V Chromu mi stale vyskakuje okno s napisem:
Stranka na webu cvvstx.com rika: a presmerovava me to na stazeni JAVY
Dekuji za pomoc.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:11:55, on 8.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
FIREFOX: 33.0.2 (x86 cs)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\Razer Barracuda AC-1 Gaming Audio Card\Razer Barracuda AC-1 Gaming Audio card.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Geronimo\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
C:\Program Files (x86)\Steam\GameOverlayUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\totalcmd\TOTALCMD.EXE
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Razer Barracuda AC-1 Gaming Audio Card] C:\Program Files (x86)\Razer Barracuda AC-1 Gaming Audio Card\Razer Barracuda AC-1 Gaming Audio card.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Easy Driver Pro] C:\Program Files (x86)\Probit Software\Easy Driver Pro\DPLauncher.exe
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Geronimo\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Geronimo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11689 bytes
Prosim o kontrolu logu. Vyřešeno
-
W.Geronimo
- Level 1
- Příspěvky: 56
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.
Odinstaluj:
McAfee Security Scan
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
McAfee Security Scan
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
W.Geronimo
- Level 1
- Příspěvky: 56
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.
Diky.Jdu na to.
-
W.Geronimo
- Level 1
- Příspěvky: 56
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.
Log z ADW CLEANERU:
# AdwCleaner v4.100 - Report created 09/11/2014 at 13:32:41
# Updated 08/11/2014 by Xplode
# Database : 2014-11-07.1
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Geronimo - GERONIMO-PC
# Running from : E:\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : BCUService
***** [ Files / Folders ] *****
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\askcomsearch.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-4.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\SweetIM Search.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\user.js
Folder Found : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found : C:\Program Files (x86)\DeviceVM
Folder Found : C:\Program Files (x86)\GGooSave
Folder Found : C:\Program Files (x86)\Probit Software
Folder Found : C:\ProgramData\8e5dae3a92ed59ca
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\GGooSave
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Probit Software
Folder Found : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Found : C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\Geronimo\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Geronimo\AppData\Local\Mail.Ru
Folder Found : C:\Users\Geronimo\AppData\Local\torch
Folder Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\Extensions\8PnD@ZOoPh7L.net
Folder Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\Extensions\DTToolbar@toolbarnet.com
Folder Found : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\torch
***** [ Scheduled Tasks ] *****
Task Found : Driver Booster Scan
Task Found : Driver Booster Update
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DeviceVM
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7EBFBBD6-3861-47D3-A545-4D0FDB1B07EE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : HKCU\Software\WNLT
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\DeviceVM
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\ImInstaller
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7EBFBBD6-3861-47D3-A545-4D0FDB1B07EE}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\WNLT
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\DeviceVM
Key Found : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B363E1D-8C36-4458-BAE4-D5081999E094}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Easy Driver Pro]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0.2 (x86 cs)
[49ld5ks5.default] - Line Found : user_pref("CT2786678..clientLogIsEnabled", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[49ld5ks5.default] - Line Found : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.BrowserCompStateIsOpen_130067977588633691", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.BrowserCompStateIsOpen_1359634298000", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.CTID", "CT2786678");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.CurrentServerDate", "28-6-2013");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.DialogsAlignMode", "LTR");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.DialogsGetterLastCheckTime", "Sat Jun 22 2013 08:02:17 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.DownloadReferralCookieData", "");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.EMailNotifierPollDate", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375443753", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375443759", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444699", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444705", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444711", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444717", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444723", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444729", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444735", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444741", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444747", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedTTL129301619375444699", 10);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedTTL129301619375444723", 15);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedTTL129301619375444735", 5);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedTTL129301619375444747", 5);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FirstServerDate", "12-12-2010");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FirstTime", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FirstTimeFF3", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FixPageNotFoundErrors", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.HasUserGlobalKeys", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.Initialize", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.InitializeCommonPrefs", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.InstallationType", "Unknown");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.InstalledDate", "Sun Jun 24 2012 00:30:30 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.IsGrouping", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.IsInitSetupIni", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.IsMulticommunity", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.IsOpenThankYouPage", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.IsOpenUninstallPage", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LanguagePackLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LastLogin_3.13.0.6", "Tue Jul 17 2012 14:44:36 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LastLogin_3.14.1.0", "Sun Aug 26 2012 15:42:33 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LastLogin_3.15.1.0", "Thu Nov 08 2012 17:56:48 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LastLogin_3.16.0.3", "Sun Feb 10 2013 10:13:27 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LastLogin_3.18.0.7", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LatestVersion", "3.18.0.7");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.Locale", "en");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.MCDetectTooltipHeight", "83");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.MCDetectTooltipWidth", "295");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchInNewTabEnabled", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchInNewTabUserEnabled", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchProtectorToolbarDisabled", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.ServiceMapLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SettingsLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SettingsLastUpdate", "1372404214");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246790578");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.ToolbarDisabled", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
[49ld5ks5.default] - Line Found : user_pref("CT2786678.UserID", "UN84181085541854777");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.WeatherNetwork", "");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.WeatherPollDate", "Sun Dec 12 2010 12:07:56 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.alertChannelId", "1178763");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.backendstorage.cbcountry_001", "435A");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.backendstorage.cbfirsttime", "536174204A756C20323820323031322032313A31313A343820474D542B30323030");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.backendstorage.cbopenmamsettings", "30");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.backendstorage.url_history0001", "687474703A2F2F7777772E64746573742E637A2F746573742F656C656374726F6C75782D7A75702D333832302D622D756C747261706572666F726D65722F31383137373F66696C746[...]
