[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E.x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E/x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E/x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E06CG5EL8:", "6E6C7171706E72737775");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E06CG5EL8:.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E06CG5EL;8I:K", "247E2D2F226A74727777767478797D7B242F4B49474F42357D5D5C3D");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E06CG5EL;8I:K.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E0x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E0x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E1x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E1x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E2x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E2x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E3x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E3x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E4x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E4x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E5x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E5x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E6x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E6x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E7x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E7x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E8x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E8x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E9x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E9x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E:x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E:x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E;x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E;x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E<x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E<x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E=x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E=x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E>x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E>x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E?x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E?x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E@x305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7E@x305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7EAx305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7EAx305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7EBE3G=;D9N9=D.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7EBx305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7EBx305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7ECx305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7ECx305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7EDx305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7EDx305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7Etx305", "2423");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B+7Etx305.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B-0?3G>D", "3D3D703C72743F727A74727478204C7A4B21254C24527C2A285527272B592C5A5A282C61");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B-0?3G>D.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B-0?3G@6:5;", "");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B-0?3G@6:5;.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B-0?3GFA7EF", "2B2E2C3D");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B-0?3GFA7EF.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A2329282A31323334353A455F67566B5D67566F596B5F5F6A6567553E72786E687760");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B-3=3ECCJA=F>.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B/>01=9A6K6<IM;KRIE@PDAWM", "676A6D7273747576");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B3=>@44I48?.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B5BA==9CJAG", "6C6E6D703D3E6D6F7A45467846494A7A4D207C7D51");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B5BA==9CJAG.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B6B11G4C56B>F;P;ANR@P", "6E6C6E706D706F717176767574");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B6B11G4C56B>F;P;ANR@P.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B9643G3/9E", "6A");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B9643G3/9E.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B;45>:BI9I7IE", "2B2E2C3D");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B;45>:BI9I7IE.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B<:222H64<", "393F352F3E");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B<:222H64<.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B<:222H64<L8DAJ", "6D70706E76747079756F2A797A727A7975217E");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B<:222H64<L8DAJ.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B=+03EH8H8J?:", "4443");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B=+03EH8H8J?:.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B?+E2A52D8.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B?B0D:8AJ62<H", "6D");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9B?B0D:8AJ62<H.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9BA@0<0BI6A7GN:6@L?", "6C");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468./9BA@0<0BI6A7GN:6@L?.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.PG_ENABLE", "74727565");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.PG_ENABLE.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.SF_JUST_INSTALLED", "46414C5345");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.SF_JUST_INSTALLED.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.SF_STATUS", "454E41424C4544");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.SF_STATUS.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.SF_USER_ID", "6369645F3239353230313431333335313232323034323938");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.SF_USER_ID.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.cb_experience_000", "34");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.cb_experience_000.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.cb_firstuse0100", "31");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.cb_firstuse0100.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.cb_user_id_000", "43423538343433303934343132395F313431343833383333303135335F46697265666F78");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.cb_user_id_000.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.cbfirsttime", "546875204D617920323920323031342031333A33353A313320474D542B30323030");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.cbfirsttime.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appStateReportTime", "31343433303339303537383839");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appStateReportTime.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appState_CouponBuddy", "6F6E");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appState_CouponBuddy.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appState_Easytobook", "6F6E");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appState_Easytobook.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appState_Easytobook_targeted", "6F6E");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appState_Easytobook_targeted.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appState_PriceGong", "6F6E");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appState_PriceGong.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appState_WindowShopper", "6F6E");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appState_WindowShopper.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appsConfig.storedInFile", true);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appsDefaultEnabled", "6E756C6C");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_appsDefaultEnabled.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_calledSetupService", "31");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_calledSetupService.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_currentVersion", "312E31332E302E3137");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_currentVersion.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_existingUsersRecoveryDone", "31");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_existingUsersRecoveryDone.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_first_time", "31");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_first_time.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_gadgetOpen", "77656C636F6D65");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_gadgetOpen.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_lastLoginTime", "31343433303339303538323932");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_lastLoginTime.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_localization.storedInFile", true);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_mamEnabled", "66616C7365");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_mamEnabled.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_migrated_from_ls", "31");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_migrated_from_ls.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_new_welcome_experience", "31");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_new_welcome_experience.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_settings1.13.0.17.storedInFile", true);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_showWelcomeGadget", "66616C7365");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_showWelcomeGadget.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_stamp", "38345F30");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_stamp.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_userBornDate", "4E2F41");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_userBornDate.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_userId", "64623761356334612D323366612D343461302D626266662D316334356464653133393436");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_userId.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_user_approval_interacted", "31");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_user_approval_interacted.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_welcomeDialogMode", "31");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.mam_gk_welcomeDialogMode.storedInFile", false);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.url_history0001", "687474703A2F2F7777772E66726565766964656F2E637A2F766173652D76696465612F6E656A6E6F76656A73692F737472616E6B612D322E68746D6C3A3A3A636C69636B68616E646C6572[...]
