PC-HELP.CZ

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:43:28, on 29.10.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Data aplikací\EPSON\EPW!3 SSRP\E_S40ST7.EXE
C:\Documents and Settings\All Users\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1382 ... 5765757657
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1382 ... 5765757657
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.com/?type=hp&ts=1382 ... 5765757657
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.qone8.com/web/?type=ds&ts= ... 5757657&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://start.qone8.com/web/?type=ds&ts= ... 5757657&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1078081533-1788223648-839522115-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2006657468
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Data aplikací\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe

--
End of file - 10409 bytes

Stáhni AdwCleaner (by Xplode)
Ulož si ho na plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovém disku jako AdwCleaner[R?].txt), celý jeho obsah sem vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

# AdwCleaner v3.010 - Report created 29/10/2013 at 16:11:49
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Standa - BOSS
# Running from : C:\Documents and Settings\Standa\Local Settings\Temporary Internet Files\Content.IE5\HQL2IP16\adwcleaner[1].exe
# Option : Scan

***** [ Services ] *****

Service Found : WsysSvc

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\29iuk3mp.default\searchplugins\Conduit.xml
File Found : C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\29iuk3mp.default\searchplugins\SweetIm.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\qone8.xml
File Found : C:\WINDOWS\Tasks\AmiUpdXp.job
Folder Found : C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Folder Found C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
Folder Found C:\Documents and Settings\All Users\Data aplikací\eSafe
Folder Found C:\Documents and Settings\Standa\Data aplikací\iWin
Folder Found C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\29iuk3mp.default\Conduit
Folder Found C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\29iuk3mp.default\ConduitCommon
Folder Found C:\Documents and Settings\Standa\Data aplikací\OpenCandy
Folder Found C:\Documents and Settings\Standa\Data aplikací\SwvUpdater
Folder Found C:\Documents and Settings\Standa\Data aplikací\Systweak
Folder Found C:\Documents and Settings\Standa\Local Settings\Data aplikací\Conduit
Folder Found C:\Program Files\Conduit
Folder Found C:\Program Files\myfree codec

***** [ Shortcuts ] *****

Shortcut Found : C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk ( hxxp://start.qone8.com/?type=sc&ts=1382 ... 5765757657 )
Shortcut Found : C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk ( hxxp://start.qone8.com/?type=sc&ts=1382 ... 5765757657 )
Shortcut Found : C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk ( hxxp://start.qone8.com/?type=sc&ts=1382 ... 5765757657 )
Shortcut Found : C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome\Google Chrome.lnk ( hxxp://start.qone8.com/?type=sc&ts=1382 ... 5765757657 )
Shortcut Found : C:\Documents and Settings\Standa\Nabídka Start\Programy\Internet Explorer.lnk ( hxxp://start.qone8.com/?type=sc&ts=1382 ... 5765757657 )
Shortcut Found : C:\Documents and Settings\Standa\Nabídka Start\Programy\Příslušenství\Systémové nástroje\Internet Explorer (bez doplňků).lnk ( hxxp://start.qone8.com/?type=sc&ts=1382 ... 5765757657 )
Shortcut Found : C:\Documents and Settings\Standa\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://start.qone8.com/?type=sc&ts=1382 ... 5765757657 )
Shortcut Found : C:\Documents and Settings\Standa\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk ( hxxp://start.qone8.com/?type=sc&ts=1382 ... 5765757657 )
Shortcut Found : C:\Documents and Settings\Standa\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Spustit prohlížeč Internet Explorer.lnk ( hxxp://start.qone8.com/?type=sc&ts=1382 ... 5765757657 )

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://start.qone8.com/?type=sc&ts=1382 ... 5765757657
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command [(Default)] - "C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://start.qone8.com/?type=sc&ts=1382 ... 5765757657
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://start.qone8.com/?type=sc&ts=1382 ... 5765757657
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AVG Security Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\eSafeSecControl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WSysControl
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl
Key Found : HKLM\Software\qone8Software
Key Found : HKLM\Software\systweak
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://start.qone8.com/?type=hp&ts=1382 ... 5765757657
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://start.qone8.com/?type=hp&ts=1382 ... 5765757657
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.qone8.com/?type=hp&ts=1382 ... 5765757657
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://start.qone8.com/web/?type=ds&ts= ... 5757657&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://start.qone8.com/web/?type=ds&ts= ... 5757657&q={searchTerms}

-\\ Mozilla Firefox v20.0.1 (cs)

[ File : C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\29iuk3mp.default\prefs.js ]

