Prosím o kontrolu logu (staré PC) Vyřešeno

[simio.simsoft]

Zdravím,
PC, jehož log posílám, je staré a v podstatě už vysloužilé (Intel Pentium 4; 1GB RAM; Win XP) a je jasné, že blesk už z něj nikdy nebude. Kontrolu jsem nikdy neprováděl, tak uvidim, žestli ho alespoň trošku popoženu
--------
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:13:13, on 30.6.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.23687)


Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\MHotkey.exe
C:\WINDOWS\ChiFuncExt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
C:\Program Files\Avira\Launcher\Avira.Systray.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing-tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Documents and Settings\LENKA\Plocha\HJT atd\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - (no file)
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files\Avira\Launcher\Avira.Systray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2369250656
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 8103 bytes

[Reklama]

[Orcus]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[simio.simsoft]

Zasílám log z AdwCleaneru. MBAM mi z nějakého důvodu nejde spustit - zasílám zprávu o chybách systému Windows

AdwCleaner log

# AdwCleaner v4.207 - Logfile created 30/06/2015 at 14:04:18
# Updated 21/06/2015 by Xplode
# Database : 2015-06-29.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : LENKA - LENKA-BT8OUCYQV
# Running from : C:\Documents and Settings\LENKA\Plocha\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\LENKA\Data aplikací\Mozilla\Firefox\Profiles\zn16obbw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
File Found : C:\Documents and Settings\LENKA\Data aplikací\Mozilla\Firefox\Profiles\zn16obbw.default\searchplugins\MyStart Search.xml
File Found : C:\Documents and Settings\LENKA\Data aplikací\Mozilla\Firefox\Profiles\zn16obbw.default\searchplugins\speedbit.xml
File Found : C:\Documents and Settings\LENKA\Data aplikací\Mozilla\Firefox\Profiles\zn16obbw.default\user.js
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor
Folder Found : C:\Documents and Settings\All Users\Data aplikací\KingSoft
Folder Found : C:\Documents and Settings\LENKA\Data aplikací\HPAppData
Folder Found : C:\Documents and Settings\LENKA\Data aplikací\KingSoft
Folder Found : C:\Documents and Settings\LENKA\Data aplikací\Toolbar4
Folder Found : C:\Documents and Settings\LENKA\Local Settings\Data aplikací\KingSoft
Folder Found : C:\Documents and Settings\LENKA\Local Settings\Data aplikací\toolbarcleaner
Folder Found : C:\Program Files\KingSoft
Folder Found : C:\Program Files\SearchPredict

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Key Found : HKCU\Software\SBConvert
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\Directory\shell\SPEEDbitVideoConverter
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Found : HKLM\SOFTWARE\Classes\SBConvert.SBConvert
Key Found : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\ImInstaller
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Anti-phishing Domain Advisor
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Found : HKU\.DEFAULT\Software\SpeedBit
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com]

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.23687

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://search.speedbit.com/tab/

-\\ Mozilla Firefox v

[zn16obbw.default] - Line Found : user_pref("browser.search.defaulturl", "hxxp://search.speedbit.com/searchresults.asp?src=default&q=");
[zn16obbw.default] - Line Found : user_pref("browser.search.order.1", "SpeedBit Search");
[zn16obbw.default] - Line Found : user_pref("browser.startup.homepage_override_url", "hxxp://search.speedbit.com");
[zn16obbw.default] - Line Found : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[zn16obbw.default] - Line Found : user_pref("keyword.URL", "hxxp://search.speedbit.com/searchresults.asp?src=default&q=");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.Var1", "0");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.Var10", "0");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.Var2", "0");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.Var3", "0");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.Var4", "0");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.Var5", "0");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.Var6", "0");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.Var7", "0");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.Var8", "0");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.Var9", "0");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.cache.tbs_include_xml_spd", "13/15/19/6/112");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.firstlaunch", "0");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.guid", "%7BB3ACE92D-A235-3476-EFB3-66272011CD7D%7D");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.popupblockedcnt", "1");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader.userId", "%12");
[zn16obbw.default] - Line Found : user_pref("speedbitvideodownloader_installed_version", "3.0.4");

