PC-HELP.CZ

Zdravim, kamarád mi donesl notebook s tim, že je strašně pomalý. Rád bych věděl, jestli půjde ještě nějak pročistit nebo bude nutný reinstal. Děkuji

Ještě ten log, že...

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:45:08, on 20.1.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16599)


Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Totalcmd7\TOTALCMD.EXE
E:\! Soft\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - (no file)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Ultrawideband Control Center.lnk = C:\Program Files\Dell\Dell WUSB\WQ_Tray2.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - (no file)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - (no file)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClient Control) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O20 - AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Unknown owner - C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Služba Google Update (gupdate1ca086bb4bee260) (gupdate1ca086bb4bee260) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\user\AppData\Local\Torch\Update\TorchCrashHandler.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 7433 bytes

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

# AdwCleaner v4.108 - Report created 20/01/2015 at 14:29:12
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Local]
# Operating System : Windows Vista (TM) Ultimate Service Pack 2 (32 bits)
# Username : user - USER-PC
# Running from : C:\Users\user\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : DatamngrCoordinator
Service Found : torchcrashhandler

***** [ Files / Folders ] *****

File Found : C:\users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
File Found : C:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
File Found : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\searchplugins\Ask.xml
File Found : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\searchplugins\Askcom.xml
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\ProgramData\AlawarWrapper
Folder Found : C:\ProgramData\DataMngr
Folder Found : C:\ProgramData\Datamngr
Folder Found : C:\ProgramData\torchcrashhandler
Folder Found : C:\users\user\AppData\Local\apn
Folder Found : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Folder Found : C:\users\user\AppData\Local\iLivid
Folder Found : C:\users\user\AppData\Local\torch
Folder Found : C:\users\user\AppData\LocalLow\ilividmoviestoolbardla
Folder Found : C:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Folder Found : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\Extensions\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Folder Found : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
Folder Found : C:\users\user\AppData\Roaming\OpenCandy
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Scheduled Tasks ] *****

Task Found : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\Wincert\WIN32C~1.DLL
Key Found : HKCU\Software\APN DTX
Key Found : HKCU\Software\AppDataLow\AskToolbarInfo
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\ICQToolbar
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AF0E1520-8C97-47B4-A325-A1FEDCB8169F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilividmoviestoolbardlaFF
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilividmoviestoolbardlaIE
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\torch
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Key Found : HKCU\Software\torch
Key Found : HKCU\Software\XTTB00001
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbardlaIE
Key Found : HKLM\SOFTWARE\torch
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16599

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://google.icq.com
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Prev Search Bar] - hxxp://google.icq.com/search/search_frame.php
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://google.icq.com/search/search_frame.php

-\\ Mozilla Firefox v26.0 (cs)

[gubpg53k.default] - Line Found : user_pref("browser.search.defaultenginename", "Ask.com");
[gubpg53k.default] - Line Found : user_pref("browser.search.order.1", "Ask.com");
[gubpg53k.default] - Line Found : user_pref("browser.search.selectedEngine", "Ask.com");

-\\ Google Chrome v35.0.1916.153

[C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : kiplfnciaokpcennlkldkdaeaaomamof
[C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Homepage] : hxxp://www.search.ask.com/?l=dis&o=15187cr

*************************

AdwCleaner[R0].txt - [9470 octets] - [20/01/2015 14:29:12]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9530 octets] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 20.1.2015
Scan Time: 14:40:43
Logfile: mal.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.20.04
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: user

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 394201
Time Elapsed: 25 min, 33 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 9
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, , [dec68b6eee9bf73f77150a1ee91aaf51],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard, , [dec68b6eee9bf73f77150a1ee91aaf51],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard.1, , [dec68b6eee9bf73f77150a1ee91aaf51],
PUP.Optional.Datamngr.A, HKU\S-1-5-21-75893039-200090470-3686506788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, , [dec68b6eee9bf73f77150a1ee91aaf51],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}, , [9d07b346c4c5e74ffd9007218a796997],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\Datamngr, , [554fed0c5a2f46f04210eab3db284fb1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\kiplfnciaokpcennlkldkdaeaaomamof, , [475d10e935546acc741da7cdfb082cd4],
PUP.Optional.Datamngr.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DatamngrCoordinator, , [fea6c237602981b5e374692c08fbc53b],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-75893039-200090470-3686506788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr, , [574d936693f642f429783b9450b40ef2],

