Zdravim, prosim o kontrolu logu.
Pouzivam Ccleaner, awast, ad-aware, vsechno mám projetý, ale PC mi pořád pomalu pracuje.. hlavne prohlizec chrome i firefox..
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:34, on 17.4.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PCDApp\dgen.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Surftastic\bin\utilSurftastic.exe
C:\Program Files\Surftastic\bin\FilterApp_C.exe
C:\Program Files\Surftastic\bin\Surftastic.BrowserAdapter.exe
C:\Program Files\Surftastic\updateSurftastic.exe
C:\Documents and Settings\Comp\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Comp\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Comp\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Comp\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Comp\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Comp\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Comp\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Comp\Plocha\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Surftastic - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - C:\Program Files\Surftastic\Surftasticbho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Comp\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 4797782593
O20 - AppInit_DLLs: c:\docume~1\alluse~1\dataap~1\browse~1\261339~1.144\{c16c1~1\browse~1.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrowserProtect - Unknown owner - C:\Documents and Settings\All Users\Data aplikací\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Protect Monitor (ProtectMonitor) - Unknown owner - C:\Program Files\PCDApp\StartHelp.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: Update Surftastic - Unknown owner - C:\Program Files\Surftastic\updateSurftastic.exe
O23 - Service: Util Surftastic - Unknown owner - C:\Program Files\Surftastic\bin\utilSurftastic.exe
--
End of file - 8756 bytes
kontrola logu
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: kontrola logu
AdwCleaner v3.200 - Report created 22/04/2014 at 16:17:05
# Updated 22/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Comp - HOME-COMP
# Running from : C:\Documents and Settings\Comp\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : BrowserProtect
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\adawaretb
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\blekko toolbars
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\BrowserProtect
Folder Deleted : C:\Program Files\adawaretb
Folder Deleted : C:\Program Files\Surftastic
Folder Deleted : C:\Program Files\Toolbar Cleaner
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\adawaretb
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\BabSolution
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\adawaretb
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\Smartbar
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\CT1750559
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
File Deleted : C:\END
File Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\bprotector_extensions.sqlite
File Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\bprotector_prefs.js
File Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\searchplugins\BrowserProtect.xml
File Deleted : C:\Documents and Settings\Comp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
File Deleted : C:\WINDOWS\Tasks\AmiUpdXp.job
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Key Deleted : HKCU\Software\f55d78db46ae449
Key Deleted : HKLM\SOFTWARE\f55d78db46ae449
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{363BB65D-1747-4826-B445-1DA6244E2037}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SmartBar
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\docume~1\alluse~1\dataap~1\browse~1\261339~1.144\{c16c1~1\browse~1.dll
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]
-\\ Mozilla Firefox v3.6.12 (cs)
[ File : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\prefs.js ]
Line Deleted : user_pref("CT1750559.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT1750559.1000082.state", "{\"state\":\"stopped\",\"text\":\"1.FM Dance\",\"description\":\"1.FM Dance\",\"url\":\"mms://dance.1.fm/energydance128k?MSWMExt=.asf\"}");
Line Deleted : user_pref("CT1750559.1000234.TWC_TMP_city", "CHRUDIM");
Line Deleted : user_pref("CT1750559.1000234.TWC_TMP_country", "CZ");
Line Deleted : user_pref("CT1750559.1000234.TWC_country", "CZECH REPUBLIC");
Line Deleted : user_pref("CT1750559.1000234.TWC_locId", "EZXX0405");
Line Deleted : user_pref("CT1750559.1000234.TWC_location", "Chrudim, PA, Czech Republic");
Line Deleted : user_pref("CT1750559.1000234.TWC_region", "OT");
Line Deleted : user_pref("CT1750559.1000234.TWC_temp_dis", "c");
Line Deleted : user_pref("CT1750559.1000234.TWC_wind_dis", "kmh");
Line Deleted : user_pref("CT1750559.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.FF19Solved", "true");
Line Deleted : user_pref("CT1750559.FirstTime", "true");
Line Deleted : user_pref("CT1750559.FirstTimeFF3", "true");
Line Deleted : user_pref("CT1750559.RestartDialogFirstTime", "false");
Line Deleted : user_pref("CT1750559.RestartDialogShouldDisplay", "false");
Line Deleted : user_pref("CT1750559.UserID", "UN18742920323012717");
Line Deleted : user_pref("CT1750559.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT1750559.appOptions", "{}");
Line Deleted : user_pref("CT1750559.countryCode", "CZ");
Line Deleted : user_pref("CT1750559.dum", "2");
Line Deleted : user_pref("CT1750559.embeddedsData", "[{\"appId\":\"128520273115419467\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT1750559.enableAlerts", "never");
Line Deleted : user_pref("CT1750559.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT1750559.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT1750559.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT1750559.fullUserID", "UN18742920323012717.IN.20140221081309");
Line Deleted : user_pref("CT1750559.installDate", "21/02/2014 08:13:17");
Line Deleted : user_pref("CT1750559.installSessionId", "c0d7fc9c-9305-419d-bd61-1d970c27ffba");
Line Deleted : user_pref("CT1750559.installSp", "FALSE");
Line Deleted : user_pref("CT1750559.installType", "Unknown");
Line Deleted : user_pref("CT1750559.installUsage", "2014-04-14T03:57:23.3371617+03:00");
Line Deleted : user_pref("CT1750559.installUsageEarly", "2014-04-14T03:50:57.8817035+03:00");
Line Deleted : user_pref("CT1750559.installerVersion", "1.8.1.4");
Line Deleted : user_pref("CT1750559.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT1750559.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT1750559.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://www.trovi.com/?gd=&ctid=CT1750559&octid=CT1750559&ISID=ISID_ID&SearchSource=15&CUI=UN18742920323012717&Lay=1&UM=1[...]