Line Found : user_pref("CT1750559..clientLogIsEnabled", false);
Line Found : user_pref("CT1750559..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT1750559..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CT1750559.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Found : user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT1750559.AppTrackingLastCheckTime", "Sun Apr 17 2011 11:23:09 GMT+0200");
Line Found : user_pref("CT1750559.BrowserCompStateIsOpen_129458612133825742", true);
Line Found : user_pref("CT1750559.BrowserCompStateIsOpen_129502713039250930", true);
Line Found : user_pref("CT1750559.BrowserCompStateIsOpen_129544988592463877", true);
Line Found : user_pref("CT1750559.BrowserCompStateIsOpen_130040878929610729", true);
Line Found : user_pref("CT1750559.CTID", "CT1750559");
Line Found : user_pref("CT1750559.CurrentServerDate", "17-3-2013");
Line Found : user_pref("CT1750559.DialogsAlignMode", "LTR");
Line Found : user_pref("CT1750559.DialogsGetterLastCheckTime", "Thu Mar 14 2013 19:07:20 GMT+0100");
Line Found : user_pref("CT1750559.DownloadReferralCookieData", "");
Line Found : user_pref("CT1750559.EnableClickToSearchBox", false);
Line Found : user_pref("CT1750559.EnableSearchHistory", false);
Line Found : user_pref("CT1750559.EnableSearchSuggest", false);
Line Found : user_pref("CT1750559.FirstServerDate", "30-3-2011");
Line Found : user_pref("CT1750559.FirstTime", true);
Line Found : user_pref("CT1750559.FirstTimeFF3", true);
Line Found : user_pref("CT1750559.FixPageNotFoundErrors", false);
Line Found : user_pref("CT1750559.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT1750559.HasUserGlobalKeys", true);
Line Found : user_pref("CT1750559.Initialize", true);
Line Found : user_pref("CT1750559.InitializeCommonPrefs", true);
Line Found : user_pref("CT1750559.InstallationAndCookieDataSentCount", 3);
Line Found : user_pref("CT1750559.InstallationType", "UnknownIntegration");
Line Found : user_pref("CT1750559.InstalledDate", "Wed Mar 30 2011 15:16:05 GMT+0200");
Line Found : user_pref("CT1750559.InvalidateCache", false);
Line Found : user_pref("CT1750559.IsGrouping", false);
Line Found : user_pref("CT1750559.IsMulticommunity", false);
Line Found : user_pref("CT1750559.IsOpenThankYouPage", true);
Line Found : user_pref("CT1750559.IsOpenUninstallPage", true);
Line Found : user_pref("CT1750559.LanguagePackLastCheckTime", "Sun Mar 17 2013 18:30:11 GMT+0100");
Line Found : user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT1750559.LastLogin_3.15.1.0", "Sat Nov 10 2012 15:43:32 GMT+0100");
Line Found : user_pref("CT1750559.LastLogin_3.16.0.100", "Sat Feb 16 2013 19:23:21 GMT+0100");
Line Found : user_pref("CT1750559.LastLogin_3.16.0.3", "Wed Jan 02 2013 15:17:02 GMT+0100");
Line Found : user_pref("CT1750559.LastLogin_3.18.0.7", "Sun Mar 17 2013 18:30:11 GMT+0100");
Line Found : user_pref("CT1750559.LastLogin_3.2.5.2", "Thu Apr 14 2011 14:37:55 GMT+0200");
Line Found : user_pref("CT1750559.LastLogin_3.3.3.2", "Wed Apr 27 2011 20:46:47 GMT+0200");
Line Found : user_pref("CT1750559.LatestVersion", "3.18.0.7");
Line Found : user_pref("CT1750559.Locale", "en-us");
Line Found : user_pref("CT1750559.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT1750559.MCDetectTooltipShow", false);
Line Found : user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT1750559.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT1750559.MyStuffEnabledAtInstallation", true);
Line Found : user_pref("CT1750559.RadioIsPodcast", false);
Line Found : user_pref("CT1750559.RadioLastCheckTime", "Wed Apr 27 2011 20:46:47 GMT+0200");
Line Found : user_pref("CT1750559.RadioLastUpdateIPServer", "3");
Line Found : user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
Line Found : user_pref("CT1750559.RadioMediaID", "11237206");
Line Found : user_pref("CT1750559.RadioMediaType", "Media Player");
Line Found : user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
Line Found : user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
Line Found : user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
Line Found : user_pref("CT1750559.SavedHomepage", "resource:/browserconfig.properties");
Line Found : user_pref("CT1750559.SearchBackToDefaultEngine", false);
Line Found : user_pref("CT1750559.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&q=");
Line Found : user_pref("CT1750559.SearchInNewTabEnabled", true);
Line Found : user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT1750559.SearchInNewTabLastCheckTime", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Found : user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Found : user_pref("CT1750559.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT1750559.SearchInNewTabUserEnabled", false);
Line Found : user_pref("CT1750559.ServiceMapLastCheckTime", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Found : user_pref("CT1750559.SettingsLastCheckTime", "Sun Mar 17 2013 18:30:07 GMT+0100");
Line Found : user_pref("CT1750559.SettingsLastUpdate", "1363525828");
Line Found : user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Wed Apr 27 2011 20:46:45 GMT+0200");
Line Found : user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1246790578");
Line Found : user_pref("CT1750559.ToolbarShrinkedFromSetup", false);
Line Found : user_pref("CT1750559.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1750559");
Line Found : user_pref("CT1750559.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Found : user_pref("CT1750559.UserID", "UN81692840943164526");
Line Found : user_pref("CT1750559.WeatherNetwork", "");
Line Found : user_pref("CT1750559.WeatherPollDate", "Wed Apr 27 2011 20:46:48 GMT+0200");
Line Found : user_pref("CT1750559.WeatherUnit", "C");
Line Found : user_pref("CT1750559.alertChannelId", "31130");
Line Found : user_pref("CT1750559.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Line Found : user_pref("CT1750559.components.1000082", false);
Line Found : user_pref("CT1750559.components.1000234", false);
Line Found : user_pref("CT1750559.components.129290204230081749", false);
Line Found : user_pref("CT1750559.globalFirstTimeInfoLastCheckTime", "Wed Apr 27 2011 20:46:47 GMT+0200");
Line Found : user_pref("CT1750559.homepageProtectorEnableByLogin", true);
Line Found : user_pref("CT1750559.initDone", true);
Line Found : user_pref("CT1750559.isAppTrackingManagerOn", true);
Line Found : user_pref("CT1750559.myStuffEnabled", true);
Line Found : user_pref("CT1750559.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT1750559.oldAppsList", "128515954179600320,128520273115419467,128799492822006721,128799492222006997,128799492477944433,128799493365913112,128799493660600615,128799493510443926,128798613156[...]
Line Found : user_pref("CT1750559.revertSettingsEnabled", true);
Line Found : user_pref("CT1750559.searchProtectorDialogDelayInSec", 10);
Line Found : user_pref("CT1750559.searchProtectorEnableByLogin", true);
Line Found : user_pref("CT1750559.testingCtid", "");
Line Found : user_pref("CT1750559.toolbarAppMetaDataLastCheckTime", "Sun Mar 17 2013 18:30:11 GMT+0100");
Line Found : user_pref("CT1750559.toolbarContextMenuLastCheckTime", "Wed Mar 30 2011 15:16:05 GMT+0200");
Line Found : user_pref("CT1750559.usageEnabled", false);
Line Found : user_pref("CT1750559.usagesFlag", 1);
Line Found : user_pref("CT2786678..clientLogIsEnabled", false);
Line Found : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Found : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
Line Found : user_pref("CT2786678.BrowserCompStateIsOpen_130067977588633691", true);
Line Found : user_pref("CT2786678.BrowserCompStateIsOpen_1359634298000", true);
Line Found : user_pref("CT2786678.CTID", "CT2786678");
Line Found : user_pref("CT2786678.CurrentServerDate", "17-3-2013");
Line Found : user_pref("CT2786678.DSChangedManually", false);
Line Found : user_pref("CT2786678.DSInstall", true);
Line Found : user_pref("CT2786678.DSProtectChoice", true);
Line Found : user_pref("CT2786678.DSProtectCount", 1);
Line Found : user_pref("CT2786678.DialogsAlignMode", "LTR");
Line Found : user_pref("CT2786678.DialogsGetterLastCheckTime", "Thu Mar 14 2013 19:07:18 GMT+0100");
Line Found : user_pref("CT2786678.DownloadReferralCookieData", "");
Line Found : user_pref("CT2786678.EMailNotifierPollDate", "Sun Mar 17 2013 18:30:07 GMT+0100");
Line Found : user_pref("CT2786678.FeedLastCount5690698542593514850", 501);
