Vyskakující reklamy

vasekpetr1 · Příspěvekod **vasekpetr1** » 11 led 2015 15:31

Zdravím všechny a prosím o kontrolu logu jednak z důvodu pomalejšího načítání internetu a jednak i z důvodu vyskakující reklamy na stránce: http://forum.renaultclub.cz/ ve spodním okraji stránky - je zajímavé, že reklama otravuje pouze na těchto stránkách renaultu, na jiných stránkách tento problém nemám. Vyskakuje na obou prohlížečích (IE8, FF).
Děkuji za pomoc.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:24:23, on 11.1.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Tomcat\bin\tomcat6.exe
C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbmux32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\DAP\DAP.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: LinkVerifierBHO - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll
O4 - HKLM\..\Run: [Rthdcpl] RTHDCPL.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [EhTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1CK431V005PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: Outlook express.lnk = C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre7\bin\jqs.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SBS_GM_TOMCAT6 - Apache Software Foundation - C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Tomcat\bin\tomcat6.exe
O23 - Service: SBS_GM_TRANSBASE - Transaction Software, D 81829 Munich - C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbmux32.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 7182 bytes

Reklama

Příspěvekod **jaro3** » 12 led 2015 09:20

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

vasekpetr1 · Příspěvekod **vasekpetr1** » 15 led 2015 18:24

RogueKiller V10.0.3.0 [Oct 22 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno : Normální režim
Uživatel : Táta [Práva správce]
Mód : Prohledat -- Datum : 01/15/2015 18:20:58

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] HKEY_USERS\S-1-5-21-1111310416-3384606478-2207430176-1006\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nalezeno
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] HKEY_USERS\S-1-5-21-1111310416-3384606478-2207430176-1006\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\WINDOWS\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 3 (Driver: Nahrán) ¤¤¤
[IAT:Addr] (explorer.exe @ sti.dll) CFGMGR32.dll - CM_Reenumerate_DevNode : C:\WINDOWS\system32\SETUPAPI.dll @ 0x779926a5
[IAT:Addr] (explorer.exe @ sti.dll) CFGMGR32.dll - CM_Get_DevNode_Status : C:\WINDOWS\system32\SETUPAPI.dll @ 0x7792c6eb
[IAT:Addr] (explorer.exe @ sti.dll) CFGMGR32.dll - CM_Get_Parent : C:\WINDOWS\system32\SETUPAPI.dll @ 0x77997a5d

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] q3880k9t.default : user_pref("browser.startup.homepage", "https://www.facebook.com/?ref=tn_tnmn"); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS541212H9AT00 +++++
--- User ---
[MBR] 473959413de48d9434d0d4f3a05ab70b
[BSP] 4cdd229e0fb46ed595dba7a1ff87a910 : Acer MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 4996 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 10233405 | Size: 54486 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 121820895 | Size: 54988 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: SecureDigital_MMC_Drive +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! ([32] Po?adavek není podporován. )
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

============================================
RKreport_DEL_10242014_122550.log - RKreport_DEL_10252014_125829.log - RKreport_DEL_10252014_125925.log - RKreport_DEL_10252014_130207.log
RKreport_SCN_10232014_224154.log - RKreport_SCN_10242014_122502.log - RKreport_SCN_10252014_125508.log

# AdwCleaner v4.001 - Report created 15/01/2015 at 18:02:01
# Updated 20/10/2014 by Xplode
# Database : 2015-01-13.2
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Táta - ACER-BOHUMILA
# Running from : D:\Download\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v34.0.5 (x86 cs)

*************************

AdwCleaner[R10].txt - [1648 octets] - [09/01/2015 22:46:45]
AdwCleaner[R11].txt - [655 octets] - [15/01/2015 18:02:01]
AdwCleaner[R1].txt - [9001 octets] - [20/12/2013 15:38:13]
AdwCleaner[R2].txt - [9061 octets] - [20/12/2013 16:01:24]
AdwCleaner[R3].txt - [9121 octets] - [21/12/2013 00:35:23]
AdwCleaner[R4].txt - [4756 octets] - [04/07/2014 15:03:22]
AdwCleaner[R5].txt - [3095 octets] - [04/08/2014 12:52:27]
AdwCleaner[R6].txt - [1803 octets] - [23/10/2014 21:28:24]
AdwCleaner[R7].txt - [1881 octets] - [24/10/2014 10:58:04]
AdwCleaner[R8].txt - [2576 octets] - [01/01/2015 16:59:24]
AdwCleaner[R9].txt - [1527 octets] - [01/01/2015 17:44:09]
AdwCleaner[S1].txt - [9218 octets] - [21/12/2013 00:42:52]
AdwCleaner[S2].txt - [4889 octets] - [04/07/2014 15:04:41]
AdwCleaner[S3].txt - [3190 octets] - [04/08/2014 12:54:18]
AdwCleaner[S4].txt - [1947 octets] - [24/10/2014 11:00:21]
AdwCleaner[S5].txt - [2661 octets] - [01/01/2015 17:03:00]
AdwCleaner[S6].txt - [1588 octets] - [01/01/2015 17:47:47]
AdwCleaner[S7].txt - [1709 octets] - [09/01/2015 22:49:48]