[49ld5ks5.default] - Line Found : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
[49ld5ks5.default] - Line Found : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.initDone", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.myStuffEnabled", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.revertSettingsEnabled", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.searchProtectorEnableByLogin", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.testingCtid", "");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.usagesFlag", 2);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT2786678", "\"bdf722bacb15b92ed95e35db4c172ef33\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... 1174448/CZ", "\"0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /905414/CZ", "\"0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2786678", "\"1362324159\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "MUj9hNyEiPxkVQ8Q8IYZ6A==");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "/oUS1eK2SdsB3t6H2kLPsA==");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "+RsYuZ9IN1smka6Zuggr5w==");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "t6SQZ7j9WsBHhE8zC0kAEQ==");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\"803651ba7facb1:0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.13.0.6", "\"0d648794549cd1:0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.14.1.0", "\"0e0a4327275cd1:0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.15.1.0", "\"0343677cfb1cd1:0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.16.0.3", "\"0343677cfb1cd1:0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.18.0.7", "\"0343677cfb1cd1:0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT2786678", "\"dbe4460d95840339477519b3f77dc11a\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634268528229370000\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... =11/8/2010 3:54:59 PM", "634248284990000000");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT2786678", "\"1291825117\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... =EB_LOCALE", "\"634274084120830000\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"fbcf283faa1728e9448e1646d0ceed22\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.EngineOwner", "CT2786678");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.IsEngineShown", true);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678,ConduitEngine");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Apr 22 2011 20:50:41 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jun 26 2011 21:41:53 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.locale", "en");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 21:41:45 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.userId", "9136037e-5793-4837-8945-474e7454df36");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.globalUserId", "4a52cee3-a2b5-4193-94ae-d470885045b5");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.CTID", "ConduitEngine");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.FirstTime", true);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.FirstTimeFF3", true);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.Initialize", true);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.InstalledDate", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.IsMulticommunity", false);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.IsOpenUninstallPage", false);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Sun Dec 12 2010 12:07:56 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.PublisherContainerWidth", 0);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CTXXXX&q=");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.UserID", "UN74616603574741914");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.engineLocale", "cs");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.initDone", true);
[49ld5ks5.default] - Line Found : user_pref("browser.search.defaultengine", "Ask.com Search");
[49ld5ks5.default] - Line Found : user_pref("browser.search.order.1", "Ask.com Search");
[49ld5ks5.default] - Line Found : user_pref("extensions.BE5cUvjmOe5cdZ2n.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\[...]
[49ld5ks5.default] - Line Found : user_pref("extensions.JiRJoYUOUdYMXZud.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\[...]
[49ld5ks5.default] - Line Found : user_pref("extensions.enabledItems", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{53A03D43-5363-4669-8190-99061B2DEBA5}:1.4.3,{ea614400-e918-4741-9a97-7[...]
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.allowSendURL", false);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.engineVerified", false);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.geolastmodified", 1299407432);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.hiddenElements", "itb_options");
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.history", "test%20ASUS%20VX6%20Lamborghini||netbooky||Acer%20Aspire%20One%20532G||nejvykonejsi%20netbook||thinkpad%20x300||bluetooth%20prenosne%20tiskarny||male%20prenosne%20tisk[...]
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.icqgeo", 42);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.installTime", "1299861709");
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.newtab_state", "1");
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.numberOfSearches", 0);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.previousFFVersion", "3.6.15");
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.skip_default_search", "no");
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.suggestions", false);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.uninstStatSent", true);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.usageStatstTimestamp", 1299831783);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.voucherHideClicks", 0);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.voucherWasShown", 0);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.xmlLanguage", "cs");
[49ld5ks5.default] - Line Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=");
-\\ Google Chrome v37.0.2062.124
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=icq-fx-plug&q={searchTerms}&ch_id=icq-fx-plug
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={CAC59E6D-DBE4-11E2-9074-6CF049051BDF}&crg=3.1010000.10039&st=23&ptr=100
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : cajkaofnicjappjmiinapdhjojnmpkno
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Startup_URLs] : hxxp://home.sweetim.com/?barid={CAC59E6D-DBE4-11E2-9074-6CF049051BDF}&crg=3.1010000.10039&st=23&ptr=100
-\\ Chromium v
-\\ Comodo Dragon v33.1.0.1
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.ask.com/web?o=APN10257&do ... =%5EAGO&q={searchTerms}
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Found [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Found [Extension] : cajkaofnicjappjmiinapdhjojnmpkno
*************************
AdwCleaner[R0].txt - [31800 octets] - [09/11/2014 13:32:41]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [31861 octets] ##########
# AdwCleaner v4.100 - Report created 09/11/2014 at 13:32:41
# Updated 08/11/2014 by Xplode
# Database : 2014-11-07.1
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Geronimo - GERONIMO-PC
# Running from : E:\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : BCUService
***** [ Files / Folders ] *****
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\askcomsearch.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-4.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\SweetIM Search.xml
File Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\user.js
Folder Found : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found : C:\Program Files (x86)\DeviceVM
Folder Found : C:\Program Files (x86)\GGooSave
Folder Found : C:\Program Files (x86)\Probit Software
Folder Found : C:\ProgramData\8e5dae3a92ed59ca
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\GGooSave
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Probit Software
Folder Found : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Found : C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\Geronimo\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Geronimo\AppData\Local\Mail.Ru
Folder Found : C:\Users\Geronimo\AppData\Local\torch
Folder Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\Extensions\8PnD@ZOoPh7L.net
Folder Found : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\Extensions\DTToolbar@toolbarnet.com
Folder Found : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\torch
***** [ Scheduled Tasks ] *****
Task Found : Driver Booster Scan
Task Found : Driver Booster Update
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DeviceVM
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7EBFBBD6-3861-47D3-A545-4D0FDB1B07EE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : HKCU\Software\WNLT
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\DeviceVM
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\ImInstaller
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7EBFBBD6-3861-47D3-A545-4D0FDB1B07EE}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\WNLT
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\DeviceVM
Key Found : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B363E1D-8C36-4458-BAE4-D5081999E094}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Easy Driver Pro]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0.2 (x86 cs)
