449D-B1A7-ADC6F24653E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\MyAshampoo
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\facemoods.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F0840990-AC2E-449D-B1A7-ADC6F24653E6}
Key Deleted : HKLM\Software\MyAshampoo
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C3FD13D-9D7D-4A35-B6AC-A68EF9807C0D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA14C429-FD32-4586-A0A8-02E0AE596D41}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.facemoods.com/?a=ddr --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.facemoods.com/?a=ddr&f=2 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 --> hxxp://www.google.com
-\\ Mozilla Firefox v16.0.2 (cs)
Profile name : default
File : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\prefs.js
Deleted : user_pref("CT2475029..clientLogIsEnabled", false);
Deleted : user_pref("CT2475029..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2475029..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2475029.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2475029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2475029.BrowserCompStateIsOpen_129781019473889442", true);
Deleted : user_pref("CT2475029.CT2481020.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481020.alertChannelId", "874426");
Deleted : user_pref("CT2475029.CT2481024.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481024.alertChannelId", "874430");
Deleted : user_pref("CT2475029.CT2481025.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481025.alertChannelId", "874431");
Deleted : user_pref("CT2475029.CT2481029.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481029.alertChannelId", "874435");
Deleted : user_pref("CT2475029.CT2481031.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481031.alertChannelId", "874437");
Deleted : user_pref("CT2475029.CT2481032.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481032.alertChannelId", "874438");
Deleted : user_pref("CT2475029.CT2481033.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481033.alertChannelId", "874439");
Deleted : user_pref("CT2475029.CT2481034.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481034.alertChannelId", "874440");
Deleted : user_pref("CT2475029.CT2481035.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481035.alertChannelId", "874441");
Deleted : user_pref("CT2475029.CT2481037.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481037.alertChannelId", "874443");
Deleted : user_pref("CT2475029.CTID", "ct2475029");
Deleted : user_pref("CT2475029.CommunitiesChangesLastCheckTime", "Tue Nov 06 2012 12:05:16 GMT+0100");
Deleted : user_pref("CT2475029.CommunitiesChangesLastUrl", "hxxp://grouping.services.conduit.com/GroupingReque[...]
Deleted : user_pref("CT2475029.CommunityChanged", true);
Deleted : user_pref("CT2475029.CurrentServerDate", "6-11-2012");
Deleted : user_pref("CT2475029.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2475029.DialogsGetterLastCheckTime", "Sun Nov 04 2012 19:02:13 GMT+0100");
Deleted : user_pref("CT2475029.DownloadDomainsCheckInterval", "168");
Deleted : user_pref("CT2475029.DownloadDomainsListLastCheckTime", "Thu Nov 01 2012 17:59:29 GMT+0100");
Deleted : user_pref("CT2475029.DownloadDomainsListLastServerUpdateTime", "1201073583");
Deleted : user_pref("CT2475029.DownloadReferralCookieData", "");
Deleted : user_pref("CT2475029.EMailNotifierPollDate", "Thu Feb 17 2011 00:49:10 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129132307482029379", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129132307482029381", "Fri Aug 10 2012 17:59:07 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129132307482029382", "Fri Aug 10 2012 17:59:07 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129133095459686870", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129133095459686871", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129137437659687146", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129137437659687147", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129137437659687148", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129255180214602500", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214602506", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214602512", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214602518", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214602524", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214602530", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603404", "Thu Feb 17 2011 00:49:19 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603410", "Thu Feb 17 2011 00:49:19 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603416", "Thu Feb 17 2011 00:49:19 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603422", "Thu Feb 17 2011 00:49:19 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603428", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603434", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603440", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603446", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603452", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603458", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603464", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603470", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603476", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603482", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603488", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603494", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758786", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758792", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758798", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758804", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758810", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758816", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758822", "Tue Feb 15 2011 12:08:18 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758828", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758834", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758840", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758846", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758852", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758858", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758864", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758870", "Tue Feb 15 2011 12:08:19 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758876", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758882", "Wed Feb 16 2011 22:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758888", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758894", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758900", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758906", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758912", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758918", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758924", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758930", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758936", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758942", "Wed Feb 16 2011 22:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758948", "Wed Feb 16 2011 22:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758954", "Wed Feb 16 2011 22:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758960", "Wed Feb 16 2011 22:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedTTL129132307482029379", 40);
Deleted : user_pref("CT2475029.FeedTTL129132307482029381", 40);
Deleted : user_pref("CT2475029.FeedTTL129132307482029382", 40);
Deleted : user_pref("CT2475029.FeedTTL129133095459686870", 40);
Deleted : user_pref("CT2475029.FeedTTL129133095459686871", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687146", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687147", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687148", 40);
Deleted : user_pref("CT2475029.FeedTTL129255180214602500", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214602512", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214602518", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214602524", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214603416", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214603428", 60);
Deleted : user_pref("CT2475029.FeedTTL129255180214603482", 60);
Deleted : user_pref("CT2475029.FeedTTL129255180214603488", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214603494", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214758786", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214758798", 30);
Deleted : user_pref("CT2475029.FeedTTL129255180214758804", 30);
Deleted : user_pref("CT2475029.FeedTTL129255180214758810", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214758828", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758840", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758846", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758852", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758870", 1440);
Deleted : user_pref("CT2475029.FeedTTL129255180214758900", 10);
Deleted : user_pref("CT2475029.FeedTTL129255180214758918", 5);
Deleted : user_pref("CT2475029.FirstServerDate", "31-1-2011");
Deleted : user_pref("CT2475029.FirstTime", true);
Deleted : user_pref("CT2475029.FirstTimeFF3", true);
Deleted : user_pref("CT2475029.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2475029.GroupingLastCheckTime", "Tue Nov 06 2012 12:05:16 GMT+0100");
Deleted : user_pref("CT2475029.GroupingLastErrorCode", "");
Deleted : user_pref("CT2475029.GroupingLastResponse", false);
Deleted : user_pref("CT2475029.GroupingLastServerUpdateTime", "129423394297730000");
Deleted : user_pref("CT2475029.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2475029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2475029.HasUserGlobalKeys", true);
Deleted : user_pref("CT2475029.Initialize", true);
Deleted : user_pref("CT2475029.InitializeCommonPrefs", true);
Deleted : user_pref("CT2475029.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2475029.InstallationType", "Unknown");
Deleted : user_pref("CT2475029.InstalledDate", "Mon Jan 31 2011 10:30:38 GMT+0100");
Deleted : user_pref("CT2475029.IsAlertDBUpdated", true);
Deleted : user_pref("CT2475029.IsGrouping", true);
Deleted : user_pref("CT2475029.IsMulticommunity", true);
Deleted : user_pref("CT2475029.IsOpenThankYouPage", false);
Deleted : user_pref("CT2475029.IsOpenUninstallPage", true);
Deleted : user_pref("CT2475029.LanguagePackLastCheckTime", "Mon Jan 31 2011 10:30:42 GMT+0100");
Deleted : user_pref("CT2475029.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2475029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2475029.LastLogin_2.5.6.0", "Thu Feb 17 2011 00:04:10 GMT+0100");
Deleted : user_pref("CT2475029.LastLogin_3.12.2.3", "Mon May 28 2012 13:33:58 GMT+0200");
Deleted : user_pref("CT2475029.LastLogin_3.13.0.6", "Sun Jul 15 2012 14:22:39 GMT+0200");
Deleted : user_pref("CT2475029.LastLogin_3.14.1.0", "Wed Aug 22 2012 10:10:35 GMT+0200");
Deleted : user_pref("CT2475029.LastLogin_3.15.1.0", "Tue Nov 06 2012 10:40:01 GMT+0100");
Deleted : user_pref("CT2475029.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2475029.Locale", "en");
Deleted : user_pref("CT2475029.LoginCache", 4);
Deleted : user_pref("CT2475029.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2475029.MCDetectTooltipShow", true);
Deleted : user_pref("CT2475029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2475029.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2475029.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2475029.RadioIsPodcast", false);
Deleted : user_pref("CT2475029.RadioMediaID", "13098944");
Deleted : user_pref("CT2475029.RadioMediaType", "Media Player");
Deleted : user_pref("CT2475029.RadioMenuSelectedID", "EBRadioMenu_CT247502913098944");
Deleted : user_pref("CT2475029.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2475029.RadioStationName", "Mellesleg%20-%20Rapp");
Deleted : user_pref("CT2475029.RadioStationURL", "hxxp://195.228.254.168:8060/");
Deleted : user_pref("CT2475029.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2475029.SavedHomepage", "hxxp://www.seznam.cz/");
Deleted : user_pref("CT2475029.SearchBoxWidth", 101);
Deleted : user_pref("CT2475029.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2475029.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2475029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT247[...]