########## EOF - C:\AdwCleaner\AdwCleaner[R11].txt - [1675 octets] ##########

Příspěvekod **Orcus** » 15 led 2015 18:37

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni
Zoek.exe

a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
rogram nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

vasekpetr1 · Příspěvekod **vasekpetr1** » 15 led 2015 20:22

Zoek.exe v5.0.0.0 Updated 23-11-2014
Tool run by Táta on čt 15.01.2015 at 19:50:26,03.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: D:\Download\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

15.1.2015 19:51:00 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Program Files\Mojelogo deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\NewTech Infosystems deleted successfully
C:\Program Files\Sony Ericsson deleted successfully
C:\Documents and Settings\All Users\Start Menu\Programs\Real deleted successfully
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth deleted successfully
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson deleted successfully
C:\Documents and Settings\Máma\Application Data\AdobeUM deleted successfully
C:\Documents and Settings\Máma\Application Data\Canon deleted successfully
C:\Documents and Settings\Máma\Application Data\Nokia Ovi Suite deleted successfully
C:\Documents and Settings\Petr\Application Data\AdobeUM deleted successfully
C:\Documents and Settings\Petr\Application Data\Gearbox Software deleted successfully
C:\Documents and Settings\Petr\Application Data\Lavasoft deleted successfully
C:\Documents and Settings\Táta\Application Data\Broad Intelligence deleted successfully
C:\Documents and Settings\Máma\Local Settings\Application Data\WMTools Downloaded Files deleted successfully
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google deleted successfully
C:\Documents and Settings\Petr\Local Settings\Application Data\WMTools Downloaded Files deleted successfully
C:\Documents and Settings\Táta\Local Settings\Application Data\GHISLER deleted successfully
C:\Documents and Settings\Táta\Local Settings\Application Data\SpeedBIT deleted successfully
C:\Documents and Settings\Táta\Local Settings\Application Data\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1111310416-3384606478-2207430176-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Documents and Settings\Máma\Application Data\Mozilla\Firefox\Profiles\s2pc5d4o.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.facebook.com/?ref=tn_tnmn");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Documents and Settings\Máma\Application Data\Mozilla\Firefox\Profiles\s2pc5d4o.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\Petr\Application Data\Mozilla\Firefox\Profiles\jb2in6mz.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Documents and Settings\Petr\Application Data\Mozilla\Firefox\Profiles\jb2in6mz.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\Táta\Application Data\Mozilla\Firefox\Profiles\q3880k9t.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.facebook.com/?ref=tn_tnmn");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Documents and Settings\Táta\Application Data\Mozilla\Firefox\Profiles\q3880k9t.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Documents and Settings\Máma\Application Data\Mozilla\Firefox\Profiles\s2pc5d4o.default

user.js not found
---- Lines speedbit modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----

prefs_15.01.2015_2007_.backup

ProfilePath: C:\Documents and Settings\Petr\Application Data\Mozilla\Firefox\Profiles\jb2in6mz.default

user.js not found
---- Lines speedbit modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----

prefs_15.01.2015_2007_.backup

ProfilePath: C:\Documents and Settings\Táta\Application Data\Mozilla\Firefox\Profiles\q3880k9t.default

user.js not found
---- Lines speedbit modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----