[49ld5ks5.default] - Line Found : user_pref("CT2786678..clientLogIsEnabled", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[49ld5ks5.default] - Line Found : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.BrowserCompStateIsOpen_130067977588633691", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.BrowserCompStateIsOpen_1359634298000", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.CTID", "CT2786678");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.CurrentServerDate", "28-6-2013");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.DialogsAlignMode", "LTR");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.DialogsGetterLastCheckTime", "Sat Jun 22 2013 08:02:17 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.DownloadReferralCookieData", "");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.EMailNotifierPollDate", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375443753", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375443759", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444699", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444705", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444711", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444717", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444723", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444729", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444735", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444741", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedPollDate129301619375444747", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedTTL129301619375444699", 10);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedTTL129301619375444723", 15);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedTTL129301619375444735", 5);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FeedTTL129301619375444747", 5);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FirstServerDate", "12-12-2010");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FirstTime", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FirstTimeFF3", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.FixPageNotFoundErrors", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.HasUserGlobalKeys", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.Initialize", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.InitializeCommonPrefs", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.InstallationType", "Unknown");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.InstalledDate", "Sun Jun 24 2012 00:30:30 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.IsGrouping", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.IsInitSetupIni", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.IsMulticommunity", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.IsOpenThankYouPage", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.IsOpenUninstallPage", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LanguagePackLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LastLogin_3.13.0.6", "Tue Jul 17 2012 14:44:36 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LastLogin_3.14.1.0", "Sun Aug 26 2012 15:42:33 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LastLogin_3.15.1.0", "Thu Nov 08 2012 17:56:48 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LastLogin_3.16.0.3", "Sun Feb 10 2013 10:13:27 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LastLogin_3.18.0.7", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.LatestVersion", "3.18.0.7");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.Locale", "en");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.MCDetectTooltipHeight", "83");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.MCDetectTooltipWidth", "295");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchInNewTabEnabled", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchInNewTabUserEnabled", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SearchProtectorToolbarDisabled", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.ServiceMapLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SettingsLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.SettingsLastUpdate", "1372404214");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246790578");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.ToolbarDisabled", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
[49ld5ks5.default] - Line Found : user_pref("CT2786678.UserID", "UN84181085541854777");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.WeatherNetwork", "");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.WeatherPollDate", "Sun Dec 12 2010 12:07:56 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.alertChannelId", "1178763");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.backendstorage.cbcountry_001", "435A");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.backendstorage.cbfirsttime", "536174204A756C20323820323031322032313A31313A343820474D542B30323030");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.backendstorage.cbopenmamsettings", "30");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.backendstorage.url_history0001", "687474703A2F2F7777772E64746573742E637A2F746573742F656C656374726F6C75782D7A75702D333832302D622D756C747261706572666F726D65722F31383137373F66696C746[...]
[49ld5ks5.default] - Line Found : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
[49ld5ks5.default] - Line Found : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.initDone", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.myStuffEnabled", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.revertSettingsEnabled", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.searchProtectorEnableByLogin", true);
[49ld5ks5.default] - Line Found : user_pref("CT2786678.testingCtid", "");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CT2786678.usagesFlag", 2);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT2786678", "\"bdf722bacb15b92ed95e35db4c172ef33\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... 1174448/CZ", "\"0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /905414/CZ", "\"0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2786678", "\"1362324159\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "MUj9hNyEiPxkVQ8Q8IYZ6A==");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "/oUS1eK2SdsB3t6H2kLPsA==");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "+RsYuZ9IN1smka6Zuggr5w==");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "t6SQZ7j9WsBHhE8zC0kAEQ==");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\"803651ba7facb1:0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.13.0.6", "\"0d648794549cd1:0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.14.1.0", "\"0e0a4327275cd1:0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.15.1.0", "\"0343677cfb1cd1:0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.16.0.3", "\"0343677cfb1cd1:0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.18.0.7", "\"0343677cfb1cd1:0\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT2786678", "\"dbe4460d95840339477519b3f77dc11a\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634268528229370000\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... =11/8/2010 3:54:59 PM", "634248284990000000");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT2786678", "\"1291825117\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... =EB_LOCALE", "\"634274084120830000\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"fbcf283faa1728e9448e1646d0ceed22\"");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.EngineOwner", "CT2786678");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.IsEngineShown", true);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678,ConduitEngine");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Apr 22 2011 20:50:41 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jun 26 2011 21:41:53 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.locale", "en");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 21:41:45 GMT+0200");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.alert.userId", "9136037e-5793-4837-8945-474e7454df36");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.globalUserId", "4a52cee3-a2b5-4193-94ae-d470885045b5");
[49ld5ks5.default] - Line Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.CTID", "ConduitEngine");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.FirstTime", true);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.FirstTimeFF3", true);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.Initialize", true);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.InstalledDate", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.IsMulticommunity", false);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.IsOpenUninstallPage", false);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Sun Dec 12 2010 12:07:56 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.PublisherContainerWidth", 0);
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CTXXXX&q=");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.UserID", "UN74616603574741914");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.engineLocale", "cs");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default] - Line Found : user_pref("ConduitEngine.initDone", true);
[49ld5ks5.default] - Line Found : user_pref("browser.search.defaultengine", "Ask.com Search");
[49ld5ks5.default] - Line Found : user_pref("browser.search.order.1", "Ask.com Search");
[49ld5ks5.default] - Line Found : user_pref("extensions.BE5cUvjmOe5cdZ2n.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\[...]