Registry Values: 1
PUP.Optional.DataMangr.A, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x86, C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll, , [5f4503f68ffa6fc7a11a14ddcd3716ea]

Registry Data: 0
(No malicious items detected)

Folders: 16
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr, , [c0e4c039b2d7d561c90ac90b20e4af51],
PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy, , [2c789663f89145f1a905390217ec49b7],
PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\1347C6825382474AA1906FF603713C91, , [2c789663f89145f1a905390217ec49b7],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla, , [12926495c7c288ae112570d1d52eb848],
PUP.Optional.MoviesToolbar.A, C:\Users\user\AppData\LocalLow\ilividmoviestoolbardla, , [376d9e5b99f045f1acfa311aa95a6b95],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\css, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\js, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\js\lib, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\plugin, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\plugin\TorchShareHelper.plugin, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\views, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\_locales, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\_locales\en, , [9014fefb721768cea53dadc3b64dcc34],

Files: 64
Malware.Trace, C:\Windows\System32\ieunitdrf.inf, , [2084ae4b3455bb7b6f732a4dbb492ed2],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\coordinator.cfg, , [c0e4c039b2d7d561c90ac90b20e4af51],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\general.cfg, , [c0e4c039b2d7d561c90ac90b20e4af51],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\S-1-5-21-75893039-200090470-3686506788-1000.cfg, , [c0e4c039b2d7d561c90ac90b20e4af51],
PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\1347C6825382474AA1906FF603713C91\TuneUpUtilities2013-2200329_cs-CZ.exe, , [2c789663f89145f1a905390217ec49b7],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\apnuserid.dat, , [12926495c7c288ae112570d1d52eb848],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\appid.dat, , [12926495c7c288ae112570d1d52eb848],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\geodata.xml, , [12926495c7c288ae112570d1d52eb848],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\guid.dat, , [12926495c7c288ae112570d1d52eb848],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\setupCfg.xml, , [12926495c7c288ae112570d1d52eb848],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\sysid.dat, , [12926495c7c288ae112570d1d52eb848],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\trackid.dat, , [12926495c7c288ae112570d1d52eb848],
PUP.Optional.MoviesToolbar.A, C:\Users\user\AppData\LocalLow\ilividmoviestoolbardla\apnuserid.dat, , [376d9e5b99f045f1acfa311aa95a6b95],
PUP.Optional.MoviesToolbar.A, C:\Users\user\AppData\LocalLow\ilividmoviestoolbardla\appid.dat, , [376d9e5b99f045f1acfa311aa95a6b95],
PUP.Optional.MoviesToolbar.A, C:\Users\user\AppData\LocalLow\ilividmoviestoolbardla\dtx.ini, , [376d9e5b99f045f1acfa311aa95a6b95],
PUP.Optional.MoviesToolbar.A, C:\Users\user\AppData\LocalLow\ilividmoviestoolbardla\geodata.xml, , [376d9e5b99f045f1acfa311aa95a6b95],
PUP.Optional.MoviesToolbar.A, C:\Users\user\AppData\LocalLow\ilividmoviestoolbardla\guid.dat, , [376d9e5b99f045f1acfa311aa95a6b95],
PUP.Optional.MoviesToolbar.A, C:\Users\user\AppData\LocalLow\ilividmoviestoolbardla\setupCfg.xml, , [376d9e5b99f045f1acfa311aa95a6b95],
PUP.Optional.MoviesToolbar.A, C:\Users\user\AppData\LocalLow\ilividmoviestoolbardla\sysid.dat, , [376d9e5b99f045f1acfa311aa95a6b95],
PUP.Optional.MoviesToolbar.A, C:\Users\user\AppData\LocalLow\ilividmoviestoolbardla\trackid.dat, , [376d9e5b99f045f1acfa311aa95a6b95],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\background.html, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\manifest.json, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\test.html, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\css\popup.css, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\css\styles.css, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\audio.bubble.flipped.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\audio.bubble.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\check.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\check.selected.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\download-icon.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\favicon.ico, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\hr.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\icon-blink.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\icon-close.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\icon.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\icon_grey.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\share-icon.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\torch128.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\torch16.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\torch32.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\torch48.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\torch_32x32.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\torrent-icon.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\torrents.bubble.flipped.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\torrents.bubble.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\videos.bubble.flipped.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\videos.bubble.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\x-hover.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\x-idle.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\images\x-pressed.png, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\js\bg.js, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\js\cont.js, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\js\main.js, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\js\plugininjection.js, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\js\popup.js, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\js\sitestype.js, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\js\TabInfo.js, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\js\utils.js, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\js\lib\jquery-1.8.3.min.js, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\js\lib\jsuri-1.1.1.min.js, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\plugin\TorchPlugin.dll, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\views\popup.html, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.Delta.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\_locales\en\messages.json, , [9014fefb721768cea53dadc3b64dcc34],
PUP.Optional.ASK.A, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://www.search.ask.com/?l=dis&o=15187cr",), ,[d1d389700d7cad8992a85e7a0df8fa06]