Deleted : user_pref("CT2475029.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2475029.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2475029.SearchInNewTabLastCheckTime", "Mon Jan 31 2011 10:30:42 GMT+0100");
Deleted : user_pref("CT2475029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2475029.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2475029.ServiceMapLastCheckTime", "Tue Nov 06 2012 12:05:14 GMT+0100");
Deleted : user_pref("CT2475029.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2475029.SettingsLastCheckTime", "Mon Jan 31 2011 10:30:36 GMT+0100");
Deleted : user_pref("CT2475029.SettingsLastUpdate", "1295971309");
Deleted : user_pref("CT2475029.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2475029.ThirdPartyComponentsLastCheck", "Mon Jan 31 2011 10:30:36 GMT+0100");
Deleted : user_pref("CT2475029.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2475029.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2475029");
Deleted : user_pref("CT2475029.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2475029.UserID", "UN76728684228939032");
Deleted : user_pref("CT2475029.ValidationData_Search", 0);
Deleted : user_pref("CT2475029.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2475029.WeatherNetwork", "");
Deleted : user_pref("CT2475029.WeatherPollDate", "Wed Feb 16 2011 10:49:37 GMT+0100");
Deleted : user_pref("CT2475029.WeatherUnit", "C");
Deleted : user_pref("CT2475029.alertChannelId", "868510");
Deleted : user_pref("CT2475029.backendstorage.cbcountry_001", "435A");
Deleted : user_pref("CT2475029.backendstorage.cbfirsttime", "4D6F6E204A756C20333020323031322031383A30393A31352[...]
Deleted : user_pref("CT2475029.backendstorage.facebook_mode", "32");
Deleted : user_pref("CT2475029.backendstorage.facebook_user_first_login_date", "30322F30332F32303131");
Deleted : user_pref("CT2475029.backendstorage.facebook_user_locale", "656E");
Deleted : user_pref("CT2475029.backendstorage.facebook_user_survey_visit", "4E4F545F56495349544544");
Deleted : user_pref("CT2475029.backendstorage.shoppingapp.gk.exipres", "5361742041756720313120323031322031393A[...]
Deleted : user_pref("CT2475029.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Deleted : user_pref("CT2475029.backendstorage.url_history0001", "687474703A2F2F7777772E70726F66696D65642E637A2[...]
Deleted : user_pref("CT2475029.clientLogIsEnabled", false);
Deleted : user_pref("CT2475029.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2475029.ct2475029.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2475029.ct2475029.FeedLastCount129133095456874337", 400);
Deleted : user_pref("CT2475029.ct2475029.FeedLastCount6244576562585401993", 2084);
Deleted : user_pref("CT2475029.ct2475029.GroupingInvalidateCache", false);
Deleted : user_pref("CT2475029.ct2475029.GroupingLastCheckTime", "Tue Nov 06 2012 12:05:16 GMT+0100");
Deleted : user_pref("CT2475029.ct2475029.GroupingLastErrorCode", "");
Deleted : user_pref("CT2475029.ct2475029.GroupingLastResponse", false);
Deleted : user_pref("CT2475029.ct2475029.GroupingLastServerUpdateTime", "129423394297730000");
Deleted : user_pref("CT2475029.ct2475029.InvalidateCache", false);
Deleted : user_pref("CT2475029.ct2475029.LanguagePackLastCheckTime", "Tue Nov 06 2012 00:04:28 GMT+0100");
Deleted : user_pref("CT2475029.ct2475029.Locale", "en");
Deleted : user_pref("CT2475029.ct2475029.RadioLastCheckTime", "Fri Aug 10 2012 14:38:07 GMT+0200");
Deleted : user_pref("CT2475029.ct2475029.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2475029.ct2475029.RadioLastUpdateServer", "129054397178370000");
Deleted : user_pref("CT2475029.ct2475029.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_[...]
Deleted : user_pref("CT2475029.ct2475029.SearchInNewTabLastCheckTime", "Tue Nov 06 2012 00:04:24 GMT+0100");
Deleted : user_pref("CT2475029.ct2475029.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2475029.ct2475029.SettingsLastCheckTime", "Tue Nov 06 2012 10:39:55 GMT+0100");
Deleted : user_pref("CT2475029.ct2475029.SettingsLastUpdate", "1352140586");
Deleted : user_pref("CT2475029.ct2475029.ThirdPartyComponentsLastCheck", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.ct2475029.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2475029.ct2475029.globalFirstTimeInfoLastCheckTime", "Fri Aug 10 2012 17:59:07 GMT+0200[...]
Deleted : user_pref("CT2475029.ct2475029.toolbarAppMetaDataLastCheckTime", "Tue Nov 06 2012 00:04:28 GMT+0100"[...]
Deleted : user_pref("CT2475029.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2475029.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2475029.initDone", true);
Deleted : user_pref("CT2475029.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2475029.isFirstRadioInstallation", false);
Deleted : user_pref("CT2475029.myStuffEnabled", true);
Deleted : user_pref("CT2475029.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2475029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2475029.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2475029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2475029.oldAppsList", "200,129053524177369346,129053524177525597,111,129584873345514033[...]
Deleted : user_pref("CT2475029.revertSettingsEnabled", true);
Deleted : user_pref("CT2475029.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2475029.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2475029.testingCtid", "");
Deleted : user_pref("CT2475029.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2475029.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/ct2475029/CT2475029[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2475029", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2475029",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"e20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"f9e1a36ec06a38d3adba[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"bd2215467e134e6a02f[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"7987ce87e8df44550bc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"23532b1ba9b061d0305[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"9d06022978f4e2b38f7[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"ad856abd064a6673fdc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/759251.xml", "\"36fe80a0093f8bd7fc7dd[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"bcfce78f43bf99037ad92[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Wareza\\AppData\\Roaming\\Mozilla\\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2475029,ConduitEngine");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2475029");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue May 31 2011 22:12:59 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jun 23 2011 07:52:43 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 22:52:33 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "35c4eb9a-0d72-4973-ba0a-19d2291f2c4d");
Deleted : user_pref("CommunityToolbar.globalUserId", "19607590-4897-4342-9f5c-553478a90262");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2475029");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Aug 06 2012 19:05:3[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Aug 10 2012 14:38:08 GMT+0200");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "6b119060-a8f0-4cd4-9be9-49d87def179d");
Deleted : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200"[...]
Deleted : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_759251.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200")[...]
Deleted : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200")[...]
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue Jun 07 2011 10:27:51 GMT+0200");
Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Jun 22 2011 20:39:53 GMT+0200");
Deleted : user_pref("ConduitEngine.FirstServerDate", "03/06/2011 17");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Sun Mar 06 2011 15:47:59 GMT+0100");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Jun 23 2011 07:52:45 GMT+0200");
Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Mar 24 2011 10:28:03 GMT+0100");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Jun 23 2011 22:52:44 GMT+0200");
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Jun 23 2011 22:52:44 GMT+0200");
Deleted : user_pref("ConduitEngine.UserID", "UN91527810880447143");
Deleted : user_pref("ConduitEngine.componentAlertEnabled", true);
Deleted : user_pref("ConduitEngine.engineLocale", "cs");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Jun 23 2011 07:52:45 GMT+0200");
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Jun 23 2011 19:52:44 GMT+0200");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("ConduitEngine.usagesFlag", 2);
Deleted : user_pref("browser.babylon.HPOnNewTab", "isearch.babylon.com");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.defaultthis.engineName", "MyAshampoo Customized Web Search");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://isearch.babylon.com/?babsrc=NT_ss&mntrId=[...]
Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Deleted : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=5");
Deleted : user_pref("extensions.facemoods.aflt", "ddrnw");
Deleted : user_pref("extensions.facemoods.dfltSrch", true);
Deleted : user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");
Deleted : user_pref("extensions.facemoods.dnsErr", true);
Deleted : user_pref("extensions.facemoods.firstRun", true);
Deleted : user_pref("extensions.facemoods.hmpg", true);
Deleted : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=ddrnw");
Deleted : user_pref("extensions.facemoods.id", "6623aa4900000000000000266c774594");
Deleted : user_pref("extensions.facemoods.instlDay", "15336");
Deleted : user_pref("extensions.facemoods.lastActv", "25");
Deleted : user_pref("extensions.facemoods.mntz", "");
Deleted : user_pref("extensions.facemoods.newTab", true);
Deleted : user_pref("extensions.facemoods.newTabUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=2");
Deleted : user_pref("extensions.facemoods.prtnrId", "facemoods.com");
Deleted : user_pref("extensions.facemoods.searchProviderAdded", true);
Deleted : user_pref("extensions.facemoods.sid", "e1234954cae1474a9e0c190e7d4e34b6");
Deleted : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=3");
Deleted : user_pref("extensions.facemoods.vrsn", "1.4.17.11");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&q=");
-\\ Google Chrome v22.0.1229.94
File : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted [l.16] : urls_to_restore_on_startup = [ "hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=6623aa4900000000000000266c774594" ]
Deleted [l.47] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
Deleted [l.50] : keyword = "isearch.avg.com",
Deleted [l.53] : search_url = "hxxp://isearch.avg.com/search?cid={E6402BEE-6428-42F2-B24F-3705CD0D8A80}&mid=51e5aeb30c9947d6b924d16f2a93ac67-285e8263b01dbcab34478d3bc35575d287722b5e&lang=cs&ds=AVG&pr=pr&d=2012-11-02 14:24:07&v=13.2.0.4&sap=dsp&q={searchTerms}",
Deleted [l.2217] : urls_to_restore_on_startup = [ "hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=6623aa4900000000000000266c774594" ]
*************************
AdwCleaner[R1].txt - [45387 octets] - [06/11/2012 11:07:37]
AdwCleaner[S1].txt - [45657 octets] - [06/11/2012 13:40:09]
########## EOF - C:\AdwCleaner[S1].txt - [45718 octets] ##########
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Wareza - HOME
# Boot Mode : Normal
# Running from : C:\Users\Wareza\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Users\Wareza\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\facemoods.com
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Users\Wareza\AppData\Local\APN
Folder Deleted : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Folder Deleted : C:\Users\Wareza\AppData\Local\MyAshampoo
Folder Deleted : C:\Users\Wareza\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Wareza\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Wareza\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Wareza\AppData\LocalLow\MyAshampoo
Folder Deleted : C:\Users\Wareza\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Conduit
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\ConduitCommon
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\ConduitEngine
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\CT2475029
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\ffxtlbr@Facemoods.com
Folder Deleted : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\staged
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\facemoods.com
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0840990-AC2E-449D-B1A7-ADC6F24653E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\MyAshampoo
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\facemoods.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F0840990-AC2E-449D-B1A7-ADC6F24653E6}
Key Deleted : HKLM\Software\MyAshampoo
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C3FD13D-9D7D-4A35-B6AC-A68EF9807C0D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA14C429-FD32-4586-A0A8-02E0AE596D41}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.facemoods.com/?a=ddr --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.facemoods.com/?a=ddr&f=2 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 --> hxxp://www.google.com
-\\ Mozilla Firefox v16.0.2 (cs)
Profile name : default
File : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\prefs.js
Deleted : user_pref("CT2475029..clientLogIsEnabled", false);
Deleted : user_pref("CT2475029..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2475029..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2475029.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2475029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2475029.BrowserCompStateIsOpen_129781019473889442", true);
Deleted : user_pref("CT2475029.CT2481020.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481020.alertChannelId", "874426");
Deleted : user_pref("CT2475029.CT2481024.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481024.alertChannelId", "874430");
Deleted : user_pref("CT2475029.CT2481025.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481025.alertChannelId", "874431");
Deleted : user_pref("CT2475029.CT2481029.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481029.alertChannelId", "874435");
Deleted : user_pref("CT2475029.CT2481031.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481031.alertChannelId", "874437");
Deleted : user_pref("CT2475029.CT2481032.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481032.alertChannelId", "874438");
Deleted : user_pref("CT2475029.CT2481033.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481033.alertChannelId", "874439");
Deleted : user_pref("CT2475029.CT2481034.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481034.alertChannelId", "874440");
Deleted : user_pref("CT2475029.CT2481035.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481035.alertChannelId", "874441");
Deleted : user_pref("CT2475029.CT2481037.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481037.alertChannelId", "874443");
Deleted : user_pref("CT2475029.CTID", "ct2475029");
Deleted : user_pref("CT2475029.CommunitiesChangesLastCheckTime", "Tue Nov 06 2012 12:05:16 GMT+0100");
Deleted : user_pref("CT2475029.CommunitiesChangesLastUrl", "hxxp://grouping.services.conduit.com/GroupingReque[...]
Deleted : user_pref("CT2475029.CommunityChanged", true);
Deleted : user_pref("CT2475029.CurrentServerDate", "6-11-2012");
Deleted : user_pref("CT2475029.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2475029.DialogsGetterLastCheckTime", "Sun Nov 04 2012 19:02:13 GMT+0100");
Deleted : user_pref("CT2475029.DownloadDomainsCheckInterval", "168");
Deleted : user_pref("CT2475029.DownloadDomainsListLastCheckTime", "Thu Nov 01 2012 17:59:29 GMT+0100");
Deleted : user_pref("CT2475029.DownloadDomainsListLastServerUpdateTime", "1201073583");
Deleted : user_pref("CT2475029.DownloadReferralCookieData", "");
Deleted : user_pref("CT2475029.EMailNotifierPollDate", "Thu Feb 17 2011 00:49:10 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129132307482029379", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129132307482029381", "Fri Aug 10 2012 17:59:07 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129132307482029382", "Fri Aug 10 2012 17:59:07 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129133095459686870", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129133095459686871", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129137437659687146", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129137437659687147", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129137437659687148", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.FeedPollDate129255180214602500", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214602506", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214602512", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214602518", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214602524", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214602530", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603404", "Thu Feb 17 2011 00:49:19 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603410", "Thu Feb 17 2011 00:49:19 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603416", "Thu Feb 17 2011 00:49:19 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603422", "Thu Feb 17 2011 00:49:19 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603428", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603434", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603440", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603446", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603452", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603458", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603464", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603470", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603476", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603482", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603488", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214603494", "Thu Feb 17 2011 00:49:24 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758786", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758792", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758798", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758804", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758810", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758816", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758822", "Tue Feb 15 2011 12:08:18 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758828", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758834", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758840", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758846", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758852", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758858", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758864", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758870", "Tue Feb 15 2011 12:08:19 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758876", "Thu Feb 17 2011 00:49:25 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758882", "Wed Feb 16 2011 22:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758888", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758894", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758900", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758906", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758912", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758918", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758924", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758930", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758936", "Thu Feb 17 2011 00:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758942", "Wed Feb 16 2011 22:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758948", "Wed Feb 16 2011 22:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758954", "Wed Feb 16 2011 22:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedPollDate129255180214758960", "Wed Feb 16 2011 22:49:26 GMT+0100");