-\\ Google Chrome v43.0.2357.130

[C:\Documents and Settings\LENKA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://isearch.avg.com/search?cid={C547DC87-2E30-4531-9E9D-8DDDEA5F3720}&mid=51596ba0226a47d08730d1574dd3593c-6d4b1b837918edba7d3f282f401fe03ee867c1bc&lang=cs&ds=gm011&pr=sa&d=2012-08-22 14:52:23&v=13.2.0.5&sap=dsp&q={searchTerms}
[C:\Documents and Settings\LENKA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=9M&apn_dtid=%5E&apn_uid=A1E65F2E-91D4-4E36-88E5-BD2469A05E86&apn_sauid=221CADE8-2710-4183-B5A8-C7C79FDAF901
[C:\Documents and Settings\LENKA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxps://isearch.avg.com/search?cid={C547DC87-2E30-4531-9E9D-8DDDEA5F3720}&mid=51596ba0226a47d08730d1574dd3593c-6d4b1b837918edba7d3f282f401fe03ee867c1bc&lang=cs&ds=gm011&pr=sa&d=2012-08-22 14:52:23&v=12.2.0.5&sap=dsp&q={searchTerms}
[C:\Documents and Settings\LENKA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [10961 bytes] - [30/06/2015 14:04:18]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11021 bytes] ##########