Line Deleted : user_pref("CT1750559.lastVersion", "10.29.0.520");
Line Deleted : user_pref("CT1750559.mam_gk_installer_preapproved.enc", "RkFMU0U=");
Line Deleted : user_pref("CT1750559.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fwww.tumblr.com%2F\",\"EB_MAIN_FRAME_TITLE\":\"Sign%20up%20%7C%20Tumblr\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_D[...]
Line Deleted : user_pref("CT1750559.performedDomainChangesMigration", "true");
Line Deleted : user_pref("CT1750559.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT1750559.search.searchAppId", "128520273115419467");
Line Deleted : user_pref("CT1750559.search.searchCount", "0");
Line Deleted : user_pref("CT1750559.searchFromAddressBarEnabledByUser", "false");
Line Deleted : user_pref("CT1750559.searchInNewTabEnabledByUser", "false");
Line Deleted : user_pref("CT1750559.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT1750559.searchRevert", "false");
Line Deleted : user_pref("CT1750559.searchSuggestEnabledByUser", "false");
Line Deleted : user_pref("CT1750559.searchUninstallUserMode", "1");
Line Deleted : user_pref("CT1750559.searchUserMode", "1");
Line Deleted : user_pref("CT1750559.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT1750559\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BSPlayerControlBar.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BS Player ControlBar \"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_services_Configuration_lastUpdate", "1397662673913");
Line Deleted : user_pref("CT1750559.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1397436688504");
Line Deleted : user_pref("CT1750559.serviceLayer_services_appsMetadata_lastUpdate", "1397662678682");
Line Deleted : user_pref("CT1750559.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1397436687863");
Line Deleted : user_pref("CT1750559.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1397436685835");
Line Deleted : user_pref("CT1750559.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1397437068443");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.29.0.520_lastUpdate", "1397677081644");
Line Deleted : user_pref("CT1750559.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1397436688309");
Line Deleted : user_pref("CT1750559.serviceLayer_services_searchAPI_lastUpdate", "1397662674083");
Line Deleted : user_pref("CT1750559.serviceLayer_services_serviceMap_lastUpdate", "1397662673755");
Line Deleted : user_pref("CT1750559.serviceLayer_services_setupAPI_lastUpdate", "1397436685863");
Line Deleted : user_pref("CT1750559.serviceLayer_services_toolbarContextMenu_lastUpdate", "1397687264668");
Line Deleted : user_pref("CT1750559.serviceLayer_services_toolbarSettings_lastUpdate", "1397684274272");
Line Deleted : user_pref("CT1750559.serviceLayer_services_translation_lastUpdate", "1397662678602");
Line Deleted : user_pref("CT1750559.settingsINI", true);
Line Deleted : user_pref("CT1750559.showToolbarPermission", "false");
Line Deleted : user_pref("CT1750559.smartbar.CTID", "CT1750559");
Line Deleted : user_pref("CT1750559.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT1750559.smartbar.toolbarName", "BS Player ControlBar ");
Line Deleted : user_pref("CT1750559.toolbarBornServerTime", "14-4-2014");
Line Deleted : user_pref("CT1750559.toolbarCurrentServerTime", "16-4-2014");
Line Deleted : user_pref("CT1750559.toolbarInstallDate", "21-02-2014 08:13:09");
Line Deleted : user_pref("CT1750559.toolbarLoginClientTime", "Mon Apr 14 2014 02:57:48 GMT+0200");
Line Deleted : user_pref("CT1750559.versionFromInstaller", "10.23.0.722");
Line Deleted : user_pref("CT1750559.xpeMode", "1");
Line Deleted : user_pref("CT1750559_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1397687643715,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("smartbar.machineId", "FSU+9KGATMHPN45VYVWC97+PMAGTH9TTOCS3BCHJYNFOTRD+LOPW5VADJXTRPSIIYDE0F55DNI6QLWHKRHUFSQ");
-\\ Google Chrome v
[ File : C:\Documents and Settings\Comp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : oejkcgajlodefenbbjdnaiahmbnnoole
*************************
AdwCleaner[R0].txt - [14547 octets] - [22/04/2014 16:11:32]
AdwCleaner[S0].txt - [14559 octets] - [22/04/2014 16:17:05]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14620 octets] ##########
# Updated 22/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Comp - HOME-COMP
# Running from : C:\Documents and Settings\Comp\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : BrowserProtect
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\adawaretb