Physical Sectors: 0
(No malicious items detected)


(end)

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

# AdwCleaner v4.108 - Report created 21/01/2015 at 08:24:34
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Local]
# Operating System : Windows Vista (TM) Ultimate Service Pack 2 (32 bits)
# Username : user - USER-PC
# Running from : C:\Users\user\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : DatamngrCoordinator
Service Deleted : torchcrashhandler

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\DataMngr
Folder Deleted : C:\ProgramData\torchcrashhandler
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\users\user\AppData\Local\apn
Folder Deleted : C:\users\user\AppData\Local\iLivid
Folder Deleted : C:\users\user\AppData\Local\torch
Folder Deleted : C:\users\user\AppData\LocalLow\ilividmoviestoolbardla
Folder Deleted : C:\users\user\AppData\Roaming\OpenCandy
Folder Deleted : C:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Folder Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\Extensions\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Folder Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
File Deleted : C:\users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
File Deleted : C:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
File Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\searchplugins\Ask.xml
File Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\searchplugins\Askcom.xml

***** [ Scheduled Tasks ] *****

Task Deleted : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKCU\Software\XTTB00001
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AF0E1520-8C97-47B4-A325-A1FEDCB8169F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\ICQToolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbardlaIE
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilividmoviestoolbardlaFF
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilividmoviestoolbardlaIE
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\torch
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\Wincert\WIN32C~1.DLL
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16599

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Prev Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]

-\\ Mozilla Firefox v26.0 (cs)

[gubpg53k.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
[gubpg53k.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[gubpg53k.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");

-\\ Google Chrome v35.0.1916.153

[C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kiplfnciaokpcennlkldkdaeaaomamof
[C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://www.search.ask.com/?l=dis&o=15187cr

*************************

AdwCleaner[R0].txt - [9610 octets] - [20/01/2015 14:29:12]
AdwCleaner[R1].txt - [9670 octets] - [21/01/2015 08:22:13]
AdwCleaner[S0].txt - [9669 octets] - [21/01/2015 08:24:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9729 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows Vista (TM) Ultimate x86
Ran by user on st 21.01.2015 at 8:35:17,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low

rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9"



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\gubpg53k.default\minidumps [598 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 21.01.2015 at 8:37:28,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 21.1.2015
Scan Time: 8:39:05
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.20.04
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: user

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 394029
Time Elapsed: 20 min, 48 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla, Quarantined, [c6de5e9b3f4ab77fc670251cec176997],

Files: 8
Malware.Trace, C:\Windows\System32\ieunitdrf.inf, Quarantined, [b4f084750980f541db077bfc37cd5da3],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\apnuserid.dat, Quarantined, [c6de5e9b3f4ab77fc670251cec176997],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\appid.dat, Quarantined, [c6de5e9b3f4ab77fc670251cec176997],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\geodata.xml, Quarantined, [c6de5e9b3f4ab77fc670251cec176997],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\guid.dat, Quarantined, [c6de5e9b3f4ab77fc670251cec176997],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\setupCfg.xml, Quarantined, [c6de5e9b3f4ab77fc670251cec176997],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\sysid.dat, Quarantined, [c6de5e9b3f4ab77fc670251cec176997],
PUP.Optional.MoviesToolBar.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gubpg53k.default\ilividmoviestoolbardla\trackid.dat, Quarantined, [c6de5e9b3f4ab77fc670251cec176997],