[49ld5ks5.default] - Line Found : user_pref("extensions.JiRJoYUOUdYMXZud.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\[...]
[49ld5ks5.default] - Line Found : user_pref("extensions.enabledItems", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{53A03D43-5363-4669-8190-99061B2DEBA5}:1.4.3,{ea614400-e918-4741-9a97-7[...]
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.allowSendURL", false);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.engineVerified", false);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.geolastmodified", 1299407432);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.hiddenElements", "itb_options");
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.history", "test%20ASUS%20VX6%20Lamborghini||netbooky||Acer%20Aspire%20One%20532G||nejvykonejsi%20netbook||thinkpad%20x300||bluetooth%20prenosne%20tiskarny||male%20prenosne%20tisk[...]
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.icqgeo", 42);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.installTime", "1299861709");
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.newtab_state", "1");
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.numberOfSearches", 0);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.previousFFVersion", "3.6.15");
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.skip_default_search", "no");
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.suggestions", false);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.uninstStatSent", true);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.usageStatstTimestamp", 1299831783);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.voucherHideClicks", 0);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.voucherWasShown", 0);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[49ld5ks5.default] - Line Found : user_pref("icqtoolbar.xmlLanguage", "cs");
[49ld5ks5.default] - Line Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=");
-\\ Google Chrome v37.0.2062.124
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=icq-fx-plug&q={searchTerms}&ch_id=icq-fx-plug
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={CAC59E6D-DBE4-11E2-9074-6CF049051BDF}&crg=3.1010000.10039&st=23&ptr=100
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : cajkaofnicjappjmiinapdhjojnmpkno
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Startup_URLs] : hxxp://home.sweetim.com/?barid={CAC59E6D-DBE4-11E2-9074-6CF049051BDF}&crg=3.1010000.10039&st=23&ptr=100
-\\ Chromium v
-\\ Comodo Dragon v33.1.0.1
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.ask.com/web?o=APN10257&do ... =%5EAGO&q={searchTerms}
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Found [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Found [Extension] : cajkaofnicjappjmiinapdhjojnmpkno
*************************
AdwCleaner[R0].txt - [31800 octets] - [09/11/2014 13:32:41]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [31861 octets] ##########
-
W.Geronimo
- Level 1
- Příspěvky: 56
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.
Malwarebytes Anti-Malware
www.malwarebytes.org
Dátum skenovania: 9.11.2014
Scan čas: 14:06:52
Logfile: log.txt
Správca: áno
Verzia: 2.00.3.1025
Malware databázy: v2014.11.09.04
Rootkit databázy: v2014.11.08.01
Licencia: ?????????
Ochrana pred škodlivým softvérom: Telesne
Škodlivých webových stránok Ochrana: Telesne
Sebaobrany: Telesne
OS: Windows 7 Service Pack 1
CPU: x64
Systém súborov: NTFS
Používateľ: Geronimo
Typ skenu: Hrozba Scan
Výsledok: Dokončené
Objekty naskenované: 354260
Uplynulý čas: 4 min, 14 sec
Pamäť: Povolené
Pri spustení: Povolené
Súborový systém: Povolené
Archív: Povolené
Rootkity: Telesne
Heuristiky: Povolené
ŠTEŇA: Povolené
VYKUROVAC: Povolené
Procesy: 0
(Žiadne zákernej položky neboli zistené)
Moduly: 0
(Žiadne zákernej položky neboli zistené)
Kľúče databázy Registry: 0
(Žiadne zákernej položky neboli zistené)
Hodnoty databázy Registry: 0
(Žiadne zákernej položky neboli zistené)
Údaje databázy Registry: 0
(Žiadne zákernej položky neboli zistené)
Priečinky: 0
(Žiadne zákernej položky neboli zistené)
Súbory: 3
PUP.Optional.SweetIM.A, C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\Preferences, Dobrá:)), Zlá:) "startup_urls": [ "http://home.sweetim.com/?barid={CAC59E6D-DBE4-11E2-9074-6CF049051BDF}&crg=3.1010000.10039&st=23&ptr=100" ],), ,[a31544f5c6b62d09ca7d08702dd818e8]
PUP.Optional.Conduit.A, C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\prefs.js, Dobrá:)), Zlá:)user_pref("CT2786678.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=");), ,[6a4e231675070135c957bbbc5ca901ff]
PUP.Optional.Conduit.A, C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\prefs.js, Dobrá:)), Zlá:)ag.http://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "/oUS1eK2SdsB3t6H2kLPsA==), ,[f8c058e1bac2b77f69b711667b8a46ba]
Fyzický sektory: 0
(Žiadne zákernej položky neboli zistené)
(end)
www.malwarebytes.org
Dátum skenovania: 9.11.2014
Scan čas: 14:06:52
Logfile: log.txt
Správca: áno
Verzia: 2.00.3.1025
Malware databázy: v2014.11.09.04
Rootkit databázy: v2014.11.08.01
Licencia: ?????????