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\blekko toolbars
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\BrowserProtect
Folder Deleted : C:\Program Files\adawaretb
Folder Deleted : C:\Program Files\Surftastic
Folder Deleted : C:\Program Files\Toolbar Cleaner
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\adawaretb
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\BabSolution
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\adawaretb
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\Smartbar
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\CT1750559
Folder Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
File Deleted : C:\END
File Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\bprotector_extensions.sqlite
File Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\bprotector_prefs.js
File Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\searchplugins\BrowserProtect.xml
File Deleted : C:\Documents and Settings\Comp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
File Deleted : C:\WINDOWS\Tasks\AmiUpdXp.job
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Key Deleted : HKCU\Software\f55d78db46ae449
Key Deleted : HKLM\SOFTWARE\f55d78db46ae449
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{363BB65D-1747-4826-B445-1DA6244E2037}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SmartBar
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\docume~1\alluse~1\dataap~1\browse~1\261339~1.144\{c16c1~1\browse~1.dll
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]
-\\ Mozilla Firefox v3.6.12 (cs)
[ File : C:\Documents and Settings\Comp\Data aplikací\Mozilla\Firefox\Profiles\ri28ltfm.default\prefs.js ]
Line Deleted : user_pref("CT1750559.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT1750559.1000082.state", "{\"state\":\"stopped\",\"text\":\"1.FM Dance\",\"description\":\"1.FM Dance\",\"url\":\"mms://dance.1.fm/energydance128k?MSWMExt=.asf\"}");
Line Deleted : user_pref("CT1750559.1000234.TWC_TMP_city", "CHRUDIM");
Line Deleted : user_pref("CT1750559.1000234.TWC_TMP_country", "CZ");
Line Deleted : user_pref("CT1750559.1000234.TWC_country", "CZECH REPUBLIC");
Line Deleted : user_pref("CT1750559.1000234.TWC_locId", "EZXX0405");
Line Deleted : user_pref("CT1750559.1000234.TWC_location", "Chrudim, PA, Czech Republic");
Line Deleted : user_pref("CT1750559.1000234.TWC_region", "OT");
Line Deleted : user_pref("CT1750559.1000234.TWC_temp_dis", "c");
Line Deleted : user_pref("CT1750559.1000234.TWC_wind_dis", "kmh");
Line Deleted : user_pref("CT1750559.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.FF19Solved", "true");
Line Deleted : user_pref("CT1750559.FirstTime", "true");
Line Deleted : user_pref("CT1750559.FirstTimeFF3", "true");
Line Deleted : user_pref("CT1750559.RestartDialogFirstTime", "false");
Line Deleted : user_pref("CT1750559.RestartDialogShouldDisplay", "false");
Line Deleted : user_pref("CT1750559.UserID", "UN18742920323012717");
Line Deleted : user_pref("CT1750559.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT1750559.appOptions", "{}");
Line Deleted : user_pref("CT1750559.countryCode", "CZ");
Line Deleted : user_pref("CT1750559.dum", "2");
Line Deleted : user_pref("CT1750559.embeddedsData", "[{\"appId\":\"128520273115419467\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT1750559.enableAlerts", "never");
Line Deleted : user_pref("CT1750559.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT1750559.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT1750559.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT1750559.fullUserID", "UN18742920323012717.IN.20140221081309");
Line Deleted : user_pref("CT1750559.installDate", "21/02/2014 08:13:17");
Line Deleted : user_pref("CT1750559.installSessionId", "c0d7fc9c-9305-419d-bd61-1d970c27ffba");
Line Deleted : user_pref("CT1750559.installSp", "FALSE");
Line Deleted : user_pref("CT1750559.installType", "Unknown");
Line Deleted : user_pref("CT1750559.installUsage", "2014-04-14T03:57:23.3371617+03:00");
Line Deleted : user_pref("CT1750559.installUsageEarly", "2014-04-14T03:50:57.8817035+03:00");
Line Deleted : user_pref("CT1750559.installerVersion", "1.8.1.4");
Line Deleted : user_pref("CT1750559.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT1750559.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT1750559.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://www.trovi.com/?gd=&ctid=CT1750559&octid=CT1750559&ISID=ISID_ID&SearchSource=15&CUI=UN18742920323012717&Lay=1&UM=1[...]
