PC-HELP.CZ

Dobry den,
cxhtel bych se zeptat mam win8 a vnem mam ucet registrovany na microsoft a nevim kdy ale vytvari se me tu ucet jmenem jan ktery se zajiste ja a nikdo z rodiny nevytvoril a kdyz ho smazu znova se vytvori nemate nekdo zkusenost jak zabranit vytvareni nechteneho uctu

win8 je nainstalovany zhruba na formatovany disk asi cca 1mesic


predem dekuji za odpoved

Prihlasujes se na lokalni ucet nebo na ucet Windows Live ID?

Tohle vypada jako profil, ktery se vytvori pri prihlaseni z lokalniho uctu do MS webu.

prihlasuju se pres email od microsoftu kterym se prihlasuju i na web microsoftu

nechapu proc se furt vytvari kdyz ho smazu ;-(

Jak ho mazes?

pres ovladaci panely - uzivatelsky ucty - zmenit jiny ucet - vyberu ucet kteryx chci smazat a dam odstranit ucet a za nejaky cas nevim presne kdy se tam obevi znova ale asi po restartu

tak uz nejsou zadne informace jak to vyresit?

TAK NEVIM JAK NA TO PROTOZE TEN UCET SE ZASE VYTVORIL SAM

Vlož log z HJT:
viewtopic.php?f=70&t=5119
do sekce HiJackThis.

zkousel jsem to vseljak nastavit a furt se vytvori pokud ho smazu kdyz ho necham tak je to ok ale stve me tam ze je to ucet kterej tam nechci a ze si to dela co chce ;-(

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:08:22, on 19. 7. 2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartW8Button] C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Wowhead_Client] "D:\World of Warcraft\Programy\Wowhead_Client.exe"
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: PlayerScore.lnk = D:\World of Warcraft\PlayerScoreClient\PlayerScore.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.aeriagames.com
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StartW8Service - SODATSW spol. s .r.o. - C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8272 bytes

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod



Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

# AdwCleaner v2.305 - Log vytvooen 19/07/2013 v 12:11:07
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Windows 8 Pro (64 bits)
# Uživatel : Karel - DOMA
# Spuštin systém : Normální
# Spuštino z : D:\Stažené soubory\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\ProgramData\Ask
Složka Nalezeno : C:\Users\Karel\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\dum2y98l.default\CT2832595
Složka Nalezeno : C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\dum2y98l.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}
Složka Nalezeno : C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\dum2y98l.default\Smartbar
Složka Nalezeno : C:\Users\Karel\AppData\Roaming\OpenCandy
Soubor Nalezeno : C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\dum2y98l.default\searchplugins\Askcom.xml

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v22.0 (cs)

Soubor : C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\dum2y98l.default\prefs.js