Zpráva o chybách - MBAM

<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="mbam.exe" FILTER="GRABMI_FILTER_PRIVACY">
<MATCHING_FILE NAME="7z.dll" SIZE="920888" CHECKSUM="0xF83A3024" BIN_FILE_VERSION="9.20.0.0" BIN_PRODUCT_VERSION="9.20.0.0" PRODUCT_VERSION="9.20" FILE_DESCRIPTION="7z Standalone Plugin" COMPANY_NAME="Igor Pavlov" PRODUCT_NAME="7-Zip" FILE_VERSION="9.20" ORIGINAL_FILENAME="7za.dll" INTERNAL_NAME="7za" LEGAL_COPYRIGHT="Copyright (c) 1999-2010 Igor Pavlov" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xE1166" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="9.20.0.0" UPTO_BIN_PRODUCT_VERSION="9.20.0.0" LINK_DATE="11/18/2010 16:27:29" UPTO_LINK_DATE="11/18/2010 16:27:29" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="cloud-enumeration.dll" SIZE="286008" CHECKSUM="0xBD7567E9" BIN_FILE_VERSION="1.0.0.0" BIN_PRODUCT_VERSION="1.0.0.0" PRODUCT_VERSION="1.0.0" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="1.0.0" ORIGINAL_FILENAME="cloud-enumeration.dll" INTERNAL_NAME="cloud-enumeration.dll" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x508F8" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.0" UPTO_BIN_PRODUCT_VERSION="1.0.0.0" LINK_DATE="06/18/2015 15:17:59" UPTO_LINK_DATE="06/18/2015 15:17:59" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="cloud.dll" SIZE="351544" CHECKSUM="0x8700FD" BIN_FILE_VERSION="1.0.0.0" BIN_PRODUCT_VERSION="1.0.0.0" PRODUCT_VERSION="1.0.0" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="1.0.0" ORIGINAL_FILENAME="cloud.dll" INTERNAL_NAME="cloud.dll" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x56B78" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.0" UPTO_BIN_PRODUCT_VERSION="1.0.0.0" LINK_DATE="06/18/2015 15:16:37" UPTO_LINK_DATE="06/18/2015 15:16:37" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbam.dll" SIZE="602936" CHECKSUM="0x2C74C94D" BIN_FILE_VERSION="1.0.37.0" BIN_PRODUCT_VERSION="1.0.37.0" PRODUCT_VERSION="1.0.37.0" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="1.0.37.0" ORIGINAL_FILENAME="mbam.dll" INTERNAL_NAME="mbam.dll" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x9FF99" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.37.0" UPTO_BIN_PRODUCT_VERSION="1.0.37.0" LINK_DATE="04/14/2015 18:18:12" UPTO_LINK_DATE="04/14/2015 18:18:12" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbam.exe" SIZE="6554424" CHECKSUM="0xCC1F5476" BIN_FILE_VERSION="2.3.55.0" BIN_PRODUCT_VERSION="2.3.55.0" PRODUCT_VERSION="2.3.55.0" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="2.3.55.0" ORIGINAL_FILENAME="mbam.exe" INTERNAL_NAME="mbam.exe" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x64C804" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.3.55.0" UPTO_BIN_PRODUCT_VERSION="2.3.55.0" LINK_DATE="06/12/2015 00:38:26" UPTO_LINK_DATE="06/12/2015 00:38:26" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbamcore.dll" SIZE="1971512" CHECKSUM="0x43C62505" BIN_FILE_VERSION="1.3.11.0" BIN_PRODUCT_VERSION="1.3.11.0" PRODUCT_VERSION="1.3.11.0" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="1.3.11.0" ORIGINAL_FILENAME="mbamcore.dll" INTERNAL_NAME="mbamcore.dll" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1E1E8B" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.3.11.0" UPTO_BIN_PRODUCT_VERSION="1.3.11.0" LINK_DATE="06/17/2015 23:02:39" UPTO_LINK_DATE="06/17/2015 23:02:39" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbamdor.exe" SIZE="54072" CHECKSUM="0xB698BDCA" BIN_FILE_VERSION="1.0.1.0" BIN_PRODUCT_VERSION="1.0.1.0" PRODUCT_VERSION="1.0.1" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="1.0.1" ORIGINAL_FILENAME="mbamdor.exe" INTERNAL_NAME="mbamdor.exe" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x19402" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.1.0" UPTO_BIN_PRODUCT_VERSION="1.0.1.0" LINK_DATE="03/04/2014 