Deleted : user_pref("CT2475029.FeedTTL129132307482029379", 40);
Deleted : user_pref("CT2475029.FeedTTL129132307482029381", 40);
Deleted : user_pref("CT2475029.FeedTTL129132307482029382", 40);
Deleted : user_pref("CT2475029.FeedTTL129133095459686870", 40);
Deleted : user_pref("CT2475029.FeedTTL129133095459686871", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687146", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687147", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687148", 40);
Deleted : user_pref("CT2475029.FeedTTL129255180214602500", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214602512", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214602518", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214602524", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214603416", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214603428", 60);
Deleted : user_pref("CT2475029.FeedTTL129255180214603482", 60);
Deleted : user_pref("CT2475029.FeedTTL129255180214603488", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214603494", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214758786", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214758798", 30);
Deleted : user_pref("CT2475029.FeedTTL129255180214758804", 30);
Deleted : user_pref("CT2475029.FeedTTL129255180214758810", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214758828", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758840", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758846", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758852", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758870", 1440);
Deleted : user_pref("CT2475029.FeedTTL129255180214758900", 10);
Deleted : user_pref("CT2475029.FeedTTL129255180214758918", 5);
Deleted : user_pref("CT2475029.FirstServerDate", "31-1-2011");
Deleted : user_pref("CT2475029.FirstTime", true);
Deleted : user_pref("CT2475029.FirstTimeFF3", true);
Deleted : user_pref("CT2475029.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2475029.GroupingLastCheckTime", "Tue Nov 06 2012 12:05:16 GMT+0100");
Deleted : user_pref("CT2475029.GroupingLastErrorCode", "");
Deleted : user_pref("CT2475029.GroupingLastResponse", false);
Deleted : user_pref("CT2475029.GroupingLastServerUpdateTime", "129423394297730000");
Deleted : user_pref("CT2475029.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2475029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2475029.HasUserGlobalKeys", true);
Deleted : user_pref("CT2475029.Initialize", true);
Deleted : user_pref("CT2475029.InitializeCommonPrefs", true);
Deleted : user_pref("CT2475029.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2475029.InstallationType", "Unknown");
Deleted : user_pref("CT2475029.InstalledDate", "Mon Jan 31 2011 10:30:38 GMT+0100");
Deleted : user_pref("CT2475029.IsAlertDBUpdated", true);
Deleted : user_pref("CT2475029.IsGrouping", true);
Deleted : user_pref("CT2475029.IsMulticommunity", true);
Deleted : user_pref("CT2475029.IsOpenThankYouPage", false);
Deleted : user_pref("CT2475029.IsOpenUninstallPage", true);
Deleted : user_pref("CT2475029.LanguagePackLastCheckTime", "Mon Jan 31 2011 10:30:42 GMT+0100");
Deleted : user_pref("CT2475029.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2475029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2475029.LastLogin_2.5.6.0", "Thu Feb 17 2011 00:04:10 GMT+0100");
Deleted : user_pref("CT2475029.LastLogin_3.12.2.3", "Mon May 28 2012 13:33:58 GMT+0200");
Deleted : user_pref("CT2475029.LastLogin_3.13.0.6", "Sun Jul 15 2012 14:22:39 GMT+0200");
Deleted : user_pref("CT2475029.LastLogin_3.14.1.0", "Wed Aug 22 2012 10:10:35 GMT+0200");
Deleted : user_pref("CT2475029.LastLogin_3.15.1.0", "Tue Nov 06 2012 10:40:01 GMT+0100");
Deleted : user_pref("CT2475029.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2475029.Locale", "en");
Deleted : user_pref("CT2475029.LoginCache", 4);
Deleted : user_pref("CT2475029.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2475029.MCDetectTooltipShow", true);
Deleted : user_pref("CT2475029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2475029.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2475029.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2475029.RadioIsPodcast", false);
Deleted : user_pref("CT2475029.RadioMediaID", "13098944");
Deleted : user_pref("CT2475029.RadioMediaType", "Media Player");
Deleted : user_pref("CT2475029.RadioMenuSelectedID", "EBRadioMenu_CT247502913098944");
Deleted : user_pref("CT2475029.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2475029.RadioStationName", "Mellesleg%20-%20Rapp");
Deleted : user_pref("CT2475029.RadioStationURL", "hxxp://195.228.254.168:8060/");
Deleted : user_pref("CT2475029.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2475029.SavedHomepage", "hxxp://www.seznam.cz/");
Deleted : user_pref("CT2475029.SearchBoxWidth", 101);
Deleted : user_pref("CT2475029.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2475029.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2475029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT247[...]
Deleted : user_pref("CT2475029.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2475029.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2475029.SearchInNewTabLastCheckTime", "Mon Jan 31 2011 10:30:42 GMT+0100");
Deleted : user_pref("CT2475029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2475029.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2475029.ServiceMapLastCheckTime", "Tue Nov 06 2012 12:05:14 GMT+0100");
Deleted : user_pref("CT2475029.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2475029.SettingsLastCheckTime", "Mon Jan 31 2011 10:30:36 GMT+0100");
Deleted : user_pref("CT2475029.SettingsLastUpdate", "1295971309");
Deleted : user_pref("CT2475029.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2475029.ThirdPartyComponentsLastCheck", "Mon Jan 31 2011 10:30:36 GMT+0100");
Deleted : user_pref("CT2475029.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2475029.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2475029");
Deleted : user_pref("CT2475029.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2475029.UserID", "UN76728684228939032");
Deleted : user_pref("CT2475029.ValidationData_Search", 0);
Deleted : user_pref("CT2475029.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2475029.WeatherNetwork", "");
Deleted : user_pref("CT2475029.WeatherPollDate", "Wed Feb 16 2011 10:49:37 GMT+0100");
Deleted : user_pref("CT2475029.WeatherUnit", "C");
Deleted : user_pref("CT2475029.alertChannelId", "868510");
Deleted : user_pref("CT2475029.backendstorage.cbcountry_001", "435A");
Deleted : user_pref("CT2475029.backendstorage.cbfirsttime", "4D6F6E204A756C20333020323031322031383A30393A31352[...]
Deleted : user_pref("CT2475029.backendstorage.facebook_mode", "32");
Deleted : user_pref("CT2475029.backendstorage.facebook_user_first_login_date", "30322F30332F32303131");
Deleted : user_pref("CT2475029.backendstorage.facebook_user_locale", "656E");
Deleted : user_pref("CT2475029.backendstorage.facebook_user_survey_visit", "4E4F545F56495349544544");
Deleted : user_pref("CT2475029.backendstorage.shoppingapp.gk.exipres", "5361742041756720313120323031322031393A[...]
Deleted : user_pref("CT2475029.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Deleted : user_pref("CT2475029.backendstorage.url_history0001", "687474703A2F2F7777772E70726F66696D65642E637A2[...]
Deleted : user_pref("CT2475029.clientLogIsEnabled", false);
Deleted : user_pref("CT2475029.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2475029.ct2475029.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2475029.ct2475029.FeedLastCount129133095456874337", 400);
Deleted : user_pref("CT2475029.ct2475029.FeedLastCount6244576562585401993", 2084);
Deleted : user_pref("CT2475029.ct2475029.GroupingInvalidateCache", false);
Deleted : user_pref("CT2475029.ct2475029.GroupingLastCheckTime", "Tue Nov 06 2012 12:05:16 GMT+0100");
Deleted : user_pref("CT2475029.ct2475029.GroupingLastErrorCode", "");
Deleted : user_pref("CT2475029.ct2475029.GroupingLastResponse", false);
Deleted : user_pref("CT2475029.ct2475029.GroupingLastServerUpdateTime", "129423394297730000");
Deleted : user_pref("CT2475029.ct2475029.InvalidateCache", false);
Deleted : user_pref("CT2475029.ct2475029.LanguagePackLastCheckTime", "Tue Nov 06 2012 00:04:28 GMT+0100");
Deleted : user_pref("CT2475029.ct2475029.Locale", "en");
Deleted : user_pref("CT2475029.ct2475029.RadioLastCheckTime", "Fri Aug 10 2012 14:38:07 GMT+0200");
Deleted : user_pref("CT2475029.ct2475029.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2475029.ct2475029.RadioLastUpdateServer", "129054397178370000");
Deleted : user_pref("CT2475029.ct2475029.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_[...]