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT3220468.url_history0001.storedInFile", true);
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("valueApps.storage.mam_gk_userId", "64623761356334612D323366612D343461302D626266662D316334356464653133393436");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.install_folder", "C:\\Program Files\\StartNow Toolbar");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.name", "StartNow Toolbar");
[-] [C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\prefs.js] [Preference] Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.startpage", "klit.startnow.com");
[-] [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\w24xly2o.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.allowSendURL", false);
[-] [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\w24xly2o.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.engineVerified", false);
[-] [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\w24xly2o.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
[-] [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\w24xly2o.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
[-] [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\w24xly2o.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.previousFFVersion", "3.0.15");
[-] [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\w24xly2o.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.skip_default_search", "no");
[-] [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\w24xly2o.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.suggestions", false);
[-] [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\w24xly2o.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.uniqueID", "126084941212608494041260849423053");
[-] [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\w24xly2o.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1260849470);
[-] [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\w24xly2o.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.version", "1.1.4");
[-] [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\w24xly2o.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[-] [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\w24xly2o.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
[-] [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\w24xly2o.default\prefs.js] [Preference] Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=");
[-] [C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxps://isearch.avg.com/search?cid={B2B81511-0862-4EDB-BA38-44821F8E0267}&mid=b98c7794ed1947d0bf08d15434393edb-3adc31620ff28c27b6a1b3579bc3816c1fe12ed9&lang=cs&ds=gm011&pr=sa&d=2012-06-20 21:02:41&v=11.1.1.7&sap=dsp&q={searchTerms}
[-] [C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : incfcgceegpikennjoplhfghaaikdgei
[-] [C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nbdbmopeebalgaeghmjoegpkngglikgn
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [131354 bytes] ##########
Prosím o kontrolu logu
Re: Prosím o kontrolu logu
Tady log z JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.3 (09.21.2015:1)
OS: Windows Vista (TM) Home Premium x86
Ran by pocitac on Łt 29.09.2015 at 19:08:13,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\tmp8C67
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81FA428925F22ACB3A965
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09F45BAFAAE1D7546ED4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050B2E46B9C4B67A8F59577
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606D43BB064BD63CBD87E
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28C944FBC7579CF4949414
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3DC1468548785DC856EDA
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8D249B526503432F99D4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4BA46856BF57969F6A36
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56C49B56F6B83E293C15
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927C4E9B7BC1D3FD1E49F
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327DC64C9A8B641A9E89646
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311531136}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322532236}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355535536}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366536636}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344534436}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{82a1882d-293b-4a6f-a83b-e2339b1c184c}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311531136}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355535536}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366536636}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344534436}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531136}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531136}
~~~ Files
Successfully deleted: [File] C:\Users\pocitac\Appdata\Local\google\chrome\user data\default\local storage\hxxp_app.mam.vaccint.com_0.localstorage
Successfully deleted: [File] C:\Users\pocitac\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage
Successfully deleted: [File] C:\Users\pocitac\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage-journal
Successfully deleted: [File] C:\Users\pocitac\Appdata\Local\google\chrome\user data\default\local storage\hxxp_toolbar.utorrent.com_0.localstorage