19:03:37" UPTO_LINK_DATE="03/04/2014 19:03:37" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbamext.dll" SIZE="261432" CHECKSUM="0xABD90BD" BIN_FILE_VERSION="3.0.6.0" BIN_PRODUCT_VERSION="3.0.6.0" PRODUCT_VERSION="3.0.6.0" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="3.0.6.0" ORIGINAL_FILENAME="mbamext.dll" INTERNAL_NAME="mbamext.dll" LEGAL_COPYRIGHT="(c) Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x460BA" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.0.6.0" UPTO_BIN_PRODUCT_VERSION="3.0.6.0" LINK_DATE="04/14/2015 18:28:46" UPTO_LINK_DATE="04/14/2015 18:28:46" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbampt.exe" SIZE="39736" CHECKSUM="0x4E7D2BEF" BIN_FILE_VERSION="1.0.0.0" BIN_PRODUCT_VERSION="1.0.0.0" PRODUCT_VERSION="1.0.0" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="1.0.0" ORIGINAL_FILENAME="mbampt.exe" INTERNAL_NAME="mbampt.exe" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x103AD" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.0" UPTO_BIN_PRODUCT_VERSION="1.0.0.0" LINK_DATE="02/26/2014 14:52:04" UPTO_LINK_DATE="02/26/2014 14:52:04" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbamresearch.exe" SIZE="1947960" CHECKSUM="0x45B8BCC4" BIN_FILE_VERSION="1.1.0.0" BIN_PRODUCT_VERSION="1.1.0.0" PRODUCT_VERSION="2.2" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="1.0.0" ORIGINAL_FILENAME="mbamresearch.exe" INTERNAL_NAME="mbamresearch.exe" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1E42D4" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.1.0.0" UPTO_BIN_PRODUCT_VERSION="1.1.0.0" LINK_DATE="06/18/2015 15:19:47" UPTO_LINK_DATE="06/18/2015 15:19:47" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbamscheduler.exe" SIZE="1871160" CHECKSUM="0x5304AFAF" BIN_FILE_VERSION="3.1.3.0" BIN_PRODUCT_VERSION="3.1.3.0" PRODUCT_VERSION="3.1.3" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="3.1.3" ORIGINAL_FILENAME="mbamscheduler.exe" INTERNAL_NAME="mbamscheduler.exe" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1D6BF4" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.1.3.0" UPTO_BIN_PRODUCT_VERSION="3.1.3.0" LINK_DATE="04/08/2015 13:24:15" UPTO_LINK_DATE="04/08/2015 13:24:15" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbamservice.exe" SIZE="1133880" CHECKSUM="0x5D0CF673" BIN_FILE_VERSION="3.2.13.0" BIN_PRODUCT_VERSION="3.2.13.0" PRODUCT_VERSION="3.2.13.0" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="3.2.13.0" ORIGINAL_FILENAME="mbamservice.exe" INTERNAL_NAME="mbamservice.exe" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x11EC15" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.2.13.0" UPTO_BIN_PRODUCT_VERSION="3.2.13.0" LINK_DATE="06/17/2015 23:21:13" UPTO_LINK_DATE="06/17/2015 23:21:13" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbamsrv.dll" SIZE="3841336" CHECKSUM="0x94816014" BIN_FILE_VERSION="2.1.2.0" BIN_PRODUCT_VERSION="2.1.2.0" PRODUCT_VERSION="2.1.2.0" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="2.1.2.0" ORIGINAL_FILENAME="mbamsrv.dll" INTERNAL_NAME="mbamsrv.dll" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x3ADA61" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.1.2.0" UPTO_BIN_PRODUCT_VERSION="2.1.2.0" LINK_DATE="05/15/2015 18:41:19" UPTO_LINK_DATE="05/15/2015 18:41:19" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="msvcp100.dll" SIZE="421688" CHECKSUM="0x3660E406" BIN_FILE_VERSION="10.0.40219.325" BIN_PRODUCT_VERSION="10.0.40219.325" PRODUCT_VERSION="10.00.40219.325" FILE_DESCRIPTION="Microsoft® C Runtime Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Visual Studio® 2010" FILE_VERSION="10.00.40219.325" ORIGINAL_FILENAME="msvcp100.dll" INTERNAL_NAME="msvcp100.