Line Deleted : user_pref("CT1750559.lastVersion", "10.29.0.520");
Line Deleted : user_pref("CT1750559.mam_gk_installer_preapproved.enc", "RkFMU0U=");
Line Deleted : user_pref("CT1750559.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fwww.tumblr.com%2F\",\"EB_MAIN_FRAME_TITLE\":\"Sign%20up%20%7C%20Tumblr\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_D[...]
Line Deleted : user_pref("CT1750559.performedDomainChangesMigration", "true");
Line Deleted : user_pref("CT1750559.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT1750559.search.searchAppId", "128520273115419467");
Line Deleted : user_pref("CT1750559.search.searchCount", "0");
Line Deleted : user_pref("CT1750559.searchFromAddressBarEnabledByUser", "false");
Line Deleted : user_pref("CT1750559.searchInNewTabEnabledByUser", "false");
Line Deleted : user_pref("CT1750559.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT1750559.searchRevert", "false");
Line Deleted : user_pref("CT1750559.searchSuggestEnabledByUser", "false");
Line Deleted : user_pref("CT1750559.searchUninstallUserMode", "1");
Line Deleted : user_pref("CT1750559.searchUserMode", "1");
Line Deleted : user_pref("CT1750559.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT1750559\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BSPlayerControlBar.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BS Player ControlBar \"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_services_Configuration_lastUpdate", "1397662673913");
Line Deleted : user_pref("CT1750559.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1397436688504");
Line Deleted : user_pref("CT1750559.serviceLayer_services_appsMetadata_lastUpdate", "1397662678682");
Line Deleted : user_pref("CT1750559.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1397436687863");
Line Deleted : user_pref("CT1750559.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1397436685835");
Line Deleted : user_pref("CT1750559.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1397437068443");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.29.0.520_lastUpdate", "1397677081644");
Line Deleted : user_pref("CT1750559.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1397436688309");
Line Deleted : user_pref("CT1750559.serviceLayer_services_searchAPI_lastUpdate", "1397662674083");
Line Deleted : user_pref("CT1750559.serviceLayer_services_serviceMap_lastUpdate", "1397662673755");
Line Deleted : user_pref("CT1750559.serviceLayer_services_setupAPI_lastUpdate", "1397436685863");
Line Deleted : user_pref("CT1750559.serviceLayer_services_toolbarContextMenu_lastUpdate", "1397687264668");
Line Deleted : user_pref("CT1750559.serviceLayer_services_toolbarSettings_lastUpdate", "1397684274272");
Line Deleted : user_pref("CT1750559.serviceLayer_services_translation_lastUpdate", "1397662678602");
Line Deleted : user_pref("CT1750559.settingsINI", true);
Line Deleted : user_pref("CT1750559.showToolbarPermission", "false");
Line Deleted : user_pref("CT1750559.smartbar.CTID", "CT1750559");
Line Deleted : user_pref("CT1750559.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT1750559.smartbar.toolbarName", "BS Player ControlBar ");
Line Deleted : user_pref("CT1750559.toolbarBornServerTime", "14-4-2014");
Line Deleted : user_pref("CT1750559.toolbarCurrentServerTime", "16-4-2014");
Line Deleted : user_pref("CT1750559.toolbarInstallDate", "21-02-2014 08:13:09");
Line Deleted : user_pref("CT1750559.toolbarLoginClientTime", "Mon Apr 14 2014 02:57:48 GMT+0200");
Line Deleted : user_pref("CT1750559.versionFromInstaller", "10.23.0.722");
Line Deleted : user_pref("CT1750559.xpeMode", "1");
Line Deleted : user_pref("CT1750559_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1397687643715,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("smartbar.machineId", "FSU+9KGATMHPN45VYVWC97+PMAGTH9TTOCS3BCHJYNFOTRD+LOPW5VADJXTRPSIIYDE0F55DNI6QLWHKRHUFSQ");
-\\ Google Chrome v
[ File : C:\Documents and Settings\Comp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : oejkcgajlodefenbbjdnaiahmbnnoole
*************************
AdwCleaner[R0].txt - [14547 octets] - [22/04/2014 16:11:32]
AdwCleaner[S0].txt - [14559 octets] - [22/04/2014 16:17:05]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14620 octets] ##########
Re: kontrola logu
Nejde mi nainstalovat ten Malwarebytes' Anti-Malware.. Ukáže se mi ať zvolim jazyk, dám čeština a při instalaci to ukáže asi 3x hlaska: Interni chyba: Expresion error Runtime error (at 57:177) external exception, pak se to naintaluje a ukaze se Windows chybova hláška
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
Zkusíme tedy MBAM později.
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 58 hostů