Successfully deleted: [File] C:\Users\pocitac\Appdata\Local\google\chrome\user data\default\local storage\hxxp_toolbar.utorrent.com_0.localstorage-journal
~~~ Folders
Successfully deleted: [Folder] C:\Program Files\askpartnernetwork
Successfully deleted: [Folder] C:\Program Files\utorrentcontrol_v2
Successfully deleted: [Folder] C:\Users\pocitac\Appdata\LocalLow\utorrentcontrol_v2
~~~ FireFox
Successfully deleted: [Folder] C:\Users\pocitac\AppData\Roaming\mozilla\firefox\profiles\conj2fqh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted the following from C:\Users\pocitac\AppData\Roaming\mozilla\firefox\profiles\conj2fqh.default\prefs.js
user_pref(extensions.foxcub.config.encodedConfig, {\core\:{\configUrl\:\hxxp://download.seznam.cz/software/conf/\,\configUrlSecure\:\hxxps://download.seznam.cz/sof
user_pref({5911488E-9D1E-40ec-8CBB-06B231CC153F}.update_url, hxxp://tbupdate.zugo.com/ztb/update?partner_id={partner_id}&product_id={product_id}&affiliate_id={affiliate_id}
Emptied folder: C:\Users\pocitac\AppData\Roaming\mozilla\firefox\profiles\conj2fqh.default\minidumps [193 files]
~~~ Chrome
[C:\Users\pocitac\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\pocitac\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\pocitac\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\pocitac\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 29.09.2015 at 19:16:01,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.3 (09.21.2015:1)
OS: Windows Vista (TM) Home Premium x86
Ran by pocitac on Łt 29.09.2015 at 19:08:13,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\tmp8C67
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81FA428925F22ACB3A965
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09F45BAFAAE1D7546ED4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050B2E46B9C4B67A8F59577
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606D43BB064BD63CBD87E
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28C944FBC7579CF4949414
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3DC1468548785DC856EDA
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8D249B526503432F99D4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4BA46856BF57969F6A36
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56C49B56F6B83E293C15
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927C4E9B7BC1D3FD1E49F
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327DC64C9A8B641A9E89646
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311531136}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322532236}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355535536}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366536636}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344534436}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{82a1882d-293b-4a6f-a83b-e2339b1c184c}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311531136}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355535536}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366536636}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344534436}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531136}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531136}
~~~ Files
Successfully deleted: [File] C:\Users\pocitac\Appdata\Local\google\chrome\user data\default\local storage\hxxp_app.mam.vaccint.com_0.localstorage
Successfully deleted: [File] C:\Users\pocitac\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage
Successfully deleted: [File] C:\Users\pocitac\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage-journal
Successfully deleted: [File] C:\Users\pocitac\Appdata\Local\google\chrome\user data\default\local storage\hxxp_toolbar.utorrent.com_0.localstorage
Successfully deleted: [File] C:\Users\pocitac\Appdata\Local\google\chrome\user data\default\local storage\hxxp_toolbar.utorrent.com_0.localstorage-journal
~~~ Folders
Successfully deleted: [Folder] C:\Program Files\askpartnernetwork
Successfully deleted: [Folder] C:\Program Files\utorrentcontrol_v2
Successfully deleted: [Folder] C:\Users\pocitac\Appdata\LocalLow\utorrentcontrol_v2
~~~ FireFox
Successfully deleted: [Folder] C:\Users\pocitac\AppData\Roaming\mozilla\firefox\profiles\conj2fqh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted the following from C:\Users\pocitac\AppData\Roaming\mozilla\firefox\profiles\conj2fqh.default\prefs.js
user_pref(extensions.foxcub.config.encodedConfig, {\core\:{\configUrl\:\hxxp://download.seznam.cz/software/conf/\,\configUrlSecure\:\hxxps://download.seznam.cz/sof
user_pref({5911488E-9D1E-40ec-8CBB-06B231CC153F}.update_url, hxxp://tbupdate.zugo.com/ztb/update?partner_id={partner_id}&product_id={product_id}&affiliate_id={affiliate_id}
Emptied folder: C:\Users\pocitac\AppData\Roaming\mozilla\firefox\profiles\conj2fqh.default\minidumps [193 files]
~~~ Chrome
[C:\Users\pocitac\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\pocitac\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\pocitac\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\pocitac\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 29.09.2015 at 19:16:01,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosím o kontrolu logu
Udělal jsem všechny kroky podle návodu akorát Malwarebytes' Anti-Malware jsem nedělal, až tu budeš napiš co dál dík :)
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Tak ten MBAM udělej, ať víme jestli to něco najde nebo ne. 