Deleted : user_pref("CT2475029.ct2475029.SearchInNewTabLastCheckTime", "Tue Nov 06 2012 00:04:24 GMT+0100");
Deleted : user_pref("CT2475029.ct2475029.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2475029.ct2475029.SettingsLastCheckTime", "Tue Nov 06 2012 10:39:55 GMT+0100");
Deleted : user_pref("CT2475029.ct2475029.SettingsLastUpdate", "1352140586");
Deleted : user_pref("CT2475029.ct2475029.ThirdPartyComponentsLastCheck", "Fri Aug 10 2012 17:59:06 GMT+0200");
Deleted : user_pref("CT2475029.ct2475029.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2475029.ct2475029.globalFirstTimeInfoLastCheckTime", "Fri Aug 10 2012 17:59:07 GMT+0200[...]
Deleted : user_pref("CT2475029.ct2475029.toolbarAppMetaDataLastCheckTime", "Tue Nov 06 2012 00:04:28 GMT+0100"[...]
Deleted : user_pref("CT2475029.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2475029.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2475029.initDone", true);
Deleted : user_pref("CT2475029.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2475029.isFirstRadioInstallation", false);
Deleted : user_pref("CT2475029.myStuffEnabled", true);
Deleted : user_pref("CT2475029.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2475029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2475029.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2475029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2475029.oldAppsList", "200,129053524177369346,129053524177525597,111,129584873345514033[...]
Deleted : user_pref("CT2475029.revertSettingsEnabled", true);
Deleted : user_pref("CT2475029.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2475029.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2475029.testingCtid", "");
Deleted : user_pref("CT2475029.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2475029.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/ct2475029/CT2475029[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2475029", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2475029",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"e20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"f9e1a36ec06a38d3adba[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"bd2215467e134e6a02f[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"7987ce87e8df44550bc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"23532b1ba9b061d0305[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"9d06022978f4e2b38f7[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"ad856abd064a6673fdc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/759251.xml", "\"36fe80a0093f8bd7fc7dd[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"bcfce78f43bf99037ad92[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Wareza\\AppData\\Roaming\\Mozilla\\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2475029,ConduitEngine");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2475029");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue May 31 2011 22:12:59 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jun 23 2011 07:52:43 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 22:52:33 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "35c4eb9a-0d72-4973-ba0a-19d2291f2c4d");
Deleted : user_pref("CommunityToolbar.globalUserId", "19607590-4897-4342-9f5c-553478a90262");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2475029");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Aug 06 2012 19:05:3[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Aug 10 2012 14:38:08 GMT+0200");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "6b119060-a8f0-4cd4-9be9-49d87def179d");
Deleted : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200"[...]
Deleted : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200[...]
Deleted : user_pref("CommunityToolbar.twitter.user_759251.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200")[...]
Deleted : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Fri Aug 10 2012 17:59:08 GMT+0200")[...]
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue Jun 07 2011 10:27:51 GMT+0200");
Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Jun 22 2011 20:39:53 GMT+0200");
Deleted : user_pref("ConduitEngine.FirstServerDate", "03/06/2011 17");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Sun Mar 06 2011 15:47:59 GMT+0100");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Jun 23 2011 07:52:45 GMT+0200");
Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Mar 24 2011 10:28:03 GMT+0100");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Jun 23 2011 22:52:44 GMT+0200");
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Jun 23 2011 22:52:44 GMT+0200");
Deleted : user_pref("ConduitEngine.UserID", "UN91527810880447143");
Deleted : user_pref("ConduitEngine.componentAlertEnabled", true);
Deleted : user_pref("ConduitEngine.engineLocale", "cs");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Jun 23 2011 07:52:45 GMT+0200");
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Jun 23 2011 19:52:44 GMT+0200");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("ConduitEngine.usagesFlag", 2);
Deleted : user_pref("browser.babylon.HPOnNewTab", "isearch.babylon.com");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.defaultthis.engineName", "MyAshampoo Customized Web Search");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://isearch.babylon.com/?babsrc=NT_ss&mntrId=[...]
Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Deleted : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=5");
Deleted : user_pref("extensions.facemoods.aflt", "ddrnw");
Deleted : user_pref("extensions.facemoods.dfltSrch", true);
Deleted : user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");
Deleted : user_pref("extensions.facemoods.dnsErr", true);
Deleted : user_pref("extensions.facemoods.firstRun", true);
Deleted : user_pref("extensions.facemoods.hmpg", true);
Deleted : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=ddrnw");
Deleted : user_pref("extensions.facemoods.id", "6623aa4900000000000000266c774594");
Deleted : user_pref("extensions.facemoods.instlDay", "15336");
Deleted : user_pref("extensions.facemoods.lastActv", "25");
Deleted : user_pref("extensions.facemoods.mntz", "");
Deleted : user_pref("extensions.facemoods.newTab", true);
Deleted : user_pref("extensions.facemoods.newTabUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=2");
Deleted : user_pref("extensions.facemoods.prtnrId", "facemoods.com");
Deleted : user_pref("extensions.facemoods.searchProviderAdded", true);
Deleted : user_pref("extensions.facemoods.sid", "e1234954cae1474a9e0c190e7d4e34b6");
Deleted : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=3");
Deleted : user_pref("extensions.facemoods.vrsn", "1.4.17.11");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&q=");
-\\ Google Chrome v22.0.1229.94
File : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted [l.16] : urls_to_restore_on_startup = [ "hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=6623aa4900000000000000266c774594" ]
Deleted [l.47] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
Deleted [l.50] : keyword = "isearch.avg.com",
Deleted [l.53] : search_url = "hxxp://isearch.avg.com/search?cid={E6402BEE-6428-42F2-B24F-3705CD0D8A80}&mid=51e5aeb30c9947d6b924d16f2a93ac67-285e8263b01dbcab34478d3bc35575d287722b5e&lang=cs&ds=AVG&pr=pr&d=2012-11-02 14:24:07&v=13.2.0.4&sap=dsp&q={searchTerms}",
Deleted [l.2217] : urls_to_restore_on_startup = [ "hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=6623aa4900000000000000266c774594" ]
*************************
AdwCleaner[R1].txt - [45387 octets] - [06/11/2012 11:07:37]
AdwCleaner[S1].txt - [45657 octets] - [06/11/2012 13:40:09]
########## EOF - C:\AdwCleaner[S1].txt - [45718 octets] ##########
Re: Prosím o kontrolu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Dobrý den, tak jsem udělal vše od poslední zprávy ale bohužel ten sken netrvá jak píšete 10-15 min...jelo mi to cca 4 hodiny a pořád to skenovalo a nic, tak nevím jestli to mám příště nechat až do té doby než to skončí...?? je to dlouha doba.. Děkuji za informace
Re: Prosím o kontrolu
Spustte OTL znovu ale bez toho skriptu, jinak nastaveni stejne
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Tak opět nic, po 8 hod jsem se vrátil k PC a sken stále probíhal, tak jsem to ukončil..