Line Found : user_pref("CT2786678.FeedPollDate2429156812186649977", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Found : user_pref("CT2786678.FeedPollDate2429156813040823546", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Found : user_pref("CT2786678.FeedPollDate2429156813130095866", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Found : user_pref("CT2786678.FeedPollDate2429156813224203613", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Found : user_pref("CT2786678.FeedPollDate2429156813230837251", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Found : user_pref("CT2786678.FeedPollDate2429156813454291735", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Found : user_pref("CT2786678.FeedPollDate2429156813729834876", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Found : user_pref("CT2786678.FeedPollDate2429156813860870021", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Found : user_pref("CT2786678.FeedPollDate2429156814264681793", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Found : user_pref("CT2786678.FeedPollDate2429156814863075366", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Found : user_pref("CT2786678.FeedPollDate2429156815257761081", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Found : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Line Found : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Line Found : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Line Found : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Line Found : user_pref("CT2786678.FirstServerDate", "13-12-2011");
Line Found : user_pref("CT2786678.FirstTime", true);
Line Found : user_pref("CT2786678.FirstTimeFF3", true);
Line Found : user_pref("CT2786678.FixPageNotFoundErrors", true);
Line Found : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT2786678.HPInstall", true);
Line Found : user_pref("CT2786678.HPProtectChoice", true);
Line Found : user_pref("CT2786678.HPProtectCount", 6);
Line Found : user_pref("CT2786678.HasUserGlobalKeys", true);
Line Found : user_pref("CT2786678.HomePageProtectorEnabled", false);
Line Found : user_pref("CT2786678.HomepageBeforeUnload", "www.mozila.cz");
Line Found : user_pref("CT2786678.Initialize", true);
Line Found : user_pref("CT2786678.InitializeCommonPrefs", true);
Line Found : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Line Found : user_pref("CT2786678.InstallationId", "ConduitXPEIntegration");
Line Found : user_pref("CT2786678.InstallationType", "ConduitXPEIntegration");
Line Found : user_pref("CT2786678.InstalledDate", "Mon Dec 12 2011 22:44:28 GMT+0100");
Line Found : user_pref("CT2786678.IsAlertDBUpdated", true);
Line Found : user_pref("CT2786678.IsGrouping", false);
Line Found : user_pref("CT2786678.IsInitSetupIni", true);
Line Found : user_pref("CT2786678.IsMulticommunity", false);
Line Found : user_pref("CT2786678.IsOpenThankYouPage", true);
Line Found : user_pref("CT2786678.IsOpenUninstallPage", false);
Line Found : user_pref("CT2786678.IsProtectorsInit", true);
Line Found : user_pref("CT2786678.LanguagePackLastCheckTime", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Found : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT2786678.LastLogin_3.15.1.0", "Sat Nov 10 2012 15:43:31 GMT+0100");
Line Found : user_pref("CT2786678.LastLogin_3.16.0.3", "Sat Feb 16 2013 19:23:21 GMT+0100");
Line Found : user_pref("CT2786678.LastLogin_3.18.0.7", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Found : user_pref("CT2786678.LastLogin_3.8.1.0", "Tue Sep 04 2012 11:26:15 GMT+0200");
Line Found : user_pref("CT2786678.LatestVersion", "3.18.0.7");
Line Found : user_pref("CT2786678.Locale", "en");
Line Found : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Line Found : user_pref("CT2786678.OriginalFirstVersion", "3.8.1.0");
Line Found : user_pref("CT2786678.SavedHomepage", "hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13");
Line Found : user_pref("CT2786678.SearchCaption", "uTorrentBar Customized Web Search");
Line Found : user_pref("CT2786678.SearchEngineBeforeUnload", "uTorrentBar Customized Web Search");
Line Found : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=");
Line Found : user_pref("CT2786678.SearchInNewTabEnabled", true);
Line Found : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Found : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Found : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2786678.SearchProtectorEnabled", true);
Line Found : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
Line Found : user_pref("CT2786678.SendProtectorDataViaLogin", true);
Line Found : user_pref("CT2786678.ServiceMapLastCheckTime", "Sun Mar 17 2013 18:30:10 GMT+0100");
Line Found : user_pref("CT2786678.SettingsLastCheckTime", "Sun Mar 17 2013 18:30:06 GMT+0100");
Line Found : user_pref("CT2786678.SettingsLastUpdate", "1363525951");
Line Found : user_pref("CT2786678.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13");
Line Found : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Sun Feb 24 2013 19:04:45 GMT+0100");
Line Found : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1331805997");
Line Found : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Line Found : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Line Found : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Found : user_pref("CT2786678.UserID", "UN74464357042533020");
Line Found : user_pref("CT2786678.ValidationData_Toolbar", 0);
Line Found : user_pref("CT2786678.WeatherNetwork", "");
Line Found : user_pref("CT2786678.WeatherPollDate", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Found : user_pref("CT2786678.WeatherUnit", "C");
Line Found : user_pref("CT2786678.alertChannelId", "1178763");
Line Found : user_pref("CT2786678.backendstorage./9b+7e+x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e,x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e-x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e.:2z527", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e.x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e/x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e06cg5el8:", "6E6D6B70706B6D767272");
Line Found : user_pref("CT2786678.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747371767671737C7878242F4B49474F42357D5D5C3D");
Line Found : user_pref("CT2786678.backendstorage./9b+7e0x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e1x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e2x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e3x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e4x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e5x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e6x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e7x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e8x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e9x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e:x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e;x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e<x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e=x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e>x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e?x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7e@x305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7eax305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
Line Found : user_pref("CT2786678.backendstorage./9b+7ebx305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7ecx305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7edx305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b+7etx305", "2423");
Line Found : user_pref("CT2786678.backendstorage./9b-0?3g>d", "666970407371706F7A6F7476782047767E78257E4F25262A2153222B5958582C2A5F2F2D");
Line Found : user_pref("CT2786678.backendstorage./9b-0?3g@6:5;", "");
Line Found : user_pref("CT2786678.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Line Found : user_pref("CT2786678.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F6456604F6852645858635E604E376B7167617059");
Line Found : user_pref("CT2786678.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Line Found : user_pref("CT2786678.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484777213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");
Line Found : user_pref("CT2786678.backendstorage./9b5ba==9cjag", "68673D6B717343747A437549484B75767D4C204C24");
Line Found : user_pref("CT2786678.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6B6F6F6E6F746F6F707477");