Ochrana pred škodlivým softvérom: Telesne
Škodlivých webových stránok Ochrana: Telesne
Sebaobrany: Telesne
OS: Windows 7 Service Pack 1
CPU: x64
Systém súborov: NTFS
Používateľ: Geronimo
Typ skenu: Hrozba Scan
Výsledok: Dokončené
Objekty naskenované: 354260
Uplynulý čas: 4 min, 14 sec
Pamäť: Povolené
Pri spustení: Povolené
Súborový systém: Povolené
Archív: Povolené
Rootkity: Telesne
Heuristiky: Povolené
ŠTEŇA: Povolené
VYKUROVAC: Povolené
Procesy: 0
(Žiadne zákernej položky neboli zistené)
Moduly: 0
(Žiadne zákernej položky neboli zistené)
Kľúče databázy Registry: 0
(Žiadne zákernej položky neboli zistené)
Hodnoty databázy Registry: 0
(Žiadne zákernej položky neboli zistené)
Údaje databázy Registry: 0
(Žiadne zákernej položky neboli zistené)
Priečinky: 0
(Žiadne zákernej položky neboli zistené)
Súbory: 3
PUP.Optional.SweetIM.A, C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\Preferences, Dobrá:)), Zlá:) "startup_urls": [ "http://home.sweetim.com/?barid={CAC59E6D-DBE4-11E2-9074-6CF049051BDF}&crg=3.1010000.10039&st=23&ptr=100" ],), ,[a31544f5c6b62d09ca7d08702dd818e8]
PUP.Optional.Conduit.A, C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\prefs.js, Dobrá:)), Zlá:)user_pref("CT2786678.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=");), ,[6a4e231675070135c957bbbc5ca901ff]
PUP.Optional.Conduit.A, C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\prefs.js, Dobrá:)), Zlá:)ag.http://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "/oUS1eK2SdsB3t6H2kLPsA==), ,[f8c058e1bac2b77f69b711667b8a46ba]
Fyzický sektory: 0
(Žiadne zákernej položky neboli zistené)
(end)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
W.Geronimo
- Level 1
- Příspěvky: 56
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.
Diky. O vikendu na to zase vlitnu.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.
OK..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
W.Geronimo
- Level 1
- Příspěvky: 56
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.
takze Log z AdwCleaner:
# AdwCleaner v4.101 - Report created 15/11/2014 at 12:39:21
# Updated 09/11/2014 by Xplode
# Database : 2014-11-13.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Geronimo - GERONIMO-PC
# Running from : E:\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : BCUService
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\GGooSave
Folder Deleted : C:\ProgramData\YoautuBeAdBlocke
Folder Deleted : C:\ProgramData\8e5dae3a92ed59ca
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Probit Software
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\DeviceVM
Folder Deleted : C:\Program Files (x86)\Probit Software
Folder Deleted : C:\Program Files (x86)\GGooSave
Folder Deleted : C:\Program Files (x86)\YoautuBeAdBlocke
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Geronimo\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Geronimo\AppData\Local\Mail.Ru
Folder Deleted : C:\Users\Geronimo\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\Extensions\DTToolbar@toolbarnet.com
Folder Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\Extensions\8PnD@ZOoPh7L.net
Folder Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\Extensions\l2dlN2xd9k@9.edu
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\askcomsearch.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\SweetIM Search.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Easy Driver Pro]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7EBFBBD6-3861-47D3-A545-4D0FDB1B07EE}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DeviceVM
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B363E1D-8C36-4458-BAE4-D5081999E094}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.1 (x86 cs)
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678..clientLogIsEnabled", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_130067977588633691", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_1359634298000", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.CTID", "CT2786678");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.CurrentServerDate", "28-6-2013");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Sat Jun 22 2013 08:02:17 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375443753", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375443759", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444699", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444705", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444711", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444717", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444723", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444729", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444735", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444741", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444747", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedTTL129301619375444699", 10);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedTTL129301619375444723", 15);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedTTL129301619375444735", 5);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedTTL129301619375444747", 5);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FirstServerDate", "12-12-2010");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FirstTime", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FirstTimeFF3", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FixPageNotFoundErrors", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.Initialize", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.InstallationType", "Unknown");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.InstalledDate", "Sun Jun 24 2012 00:30:30 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.IsGrouping", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.IsInitSetupIni", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.IsMulticommunity", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.IsOpenUninstallPage", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LastLogin_3.13.0.6", "Tue Jul 17 2012 14:44:36 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LastLogin_3.14.1.0", "Sun Aug 26 2012 15:42:33 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LastLogin_3.15.1.0", "Thu Nov 08 2012 17:56:48 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LastLogin_3.16.0.3", "Sun Feb 10 2013 10:13:27 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LastLogin_3.18.0.7", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LatestVersion", "3.18.0.7");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.Locale", "en");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchInNewTabUserEnabled", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SettingsLastUpdate", "1372404214");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246790578");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.ToolbarDisabled", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.UserID", "UN84181085541854777");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.WeatherNetwork", "");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.WeatherPollDate", "Sun Dec 12 2010 12:07:56 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.alertChannelId", "1178763");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.backendstorage.cbcountry_001", "435A");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.backendstorage.cbfirsttime", "536174204A756C20323820323031322032313A31313A343820474D542B30323030");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.backendstorage.cbopenmamsettings", "30");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.backendstorage.url_history0001", "687474703A2F2F7777772E64746573742E637A2F746573742F656C656374726F6C75782D7A75702D333832302D622D756C747261706572666F726D65722F31383137373F66696C746[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.initDone", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.myStuffEnabled", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.revertSettingsEnabled", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.testingCtid", "");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.usagesFlag", 2);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT2786678", "\"bdf722bacb15b92ed95e35db4c172ef33\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... 