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x6F0D4" LINKER_VERSION="0xA0000" UPTO_BIN_FILE_VERSION="10.0.40219.325" UPTO_BIN_PRODUCT_VERSION="10.0.40219.325" LINK_DATE="06/11/2011 01:00:49" UPTO_LINK_DATE="06/11/2011 01:00:49" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="msvcr100.dll" SIZE="774456" CHECKSUM="0x6AD18B2" BIN_FILE_VERSION="10.0.40219.325" BIN_PRODUCT_VERSION="10.0.40219.325" PRODUCT_VERSION="10.00.40219.325" FILE_DESCRIPTION="Microsoft® C Runtime Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Visual Studio® 2010" FILE_VERSION="10.00.40219.325" ORIGINAL_FILENAME="msvcr100_clr0400.dll" INTERNAL_NAME="msvcr100_clr0400.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xC15AC" LINKER_VERSION="0xA0000" UPTO_BIN_FILE_VERSION="10.0.40219.325" UPTO_BIN_PRODUCT_VERSION="10.0.40219.325" LINK_DATE="06/11/2011 01:00:14" UPTO_LINK_DATE="06/11/2011 01:00:14" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Qt5Core.dll" SIZE="4645688" CHECKSUM="0x9B8A58DC" BIN_FILE_VERSION="5.4.1.0" BIN_PRODUCT_VERSION="5.4.1.0" PRODUCT_VERSION="5.4.1.0" FILE_DESCRIPTION="C++ application development framework." COMPANY_NAME="Digia Plc and/or its subsidiary(-ies)" PRODUCT_NAME="Qt5" FILE_VERSION="5.4.1.0" ORIGINAL_FILENAME="Qt5Core.dll" LEGAL_COPYRIGHT="Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies)." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x475B97" LINKER_VERSION="0x50029" UPTO_BIN_FILE_VERSION="5.4.1.0" UPTO_BIN_PRODUCT_VERSION="5.4.1.0" LINK_DATE="02/28/2015 08:11:38" UPTO_LINK_DATE="02/28/2015 08:11:38" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Qt5Gui.dll" SIZE="4639032" CHECKSUM="0xCB6E58A6" BIN_FILE_VERSION="5.4.1.0" BIN_PRODUCT_VERSION="5.4.1.0" PRODUCT_VERSION="5.4.1.0" FILE_DESCRIPTION="C++ application development framework." COMPANY_NAME="Digia Plc and/or its subsidiary(-ies)" PRODUCT_NAME="Qt5" FILE_VERSION="5.4.1.0" ORIGINAL_FILENAME="Qt5Gui.dll" LEGAL_COPYRIGHT="Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies)." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x47B625" LINKER_VERSION="0x50029" UPTO_BIN_FILE_VERSION="5.4.1.0" UPTO_BIN_PRODUCT_VERSION="5.4.1.0" LINK_DATE="02/28/2015 08:15:14" UPTO_LINK_DATE="02/28/2015 08:15:14" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Qt5Network.dll" SIZE="672056" CHECKSUM="0xCC34A306" BIN_FILE_VERSION="5.4.1.0" BIN_PRODUCT_VERSION="5.4.1.0" PRODUCT_VERSION="5.4.1.0" FILE_DESCRIPTION="C++ application development framework." COMPANY_NAME="Digia Plc and/or its subsidiary(-ies)" PRODUCT_NAME="Qt5" FILE_VERSION="5.4.1.0" ORIGINAL_FILENAME="Qt5Network.dll" LEGAL_COPYRIGHT="Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies)." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xA7347" LINKER_VERSION="0x50029" UPTO_BIN_FILE_VERSION="5.4.1.0" UPTO_BIN_PRODUCT_VERSION="5.4.1.0" LINK_DATE="02/28/2015 08:12:06" UPTO_LINK_DATE="02/28/2015 08:12:06" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Qt5Widgets.dll" SIZE="4473656" CHECKSUM="0x8B6AAD8A" BIN_FILE_VERSION="5.4.1.0" BIN_PRODUCT_VERSION="5.4.1.0" PRODUCT_VERSION="5.4.1.0" FILE_DESCRIPTION="C++ application development framework." COMPANY_NAME="Digia Plc and/or its subsidiary(-ies)" PRODUCT_NAME="Qt5" FILE_VERSION="5.4.1.0" ORIGINAL_FILENAME="Qt5Widgets.dll" LEGAL_COPYRIGHT="Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies)." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x450994" LINKER_VERSION="0x50029" UPTO_BIN_FILE_VERSION="5.4.1.0" UPTO_BIN_PRODUCT_VERSION="5.4.1.0" LINK_DATE="05/19/2015 22:57:01" UPTO_LINK_DATE="05/19/2015 22:57:01" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="unins000.exe" SIZE="719828" CHECKSUM="0x74E346D8" BIN_FILE_VERSION="51.52.0.0" BIN_PRODUCT_VERSION="0.0.0.0" FILE_DESCRIPTION="Setup/Uninstall" FILE_VERSION="51.52.0.0" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="51.52.0.0" UPTO_BIN_PRODUCT_VERSION="0.0.0.0" LINK_DATE="06/19/1992 22:22:17" UPTO_LINK_DATE="06/19/1992 22:22:17" VER_LANGUAGE="Jazykově neutrální [0x0]" />