Line Found : user_pref("CT2786678.backendstorage./9b9643g3/9e", "6A");
Line Found : user_pref("CT2786678.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Line Found : user_pref("CT2786678.backendstorage./9b<:222h64<", "393F352F3E");
Line Found : user_pref("CT2786678.backendstorage./9b<:222h64<l8daj", "6D70706F7674727977742A797A72787A75207B");
Line Found : user_pref("CT2786678.backendstorage./9b=+03eh8h8j?:", "4443");
Line Found : user_pref("CT2786678.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Line Found : user_pref("CT2786678.backendstorage./9b?b0d:8aj62<h", "6D");
Line Found : user_pref("CT2786678.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Line Found : user_pref("CT2786678.backendstorage.cbcountry_001", "435A");
Line Found : user_pref("CT2786678.backendstorage.cbfirsttime", "4D6F6E2044656320313220323031312032323A34343A333020474D542B30313030");
Line Found : user_pref("CT2786678.backendstorage.cbopenmamsettings", "30");
Line Found : user_pref("CT2786678.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476F6E67222C2275726C223A22687474703A2F2F7072696365676F6E672E636F6E64756974617070732E636F6D2F4D414D2F763[...]
Line Found : user_pref("CT2786678.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Line Found : user_pref("CT2786678.backendstorage.mam_gk_appstatereporttime", "31333633353431343136323738");
Line Found : user_pref("CT2786678.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B226964223A225072696365476F6E67222C22637269746572696173223A5B7B2263726974657269614964223A22343366656330[...]
Line Found : user_pref("CT2786678.backendstorage.mam_gk_couponbuddy_appstate", "6F6E");
Line Found : user_pref("CT2786678.backendstorage.mam_gk_currentversion", "312E342E332E32");
Line Found : user_pref("CT2786678.backendstorage.mam_gk_first_time", "31");
Line Found : user_pref("CT2786678.backendstorage.mam_gk_lastlogintime", "31333633353431343136323730");
Line Found : user_pref("CT2786678.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C696379223A7B2254657874223A22436F6E74656E7420506F6C696379227D2C226761646765744465736372697074696F6E5072696[...]
Line Found : user_pref("CT2786678.backendstorage.mam_gk_pricegong_appstate", "6F6E");
Line Found : user_pref("CT2786678.backendstorage.mam_gk_settings1.4.3.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315F2D31222C2269735465737422[...]
Line Found : user_pref("CT2786678.backendstorage.mam_gk_settings1.4.3.2", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315F2D31222C2269735465737422[...]
Line Found : user_pref("CT2786678.backendstorage.mam_gk_showclosebutton", "74727565");
Line Found : user_pref("CT2786678.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Line Found : user_pref("CT2786678.backendstorage.mam_gk_userid", "61653338386537322D653664642D343865392D613764642D306437396265353835333261");
Line Found : user_pref("CT2786678.backendstorage.pg_enable", "74727565");
Line Found : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F6775692F");
Line Found : user_pref("CT2786678.backendstorage.searchappstate", "33");
Line Found : user_pref("CT2786678.backendstorage.searchapptracking", "73656E74");
Line Found : user_pref("CT2786678.backendstorage.url_history0001", "687474703A2F2F7777772E756C6F7A746F2E637A2F78316D31697A442F726562656C6B612D6C756369652D766F6E647261636B6F76612D6B64792D767A6C65746E752D6A612D666C7[...]
Line Found : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Thu Mar 14 2013 19:07:20 GMT+0100");
Line Found : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Line Found : user_pref("CT2786678.initDone", true);
Line Found : user_pref("CT2786678.isAppTrackingManagerOn", false);
Line Found : user_pref("CT2786678.myStuffEnabled", true);
Line Found : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129789450454597254,1000034,129526967958500204,129309489763975460,5690698542593514850,129309485163350924,12931541142425[...]
Line Found : user_pref("CT2786678.revertSettingsEnabled", true);
Line Found : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Line Found : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Line Found : user_pref("CT2786678.testingCtid", "");
Line Found : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Sun Mar 17 2013 18:30:10 GMT+0100");
Line Found : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Thu Mar 14 2013 19:07:18 GMT+0100");
Line Found : user_pref("CT2786678.usagesFlag", 2);
Line Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13");
Line Found : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentBar Customized Web Search");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "G9mW7heT/8xIX1frcduu0A==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "wVmmvqqOMqrv5xct1cJIHg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "UgzXjW7BIkfdx+x39Ruv3w==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "4BgM4MhF/sOgPsDNmIs3Yw==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... r=FF&lut=0", "634356118310000000");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... =3/13/2011 11:17:11 AM", "634356118310000000");
Line Found : user_pref("CommunityToolbar.EngineHiddenByUser", false);
Line Found : user_pref("CommunityToolbar.EngineOwner", "");
Line Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
Line Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "bs_player");
Line Found : user_pref("CommunityToolbar.IsEngineShown", false);
Line Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Standa\\Data aplikac?\\Mozilla\\Firefox\\Profiles\\29iuk3mp.default\\conduitCommon\\modules\\3.18.0.7");
Line Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT1750559");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bs_player");
Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT1750559,CT2786678");
Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT1750559,CT2786678");
Line Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678");
Line Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Apr 14 2011 16:04:03 GMT+0200");
Line Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jun 20 2011 21:49:44 GMT+0200");
Line Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.locale", "en");
Line Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Jun 21 2011 11:58:59 GMT+0200");
Line Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Line Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Found : user_pref("CommunityToolbar.alert.userId", "b71a435d-49b4-42cc-a133-2d3931b5c4fb");
Line Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Sep 04 2012 11:26:14 GMT+0200");
Line Found : user_pref("CommunityToolbar.globalUserId", "57684e8b-e2f2-4461-8262-04166c293c88");
Line Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2786678");
Line Found : user_pref("CommunityToolbar.killedEngine", true);
Line Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Mar 17 2013 18:30:11 GMT+0100");
Line Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Mar 17 2013 18:30:18 GMT+0100");
Line Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Found : user_pref("CommunityToolbar.notifications.locale", "en");
Line Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Mar 17 2013 18:30:10 GMT+0100");
Line Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Found : user_pref("CommunityToolbar.notifications.userId", "612d8d71-38dd-4e2c-bcbc-e445c389ef51");
Line Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13");
Line Found : user_pref("CommunityToolbar.originalSearchEngine", "AVG Secure Search");
Line Found : user_pref("CommunityToolbar.undefined", "");
Line Found : user_pref("browser.newtab.url", "hxxp://start.qone8.com/newtab/?type=nt&ts=1382604128&from=amt&uid=WDCXWD5000AAKS-00TMA0_WD-WCAPW565765757657");
Line Found : user_pref("browser.search.defaultenginename", "qone8");
Line Found : user_pref("browser.search.defaultthis.engineName", "uTorrentBar Customized Web Search");
Line Found : user_pref("browser.search.selectedEngine", "qone8");
Line Found : user_pref("browser.startup.homepage", "hxxp://start.qone8.com/?type=hp&ts=1382604128&from=amt&uid=WDCXWD5000AAKS-00TMA0_WD-WCAPW565765757657");
Line Found : user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:3.3.3.2,{1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1374,engine@conduit.com:[...]
Line Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "www.mozila.cz");
Line Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?st=6&barid={3536420D-666F-11E2-A5C6-001A4D5BEE2A}");