1174448/CZ", "\"0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /905414/CZ", "\"0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2786678", "\"1362324159\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "MUj9hNyEiPxkVQ8Q8IYZ6A==");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "/oUS1eK2SdsB3t6H2kLPsA==");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "+RsYuZ9IN1smka6Zuggr5w==");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "t6SQZ7j9WsBHhE8zC0kAEQ==");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\"803651ba7facb1:0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.13.0.6", "\"0d648794549cd1:0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.14.1.0", "\"0e0a4327275cd1:0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.15.1.0", "\"0343677cfb1cd1:0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.16.0.3", "\"0343677cfb1cd1:0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.18.0.7", "\"0343677cfb1cd1:0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT2786678", "\"dbe4460d95840339477519b3f77dc11a\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634268528229370000\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... =11/8/2010 3:54:59 PM", "634248284990000000");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT2786678", "\"1291825117\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... =EB_LOCALE", "\"634274084120830000\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"fbcf283faa1728e9448e1646d0ceed22\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2786678");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678,ConduitEngine");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Apr 22 2011 20:50:41 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jun 26 2011 21:41:53 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 21:41:45 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.userId", "9136037e-5793-4837-8945-474e7454df36");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.globalUserId", "4a52cee3-a2b5-4193-94ae-d470885045b5");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.FirstTime", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.Initialize", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.InstalledDate", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Sun Dec 12 2010 12:07:56 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CTXXXX&q=");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.UserID", "UN74616603574741914");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.engineLocale", "cs");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.initDone", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com Search");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com Search");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("extensions.BE5cUvjmOe5cdZ2n.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("extensions.JiRJoYUOUdYMXZud.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("extensions.enabledItems", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{53A03D43-5363-4669-8190-99061B2DEBA5}:1.4.3,{ea614400-e918-4741-9a97-7[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.engineVerified", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.geolastmodified", 1299407432);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.history", "test%20ASUS%20VX6%20LamborghininetbookyAcer%20Aspire%20One%20532Gnejvykonejsi%20netbookthinkpad%20x300bluetooth%20prenosne%20tiskarnymale%20prenosne%20tisk[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installTime", "1299861709");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.previousFFVersion", "3.6.15");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.suggestions", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uninstStatSent", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1299831783);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=");
-\\ Google Chrome v37.0.2062.124
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : cajkaofnicjappjmiinapdhjojnmpkno
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://home.sweetim.com/?barid={CAC59E6D-DBE4-11E2-9074-6CF049051BDF}&crg=3.1010000.10039&st=23&ptr=100
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&do ... =%5EAGO&q={searchTerms}
-\\ Chromium v
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&do ... =%5EAGO&q={searchTerms}
-\\ Comodo Dragon v33.1.0.1
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&do ... =%5EAGO&q={searchTerms}
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : cajkaofnicjappjmiinapdhjojnmpkno
*************************
AdwCleaner[R0].txt - [32006 octets] - [09/11/2014 13:32:41]
AdwCleaner[R1].txt - [31062 octets] - [15/11/2014 12:38:05]
AdwCleaner[S0].txt - [33233 octets] - [15/11/2014 12:39:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [33294 octets] ##########
# AdwCleaner v4.101 - Report created 15/11/2014 at 12:39:21
# Updated 09/11/2014 by Xplode
# Database : 2014-11-13.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Geronimo - GERONIMO-PC
# Running from : E:\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : BCUService
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\GGooSave
Folder Deleted : C:\ProgramData\YoautuBeAdBlocke
Folder Deleted : C:\ProgramData\8e5dae3a92ed59ca
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Probit Software
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\DeviceVM
Folder Deleted : C:\Program Files (x86)\Probit Software
Folder Deleted : C:\Program Files (x86)\GGooSave
Folder Deleted : C:\Program Files (x86)\YoautuBeAdBlocke
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Geronimo\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Geronimo\AppData\Local\Mail.Ru
Folder Deleted : C:\Users\Geronimo\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\Extensions\DTToolbar@toolbarnet.com
Folder Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\Extensions\8PnD@ZOoPh7L.net
Folder Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\Extensions\l2dlN2xd9k@9.edu
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cajkaofnicjappjmiinapdhjojnmpkno
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\askcomsearch.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\searchplugins\SweetIM Search.xml
File Deleted : C:\Users\Geronimo\AppData\Roaming\Mozilla\Firefox\Profiles\49ld5ks5.default\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Easy Driver Pro]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7EBFBBD6-3861-47D3-A545-4D0FDB1B07EE}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DeviceVM
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B363E1D-8C36-4458-BAE4-D5081999E094}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.1 (x86 cs)
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678..clientLogIsEnabled", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_130067977588633691", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_1359634298000", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.CTID", "CT2786678");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.CurrentServerDate", "28-6-2013");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Sat Jun 22 2013 08:02:17 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375443753", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375443759", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444699", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444705", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444711", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444717", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444723", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444729", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444735", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444741", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedPollDate129301619375444747", "Sun Dec 12 2010 12:06:08 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedTTL129301619375444699", 10);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedTTL129301619375444723", 15);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedTTL129301619375444735", 5);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FeedTTL129301619375444747", 