<MATCHING_FILE NAME="Chameleon\Windows\firefox.exe" SIZE="893752" CHECKSUM="0x1FAE9A57" BIN_FILE_VERSION="3.1.25.0" BIN_PRODUCT_VERSION="3.1.25.0" PRODUCT_VERSION="3.1.25" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="3.1.25" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xEA0E6" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.1.25.0" UPTO_BIN_PRODUCT_VERSION="3.1.25.0" LINK_DATE="05/21/2015 22:33:35" UPTO_LINK_DATE="05/21/2015 22:33:35" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Chameleon\Windows\iexplore.exe" SIZE="893752" CHECKSUM="0x1FAE9A57" BIN_FILE_VERSION="3.1.25.0" BIN_PRODUCT_VERSION="3.1.25.0" PRODUCT_VERSION="3.1.25" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="3.1.25" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xEA0E6" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.1.25.0" UPTO_BIN_PRODUCT_VERSION="3.1.25.0" LINK_DATE="05/21/2015 22:33:35" UPTO_LINK_DATE="05/21/2015 22:33:35" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Chameleon\Windows\mbam-chameleon.exe" SIZE="893752" CHECKSUM="0x1FAE9A57" BIN_FILE_VERSION="3.1.25.0" BIN_PRODUCT_VERSION="3.1.25.0" PRODUCT_VERSION="3.1.25" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="3.1.25" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xEA0E6" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.1.25.0" UPTO_BIN_PRODUCT_VERSION="3.1.25.0" LINK_DATE="05/21/2015 22:33:35" UPTO_LINK_DATE="05/21/2015 22:33:35" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Chameleon\Windows\mbam-killer.exe" SIZE="1496888" CHECKSUM="0x85CACD3C" BIN_FILE_VERSION="3.0.13.0" BIN_PRODUCT_VERSION="3.0.13.0" PRODUCT_VERSION="3.0.13.0" FILE_DESCRIPTION="Mbam-killer" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="3.0.13.0" ORIGINAL_FILENAME="mbam-killer.exe" INTERNAL_NAME="mbam-killer.exe" LEGAL_COPYRIGHT="Copyright (C) 2014" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x177386" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.0.13.0" UPTO_BIN_PRODUCT_VERSION="3.0.13.0" LINK_DATE="06/18/2015 14:56:18" UPTO_LINK_DATE="06/18/2015 14:56:18" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Chameleon\Windows\rundll32.exe" SIZE="893752" CHECKSUM="0x1FAE9A57" BIN_FILE_VERSION="3.1.25.0" BIN_PRODUCT_VERSION="3.1.25.0" PRODUCT_VERSION="3.1.25" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="3.1.25" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xEA0E6" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.1.25.0" UPTO_BIN_PRODUCT_VERSION="3.1.25.0" LINK_DATE="05/21/2015 22:33:35" UPTO_LINK_DATE="05/21/2015 22:33:35" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Chameleon\Windows\svchost.exe" SIZE="893752" CHECKSUM="0x1FAE9A57" BIN_FILE_VERSION="3.1.25.0" BIN_PRODUCT_VERSION="3.1.25.0" PRODUCT_VERSION="3.1.25" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="3.1.25" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xEA0E6" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.1.25.0" UPTO_BIN_PRODUCT_VERSION="3.1.25.0" LINK_DATE="05/21/2015 22:33:35" UPTO_LINK_DATE="05/21/2015 22:33:35" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Chameleon\Windows\windows.exe" SIZE="893752" CHECKSUM="0x1FAE9A57" BIN_FILE_VERSION="3.1.25.0" BIN_PRODUCT_VERSION="3.1.25.0" PRODUCT_VERSION="3.1.25" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="3.1.25" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xEA0E6" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.1.25.0" UPTO_BIN_PRODUCT_VERSION="3.1.25.0" LINK_DATE="05/21/2015 22:33:35" UPTO_LINK_DATE="05/21/2015 22:33:35" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Chameleon\Windows\winlogon.exe" SIZE="893752" CHECKSUM="0x1FAE9A57" BIN_FILE_VERSION="3.1.25.0" BIN_PRODUCT_VERSION="3.1.25.0" PRODUCT_VERSION="3.1.25" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="3.1.25" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xEA0E6" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="3.1.25.0" UPTO_BIN_PRODUCT_VERSION="3.1.25.0" LINK_DATE="05/21/2015 