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o kontrolu logu
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 30.9.2015
Čas skenování: 16:15:00
Protokol:
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.30.05
Databáze rootkitů: v2015.09.22.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: pocitac
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 492999
Uplynulý čas: 32 min, 28 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 16
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{855F3B16-6D32-4FE6-8A56-BBB695989046}, , [ad60a2948605e2549393628df1115fa1],
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{855F3B16-6D32-4FE6-8A56-BBB695989046}, , [ad60a2948605e2549393628df1115fa1],
PUP.Optional.StartNow, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5911488E-9D1E-40EC-8CBB-06B231CC153F}, , [df2e70c6701b80b69baca84ca06244bc],
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [13fa4de92b60e94dd4ef946023df6c94],
PUP.Optional.DVDVideoSoftTB, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, , [8c811c1aa7e4db5baa9f3faf4db5e11f],
PUP.Optional.uTorrentControl, HKLM\SOFTWARE\uTorrentControl_v2, , [20edd36396f5ed49c0134489b84cd030],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}, , [c548ea4c107b340281e889104eb6e31d],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}, , [17f60036b0dbcc6a21489bfe01039967],
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{434D452D-5637-006A-76A7-A758B70C2201}, , [e924fa3cdeada88e91eccf0908fc0ff1],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}, , [fe0fa096d2b97abc02669affe02422de],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1739DC6C-087A-43F3-A784-7E95077F70F3}, , [a667d75fa1ea89addd8b762380840af6],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20EF4F23-9AED-437C-B6E2-F9E36A66416F}, , [9a7396a0aae14aec660288117a8a867a],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}, , [64a995a11576092dc8a0c1d8ed1705fb],
PUP.Optional.StartNow, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0388404D-6072-4CEB-B521-8F090FEAEE57}, , [6ca1b383bad14de916a88146cf35db25],
PUP.Optional.ICQ, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}, , [0d00ad898a017cbaa2d32a8058acc13f],
PUP.Optional.Conduit, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [d13c38fef79445f19bb3ecad5aaa728e],
Hodnoty registru: 17
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, ˝¶st‘FDG¨+xTë=p¶, , [13fa4de92b60e94dd4ef946023df6c94]
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [13fa4de92b60e94dd4ef946023df6c94],
PUP.Optional.DVDVideoSoftTB, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, [+‡µť C˝Đ¬ •Wĺő, , [8c811c1aa7e4db5baa9f3faf4db5e11f]
PUP.Optional.DVDVideoSoftTB, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, , [0c01d165206bed49bd8c11ddfd052ad6],
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [cb42fa3c503b5fd7bd0692626e9415eb],
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{7473b6bd-4691-4744-a82b-7854eb3d70b6}, , [53ba54e28407aa8c754e886c8a78a15f],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT2269050, , [c548ea4c107b340281e889104eb6e31d]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT3220468, , [17f60036b0dbcc6a21489bfe01039967]
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{434D452D-5637-006A-76A7-A758B70C2201}|InstallSource, C:\ProgramData\APN\APN-Stub\CME-V7\, , [e924fa3cdeada88e91eccf0908fc0ff1]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT2269050, , [fe0fa096d2b97abc02669affe02422de]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1739DC6C-087A-43F3-A784-7E95077F70F3}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT2269050, , [a667d75fa1ea89addd8b762380840af6]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20EF4F23-9AED-437C-B6E2-F9E36A66416F}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT3220468, , [9a7396a0aae14aec660288117a8a867a]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT3220468, , [64a995a11576092dc8a0c1d8ed1705fb]
PUP.Optional.StartNow, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0388404D-6072-4CEB-B521-8F090FEAEE57}|URL, http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=CZ&install_date=20120621&user_guid=09CB6C7A8B5A422B809BCF0CF8EFCD89&machine_id=1694da788da8b2fc2436a70afe6a9951&browser=IE&os=win&os_version=6.0-x86-SP2&iesrc={referrer:source}, , [6ca1b383bad14de916a88146cf35db25]
PUP.Optional.ICQ, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|URL, http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd, , [0d00ad898a017cbaa2d32a8058acc13f]
PUP.Optional.ICQ, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|FaviconURL, http://c.icq.com/favicon.ico, , [c944a492404b5bdb156077332cd8cf31]