5);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FirstServerDate", "12-12-2010");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FirstTime", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FirstTimeFF3", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.FixPageNotFoundErrors", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.Initialize", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.InstallationType", "Unknown");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.InstalledDate", "Sun Jun 24 2012 00:30:30 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.IsGrouping", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.IsInitSetupIni", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.IsMulticommunity", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.IsOpenUninstallPage", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LastLogin_3.13.0.6", "Tue Jul 17 2012 14:44:36 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LastLogin_3.14.1.0", "Sun Aug 26 2012 15:42:33 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LastLogin_3.15.1.0", "Thu Nov 08 2012 17:56:48 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LastLogin_3.16.0.3", "Sun Feb 10 2013 10:13:27 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LastLogin_3.18.0.7", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.LatestVersion", "3.18.0.7");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.Locale", "en");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchInNewTabUserEnabled", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.SettingsLastUpdate", "1372404214");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246790578");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.ToolbarDisabled", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.UserID", "UN84181085541854777");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.WeatherNetwork", "");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.WeatherPollDate", "Sun Dec 12 2010 12:07:56 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.alertChannelId", "1178763");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.backendstorage.cbcountry_001", "435A");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.backendstorage.cbfirsttime", "536174204A756C20323820323031322032313A31313A343820474D542B30323030");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.backendstorage.cbopenmamsettings", "30");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.backendstorage.url_history0001", "687474703A2F2F7777772E64746573742E637A2F746573742F656C656374726F6C75782D7A75702D333832302D622D756C747261706572666F726D65722F31383137373F66696C746[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.initDone", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.myStuffEnabled", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.revertSettingsEnabled", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.testingCtid", "");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Fri Jun 28 2013 09:51:50 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CT2786678.usagesFlag", 2);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT2786678", "\"bdf722bacb15b92ed95e35db4c172ef33\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... 1174448/CZ", "\"0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /905414/CZ", "\"0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2786678", "\"1362324159\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "MUj9hNyEiPxkVQ8Q8IYZ6A==");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "/oUS1eK2SdsB3t6H2kLPsA==");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "+RsYuZ9IN1smka6Zuggr5w==");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "t6SQZ7j9WsBHhE8zC0kAEQ==");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\"803651ba7facb1:0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.13.0.6", "\"0d648794549cd1:0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.14.1.0", "\"0e0a4327275cd1:0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.15.1.0", "\"0343677cfb1cd1:0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.16.0.3", "\"0343677cfb1cd1:0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.18.0.7", "\"0343677cfb1cd1:0\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT2786678", "\"dbe4460d95840339477519b3f77dc11a\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634268528229370000\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... =11/8/2010 3:54:59 PM", "634248284990000000");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT2786678", "\"1291825117\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... =EB_LOCALE", "\"634274084120830000\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"fbcf283faa1728e9448e1646d0ceed22\"");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2786678");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678,ConduitEngine");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Apr 22 2011 20:50:41 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jun 26 2011 21:41:53 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 21:41:45 GMT+0200");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.alert.userId", "9136037e-5793-4837-8945-474e7454df36");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.globalUserId", "4a52cee3-a2b5-4193-94ae-d470885045b5");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.FirstTime", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.Initialize", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.InstalledDate", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Sun Dec 12 2010 12:07:56 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CTXXXX&q=");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Dec 12 2010 12:06:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.UserID", "UN74616603574741914");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.engineLocale", "cs");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Dec 12 2010 07:39:07 GMT+0100");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("ConduitEngine.initDone", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com Search");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com Search");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("extensions.BE5cUvjmOe5cdZ2n.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("extensions.JiRJoYUOUdYMXZud.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("extensions.enabledItems", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{53A03D43-5363-4669-8190-99061B2DEBA5}:1.4.3,{ea614400-e918-4741-9a97-7[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.engineVerified", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.geolastmodified", 1299407432);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.history", "test%20ASUS%20VX6%20LamborghininetbookyAcer%20Aspire%20One%20532Gnejvykonejsi%20netbookthinkpad%20x300bluetooth%20prenosne%20tiskarnymale%20prenosne%20tisk[...]
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installTime", "1299861709");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.previousFFVersion", "3.6.15");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.suggestions", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uninstStatSent", true);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1299831783);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
[49ld5ks5.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=");
-\\ Google Chrome v37.0.2062.124
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : cajkaofnicjappjmiinapdhjojnmpkno
[C:\Users\Geronimo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://home.sweetim.com/?barid={CAC59E6D-DBE4-11E2-9074-6CF049051BDF}&crg=3.1010000.10039&st=23&ptr=100
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&do ... =%5EAGO&q={searchTerms}
-\\ Chromium v
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&do ... =%5EAGO&q={searchTerms}
-\\ Comodo Dragon v33.1.0.1
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&do ... =%5EAGO&q={searchTerms}
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\Geronimo\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : cajkaofnicjappjmiinapdhjojnmpkno
*************************
AdwCleaner[R0].txt - [32006 octets] - [09/11/2014 13:32:41]
AdwCleaner[R1].txt - [31062 octets] - [15/11/2014 12:38:05]
AdwCleaner[S0].txt - [33233 octets] - [15/11/2014 12:39:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [33294 octets] ##########
-
W.Geronimo
- Level 1
- Příspěvky: 56
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.