22:33:35" UPTO_LINK_DATE="05/21/2015 22:33:35" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="imageformats\qgif.dll" SIZE="28472" CHECKSUM="0xABCCF5C0" BIN_FILE_VERSION="5.4.1.0" BIN_PRODUCT_VERSION="5.4.1.0" PRODUCT_VERSION="5.4.1.0" FILE_DESCRIPTION="C++ application development framework." COMPANY_NAME="Digia Plc and/or its subsidiary(-ies)" PRODUCT_NAME="Qt5" FILE_VERSION="5.4.1.0" ORIGINAL_FILENAME="qgif.dll" LEGAL_COPYRIGHT="Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies)." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x9F3B" LINKER_VERSION="0x50029" UPTO_BIN_FILE_VERSION="5.4.1.0" UPTO_BIN_PRODUCT_VERSION="5.4.1.0" LINK_DATE="02/28/2015 08:19:44" UPTO_LINK_DATE="02/28/2015 08:19:44" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="platforms\qwindows.dll" SIZE="928568" CHECKSUM="0x8F8FCC4A" BIN_FILE_VERSION="5.4.1.0" BIN_PRODUCT_VERSION="5.4.1.0" PRODUCT_VERSION="5.4.1.0" FILE_DESCRIPTION="C++ application development framework." COMPANY_NAME="Digia Plc and/or its subsidiary(-ies)" PRODUCT_NAME="Qt5" FILE_VERSION="5.4.1.0" ORIGINAL_FILENAME="qwindows.dll" LEGAL_COPYRIGHT="Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies)." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xEAD90" LINKER_VERSION="0x50029" UPTO_BIN_FILE_VERSION="5.4.1.0" UPTO_BIN_PRODUCT_VERSION="5.4.1.0" LINK_DATE="05/05/2015 21:26:20" UPTO_LINK_DATE="05/05/2015 21:26:20" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Plugins\fixdamage.exe" SIZE="821560" CHECKSUM="0x4F144EEC" BIN_FILE_VERSION="1.1.0.1010" BIN_PRODUCT_VERSION="1.1.0.1010" PRODUCT_VERSION="1.1.0.1010" FILE_DESCRIPTION="fixdamage" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="fixdamage.exe" FILE_VERSION="1.1.0.1010" ORIGINAL_FILENAME="fixdamage.exe" INTERNAL_NAME="fixdamage.exe" LEGAL_COPYRIGHT="Copyright (C) Malwarebytes Corporation 2012" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xCA8AB" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.1.0.1010" UPTO_BIN_PRODUCT_VERSION="1.1.0.1010" LINK_DATE="10/17/2013 00:41:14" UPTO_LINK_DATE="10/17/2013 00:41:14" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
</EXE>
<EXE NAME="MSVCR100.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
<MATCHING_FILE NAME="msvcr100.dll" SIZE="774456" CHECKSUM="0x6AD18B2" BIN_FILE_VERSION="10.0.40219.325" BIN_PRODUCT_VERSION="10.0.40219.325" PRODUCT_VERSION="10.00.40219.325" FILE_DESCRIPTION="Microsoft® C Runtime Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Visual Studio® 2010" FILE_VERSION="10.00.40219.325" ORIGINAL_FILENAME="msvcr100_clr0400.dll" INTERNAL_NAME="msvcr100_clr0400.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xC15AC" LINKER_VERSION="0xA0000" UPTO_BIN_FILE_VERSION="10.0.40219.325" UPTO_BIN_PRODUCT_VERSION="10.0.40219.325" LINK_DATE="06/11/2011 01:00:14" UPTO_LINK_DATE="06/11/2011 01:00:14" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
</EXE>
<EXE NAME="kernel32.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
<MATCHING_FILE NAME="kernel32.dll" SIZE="991744" CHECKSUM="0x9985A0E5" BIN_FILE_VERSION="5.1.2600.6532" BIN_PRODUCT_VERSION="5.1.2600.6532" PRODUCT_VERSION="5.1.2600.6532" FILE_DESCRIPTION="Windows NT BASE API Client DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Operační systém Microsoft® Windows®" FILE_VERSION="5.1.2600.6532 (xpsp_sp3_qfe.140312-0419)" ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="© Microsoft Corporation. Všechna práva vyhrazena." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xF6B18" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.6532" UPTO_BIN_PRODUCT_VERSION="5.1.2600.6532" LINK_DATE="03/12/2014 10:47:44" UPTO_LINK_DATE="03/12/2014 10:47:44" VER_LANGUAGE="Čeština [0x405]" />
</EXE>
</DATABASE>