Re: Prosím o kontrolu
Poprosim o novy log z RSIT
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Logfile of random's system information tool 1.09 (written by random/random)
Run by Wareza at 2012-11-08 10:48:11
Microsoft Windows 7 Home Premium
System drive C: has 80 GB (33%) free of 238 GB
Total RAM: 4091 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:48:15, on 8.11.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Windows\System32\PrintDisp.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Program Files\trend micro\Wareza.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [FontExpertType1Loader] C:\Program Files (x86)\FontExpert\Type1Loader.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1119
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Wareza\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{19D18547-F755-46BA-9807-56DDCB85DD57}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{32C913EE-9640-4023-93A9-F7A94D537652}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFA22BA6-5B0C-4C2C-8FEA-D0E3056B4F5D}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{19D18547-F755-46BA-9807-56DDCB85DD57}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{19D18547-F755-46BA-9807-56DDCB85DD57}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: CrypKey License - Unknown owner - C:\Windows\system32\crypserv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: Transbase TECDOC CD 1_2011 Service - Unknown owner - D:\TECDOC_CD\1_2011\db\tbmux32.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 18465 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 35841168
\??\C:\Windows\system32\conhost.exe "5558992036032262701835240660-194154100567783385-710977122-1043791908-1678116540
C:\Windows\System32\spoolsv.exe
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {92EEC86E-6C4E-4ECC-98CB-14FAD6133133}
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\crypserv.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\SysWOW64\nlssrv32.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\PrintCtrl.exe
C:\Windows\SysWOW64\PSIService.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
WLIDSvcM.exe 3084
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Windows\System32\PrintDisp.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"c:\Program Files\Corel\CorelDRAW Graphics Suite X6\Programs64\CorelDrw.exe" -DDE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -restart
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6872.13722d00.795503098 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 6872 "\\.\pipe\gecko-crash-server-pipe.6872" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe" --proxy-stub-channel=Flash2444.66B83AA0.41 --host-broker-channel=Flash2444.66B83AA0.18467 --host-pid=2444 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe" --channel=8324.0038F924.1898043187 --proxy-stub-channel=Flash2444.66B83AA0.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe55_ Global\UsGthrCtrlFltPipeMssGthrPipe55 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\Wareza\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3893988867-3537961221-3907201996-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3893988867-3537961221-3907201996-1000UA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task a3694c44-31e3-4a19-a174-8830d1a57131.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, FasterFox_Lite@BigRedBrent:3.9.1Lite, DTToolbar@toolbarnet.com:1.1.3.0244, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.03, engine@conduit.com:3.2.5.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@protectdisc.com/NPMPDRM]
"Description"=MPDRM License Acquisition Plugin
"Path"=C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198]
"Description"=15.0.0.198
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
KavAntiBanner@Kaspersky.ru
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
nsjsrealplayerplugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
fcmdSrchddr.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\
FasterFox_Lite@BigRedBrent
{e001c731-5e37-4538-a5cb-8168736a2360}
C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
mailru---.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2012-08-17 652216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2012-08-17 983992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2012-08-17 510392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2012-08-17 580536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2012-08-17 537528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2012-08-17 811960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2012-08-17 424888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2012-08-17 484280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-10 520760]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-04-19 136136]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-27 2184520]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2011-01-03 976896]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"Google Update"=C:\Users\Wareza\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-02 136176]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-11-05 5629312]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe [2012-10-08 692152]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-15 98304]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"FontExpertType1Loader"=C:\Program Files (x86)\FontExpert\Type1Loader.exe [2010-05-14 294208]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-12-10 296056]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-03-06 421736]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"ROC_roc_ssl_v12"=C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe / /PROMPT /CMPID=roc_ssl_v12 []
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-08-17 218880]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1119 []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll,C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\System32\klogon.dll [2010-07-01 233656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRkrn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRSVC]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-11-06 13:40:09 ----A---- C:\AdwCleaner[S1].txt
2012-11-06 11:07:37 ----A---- C:\AdwCleaner[R1].txt
2012-11-06 09:59:16 ----A---- C:\Windows\system32\services.exe
2012-11-06 09:52:08 ----A---- C:\Windows\system32\klfphc.dll
2012-11-06 09:50:33 ----D---- C:\Windows\ELAMBKUP
2012-11-06 09:50:17 ----D---- C:\ProgramData\Kaspersky Lab
2012-11-06 09:50:17 ----D---- C:\Program Files (x86)\Kaspersky Lab
2012-11-06 09:49:50 ----A---- C:\Windows\system32\drivers\klif.sys
2012-11-06 09:49:50 ----A---- C:\Windows\system32\drivers\klflt.sys
2012-11-05 13:23:28 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-11-05 13:23:28 ----D---- C:\Program Files\SUPERAntiSpyware
2012-11-04 19:16:30 ----D---- C:\Program Files\trend micro
2012-11-04 18:55:00 ----D---- C:\rsit
2012-11-04 11:13:25 ----A---- C:\Windows\unins000.exe
2012-11-04 11:13:25 ----A---- C:\Windows\unins000.dat
2012-11-04 10:54:25 ----A---- C:\Windows\SYSWOW64\WRusr.dll
2012-11-04 10:54:25 ----A---- C:\Windows\system32\WRusr.dll
2012-11-04 10:43:50 ----A---- C:\Windows\system32\drivers\WRkrn.sys
2012-11-04 10:43:49 ----D---- C:\ProgramData\WRData
2012-11-04 10:36:07 ----D---- C:\Users\Wareza\AppData\Roaming\QuickScan
2012-11-04 00:25:27 ----D---- C:\ProgramData\ESET
2012-11-03 19:53:23 ----A---- C:\scu.dat
2012-11-03 17:54:33 ----N---- C:\Windows\system32\1796.tmp
2012-11-03 17:40:53 ----N---- C:\Windows\system32\952D.tmp
2012-11-03 12:39:40 ----D---- C:\Users\Wareza\AppData\Roaming\TuneUp Software
2012-11-03 12:37:18 ----D---- C:\ProgramData\AVG2013
2012-11-01 23:50:02 ----D---- C:\Windows\Minidump
2012-11-01 22:26:03 ----A---- C:\autoexec.bat
2012-11-01 22:24:17 ----D---- C:\Windows\DDABC66756B3412282B02F5782EA2F9A.TMP
2012-11-01 12:05:29 ----D---- C:\Program Files (x86)\JDownloader
2012-10-31 21:01:18 ----D---- C:\Users\Wareza\AppData\Roaming\VitySoft
2012-10-30 13:31:10 ----D---- C:\Windows\SYSWOW64\gs
2012-10-30 13:31:10 ----A---- C:\Windows\SYSWOW64\gswin32c.exe
2012-10-30 13:28:55 ----A---- C:\Windows\SYSWOW64\msxml2.dll
2012-10-30 13:28:36 ----A---- C:\Windows\SYSWOW64\vbar332.dll
2012-10-27 11:00:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-17 21:00:27 ----D---- C:\Users\Wareza\AppData\Roaming\EMCO
2012-10-17 20:55:08 ----D---- C:\ProgramData\IObit
2012-10-17 20:55:06 ----D---- C:\Program Files (x86)\IObit
2012-10-17 20:40:19 ----A---- C:\Windows\ntbtlog.txt
======List of files/folders modified in the last 1 month======
2012-11-07 13:27:58 ----SHD---- C:\System Volume Information
2012-11-07 10:12:42 ----D---- C:\Users\Wareza\AppData\Roaming\Skype
2012-11-06 20:52:30 ----D---- C:\Windows\Temp
2012-11-06 20:15:10 ----D---- C:\Windows\system32\config
2012-11-06 13:40:25 ----D---- C:\Windows\SysWOW64
2012-11-06 13:40:12 ----RD---- C:\Program Files (x86)
2012-11-06 13:40:12 ----D---- C:\ProgramData\ICQ
2012-11-06 10:35:39 ----D---- C:\Windows\system32\drivers
2012-11-06 10:03:42 ----SHD---- C:\Config.Msi
2012-11-06 10:03:42 ----AD---- C:\Windows\System32
2012-11-06 10:02:53 ----D---- C:\Windows\system32\catroot
2012-11-06 09:59:14 ----SHD---- C:\Windows\Installer
2012-11-06 09:58:53 ----D---- C:\ProgramData\Skype
2012-11-06 09:51:55 ----D---- C:\Windows\system32\DriverStore
2012-11-06 09:51:54 ----D---- C:\Windows\inf
2012-11-06 09:50:33 ----AD---- C:\Windows
2012-11-06 09:50:17 ----HD---- C:\ProgramData
2012-11-06 00:01:34 ----D---- C:\ProgramData\MFAData
2012-11-05 23:53:23 ----D---- C:\Program Files (x86)\Common Files
2012-11-05 23:52:26 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-11-05 13:26:59 ----D---- C:\Windows\Tasks