prefs_15.01.2015_2007_.backup

==== Deleting Files \ Folders ======================

C:\WINDOWS\System32\AniGIF.ocx deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\SDCondition.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Log\DAP_BETA.LOG" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\AddonsCondition.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\08D29C25-8256-4454-9E93-A39DCAFB043D\1.0.0.4_0\MediaPreview.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\CSharpDapsters.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\DapsterTools.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\fivegiganet.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\Ionic.Zip.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\MegaUploadCom.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\SpdFileCom.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\XSevenTo.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\zsharenet.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\211A24A5-08E2-4413-8BFF-C16F80CCB537\1.0.0.0_0\DapInternetTab.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\516CA5E4-8DA8-4cdd-AAB6-739C7D587C24\1.0.0.6_0\Converter.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\B0FE9480-9E77-4c65-BF2F-855F9D750418\1.0.0.3_0\DapLinkCheckerPlugin.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\B775A1D0-4882-4577-B251-0DAC64A08E40\1.0.5.1_0\DapRemoteControlPlugin.dll" deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Log" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\08D29C25-8256-4454-9E93-A39DCAFB043D" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\211A24A5-08E2-4413-8BFF-C16F80CCB537" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\516CA5E4-8DA8-4cdd-AAB6-739C7D587C24" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\B0FE9480-9E77-4c65-BF2F-855F9D750418" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\B775A1D0-4882-4577-B251-0DAC64A08E40" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\Install" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\Log" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\08D29C25-8256-4454-9E93-A39DCAFB043D\1.0.0.4_0" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\211A24A5-08E2-4413-8BFF-C16F80CCB537\1.0.0.0_0" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\516CA5E4-8DA8-4cdd-AAB6-739C7D587C24\1.0.0.6_0" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\B0FE9480-9E77-4c65-BF2F-855F9D750418\1.0.0.3_0" not deleted
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Plugins\B775A1D0-4882-4577-B251-0DAC64A08E40\1.0.5.1_0" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"daplinkchecker@speedbit.com"="C:\Program Files\DAP\daplinkchecker" [25.10.2014 08:03]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}"="C:\Program Files\DAP\DAPFireFox" [25.10.2014 08:03]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Petr\Application Data\Mozilla\Firefox\Profiles\jb2in6mz.default
- Google Toolbar for Firefox - %ProfilePath%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Táta\Application Data\Mozilla\Firefox\Profiles\q3880k9t.default
8560995C727974F27F2A1CE68909FEB9 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll - Shockwave Flash
D2377C9458EFEB094E38B8C874AA214C - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update
005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
421CB2C1010522B3BF7C00725520B844 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In
F3B0E300AFC94E1A775A2D935A7D384F - C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll - Shockwave for Director / Shockwave for Director
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
1B197A0ED28DB310AB67591567C3787A - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.150.3
54BF6EBC262DF04712AC4EB18AD8B9CC - C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll - PlayStation(R)Network Downloader Check Plug-in
8340EC352AC82F8F16F892B0ED05CCF8 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
5AF47FFDE6675CBAA660D90442CE16BB - C:\Program Files\Photosynth\npPhotosynthMozilla.dll - Photosynth
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
4C23E74EF7F99D8B07C9AA7DC087E200 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll - RealJukebox NS Plugin
3D84A7E0CD7A1FC93EAB9F2D50E5BD9C - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll - RealPlayer Version Plugin
68A131335A20B343923A2957EB1E413D - C:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System
8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight

==== Chromium Look ======================

RealDownloader - Máma\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype for Chromium - Máma\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
RealDownloader - Máma\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype for Chromium - Máma\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{19D8B9FC-C1B1-47B6-8022-DCDCEC6DBB4E}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{19D8B9FC-C1B1-47B6-8022-DCDCEC6DBB4E} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Documents and Settings\Táta\Local Settings\Temporary Internet Files\Content.IE5\PT3P9PS3 will be deleted at reboot
C:\Documents and Settings\Táta\Local Settings\Temporary Internet Files\Content.IE5\PT3P9PS3 will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\Táta\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\Táta\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Documents and Settings\Máma\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Documents and Settings\Máma\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3935 folders=267 533518837 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Administrator\Local Settings\temp emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\LocalService\Local Settings\temp emptied successfully
C:\Documents and Settings\Máma\Local Settings\temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully
C:\Documents and Settings\Petr\Local Settings\temp emptied successfully
C:\Documents and Settings\Táta\Local Settings\temp will be emptied at reboot
C:\Documents and Settings\Máma\Local Settings\temp emptied successfully
C:\Documents and Settings\Táta\Local Settings\temp will be emptied at reboot
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\T ta\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit\DAP\Log\DAP_BETA.LOG" not found
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\Táta\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\Táta\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit" not found
"C:\Documents and Settings\Táta\Local Settings\Temporary Internet Files\Content.IE5\PT3P9PS3" not found
"C:\Documents and Settings\Táta\Local Settings\Temporary Internet Files\Content.IE5\PT3P9PS3" not found

==== EOF on źt 15.01.2015 at 20:19:35,81 ======================

RogueKiller V10.0.3.0 [Oct 22 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno : Normální režim
Uživatel : Táta [Práva správce]
Mód : Smazat -- Datum : 01/15/2015 19:45:09