log z JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 7 Ultimate x64
Ran by Geronimo on so 15.11.2014 at 12:45:22,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9F9518C6-CFA7-4BEA-BFB9-0EF5129E0C69}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Geronimo\appdata\local\tempdir"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Geronimo\AppData\Roaming\mozilla\firefox\profiles\49ld5ks5.default\conduitcommon
Successfully deleted the following from C:\Users\Geronimo\AppData\Roaming\mozilla\firefox\profiles\49ld5ks5.default\prefs.js
user_pref("extensions.JiRJoYUOUdYMXZud.url", "hxxp://safefacile.net/sync2/?q=hfZ9ofV9CShEAen0rHk8rShTB6lKDzt4okqAtNtVh7n0rjnFrda9rja8qjr6tMFHhd9FqdwErjwFrjrFqdkMDMlGojUMAe4Uoj
user_pref("extensions.foxcub.config.encodedConfig", "{\"core\":{\"configUrl\":\"hxxp://download.seznam.cz/software/conf/\",\"updateUrl\":\"hxxp://download.seznam.cz/software/c
user_pref("keyword.url", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=");
Emptied folder: C:\Users\Geronimo\AppData\Roaming\mozilla\firefox\profiles\49ld5ks5.default\minidumps [11 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 15.11.2014 at 12:48:01,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 7 Ultimate x64
Ran by Geronimo on so 15.11.2014 at 12:45:22,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9F9518C6-CFA7-4BEA-BFB9-0EF5129E0C69}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Geronimo\appdata\local\tempdir"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Geronimo\AppData\Roaming\mozilla\firefox\profiles\49ld5ks5.default\conduitcommon
Successfully deleted the following from C:\Users\Geronimo\AppData\Roaming\mozilla\firefox\profiles\49ld5ks5.default\prefs.js
user_pref("extensions.JiRJoYUOUdYMXZud.url", "hxxp://safefacile.net/sync2/?q=hfZ9ofV9CShEAen0rHk8rShTB6lKDzt4okqAtNtVh7n0rjnFrda9rja8qjr6tMFHhd9FqdwErjwFrjrFqdkMDMlGojUMAe4Uoj
user_pref("extensions.foxcub.config.encodedConfig", "{\"core\":{\"configUrl\":\"hxxp://download.seznam.cz/software/conf/\",\"updateUrl\":\"hxxp://download.seznam.cz/software/c
user_pref("keyword.url", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=");
Emptied folder: C:\Users\Geronimo\AppData\Roaming\mozilla\firefox\profiles\49ld5ks5.default\minidumps [11 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 15.11.2014 at 12:48:01,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
W.Geronimo
- Level 1
- Příspěvky: 56
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.
log z RogueKiller:
RogueKiller V10.0.6.0 (x64) [Nov 13 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Geronimo [Práva správce]
Mód : Prohledat -- Datum : 11/15/2014 12:54:07
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 12 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.255.255.10 10.255.255.20 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.255.255.10 10.255.255.20 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.255.255.10 10.255.255.20 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3F2279BC-C926-4BAF-8522-A056A2FE7B9D} | DhcpNameServer : 10.255.255.10 10.255.255.20 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3F2279BC-C926-4BAF-8522-A056A2FE7B9D} | DhcpNameServer : 10.255.255.10 10.255.255.20 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3F2279BC-C926-4BAF-8522-A056A2FE7B9D} | DhcpNameServer : 10.255.255.10 10.255.255.20 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 7 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CREATE[0] : Unknown @ 0x74092c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x74092c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x74092c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x74092c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_POWER[22] : Unknown @ 0x74092c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x74092c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_PNP[27] : Unknown @ 0x74092c0
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] 49ld5ks5.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nalezeno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD1500HLFS-01G6U SCSI Disk Device +++++
--- User ---
[MBR] 70fa80752a988fb2723a044de3c5c901
[BSP] f93b272f73ad96b9886e98d83e2ef0dd : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 142986 MB
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )
+++++ PhysicalDrive1: ST380013AS SCSI Disk Device +++++
--- User ---
[MBR] 0ee5536e9372b7ddb0e6981e9ef69a4d
[BSP] e369c52a29fa35a7385ab24464490b66 : Windows XP MBR Code
Partition table:
1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 2048 | Size: 76317 MB
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )
+++++ PhysicalDrive2: WDC WD20EURS-63S48Y0 ATA Device +++++
--- User ---
[MBR] 0d1dc93e269fd065e7124c2966f95890
[BSP] 21f7af98fa11a624696527102bfebc7f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB
User = LL1 ... OK
User = LL2 ... OK
RogueKiller V10.0.6.0 (x64) [Nov 13 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Geronimo [Práva správce]
Mód : Prohledat -- Datum : 11/15/2014 12:54:07
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 12 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.255.255.10 10.255.255.20 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.255.255.10 10.255.255.20 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.255.255.10 10.255.255.20 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3F2279BC-C926-4BAF-8522-A056A2FE7B9D} | DhcpNameServer : 10.255.255.10 10.255.255.20 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3F2279BC-C926-4BAF-8522-A056A2FE7B9D} | DhcpNameServer : 10.255.255.10 10.255.255.20 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3F2279BC-C926-4BAF-8522-A056A2FE7B9D} | DhcpNameServer : 10.255.255.10 10.255.255.20 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 7 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CREATE[0] : Unknown @ 0x74092c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x74092c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x74092c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x74092c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_POWER[22] : Unknown @ 0x74092c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x74092c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_PNP[27] : Unknown @ 0x74092c0
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] 49ld5ks5.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nalezeno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD1500HLFS-01G6U SCSI Disk Device +++++
--- User ---
[MBR] 70fa80752a988fb2723a044de3c5c901
[BSP] f93b272f73ad96b9886e98d83e2ef0dd : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 142986 MB
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )
+++++ PhysicalDrive1: ST380013AS SCSI Disk Device +++++
--- User ---
[MBR] 0ee5536e9372b7ddb0e6981e9ef69a4d
[BSP] e369c52a29fa35a7385ab24464490b66 : Windows XP MBR Code
Partition table:
1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 2048 | Size: 76317 MB
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )
+++++ PhysicalDrive2: WDC WD20EURS-63S48Y0 ATA Device +++++
--- User ---
[MBR] 0d1dc93e269fd065e7124c2966f95890
[BSP] 21f7af98fa11a624696527102bfebc7f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB
User = LL1 ... OK
User = LL2 ... OK
-
W.Geronimo
- Level 1
- Příspěvky: 56
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu.
Dekuji za pomoc.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 84 hostů