-\\ Google Chrome v30.0.1599.101

[ File : C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Found : search_url
Found : keyword

*************************

AdwCleaner[R0].txt - [45005 octets] - [29/10/2013 16:11:49]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [45066 octets] ##########

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.29.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Standa :: BOSS [administrátor]

Ochrana: Povolena

29.10.2013 16:17:47
MBAM-log-2013-10-29 (16-31-29).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 285404
Uplynulý čas: 11 minut, 2 sekund

Nalezené procesy v paměti: 1
C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe (PUP.Optional.Wsys.A) -> 1760 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 16
HKLM\SYSTEM\CurrentControlSet\Services\WsysSvc (PUP.Optional.Wsys.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WsysControl (PUP.Optional.Wsys.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{415419c3-dad0-4df1-ac37-22c72ad81878} (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{415419c3-dad0-4df1-ac37-22c72ad81878} (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\ConduitSearchScopes (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\qone8Software (PUP.Optional.Qone8.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo (PUP.Optional.Elex.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 3
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {3536420D-666F-11E2-A5C6-001A4D5BEE2A} -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\WsysSvc|ImagePath (PUP.Optional.Esafe.A) -> Data: C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe -> Nebyla provedena žádná instrukce.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {3536420D-666F-11E2-A5C6-001A4D5BEE2A} -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 5
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (Hijack.StartPage) -> Špatný: (http://start.qone8.com/?type=hp&ts=1382 ... 5765757657) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (Hijack.StartPage) -> Špatný: (http://start.qone8.com/?type=hp&ts=1382 ... 5765757657) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://start.qone8.com/?type=hp&ts=1382 ... 5765757657) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\Software\Microsoft\Internet Explorer\Search|SearchAssistant (Hijack.SearchPage) -> Špatný: (http://start.qone8.com/web/?type=ds&ts= ... 5757657&q={searchTerms}) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\Software\Microsoft\Internet Explorer\Search|CustomizeSearch (Hijack.SearchPage) -> Špatný: (http://start.qone8.com/web/?type=ds&ts= ... 5757657&q={searchTerms}) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.

Nalezené složky: 3
C:\Documents and Settings\Standa\Data aplikací\SwvUpdater (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Standa\Data aplikací\OpenCandy (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Standa\Data aplikací\OpenCandy\716E95BF4FA44373B727FD6BAD92E941 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 6
C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe (PUP.Optional.Wsys.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Standa\Data aplikací\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Standa\Data aplikací\SwvUpdater\Updater.xml (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Standa\Data aplikací\SwvUpdater\status.cfg (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Standa\Data aplikací\OpenCandy\716E95BF4FA44373B727FD6BAD92E941\PasswordBoxCHSTORE_p1v0.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

(konec)

Spusť znovu AdwCleaner
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Spusť program RogueKiller.exe jako správce.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
- Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“ a celý obsah logu sem zkopíruj.

# AdwCleaner v3.010 - Report created 30/10/2013 at 07:15:09
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Standa - BOSS
# Running from : C:\Documents and Settings\Standa\Local Settings\Temporary Internet Files\Content.IE5\1JHQ0M6B\adwcleaner[1].exe
# Option : Clean

***** [ Services ] *****

Service Deleted : WsysSvc

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\eSafe
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\myfree codec
Folder Deleted : C:\Documents and Settings\Standa\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\Documents and Settings\Standa\Data aplikací\iWin
Folder Deleted : C:\Documents and Settings\Standa\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\Standa\Data aplikací\SwvUpdater
Folder Deleted : C:\Documents and Settings\Standa\Data aplikací\Systweak
Folder Deleted : C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\29iuk3mp.default\Conduit
Folder Deleted : C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\29iuk3mp.default\ConduitCommon
[!] Folder Deleted : C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
File Deleted : C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\29iuk3mp.default\searchplugins\Conduit.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\qone8.xml
File Deleted : C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\29iuk3mp.default\searchplugins\SweetIm.xml
File Deleted : C:\WINDOWS\Tasks\AmiUpdXp.job

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
Shortcut Disinfected : C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Documents and Settings\Standa\Nabídka Start\Programy\Internet Explorer.lnk
Shortcut Disinfected : C:\Documents and Settings\Standa\Nabídka Start\Programy\Příslušenství\Systémové nástroje\Internet Explorer (bez doplňků).lnk
Shortcut Disinfected : C:\Documents and Settings\Standa\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Documents and Settings\Standa\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Documents and Settings\Standa\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Spustit prohlížeč Internet Explorer.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe]
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\qone8Software
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WSysControl

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Mozilla Firefox v20.0.1 (cs)

[ File : C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\29iuk3mp.default\prefs.js ]