PUP.Optional.Conduit, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468, , [d13c38fef79445f19bb3ecad5aaa728e]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 5
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\searchplugins\utorrentcontrolv2-customized-web-search.xml, , [d835cc6aacdfea4ca6b0b0e8e024b749],
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.tbccint.com_0.localstorage, , [010cf93d3457a294c2770891b153a858],
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.tbccint.com_0.localstorage-journal, , [b4592c0adfaccc6a59e0cdccbb49a55b],
PUP.Optional.ASK.Gen, C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\extensions\toolbar_CME-V7@apn.ask.com.xpi, , [55b870c67d0ef73f9cdd4d8bc73df50b],
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\searchplugins\utorrentcontrolv2-customized-web-search-1.xml, , [c24b12242e5d65d1b3b161597293ba46],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 30.9.2015
Čas skenování: 16:15:00
Protokol:
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.30.05
Databáze rootkitů: v2015.09.22.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: pocitac
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 492999
Uplynulý čas: 32 min, 28 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 16
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{855F3B16-6D32-4FE6-8A56-BBB695989046}, , [ad60a2948605e2549393628df1115fa1],
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{855F3B16-6D32-4FE6-8A56-BBB695989046}, , [ad60a2948605e2549393628df1115fa1],
PUP.Optional.StartNow, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5911488E-9D1E-40EC-8CBB-06B231CC153F}, , [df2e70c6701b80b69baca84ca06244bc],
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [13fa4de92b60e94dd4ef946023df6c94],
PUP.Optional.DVDVideoSoftTB, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, , [8c811c1aa7e4db5baa9f3faf4db5e11f],
PUP.Optional.uTorrentControl, HKLM\SOFTWARE\uTorrentControl_v2, , [20edd36396f5ed49c0134489b84cd030],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}, , [c548ea4c107b340281e889104eb6e31d],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}, , [17f60036b0dbcc6a21489bfe01039967],
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{434D452D-5637-006A-76A7-A758B70C2201}, , [e924fa3cdeada88e91eccf0908fc0ff1],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}, , [fe0fa096d2b97abc02669affe02422de],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1739DC6C-087A-43F3-A784-7E95077F70F3}, , [a667d75fa1ea89addd8b762380840af6],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20EF4F23-9AED-437C-B6E2-F9E36A66416F}, , [9a7396a0aae14aec660288117a8a867a],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}, , [64a995a11576092dc8a0c1d8ed1705fb],
PUP.Optional.StartNow, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0388404D-6072-4CEB-B521-8F090FEAEE57}, , [6ca1b383bad14de916a88146cf35db25],
PUP.Optional.ICQ, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}, , [0d00ad898a017cbaa2d32a8058acc13f],
PUP.Optional.Conduit, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [d13c38fef79445f19bb3ecad5aaa728e],
Hodnoty registru: 17
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, ˝¶st‘FDG¨+xTë=p¶, , [13fa4de92b60e94dd4ef946023df6c94]
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [13fa4de92b60e94dd4ef946023df6c94],
PUP.Optional.DVDVideoSoftTB, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, [+‡µť C˝Đ¬ •Wĺő, , [8c811c1aa7e4db5baa9f3faf4db5e11f]
PUP.Optional.DVDVideoSoftTB, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, , [0c01d165206bed49bd8c11ddfd052ad6],
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [cb42fa3c503b5fd7bd0692626e9415eb],
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{7473b6bd-4691-4744-a82b-7854eb3d70b6}, , [53ba54e28407aa8c754e886c8a78a15f],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT2269050, , [c548ea4c107b340281e889104eb6e31d]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT3220468, , [17f60036b0dbcc6a21489bfe01039967]
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{434D452D-5637-006A-76A7-A758B70C2201}|InstallSource, C:\ProgramData\APN\APN-Stub\CME-V7\, , [e924fa3cdeada88e91eccf0908fc0ff1]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT2269050, , [fe0fa096d2b97abc02669affe02422de]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1739DC6C-087A-43F3-A784-7E95077F70F3}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT2269050, , [a667d75fa1ea89addd8b762380840af6]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20EF4F23-9AED-437C-B6E2-F9E36A66416F}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT3220468, , [9a7396a0aae14aec660288117a8a867a]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT3220468, , [64a995a11576092dc8a0c1d8ed1705fb]