2012-11-05 13:26:59 ----D---- C:\Windows\system32\Tasks
2012-11-05 13:23:28 ----RD---- C:\Program Files
2012-11-05 13:19:27 ----D---- C:\Users\Wareza\AppData\Roaming\uTorrent
2012-11-05 13:02:04 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2012-11-04 18:57:32 ----D---- C:\ProgramData\AVAST Software
2012-11-04 15:13:33 ----D---- C:\Windows\system32\catroot2
2012-11-04 10:23:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-03 17:34:41 ----D---- C:\Users\Wareza\AppData\Roaming\DAEMON Tools Lite
2012-11-03 12:28:47 ----D---- C:\ProgramData\AVG2012
2012-11-03 12:26:05 ----D---- C:\Windows\SYSWOW64\drivers
2012-11-03 12:26:02 ----D---- C:\Windows\system32\drivers\AVG
2012-11-02 16:37:58 ----D---- C:\ProgramData\Windows Codecs
2012-11-02 14:26:31 ----D---- C:\ProgramData\CanonIJPLM
2012-11-02 13:16:40 ----D---- C:\Windows\Prefetch
2012-11-01 23:53:23 ----SD---- C:\Users\Wareza\AppData\Roaming\Microsoft
2012-11-01 23:20:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-30 23:50:30 ----A---- C:\Windows\system32\aswBoot.exe
2012-10-24 19:01:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-10-24 19:00:57 ----D---- C:\Program Files (x86)\IMSIDesign
2012-10-17 20:54:43 ----D---- C:\Program Files (x86)\Unlocker
2012-10-17 20:23:05 ----D---- C:\Program Files (x86)\Share Rapid Uploader
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 27216]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-06-19 458584]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore64.sys [2011-11-14 367912]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-17 279616]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2010-06-09 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-11-06 611160]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2010-04-22 27736]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2012-06-08 54104]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
R1 NetworkX;NetworkX; C:\Windows\System32\ckldrv.sys [2010-03-19 30272]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [2012-07-15 55384]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; C:\Windows\system32\DRIVERS\aksdf.sys [2006-12-13 65024]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-12-04 314368]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-08-07 3058168]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2010-08-21 34152]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2012-11-06 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2012-11-06 29528]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-02-03 60408]
S0 TfFsMon;TfFsMon; C:\Windows\system32\drivers\TfFsMon.sys []
S0 TFSysMon;TfSysMon; C:\Windows\system32\drivers\TfSysMon.sys []
S2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS [2008-11-23 97792]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-15 6403072]
S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\Windows\syswow64\1796.tmp []
S3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD64.sys [2011-09-28 70760]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 TfNetMon;TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys []
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-15 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-27 55144]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 CrypKey License;CrypKey License; C:\Windows\system32\crypserv.exe [2010-03-18 126976]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2012-02-07 66560]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-04-24 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-04-24 107832]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2009-10-28 65536]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-06 934760]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-02-25 196464]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S2 AVP;Kaspersky Anti-Virus Service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-08-17 218880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-04 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S2 Transbase TECDOC CD 1_2011 Service;Transbase TECDOC CD 1_2011 Service; D:\TECDOC_CD\1_2011\db\tbmux32.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-04 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Run by Wareza at 2012-11-08 10:48:11
Microsoft Windows 7 Home Premium
System drive C: has 80 GB (33%) free of 238 GB
Total RAM: 4091 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:48:15, on 8.11.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Windows\System32\PrintDisp.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Program Files\trend micro\Wareza.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [FontExpertType1Loader] C:\Program Files (x86)\FontExpert\Type1Loader.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1119
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Wareza\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{19D18547-F755-46BA-9807-56DDCB85DD57}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{32C913EE-9640-4023-93A9-F7A94D537652}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFA22BA6-5B0C-4C2C-8FEA-D0E3056B4F5D}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{19D18547-F755-46BA-9807-56DDCB85DD57}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{19D18547-F755-46BA-9807-56DDCB85DD57}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: CrypKey License - Unknown owner - C:\Windows\system32\crypserv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: Transbase TECDOC CD 1_2011 Service - Unknown owner - D:\TECDOC_CD\1_2011\db\tbmux32.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 18465 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 35841168
\??\C:\Windows\system32\conhost.exe "5558992036032262701835240660-194154100567783385-710977122-1043791908-1678116540
C:\Windows\System32\spoolsv.exe
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {92EEC86E-6C4E-4ECC-98CB-14FAD6133133}
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\crypserv.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\SysWOW64\nlssrv32.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\PrintCtrl.exe
C:\Windows\SysWOW64\PSIService.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
WLIDSvcM.exe 3084
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Windows\System32\PrintDisp.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"c:\Program Files\Corel\CorelDRAW Graphics Suite X6\Programs64\CorelDrw.exe" -DDE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -restart
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6872.13722d00.795503098 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 6872 "\\.\pipe\gecko-crash-server-pipe.6872" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe" --proxy-stub-channel=Flash2444.66B83AA0.41 --host-broker-channel=Flash2444.66B83AA0.18467 --host-pid=2444 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe" --channel=8324.0038F924.1898043187 --proxy-stub-channel=Flash2444.66B83AA0.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe55_ Global\UsGthrCtrlFltPipeMssGthrPipe55 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\Wareza\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3893988867-3537961221-3907201996-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3893988867-3537961221-3907201996-1000UA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task a3694c44-31e3-4a19-a174-8830d1a57131.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, FasterFox_Lite@BigRedBrent:3.9.1Lite, DTToolbar@toolbarnet.com:1.1.3.0244, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.03, engine@conduit.com:3.2.5.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@protectdisc.com/NPMPDRM]
"Description"=MPDRM License Acquisition Plugin
"Path"=C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198]
"Description"=15.0.0.198
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
KavAntiBanner@Kaspersky.ru
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
nsjsrealplayerplugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
fcmdSrchddr.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\
FasterFox_Lite@BigRedBrent
{e001c731-5e37-4538-a5cb-8168736a2360}
C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
mailru---.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2012-08-17 652216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2012-08-17 983992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2012-08-17 510392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2012-08-17 580536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2012-08-17 537528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2012-08-17 811960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2012-08-17 424888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2012-08-17 484280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-10 520760]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-04-19 136136]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-27 2184520]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2011-01-03 976896]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"Google Update"=C:\Users\Wareza\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-02 136176]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-11-05 5629312]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe [2012-10-08 692152]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-15 98304]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"FontExpertType1Loader"=C:\Program Files (x86)\FontExpert\Type1Loader.exe [2010-05-14 294208]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-12-10 296056]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-03-06 421736]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"ROC_roc_ssl_v12"=C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe / /PROMPT /CMPID=roc_ssl_v12 []