Line Deleted : user_pref("CT1750559..clientLogIsEnabled", false);
Line Deleted : user_pref("CT1750559..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT1750559..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT1750559.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT1750559.AppTrackingLastCheckTime", "Sun Apr 17 2011 11:23:09 GMT+0200");
Line Deleted : user_pref("CT1750559.BrowserCompStateIsOpen_129458612133825742", true);
Line Deleted : user_pref("CT1750559.BrowserCompStateIsOpen_129502713039250930", true);
Line Deleted : user_pref("CT1750559.BrowserCompStateIsOpen_129544988592463877", true);
Line Deleted : user_pref("CT1750559.BrowserCompStateIsOpen_130040878929610729", true);
Line Deleted : user_pref("CT1750559.CTID", "CT1750559");
Line Deleted : user_pref("CT1750559.CurrentServerDate", "17-3-2013");
Line Deleted : user_pref("CT1750559.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT1750559.DialogsGetterLastCheckTime", "Thu Mar 14 2013 19:07:20 GMT+0100");
Line Deleted : user_pref("CT1750559.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT1750559.EnableClickToSearchBox", false);
Line Deleted : user_pref("CT1750559.EnableSearchHistory", false);
Line Deleted : user_pref("CT1750559.EnableSearchSuggest", false);
Line Deleted : user_pref("CT1750559.FirstServerDate", "30-3-2011");
Line Deleted : user_pref("CT1750559.FirstTime", true);
Line Deleted : user_pref("CT1750559.FirstTimeFF3", true);
Line Deleted : user_pref("CT1750559.FixPageNotFoundErrors", false);
Line Deleted : user_pref("CT1750559.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT1750559.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT1750559.Initialize", true);
Line Deleted : user_pref("CT1750559.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT1750559.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT1750559.InstallationType", "UnknownIntegration");
Line Deleted : user_pref("CT1750559.InstalledDate", "Wed Mar 30 2011 15:16:05 GMT+0200");
Line Deleted : user_pref("CT1750559.InvalidateCache", false);
Line Deleted : user_pref("CT1750559.IsGrouping", false);
Line Deleted : user_pref("CT1750559.IsMulticommunity", false);
Line Deleted : user_pref("CT1750559.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT1750559.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT1750559.LanguagePackLastCheckTime", "Sun Mar 17 2013 18:30:11 GMT+0100");
Line Deleted : user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT1750559.LastLogin_3.15.1.0", "Sat Nov 10 2012 15:43:32 GMT+0100");
Line Deleted : user_pref("CT1750559.LastLogin_3.16.0.100", "Sat Feb 16 2013 19:23:21 GMT+0100");
Line Deleted : user_pref("CT1750559.LastLogin_3.16.0.3", "Wed Jan 02 2013 15:17:02 GMT+0100");
Line Deleted : user_pref("CT1750559.LastLogin_3.18.0.7", "Sun Mar 17 2013 18:30:11 GMT+0100");
Line Deleted : user_pref("CT1750559.LastLogin_3.2.5.2", "Thu Apr 14 2011 14:37:55 GMT+0200");
Line Deleted : user_pref("CT1750559.LastLogin_3.3.3.2", "Wed Apr 27 2011 20:46:47 GMT+0200");
Line Deleted : user_pref("CT1750559.LatestVersion", "3.18.0.7");
Line Deleted : user_pref("CT1750559.Locale", "en-us");
Line Deleted : user_pref("CT1750559.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT1750559.MCDetectTooltipShow", false);
Line Deleted : user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT1750559.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT1750559.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT1750559.RadioIsPodcast", false);
Line Deleted : user_pref("CT1750559.RadioLastCheckTime", "Wed Apr 27 2011 20:46:47 GMT+0200");
Line Deleted : user_pref("CT1750559.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
Line Deleted : user_pref("CT1750559.RadioMediaID", "11237206");
Line Deleted : user_pref("CT1750559.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
Line Deleted : user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
Line Deleted : user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
Line Deleted : user_pref("CT1750559.SavedHomepage", "resource:/browserconfig.properties");
Line Deleted : user_pref("CT1750559.SearchBackToDefaultEngine", false);
Line Deleted : user_pref("CT1750559.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&q=");
Line Deleted : user_pref("CT1750559.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT1750559.SearchInNewTabLastCheckTime", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Deleted : user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT1750559.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT1750559.SearchInNewTabUserEnabled", false);
Line Deleted : user_pref("CT1750559.ServiceMapLastCheckTime", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Deleted : user_pref("CT1750559.SettingsLastCheckTime", "Sun Mar 17 2013 18:30:07 GMT+0100");
Line Deleted : user_pref("CT1750559.SettingsLastUpdate", "1363525828");
Line Deleted : user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Wed Apr 27 2011 20:46:45 GMT+0200");
Line Deleted : user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT1750559.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT1750559.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1750559");
Line Deleted : user_pref("CT1750559.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT1750559.UserID", "UN81692840943164526");
Line Deleted : user_pref("CT1750559.WeatherNetwork", "");
Line Deleted : user_pref("CT1750559.WeatherPollDate", "Wed Apr 27 2011 20:46:48 GMT+0200");
Line Deleted : user_pref("CT1750559.WeatherUnit", "C");
Line Deleted : user_pref("CT1750559.alertChannelId", "31130");
Line Deleted : user_pref("CT1750559.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Line Deleted : user_pref("CT1750559.components.1000082", false);
Line Deleted : user_pref("CT1750559.components.1000234", false);
Line Deleted : user_pref("CT1750559.components.129290204230081749", false);
Line Deleted : user_pref("CT1750559.globalFirstTimeInfoLastCheckTime", "Wed Apr 27 2011 20:46:47 GMT+0200");
Line Deleted : user_pref("CT1750559.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT1750559.initDone", true);
Line Deleted : user_pref("CT1750559.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT1750559.myStuffEnabled", true);
Line Deleted : user_pref("CT1750559.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT1750559.oldAppsList", "128515954179600320,128520273115419467,128799492822006721,128799492222006997,128799492477944433,128799493365913112,128799493660600615,128799493510443926,128798613156[...]
Line Deleted : user_pref("CT1750559.revertSettingsEnabled", true);
Line Deleted : user_pref("CT1750559.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT1750559.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT1750559.testingCtid", "");
Line Deleted : user_pref("CT1750559.toolbarAppMetaDataLastCheckTime", "Sun Mar 17 2013 18:30:11 GMT+0100");
Line Deleted : user_pref("CT1750559.toolbarContextMenuLastCheckTime", "Wed Mar 30 2011 15:16:05 GMT+0200");
Line Deleted : user_pref("CT1750559.usageEnabled", false);
Line Deleted : user_pref("CT1750559.usagesFlag", 1);
Line Deleted : user_pref("CT2786678..clientLogIsEnabled", false);
Line Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
Line Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_130067977588633691", true);
Line Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_1359634298000", true);
Line Deleted : user_pref("CT2786678.CTID", "CT2786678");
Line Deleted : user_pref("CT2786678.CurrentServerDate", "17-3-2013");
Line Deleted : user_pref("CT2786678.DSChangedManually", false);
Line Deleted : user_pref("CT2786678.DSInstall", true);
Line Deleted : user_pref("CT2786678.DSProtectChoice", true);
Line Deleted : user_pref("CT2786678.DSProtectCount", 1);
Line Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Thu Mar 14 2013 19:07:18 GMT+0100");
Line Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Sun Mar 17 2013 18:30:07 GMT+0100");
Line Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 501);
Line Deleted : user_pref("CT2786678.FeedPollDate2429156812186649977", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813040823546", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813130095866", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813224203613", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813230837251", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813454291735", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813729834876", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156813860870021", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156814264681793", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156814863075366", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Deleted : user_pref("CT2786678.FeedPollDate2429156815257761081", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Deleted : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Line Deleted : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Line Deleted : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Line Deleted : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Line Deleted : user_pref("CT2786678.FirstServerDate", "13-12-2011");
Line Deleted : user_pref("CT2786678.FirstTime", true);
Line Deleted : user_pref("CT2786678.FirstTimeFF3", true);
Line Deleted : user_pref("CT2786678.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2786678.HPInstall", true);
Line Deleted : user_pref("CT2786678.HPProtectChoice", true);
Line Deleted : user_pref("CT2786678.HPProtectCount", 6);
Line Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2786678.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT2786678.HomepageBeforeUnload", "www.mozila.cz");
Line Deleted : user_pref("CT2786678.Initialize", true);
Line Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2786678.InstallationId", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2786678.InstallationType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT2786678.InstalledDate", "Mon Dec 12 2011 22:44:28 GMT+0100");
Line Deleted : user_pref("CT2786678.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT2786678.IsGrouping", false);
Line Deleted : user_pref("CT2786678.IsInitSetupIni", true);
Line Deleted : user_pref("CT2786678.IsMulticommunity", false);
Line Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2786678.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT2786678.IsProtectorsInit", true);
Line Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2786678.LastLogin_3.15.1.0", "Sat Nov 10 2012 15:43:31 GMT+0100");
Line Deleted : user_pref("CT2786678.LastLogin_3.16.0.3", "Sat Feb 16 2013 19:23:21 GMT+0100");
Line Deleted : user_pref("CT2786678.LastLogin_3.18.0.7", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Deleted : user_pref("CT2786678.LastLogin_3.8.1.0", "Tue Sep 04 2012 11:26:15 GMT+0200");
Line Deleted : user_pref("CT2786678.LatestVersion", "3.18.0.7");
Line Deleted : user_pref("CT2786678.Locale", "en");
Line Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT2786678.OriginalFirstVersion", "3.8.1.0");
Line Deleted : user_pref("CT2786678.SavedHomepage", "hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13");
Line Deleted : user_pref("CT2786678.SearchCaption", "uTorrentBar Customized Web Search");
Line Deleted : user_pref("CT2786678.SearchEngineBeforeUnload", "uTorrentBar Customized Web Search");