Physical Sectors: 0
(No malicious items detected)


(end)

RogueKiller V10.2.0.0 [Jan 19 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno : Normální režim
Uživatel : user [Práva správce]
Mód : Prohledat -- Datum : 01/21/2015 09:09:39

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 14 ¤¤¤
[PUP] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160} -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DatamngrCoordinator (C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TorchCrashHandler (C:\Users\user\AppData\Local\Torch\Update\TorchCrashHandler.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vToolbarUpdater18.1.0 (C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe) -> Nalezeno
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.superhry.cz/ -> Nalezeno
[PUM.HomePage] HKEY_USERS\S-1-5-21-75893039-200090470-3686506788-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.superhry.cz/ -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.46 -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{32AE2CAC-77F2-4948-B15C-FBF921CE1A45} | DhcpNameServer : 213.46.172.37 213.46.172.46 -> Nalezeno
[PUM.StartMenu] HKEY_USERS\S-1-5-21-75893039-200090470-3686506788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRun : 0 -> Nalezeno
[PUM.StartMenu] HKEY_USERS\S-1-5-21-75893039-200090470-3686506788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowPrinters : 0 -> Nalezeno
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-75893039-200090470-3686506788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-75893039-200090470-3686506788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] gubpg53k.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200BEVT-75ZCT2 +++++
--- User ---
[MBR] 0c881dd3114ccfdeb6afb999aaa31248
[BSP] 9bd83ccbcf8b1e0eeee2507c59947b32 : HP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 305242 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Kingston DT 101 II USB Device +++++
--- User ---
[MBR] 8f9395633ef9a4b30a0f997380a58eda
[BSP] ee097121545db5cd6ea90b835674277c : Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 63 | Size: 7643 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:


- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:


klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vlož nový log z HJT + info o problémech

RogueKiller V10.2.0.0 [Jan 19 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno : Normální režim
Uživatel : user [Práva správce]
Mód : Smazat -- Datum : 01/21/2015 10:28:16

¤¤¤ Procesy : 1 ¤¤¤
[Proc.Injected] egui.exe(3788) -- C:\Program Files\ESET\ESET Smart Security\egui.exe[7] -> Zastaveno [DrvNtTerm]

¤¤¤ Registry : 14 ¤¤¤
[PUP] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160} -> Smazáno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DatamngrCoordinator -> Smazáno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TorchCrashHandler -> Smazáno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vToolbarUpdater18.1.0 -> Smazáno
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.superhry.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] HKEY_USERS\S-1-5-21-75893039-200090470-3686506788-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.superhry.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.46 -> Nahrazeno ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{32AE2CAC-77F2-4948-B15C-FBF921CE1A45} | DhcpNameServer : 213.46.172.37 213.46.172.46 -> Nahrazeno ()
[PUM.StartMenu] HKEY_USERS\S-1-5-21-75893039-200090470-3686506788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRun : 0 -> Nahrazeno (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-75893039-200090470-3686506788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowPrinters : 0 -> Nahrazeno (1)
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-75893039-200090470-3686506788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-75893039-200090470-3686506788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost -> Smazáno

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 5 ¤¤¤
[IE:Addon] System : WebTranslator [{BFC32E1D-EE75-4A48-BC60-104E11EE2431}] -> Smazáno
[FIREFX:Addon] gubpg53k.default : Microsoft .NET Framework Assistant [{20a82645-c095-46ed-80e3-08825760534b}] -> Smazáno
[FIREFX:Addon] gubpg53k.default : Centrum doménový pomocník [centrumpomocnik@centrum.cz] -> Smazáno
[FIREFX:Addon] gubpg53k.default : Ask New Tabs [{4F2F7E2B-C002-C819-2427-5E0B9B68C224}] -> Smazáno
[PUM.HomePage][FIREFX:Config] gubpg53k.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200BEVT-75ZCT2 +++++
--- User ---
[MBR] 0c881dd3114ccfdeb6afb999aaa31248
[BSP] 9bd83ccbcf8b1e0eeee2507c59947b32 : HP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 305242 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_01212015_090939.log - RKreport_SCN_01212015_102652.log