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nevybráno
[PUM.HomePage] HKEY_USERS\S-1-5-21-1111310416-3384606478-2207430176-1006\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nevybráno
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nevybráno
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nevybráno
[PUM.SearchPage] HKEY_USERS\S-1-5-21-1111310416-3384606478-2207430176-1006\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nevybráno
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nevybráno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\WINDOWS\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 3 (Driver: Nahrán) ¤¤¤
[IAT:Addr] (explorer.exe @ sti.dll) CFGMGR32.dll - CM_Reenumerate_DevNode : C:\WINDOWS\system32\SETUPAPI.dll @ 0x779926a5
[IAT:Addr] (explorer.exe @ sti.dll) CFGMGR32.dll - CM_Get_DevNode_Status : C:\WINDOWS\system32\SETUPAPI.dll @ 0x7792c6eb
[IAT:Addr] (explorer.exe @ sti.dll) CFGMGR32.dll - CM_Get_Parent : C:\WINDOWS\system32\SETUPAPI.dll @ 0x77997a5d

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] q3880k9t.default : user_pref("browser.startup.homepage", "https://www.facebook.com/?ref=tn_tnmn"); -> Nevybráno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS541212H9AT00 +++++
--- User ---
[MBR] 473959413de48d9434d0d4f3a05ab70b
[BSP] 4cdd229e0fb46ed595dba7a1ff87a910 : Acer MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 4996 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 10233405 | Size: 54486 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 121820895 | Size: 54988 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_DEL_10242014_122550.log - RKreport_DEL_10252014_125829.log - RKreport_DEL_10252014_125925.log - RKreport_DEL_10252014_130207.log
RKreport_SCN_01152015_182058.log - RKreport_SCN_10232014_224154.log - RKreport_SCN_10242014_122502.log - RKreport_SCN_10252014_125508.log
RKreport_SCN_01152015_194352.log - RKreport_DEL_01152015_194432.log

Příspěvekod **Orcus** » 16 led 2015 09:20

RogueKiller znovu podle návodu. Neoznačil si žádnou položku.

vasekpetr1 · Příspěvekod **vasekpetr1** » 16 led 2015 13:14

Omlouvám se:

RogueKiller V10.0.3.0 [Oct 22 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno : Normální režim
Uživatel : Táta [Práva správce]
Mód : Smazat -- Datum : 01/16/2015 13:13:14

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 7 ¤¤¤
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] HKEY_USERS\S-1-5-21-1111310416-3384606478-2207430176-1006\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] HKEY_USERS\S-1-5-21-1111310416-3384606478-2207430176-1007\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] HKEY_USERS\S-1-5-21-1111310416-3384606478-2207430176-1006\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno

¤¤¤ Antirootkit : 3 (Driver: Nahrán) ¤¤¤
[IAT:Addr] (explorer.exe @ sti.dll) CFGMGR32.dll - CM_Reenumerate_DevNode : C:\WINDOWS\system32\SETUPAPI.dll @ 0x779926a5
[IAT:Addr] (explorer.exe @ sti.dll) CFGMGR32.dll - CM_Get_DevNode_Status : C:\WINDOWS\system32\SETUPAPI.dll @ 0x7792c6eb
[IAT:Addr] (explorer.exe @ sti.dll) CFGMGR32.dll - CM_Get_Parent : C:\WINDOWS\system32\SETUPAPI.dll @ 0x77997a5d

¤¤¤ Webové prohlížeče : 3 ¤¤¤
[FIREFX:Addon] q3880k9t.default : Microsoft .NET Framework Assistant [{20a82645-c095-46ed-80e3-08825760534b}] -> Smazáno
[FIREFX:Addon] q3880k9t.default : RealPlayer Browser Record Plugin [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] -> Smazáno
[PUM.HomePage][FIREFX:Config] q3880k9t.default : user_pref("browser.startup.homepage", "https://www.facebook.com/"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS541212H9AT00 +++++
--- User ---
[MBR] 473959413de48d9434d0d4f3a05ab70b
[BSP] 4cdd229e0fb46ed595dba7a1ff87a910 : Acer MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 4996 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 10233405 | Size: 54486 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 121820895 | Size: 54988 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_DEL_01152015_194432.log - RKreport_DEL_01152015_194509.log - RKreport_DEL_10242014_122550.log - RKreport_DEL_10252014_125829.log
RKreport_DEL_10252014_125925.log - RKreport_DEL_10252014_130207.log - RKreport_SCN_01152015_182058.log - RKreport_SCN_01152015_194352.log
RKreport_SCN_10232014_224154.log - RKreport_SCN_10242014_122502.log - RKreport_SCN_10252014_125508.log - RKreport_SCN_01162015_131135.log