PUP.Optional.StartNow, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0388404D-6072-4CEB-B521-8F090FEAEE57}|URL, http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=CZ&install_date=20120621&user_guid=09CB6C7A8B5A422B809BCF0CF8EFCD89&machine_id=1694da788da8b2fc2436a70afe6a9951&browser=IE&os=win&os_version=6.0-x86-SP2&iesrc={referrer:source}, , [6ca1b383bad14de916a88146cf35db25]
PUP.Optional.ICQ, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|URL, http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd, , [0d00ad898a017cbaa2d32a8058acc13f]
PUP.Optional.ICQ, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|FaviconURL, http://c.icq.com/favicon.ico, , [c944a492404b5bdb156077332cd8cf31]
PUP.Optional.Conduit, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468, , [d13c38fef79445f19bb3ecad5aaa728e]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 5
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\searchplugins\utorrentcontrolv2-customized-web-search.xml, , [d835cc6aacdfea4ca6b0b0e8e024b749],
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.tbccint.com_0.localstorage, , [010cf93d3457a294c2770891b153a858],
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.tbccint.com_0.localstorage-journal, , [b4592c0adfaccc6a59e0cdccbb49a55b],
PUP.Optional.ASK.Gen, C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\extensions\toolbar_CME-V7@apn.ask.com.xpi, , [55b870c67d0ef73f9cdd4d8bc73df50b],
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\searchplugins\utorrentcontrolv2-customized-web-search-1.xml, , [c24b12242e5d65d1b3b161597293ba46],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosím o kontrolu logu
našlo 38 hrozeb, napiš co dál jestli mám dělat ten RogueKiller dík :)
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
- Spusť znovu MbAM a dej Skenovat nyní
- Po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
- Po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Láska hřeje, ale uhlí je uhlí.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o kontrolu logu
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: pocitac
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 493503
Uplynulý čas: 1 hod, 27 min, 6 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 16
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{855F3B16-6D32-4FE6-8A56-BBB695989046}, Do karantény, [ed21a88e6c1f0b2b37110ce3cd35d927],
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{855F3B16-6D32-4FE6-8A56-BBB695989046}, Do karantény, [ed21a88e6c1f0b2b37110ce3cd35d927],
PUP.Optional.StartNow, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5911488E-9D1E-40EC-8CBB-06B231CC153F}, Do karantény, [fd11003694f766d0cb9e6c885fa3cb35],
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, Do karantény, [cd4174c2e9a27fb7a04509eb60a2916f],
PUP.Optional.DVDVideoSoftTB, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, Do karantény, [0b03d066e3a8c571fb701ed0b54da957],
PUP.Optional.uTorrentControl, HKLM\SOFTWARE\uTorrentControl_v2, Do karantény, [769852e47d0e979f708c3697857f0ff1],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}, Do karantény, [e628e94db0dbc670b0e2adec15ef639d],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}, Do karantény, [f41a73c37c0f70c61d75b1e845bf02fe],
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{434D452D-5637-006A-76A7-A758B70C2201}, Do karantény, [ac628bab711ae056ffa7e3f55fa5916f],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}, Do karantény, [54baee48404bfb3bade45c3de51f15eb],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1739DC6C-087A-43F3-A784-7E95077F70F3}, Do karantény, [9777c57197f45fd7622fe2b7927237c9],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20EF4F23-9AED-437C-B6E2-F9E36A66416F}, Do karantény, [fe10a1952b60e650731e2376d133db25],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}, Do karantény, [7f8f0e28ee9db4821c759cfdea1a19e7],
PUP.Optional.StartNow, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0388404D-6072-4CEB-B521-8F090FEAEE57}, Do karantény, [b5599a9c5338bc7ac91ecff8f60e48b8],
PUP.Optional.ICQ, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}, Do karantény, [a46ab18552391620504e4466cf35af51],
PUP.Optional.Conduit, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, Do karantény, [ca447bbbaeddf83e4433aced867efc04],
Hodnoty registru: 17
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, ˝¶st‘FDG¨+xTë=p¶, Do karantény, [cd4174c2e9a27fb7a04509eb60a2916f]
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, Do karantény, [cd4174c2e9a27fb7a04509eb60a2916f],
PUP.Optional.DVDVideoSoftTB, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, [+‡µť C˝Đ¬ •Wĺő, Do karantény, [0b03d066e3a8c571fb701ed0b54da957]