Line Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=");
Line Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Sun Mar 17 2013 18:30:08 GMT+0100");
Line Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2786678.SearchProtectorEnabled", true);
Line Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT2786678.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Sun Mar 17 2013 18:30:10 GMT+0100");
Line Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Sun Mar 17 2013 18:30:06 GMT+0100");
Line Deleted : user_pref("CT2786678.SettingsLastUpdate", "1363525951");
Line Deleted : user_pref("CT2786678.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13");
Line Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Sun Feb 24 2013 19:04:45 GMT+0100");
Line Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Line Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT2786678.UserID", "UN74464357042533020");
Line Deleted : user_pref("CT2786678.ValidationData_Toolbar", 0);
Line Deleted : user_pref("CT2786678.WeatherNetwork", "");
Line Deleted : user_pref("CT2786678.WeatherPollDate", "Sun Mar 17 2013 18:30:09 GMT+0100");
Line Deleted : user_pref("CT2786678.WeatherUnit", "C");
Line Deleted : user_pref("CT2786678.alertChannelId", "1178763");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e+x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e,x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e-x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e.:2z527", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e.x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e/x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e06cg5el8:", "6E6D6B70706B6D767272");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747371767671737C7878242F4B49474F42357D5D5C3D");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e0x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e1x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e2x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e3x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e4x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e5x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e6x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e7x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e8x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e9x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e:x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e;x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e<x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e=x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e>x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e?x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7e@x305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7eax305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7ebx305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7ecx305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7edx305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b+7etx305", "2423");
Line Deleted : user_pref("CT2786678.backendstorage./9b-0?3g>d", "666970407371706F7A6F7476782047767E78257E4F25262A2153222B5958582C2A5F2F2D");
Line Deleted : user_pref("CT2786678.backendstorage./9b-0?3g@6:5;", "");
Line Deleted : user_pref("CT2786678.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Line Deleted : user_pref("CT2786678.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F6456604F6852645858635E604E376B7167617059");
Line Deleted : user_pref("CT2786678.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Line Deleted : user_pref("CT2786678.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484777213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");
Line Deleted : user_pref("CT2786678.backendstorage./9b5ba==9cjag", "68673D6B717343747A437549484B75767D4C204C24");
Line Deleted : user_pref("CT2786678.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6B6F6F6E6F746F6F707477");
Line Deleted : user_pref("CT2786678.backendstorage./9b9643g3/9e", "6A");
Line Deleted : user_pref("CT2786678.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Line Deleted : user_pref("CT2786678.backendstorage./9b<:222h64<", "393F352F3E");
Line Deleted : user_pref("CT2786678.backendstorage./9b<:222h64<l8daj", "6D70706F7674727977742A797A72787A75207B");
Line Deleted : user_pref("CT2786678.backendstorage./9b=+03eh8h8j?:", "4443");
Line Deleted : user_pref("CT2786678.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Line Deleted : user_pref("CT2786678.backendstorage./9b?b0d:8aj62<h", "6D");
Line Deleted : user_pref("CT2786678.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Line Deleted : user_pref("CT2786678.backendstorage.cbcountry_001", "435A");
Line Deleted : user_pref("CT2786678.backendstorage.cbfirsttime", "4D6F6E2044656320313220323031312032323A34343A333020474D542B30313030");
Line Deleted : user_pref("CT2786678.backendstorage.cbopenmamsettings", "30");
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476F6E67222C2275726C223A22687474703A2F2F7072696365676F6E672E636F6E64756974617070732E636F6D2F4D414D2F763[...]
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_appstatereporttime", "31333633353431343136323738");
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B226964223A225072696365476F6E67222C22637269746572696173223A5B7B2263726974657269614964223A22343366656330[...]
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_couponbuddy_appstate", "6F6E");
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_currentversion", "312E342E332E32");
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_first_time", "31");
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_lastlogintime", "31333633353431343136323730");
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C696379223A7B2254657874223A22436F6E74656E7420506F6C696379227D2C226761646765744465736372697074696F6E5072696[...]
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_pricegong_appstate", "6F6E");
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_settings1.4.3.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315F2D31222C2269735465737422[...]
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_settings1.4.3.2", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315F2D31222C2269735465737422[...]
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_showclosebutton", "74727565");
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Line Deleted : user_pref("CT2786678.backendstorage.mam_gk_userid", "61653338386537322D653664642D343865392D613764642D306437396265353835333261");
Line Deleted : user_pref("CT2786678.backendstorage.pg_enable", "74727565");
Line Deleted : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F6775692F");
Line Deleted : user_pref("CT2786678.backendstorage.searchappstate", "33");
Line Deleted : user_pref("CT2786678.backendstorage.searchapptracking", "73656E74");
Line Deleted : user_pref("CT2786678.backendstorage.url_history0001", "687474703A2F2F7777772E756C6F7A746F2E637A2F78316D31697A442F726562656C6B612D6C756369652D766F6E647261636B6F76612D6B64792D767A6C65746E752D6A612D666C7[...]
Line Deleted : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Thu Mar 14 2013 19:07:20 GMT+0100");
Line Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2786678.initDone", true);
Line Deleted : user_pref("CT2786678.isAppTrackingManagerOn", false);
Line Deleted : user_pref("CT2786678.myStuffEnabled", true);
Line Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129789450454597254,1000034,129526967958500204,129309489763975460,5690698542593514850,129309485163350924,12931541142425[...]
Line Deleted : user_pref("CT2786678.revertSettingsEnabled", true);
Line Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2786678.testingCtid", "");
Line Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Sun Mar 17 2013 18:30:10 GMT+0100");
Line Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Thu Mar 14 2013 19:07:18 GMT+0100");
Line Deleted : user_pref("CT2786678.usagesFlag", 2);
Line Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13");
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentBar Customized Web Search");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "G9mW7heT/8xIX1frcduu0A==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "wVmmvqqOMqrv5xct1cJIHg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "UgzXjW7BIkfdx+x39Ruv3w==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "4BgM4MhF/sOgPsDNmIs3Yw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... r=FF&lut=0", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... =3/13/2011 11:17:11 AM", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.EngineHiddenByUser", false);
Line Deleted : user_pref("CommunityToolbar.EngineOwner", "");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "bs_player");
Line Deleted : user_pref("CommunityToolbar.IsEngineShown", false);
Line Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Standa\\Data aplikac?\\Mozilla\\Firefox\\Profiles\\29iuk3mp.default\\conduitCommon\\modules\\3.18.0.7");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT1750559");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bs_player");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1750559,CT2786678");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1750559,CT2786678");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678");
Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Apr 14 2011 16:04:03 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jun 20 2011 21:49:44 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Jun 21 2011 11:58:59 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "b71a435d-49b4-42cc-a133-2d3931b5c4fb");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Sep 04 2012 11:26:14 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "57684e8b-e2f2-4461-8262-04166c293c88");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2786678");
Line Deleted : user_pref("CommunityToolbar.killedEngine", true);
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Mar 17 2013 18:30:11 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Mar 17 2013 18:30:18 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Mar 17 2013 18:30:10 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "612d8d71-38dd-4e2c-bcbc-e445c389ef51");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "AVG Secure Search");
Line Deleted : user_pref("CommunityToolbar.undefined", "");
Line Deleted : user_pref("browser.newtab.url", "hxxp://start.qone8.com/newtab/?type=nt&ts=1382604128&from=amt&uid=WDCXWD5000AAKS-00TMA0_WD-WCAPW565765757657");
Line Deleted : user_pref("browser.search.defaultenginename", "qone8");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "uTorrentBar Customized Web Search");
Line Deleted : user_pref("browser.search.selectedEngine", "qone8");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.qone8.com/?type=hp&ts=1382604128&from=amt&uid=WDCXWD5000AAKS-00TMA0_WD-WCAPW565765757657");
Line Deleted : user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:3.3.3.2,{1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1374,engine@conduit.com:[...]
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "www.mozila.cz");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?st=6&barid={3536420D-666F-11E2-A5C6-001A4D5BEE2A}");