Příspěvekod **jaro3** » 16 led 2015 18:40

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Vlož nový log z HJT + info o problémech

vasekpetr1 · Příspěvekod **vasekpetr1** » 17 led 2015 15:50

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Microsoft Windows XP x86
Ran by T ta on so 17.01.2015 at 15:21:13,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted [File] C:\Documents and Settings\All Users\Microsoft\DRM\ADS7.tmp [TDL4 Trace]

~~~ Folders

~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\T ta\Application Data\mozilla\firefox\profiles\q3880k9t.default\invalidprefs.js

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 17.01.2015 at 15:24:52,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

V průběhu testu aswmbr se ntb zrestartoval a zůstal v obrazovce volby biosu, odkud se nechtěl dále posunout. Pouze nabídka F2 pro vstup do Biosu, do něhož jsem vstoupil a bez jakékoli změny vystoupil ven Exitem. Ntb hlásil chybu bootování a ať připojím kabel. Po vypnutí a zapnutí ntb normálně naběhl.
Reklama v levém dolním rohu na uvedených stránkách http://forum.renaultclub.cz/ stále vyjíždí.

Příspěvekod **Orcus** » 18 led 2015 09:32

Dodej log z HiJackThis. :-)

vasekpetr1 · Příspěvekod **vasekpetr1** » 18 led 2015 09:39

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:38:51, on 18.1.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Tomcat\bin\tomcat6.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbmux32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\DAP\DAP.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
O2 - BHO: LinkVerifierBHO - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll
O4 - HKLM\..\Run: [Rthdcpl] RTHDCPL.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [EhTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1CK431V005PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: Outlook express.lnk = C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre7\bin\jqs.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SBS_GM_TOMCAT6 - Apache Software Foundation - C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Tomcat\bin\tomcat6.exe
O23 - Service: SBS_GM_TRANSBASE - Transaction Software, D 81829 Munich - C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbmux32.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 7306 bytes

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-01-18 11:02:54
-----------------------------
11:02:54.921 OS Version: Windows 5.1.2600 Service Pack 3
11:02:54.921 Number of processors: 1 586 0x4C02
11:02:54.921 ComputerName: ACER-BOHUMILA UserName: Táta
11:02:56.968 Initialize success
11:02:57.000 VM: initialized successfully
11:02:57.000 VM: Amd CPU virtualization not supported
11:03:02.812 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:03:02.812 Disk 0 Vendor: Hitachi_HTS541212H9AT00 HP4OA23C Size: 114473MB BusType: 3
11:03:03.312 Disk 0 MBR read successfully
11:03:03.312 Disk 0 MBR scan
11:03:03.312 Disk 0 unknown MBR code
11:03:04.046 Disk 0 Partition 1 00 12 Compaq diag MSWIN4.1 4996 MB offset 63
11:03:04.062 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 54486 MB offset 10233405
11:03:04.093 Disk 0 default boot code
11:03:04.109 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 54988 MB offset 121820895
11:03:04.109 Disk 0 scanning sectors +234436545
11:03:04.250 Disk 0 scanning C:\WINDOWS\system32\drivers
11:04:19.859 Service scanning
11:04:38.156 Modules scanning
11:04:38.171 Disk 0 trace - called modules:
11:04:38.203 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
11:04:38.203 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a9c5230]
11:04:38.203 3 CLASSPNP.SYS[ba188fd7] -> nt!IofCallDriver -> \Device\000000ba[0x8a936470]
11:04:38.203 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a958d98]
11:04:38.203 Disk 0 statistics 167974/0/0 @ 1,40 MB/s
11:04:38.218 Scan finished successfully
11:05:03.390 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Táta\Desktop\MBR.dat"
11:05:03.390 The log file has been saved successfully to "C:\Documents and Settings\Táta\Desktop\aswMBR.txt"

Příspěvekod **Orcus** » 19 led 2015 07:50

Odinstaluj SUPERAntiSpyware.

Nainstaluj něco z kvarteta - Avast, AVG, Avira či Comodo, jelikož nevidím žádný antivir.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Pokud budou problémy , spusť v nouz. režimu.

Vyskakující reklamy Vyřešeno

Vyskakující reklamy

Re: Vyskakující reklamy

Re: Vyskakující reklamy

Re: Vyskakující reklamy

Re: Vyskakující reklamy

Re: Vyskakující reklamy

Re: Vyskakující reklamy

Re: Vyskakující reklamy

Re: Vyskakující reklamy

Re: Vyskakující reklamy

Re: Vyskakující reklamy

Re: Vyskakující reklamy

Kdo je online