PUP.Optional.DVDVideoSoftTB, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, Do karantény, [26e8c373305b0d294b20ba34ac56639d],
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, Do karantény, [d33b96a0e5a622148065c0345ea4cd33],
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{7473b6bd-4691-4744-a82b-7854eb3d70b6}, Do karantény, [a767ac8a95f677bf9451a94bf9098f71],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT2269050, Do karantény, [e628e94db0dbc670b0e2adec15ef639d]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT3220468, Do karantény, [f41a73c37c0f70c61d75b1e845bf02fe]
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{434D452D-5637-006A-76A7-A758B70C2201}|InstallSource, C:\ProgramData\APN\APN-Stub\CME-V7\, Do karantény, [ac628bab711ae056ffa7e3f55fa5916f]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT2269050, Do karantény, [54baee48404bfb3bade45c3de51f15eb]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1739DC6C-087A-43F3-A784-7E95077F70F3}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT2269050, Do karantény, [9777c57197f45fd7622fe2b7927237c9]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20EF4F23-9AED-437C-B6E2-F9E36A66416F}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT3220468, Do karantény, [fe10a1952b60e650731e2376d133db25]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT3220468, Do karantény, [7f8f0e28ee9db4821c759cfdea1a19e7]
PUP.Optional.StartNow, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0388404D-6072-4CEB-B521-8F090FEAEE57}|URL, http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=CZ&install_date=20120621&user_guid=09CB6C7A8B5A422B809BCF0CF8EFCD89&machine_id=1694da788da8b2fc2436a70afe6a9951&browser=IE&os=win&os_version=6.0-x86-SP2&iesrc={referrer:source}, Do karantény, [b5599a9c5338bc7ac91ecff8f60e48b8]
PUP.Optional.ICQ, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|URL, http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd, Do karantény, [a46ab18552391620504e4466cf35af51]
PUP.Optional.ICQ, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|FaviconURL, http://c.icq.com/favicon.ico, Do karantény, [d03e31050c7fe84e2f6f8b1f4abaf010]
PUP.Optional.Conduit, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468, Do karantény, [ca447bbbaeddf83e4433aced867efc04]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 5
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\searchplugins\utorrentcontrolv2-customized-web-search.xml, Do karantény, [c44ad6605d2e57dfbac5bddb778dbf41],
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.tbccint.com_0.localstorage, Do karantény, [e727a88e385390a696cc2c6df2123dc3],
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.tbccint.com_0.localstorage-journal, Do karantény, [3cd26fc76d1ef73f92d00a8f27dd7a86],
PUP.Optional.ASK.Gen, C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\extensions\toolbar_CME-V7@apn.ask.com.xpi, Do karantény, [66a8fc3a0a81c76f1d858c4c798b9c64],
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\searchplugins\utorrentcontrolv2-customized-web-search-1.xml, Do karantény, [838b0e283e4d2d095d357842be47f010],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
CPU: x86
Souborový systém: NTFS
Uživatel: pocitac
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 493503
Uplynulý čas: 1 hod, 27 min, 6 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 16
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{855F3B16-6D32-4FE6-8A56-BBB695989046}, Do karantény, [ed21a88e6c1f0b2b37110ce3cd35d927],
PUP.Optional.ICQToolbar, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{855F3B16-6D32-4FE6-8A56-BBB695989046}, Do karantény, [ed21a88e6c1f0b2b37110ce3cd35d927],
PUP.Optional.StartNow, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5911488E-9D1E-40EC-8CBB-06B231CC153F}, Do karantény, [fd11003694f766d0cb9e6c885fa3cb35],
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, Do karantény, [cd4174c2e9a27fb7a04509eb60a2916f],
PUP.Optional.DVDVideoSoftTB, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, Do karantény, [0b03d066e3a8c571fb701ed0b54da957],
PUP.Optional.uTorrentControl, HKLM\SOFTWARE\uTorrentControl_v2, Do karantény, [769852e47d0e979f708c3697857f0ff1],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}, Do karantény, [e628e94db0dbc670b0e2adec15ef639d],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}, Do karantény, [f41a73c37c0f70c61d75b1e845bf02fe],
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{434D452D-5637-006A-76A7-A758B70C2201}, Do karantény, [ac628bab711ae056ffa7e3f55fa5916f],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}, Do karantény, [54baee48404bfb3bade45c3de51f15eb],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1739DC6C-087A-43F3-A784-7E95077F70F3}, Do karantény, [9777c57197f45fd7622fe2b7927237c9],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20EF4F23-9AED-437C-B6E2-F9E36A66416F}, Do karantény, [fe10a1952b60e650731e2376d133db25],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}, Do karantény, [7f8f0e28ee9db4821c759cfdea1a19e7],