Nalezeno : user_pref("CT2832595.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Nalezeno : user_pref("CT2832595.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Nalezeno : user_pref("CT2832595.FF19Solved", "true");
Nalezeno : user_pref("CT2832595.FirstTime", "true");
Nalezeno : user_pref("CT2832595.FirstTimeFF3", "true");
Nalezeno : user_pref("CT2832595.UserID", "UN27349880252878010");
Nalezeno : user_pref("CT2832595.activeToolbar.enc", "c3RhZW1tZQ==");
Nalezeno : user_pref("CT2832595.addressBarTakeOverEnabledInHidden", "true");
Nalezeno : user_pref("CT2832595.addressUrlXPETakeover", "true");
Nalezeno : user_pref("CT2832595.autoDisableScopes", -1);
Nalezeno : user_pref("CT2832595.browser.search.defaultthis.engineName", true);
Nalezeno : user_pref("CT2832595.countryCode", "CZ");
Nalezeno : user_pref("CT2832595.defaultSearch", "false");
Nalezeno : user_pref("CT2832595.embeddedsData", "[{\"appId\":\"129333561190981396\",\"apiPermissions\":{\"cross[...]
Nalezeno : user_pref("CT2832595.enableFix404ByUser", "FALSE");
Nalezeno : user_pref("CT2832595.enableSearchFromAddressBar", "true");
Nalezeno : user_pref("CT2832595.firstTimeDialogOpened", "true");
Nalezeno : user_pref("CT2832595.fixPageNotFoundErrorByUser", "TRUE");
Nalezeno : user_pref("CT2832595.fixPageNotFoundErrorInHidden", "true");
Nalezeno : user_pref("CT2832595.fixUrls", true);
Nalezeno : user_pref("CT2832595.fullUserID", "UN27349880252878010.IN.20130630101132");
Nalezeno : user_pref("CT2832595.homepageuserchanged", true);
Nalezeno : user_pref("CT2832595.hxxp___toolbar_innogames_de_toolbars_flags.APP_WIN_FEATURES.enc", "cmVzaXphYmxl[...]
Nalezeno : user_pref("CT2832595.hxxp___toolbar_innogames_de_toolbars_staemme.APP_WIN_FEATURES.enc", "cmVzaXphYm[...]
Nalezeno : user_pref("CT2832595.hxxp___toolbar_innogames_de_toolbars_switch.APP_WIN_FEATURES.enc", "cmVzaXphYmx[...]
Nalezeno : user_pref("CT2832595.installDate", "30/06/2013 10:11:31");
Nalezeno : user_pref("CT2832595.installSessionId", "47D998F1-E920-4EE2-8595-AB4255411AD8");
Nalezeno : user_pref("CT2832595.installSp", "false");
Nalezeno : user_pref("CT2832595.installType", "xpe");
Nalezeno : user_pref("CT2832595.isCheckedStartAsHidden", true);
Nalezeno : user_pref("CT2832595.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Nalezeno : user_pref("CT2832595.isFirstTimeToolbarLoading", "false");
Nalezeno : user_pref("CT2832595.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Nalezeno : user_pref("CT2832595.keyword", "true");
Nalezeno : user_pref("CT2832595.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.condui[...]
Nalezeno : user_pref("CT2832595.lastVersion", "10.16.4.519");
Nalezeno : user_pref("CT2832595.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Nalezeno : user_pref("CT2832595.migrateAppsAndComponents", true);
Nalezeno : user_pref("CT2832595.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Nalezeno : user_pref("CT2832595.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Nalezeno : user_pref("CT2832595.openThankYouPage", "false");
Nalezeno : user_pref("CT2832595.openUninstallPage", "true");
Nalezeno : user_pref("CT2832595.originalHomepage", "hxxp://www.seznam.cz/");
Nalezeno : user_pref("CT2832595.originalSearchAddressUrl", "");
Nalezeno : user_pref("CT2832595.originalSearchEngine", "Google");
Nalezeno : user_pref("CT2832595.revertSettingsEnabled", "false");
Nalezeno : user_pref("CT2832595.search.searchAppId", "129333561190981396");
Nalezeno : user_pref("CT2832595.search.searchCount", "2");
Nalezeno : user_pref("CT2832595.searchInNewTabEnabledByUser", "false");
Nalezeno : user_pref("CT2832595.searchInNewTabEnabledInHidden", "true");
Nalezeno : user_pref("CT2832595.searchRevert", "false");
Nalezeno : user_pref("CT2832595.searchSuggestEnabledByUser", "true");
Nalezeno : user_pref("CT2832595.searchUserMode", "1");
Nalezeno : user_pref("CT2832595.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Nalezeno : user_pref("CT2832595.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Nalezeno : user_pref("CT2832595.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Nalezeno : user_pref("CT2832595.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Nalezeno : user_pref("CT2832595.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Nalezeno : user_pref("CT2832595.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Nalezeno : user_pref("CT2832595.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Nalezeno : user_pref("CT2832595.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Nalezeno : user_pref("CT2832595.serviceLayer_services_Configuration_lastUpdate", "1372676298384");