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-08-17 218880]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1119 []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll,C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\System32\klogon.dll [2010-07-01 233656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRkrn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRSVC]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-11-06 13:40:09 ----A---- C:\AdwCleaner[S1].txt
2012-11-06 11:07:37 ----A---- C:\AdwCleaner[R1].txt
2012-11-06 09:59:16 ----A---- C:\Windows\system32\services.exe
2012-11-06 09:52:08 ----A---- C:\Windows\system32\klfphc.dll
2012-11-06 09:50:33 ----D---- C:\Windows\ELAMBKUP
2012-11-06 09:50:17 ----D---- C:\ProgramData\Kaspersky Lab
2012-11-06 09:50:17 ----D---- C:\Program Files (x86)\Kaspersky Lab
2012-11-06 09:49:50 ----A---- C:\Windows\system32\drivers\klif.sys
2012-11-06 09:49:50 ----A---- C:\Windows\system32\drivers\klflt.sys
2012-11-05 13:23:28 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-11-05 13:23:28 ----D---- C:\Program Files\SUPERAntiSpyware
2012-11-04 19:16:30 ----D---- C:\Program Files\trend micro
2012-11-04 18:55:00 ----D---- C:\rsit
2012-11-04 11:13:25 ----A---- C:\Windows\unins000.exe
2012-11-04 11:13:25 ----A---- C:\Windows\unins000.dat
2012-11-04 10:54:25 ----A---- C:\Windows\SYSWOW64\WRusr.dll
2012-11-04 10:54:25 ----A---- C:\Windows\system32\WRusr.dll
2012-11-04 10:43:50 ----A---- C:\Windows\system32\drivers\WRkrn.sys
2012-11-04 10:43:49 ----D---- C:\ProgramData\WRData
2012-11-04 10:36:07 ----D---- C:\Users\Wareza\AppData\Roaming\QuickScan
2012-11-04 00:25:27 ----D---- C:\ProgramData\ESET
2012-11-03 19:53:23 ----A---- C:\scu.dat
2012-11-03 17:54:33 ----N---- C:\Windows\system32\1796.tmp
2012-11-03 17:40:53 ----N---- C:\Windows\system32\952D.tmp
2012-11-03 12:39:40 ----D---- C:\Users\Wareza\AppData\Roaming\TuneUp Software
2012-11-03 12:37:18 ----D---- C:\ProgramData\AVG2013
2012-11-01 23:50:02 ----D---- C:\Windows\Minidump
2012-11-01 22:26:03 ----A---- C:\autoexec.bat
2012-11-01 22:24:17 ----D---- C:\Windows\DDABC66756B3412282B02F5782EA2F9A.TMP
2012-11-01 12:05:29 ----D---- C:\Program Files (x86)\JDownloader
2012-10-31 21:01:18 ----D---- C:\Users\Wareza\AppData\Roaming\VitySoft
2012-10-30 13:31:10 ----D---- C:\Windows\SYSWOW64\gs
2012-10-30 13:31:10 ----A---- C:\Windows\SYSWOW64\gswin32c.exe
2012-10-30 13:28:55 ----A---- C:\Windows\SYSWOW64\msxml2.dll
2012-10-30 13:28:36 ----A---- C:\Windows\SYSWOW64\vbar332.dll
2012-10-27 11:00:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-17 21:00:27 ----D---- C:\Users\Wareza\AppData\Roaming\EMCO
2012-10-17 20:55:08 ----D---- C:\ProgramData\IObit
2012-10-17 20:55:06 ----D---- C:\Program Files (x86)\IObit
2012-10-17 20:40:19 ----A---- C:\Windows\ntbtlog.txt
======List of files/folders modified in the last 1 month======
2012-11-07 13:27:58 ----SHD---- C:\System Volume Information
2012-11-07 10:12:42 ----D---- C:\Users\Wareza\AppData\Roaming\Skype
2012-11-06 20:52:30 ----D---- C:\Windows\Temp
2012-11-06 20:15:10 ----D---- C:\Windows\system32\config
2012-11-06 13:40:25 ----D---- C:\Windows\SysWOW64
2012-11-06 13:40:12 ----RD---- C:\Program Files (x86)
2012-11-06 13:40:12 ----D---- C:\ProgramData\ICQ
2012-11-06 10:35:39 ----D---- C:\Windows\system32\drivers
2012-11-06 10:03:42 ----SHD---- C:\Config.Msi
2012-11-06 10:03:42 ----AD---- C:\Windows\System32
2012-11-06 10:02:53 ----D---- C:\Windows\system32\catroot
2012-11-06 09:59:14 ----SHD---- C:\Windows\Installer
2012-11-06 09:58:53 ----D---- C:\ProgramData\Skype
2012-11-06 09:51:55 ----D---- C:\Windows\system32\DriverStore
2012-11-06 09:51:54 ----D---- C:\Windows\inf
2012-11-06 09:50:33 ----AD---- C:\Windows
2012-11-06 09:50:17 ----HD---- C:\ProgramData
2012-11-06 00:01:34 ----D---- C:\ProgramData\MFAData
2012-11-05 23:53:23 ----D---- C:\Program Files (x86)\Common Files
2012-11-05 23:52:26 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-11-05 13:26:59 ----D---- C:\Windows\Tasks
2012-11-05 13:26:59 ----D---- C:\Windows\system32\Tasks
2012-11-05 13:23:28 ----RD---- C:\Program Files
2012-11-05 13:19:27 ----D---- C:\Users\Wareza\AppData\Roaming\uTorrent
2012-11-05 13:02:04 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2012-11-04 18:57:32 ----D---- C:\ProgramData\AVAST Software
2012-11-04 15:13:33 ----D---- C:\Windows\system32\catroot2
2012-11-04 10:23:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-03 17:34:41 ----D---- C:\Users\Wareza\AppData\Roaming\DAEMON Tools Lite
2012-11-03 12:28:47 ----D---- C:\ProgramData\AVG2012
2012-11-03 12:26:05 ----D---- C:\Windows\SYSWOW64\drivers
2012-11-03 12:26:02 ----D---- C:\Windows\system32\drivers\AVG
2012-11-02 16:37:58 ----D---- C:\ProgramData\Windows Codecs
2012-11-02 14:26:31 ----D---- C:\ProgramData\CanonIJPLM
2012-11-02 13:16:40 ----D---- C:\Windows\Prefetch
2012-11-01 23:53:23 ----SD---- C:\Users\Wareza\AppData\Roaming\Microsoft
2012-11-01 23:20:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-30 23:50:30 ----A---- C:\Windows\system32\aswBoot.exe
2012-10-24 19:01:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-10-24 19:00:57 ----D---- C:\Program Files (x86)\IMSIDesign
2012-10-17 20:54:43 ----D---- C:\Program Files (x86)\Unlocker
2012-10-17 20:23:05 ----D---- C:\Program Files (x86)\Share Rapid Uploader
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 27216]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-06-19 458584]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore64.sys [2011-11-14 367912]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-17 279616]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2010-06-09 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-11-06 611160]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2010-04-22 27736]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2012-06-08 54104]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
R1 NetworkX;NetworkX; C:\Windows\System32\ckldrv.sys [2010-03-19 30272]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [2012-07-15 55384]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; C:\Windows\system32\DRIVERS\aksdf.sys [2006-12-13 65024]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-12-04 314368]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-08-07 3058168]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2010-08-21 34152]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2012-11-06 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2012-11-06 29528]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-02-03 60408]
S0 TfFsMon;TfFsMon; C:\Windows\system32\drivers\TfFsMon.sys []
S0 TFSysMon;TfSysMon; C:\Windows\system32\drivers\TfSysMon.sys []
S2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS [2008-11-23 97792]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-15 6403072]
S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\Windows\syswow64\1796.tmp []
S3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD64.sys [2011-09-28 70760]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 TfNetMon;TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys []
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-15 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-27 55144]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 CrypKey License;CrypKey License; C:\Windows\system32\crypserv.exe [2010-03-18 126976]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2012-02-07 66560]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-04-24 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-04-24 107832]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2009-10-28 65536]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-06 934760]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-02-25 196464]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S2 AVP;Kaspersky Anti-Virus Service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-08-17 218880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-04 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S2 Transbase TECDOC CD 1_2011 Service;Transbase TECDOC CD 1_2011 Service; D:\TECDOC_CD\1_2011\db\tbmux32.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-04 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Re: Prosím o kontrolu
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
- Provedte aktualizaci
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Malwarebytes Anti-Malware (PRO) 1.65.1.1000
www.malwarebytes.org
Verze databáze: v2012.11.08.10
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Wareza :: HOME [administrátor]
Ochrana: Zakázána
8.11.2012 23:40:01
mbam-log-2012-11-09 (10-55-49).txt
Typ: Úplná kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 641088
Uplynulý čas: 2 hodin, 25 minut, 43 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\adobe.photoshop.cs6-patch.exe (PUP.RiskwareTool.CK) -> Žádná instrukce nebyla provedena.
C:\Users\Wareza\Desktop\SUPERAntiSpyware Professional 5.6.1012 Final\CORE\keygen.exe (Malware.Packer) -> Žádná instrukce nebyla provedena.
(konec)
www.malwarebytes.org
Verze databáze: v2012.11.08.10
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Wareza :: HOME [administrátor]
Ochrana: Zakázána
8.11.2012 23:40:01
mbam-log-2012-11-09 (10-55-49).txt
Typ: Úplná kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 641088
Uplynulý čas: 2 hodin, 25 minut, 43 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\adobe.photoshop.cs6-patch.exe (PUP.RiskwareTool.CK) -> Žádná instrukce nebyla provedena.
C:\Users\Wareza\Desktop\SUPERAntiSpyware Professional 5.6.1012 Final\CORE\keygen.exe (Malware.Packer) -> Žádná instrukce nebyla provedena.
(konec)
Přispějete na provoz fóra?