PUP.Optional.StartNow, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0388404D-6072-4CEB-B521-8F090FEAEE57}, Do karantény, [b5599a9c5338bc7ac91ecff8f60e48b8],
PUP.Optional.ICQ, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}, Do karantény, [a46ab18552391620504e4466cf35af51],
PUP.Optional.Conduit, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, Do karantény, [ca447bbbaeddf83e4433aced867efc04],
Hodnoty registru: 17
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, ˝¶st‘FDG¨+xTë=p¶, Do karantény, [cd4174c2e9a27fb7a04509eb60a2916f]
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, Do karantény, [cd4174c2e9a27fb7a04509eb60a2916f],
PUP.Optional.DVDVideoSoftTB, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, [+‡µť C˝Đ¬ •Wĺő, Do karantény, [0b03d066e3a8c571fb701ed0b54da957]
PUP.Optional.DVDVideoSoftTB, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, Do karantény, [26e8c373305b0d294b20ba34ac56639d],
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, Do karantény, [d33b96a0e5a622148065c0345ea4cd33],
PUP.Optional.uTorrentControl, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{7473b6bd-4691-4744-a82b-7854eb3d70b6}, Do karantény, [a767ac8a95f677bf9451a94bf9098f71],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT2269050, Do karantény, [e628e94db0dbc670b0e2adec15ef639d]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT3220468, Do karantény, [f41a73c37c0f70c61d75b1e845bf02fe]
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{434D452D-5637-006A-76A7-A758B70C2201}|InstallSource, C:\ProgramData\APN\APN-Stub\CME-V7\, Do karantény, [ac628bab711ae056ffa7e3f55fa5916f]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{06C44FB7-8799-481D-BF4B-D6ECDB3E3D59}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT2269050, Do karantény, [54baee48404bfb3bade45c3de51f15eb]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1739DC6C-087A-43F3-A784-7E95077F70F3}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT2269050, Do karantény, [9777c57197f45fd7622fe2b7927237c9]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20EF4F23-9AED-437C-B6E2-F9E36A66416F}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT3220468, Do karantény, [fe10a1952b60e650731e2376d133db25]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2058550149-2944739838-754952423-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9603C55-568B-485B-B7DB-9F26F8C47770}|AppPath, C:\Users\pocitac\AppData\Local\Conduit\CT3220468, Do karantény, [7f8f0e28ee9db4821c759cfdea1a19e7]
PUP.Optional.StartNow, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0388404D-6072-4CEB-B521-8F090FEAEE57}|URL, http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=CZ&install_date=20120621&user_guid=09CB6C7A8B5A422B809BCF0CF8EFCD89&machine_id=1694da788da8b2fc2436a70afe6a9951&browser=IE&os=win&os_version=6.0-x86-SP2&iesrc={referrer:source}, Do karantény, [b5599a9c5338bc7ac91ecff8f60e48b8]
PUP.Optional.ICQ, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|URL, http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd, Do karantény, [a46ab18552391620504e4466cf35af51]
PUP.Optional.ICQ, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|FaviconURL, http://c.icq.com/favicon.ico, Do karantény, [d03e31050c7fe84e2f6f8b1f4abaf010]
PUP.Optional.Conduit, HKU\S-1-5-21-2058550149-2944739838-754952423-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468, Do karantény, [ca447bbbaeddf83e4433aced867efc04]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 5
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\searchplugins\utorrentcontrolv2-customized-web-search.xml, Do karantény, [c44ad6605d2e57dfbac5bddb778dbf41],
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.tbccint.com_0.localstorage, Do karantény, [e727a88e385390a696cc2c6df2123dc3],
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.tbccint.com_0.localstorage-journal, Do karantény, [3cd26fc76d1ef73f92d00a8f27dd7a86],
PUP.Optional.ASK.Gen, C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\extensions\toolbar_CME-V7@apn.ask.com.xpi, Do karantény, [66a8fc3a0a81c76f1d858c4c798b9c64],
PUP.Optional.Conduit, C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\conj2fqh.default\searchplugins\utorrentcontrolv2-customized-web-search-1.xml, Do karantény, [838b0e283e4d2d095d357842be47f010],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Co RogueKiller?
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 65 hostů