Nalezeno : user_pref("CT2832595.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1372579900316");
Nalezeno : user_pref("CT2832595.serviceLayer_services_appsMetadata_lastUpdate", "1372725652381");
Nalezeno : user_pref("CT2832595.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1372579900146");
Nalezeno : user_pref("CT2832595.serviceLayer_services_login_10.16.4.19_lastUpdate", "1372638115541");
Nalezeno : user_pref("CT2832595.serviceLayer_services_login_10.16.4.519_lastUpdate", "1372743983814");
Nalezeno : user_pref("CT2832595.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1372579900230");
Nalezeno : user_pref("CT2832595.serviceLayer_services_searchAPI_lastUpdate", "1372676298394");
Nalezeno : user_pref("CT2832595.serviceLayer_services_serviceMap_lastUpdate", "1372676298226");
Nalezeno : user_pref("CT2832595.serviceLayer_services_setupAPI_lastUpdate", "1372589898454");
Nalezeno : user_pref("CT2832595.serviceLayer_services_toolbarContextMenu_lastUpdate", "1372579899786");
Nalezeno : user_pref("CT2832595.serviceLayer_services_toolbarSettings_lastUpdate", "1372751183958");
Nalezeno : user_pref("CT2832595.serviceLayer_services_translation_lastUpdate", "1372752700528");
Nalezeno : user_pref("CT2832595.settingsINI", true);
Nalezeno : user_pref("CT2832595.shouldFirstTimeDialog", "false");
Nalezeno : user_pref("CT2832595.showToolbarPermission", "false");
Nalezeno : user_pref("CT2832595.smartbar.CTID", "CT2832595");
Nalezeno : user_pref("CT2832595.smartbar.Uninstall", "0");
Nalezeno : user_pref("CT2832595.smartbar.homepage", true);
Nalezeno : user_pref("CT2832595.smartbar.isHidden", false);
Nalezeno : user_pref("CT2832595.smartbar.toolbarName", "InnoGames International ");
Nalezeno : user_pref("CT2832595.staemme_token_cz.enc", "ZWUwMjhlMWZkNThhMzlkMDdlZWQzOWVhNDFmNzNkMDcyMTg4OTQyZQ=[...]
Nalezeno : user_pref("CT2832595.staemme_username_cz.enc", "TFdkc2RXMDBMUT09");
Nalezeno : user_pref("CT2832595.staemme_village_cs30.enc", "MjQ2ODY=");
Nalezeno : user_pref("CT2832595.startPage", "false");
Nalezeno : user_pref("CT2832595.toolbarBornServerTime", "30-6-2013");
Nalezeno : user_pref("CT2832595.toolbarCurrentServerTime", "2-7-2013");
Nalezeno : user_pref("CT2832595.toolbarDisabled", "true");
Nalezeno : user_pref("CT2832595.toolbarLoginClientTime", "Sun Jun 30 2013 10:11:40 GMT+0200");
Nalezeno : user_pref("CT2832595.toolbarUrl.enc", "aHR0cDovL3Rvb2xiYXIuaW5ub2dhbWVzLmRlL3Rvb2xiYXJzL3N0YWVtbWUvd[...]
Nalezeno : user_pref("CT2832595.toolbar_market.enc", "Y3o=");
Nalezeno : user_pref("CT2832595_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Nalezeno : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Nalezeno : user_pref("browser.search.defaultengine", "Ask.com");
Nalezeno : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Nalezeno : user_pref("browser.search.order.1", "Ask.com");
Nalezeno : user_pref("smartbar.addressBarOwnerCTID", "CT2832595");
Nalezeno : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?octid=CT2832595&ctid=CT2832595[...]
Nalezeno : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Nalezeno : user_pref("smartbar.defaultSearchOwnerCTID", "CT2832595");
Nalezeno : user_pref("smartbar.homePageOwnerCTID", "CT2832595");
Nalezeno : user_pref("smartbar.machineId", "65PFV6H/HVB7QVFU5O64IKCNSIMPRRLTPXBGAAOE3RTUVE86SLR7BAUN6ETDNLR5UVY[...]

Soubor : C:\Users\Jan.Doma.000\AppData\Roaming\Mozilla\Firefox\Profiles\skozr25c.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Preferences

Nalezeno [l.28] : icon_url = "hxxp://www.ask.com/favicon.ico",
Nalezeno [l.31] : keyword = "ask.com",
Nalezeno [l.35] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=6ED15EF4-F225-40C0-A25A-884A2141C417&apn_ptnrs=U3&apn_sauid=AD493B2D-E086-41D1-B455-E67CEC0C34FF&apn_dtid=OSJ000YYCZ&q={searchTerms}",
Nalezeno [l.36] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}"

Soubor : C:\Users\Jan.Doma.000\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [12675 octets] - [19/07/2013 12:11:07]

########## EOF - C:\AdwCleaner[R1].txt - [12736 octets] ##########

--- Doplnění předchozího příspěvku (Pát Črc 19, 2013 12:20 pm) ---

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.07.19.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16635
Karel :: DOMA [administrátor]

Ochrana: Povolena

19. 7. 2013 12:15:28
MBAM-log-2013-07-19 (12-20-21).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 271898
Uplynulý čas: 4 minut, 5 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE (Security.Hijack) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe|Debugger (Security.Hijack) -> Data: "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)