-\\ Google Chrome v30.0.1599.101

[ File : C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [45147 octets] - [29/10/2013 16:11:49]
AdwCleaner[R1].txt - [45208 octets] - [30/10/2013 07:12:32]
AdwCleaner[S0].txt - [44115 octets] - [30/10/2013 07:15:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [44176 octets] ##########

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.30.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Standa :: BOSS [administrátor]

Ochrana: Povolena

30.10.2013 7:25:40
mbam-log-2013-10-30 (07-25-40).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 278629
Uplynulý čas: 8 minut, 5 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

jak zjistim jestli mam 32 bit nebo 64 bit???

už vím

RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Standa [Práva správce]
Mód : Kontrola -- Datum : 10/30/2013 07:43:22
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @explorer.exe (?MILLIS_PER_SECOND@GCDate@@2JB) : GrooveUtil.DLL -> HOOKED (Unknown @ 0xC8F7333C)
[Inline] EAT @explorer.exe (?ms_ReadWriteSemaphore@GCUtilDLL@@2VGCReadWriteSemaphore@@A) : GrooveUtil.DLL -> HOOKED (Unknown @ 0x67FAB716)
[Inline] EAT @iexplore.exe (?MILLIS_PER_SECOND@GCDate@@2JB) : GrooveUtil.DLL -> HOOKED (Unknown @ 0xC8F7333C)
[Inline] EAT @iexplore.exe (?MILLIS_PER_SECOND@GCDate@@2JB) : GrooveUtil.DLL -> HOOKED (Unknown @ 0xC8F7333C)
[Inline] EAT @iexplore.exe (?MILLIS_PER_SECOND@GCDate@@2JB) : GrooveUtil.DLL -> HOOKED (Unknown @ 0xC8F7333C)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) SATA WDC WD5000AAKS-0 SCSI Disk Device +++++
--- User ---
[MBR] 37b24832cfda2ade46125b69d725bd10
[BSP] 58d877b5d54e0393d618fd79a2a1e166 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 70001 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 143364060 | Size: 406927 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_10302013_074322.txt >>

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Microsoft Windows XP x86
Ran by Standa on st 30.10.2013 at 13:31:56,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3D6E850A-3944-45BB-AA40-074844A41034}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7C574E22-9EB0-4002-B372-9C0C2AD66414}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Documents and Settings\Standa\Data aplikací\mozilla\firefox\profiles\29iuk3mp.default\minidumps [4 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 30.10.2013 at 13:36:54,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~