[Orcus]

MBAM má na XP problémy, pokud nejde, přeskočíme.

====================================================

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[simio.simsoft]

AdwCleaner log

# AdwCleaner v4.207 - Logfile created 30/06/2015 at 18:33:32
# Updated 21/06/2015 by Xplode
# Database : 2015-06-29.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : LENKA - LENKA-BT8OUCYQV
# Running from : C:\Documents and Settings\LENKA\Plocha\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor
[#] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\KingSoft
Folder Deleted : C:\Program Files\SearchPredict
Folder Deleted : C:\Program Files\KingSoft
Folder Deleted : C:\Documents and Settings\LENKA\Local Settings\Data aplikací\toolbarcleaner
Folder Deleted : C:\Documents and Settings\LENKA\Local Settings\Data aplikací\KingSoft
Folder Deleted : C:\Documents and Settings\LENKA\Data aplikací\HPAppData
Folder Deleted : C:\Documents and Settings\LENKA\Data aplikací\Toolbar4
Folder Deleted : C:\Documents and Settings\LENKA\Data aplikací\KingSoft
File Deleted : C:\Documents and Settings\LENKA\Data aplikací\Mozilla\Firefox\Profiles\zn16obbw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
File Deleted : C:\Documents and Settings\LENKA\Data aplikací\Mozilla\Firefox\Profiles\zn16obbw.default\searchplugins\MyStart Search.xml
File Deleted : C:\Documents and Settings\LENKA\Data aplikací\Mozilla\Firefox\Profiles\zn16obbw.default\searchplugins\speedbit.xml
File Deleted : C:\Documents and Settings\LENKA\Data aplikací\Mozilla\Firefox\Profiles\zn16obbw.default\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\Directory\shell\SPEEDbitVideoConverter
Key Deleted : HKLM\SOFTWARE\Classes\SBConvert.SBConvert
Key Deleted : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92A9ACF4-9333-43AE-9698-DB283326F87F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\SBConvert
Key Deleted : HKLM\SOFTWARE\ImInstaller
Key Deleted : HKU\.DEFAULT\Software\SpeedBit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Anti-phishing Domain Advisor

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.23687

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v

[zn16obbw.default\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.speedbit.com/searchresults.asp?src=default&q=");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "SpeedBit Search");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage_override_url", "hxxp://search.speedbit.com");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://search.speedbit.com/searchresults.asp?src=default&q=");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var1", "0");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var10", "0");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var2", "0");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var3", "0");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var4", "0");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var5", "0");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var6", "0");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var7", "0");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var8", "0");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.Var9", "0");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.cache.tbs_include_xml_spd", "13/15/19/6/112");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.firstlaunch", "0");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.guid", "%7BB3ACE92D-A235-3476-EFB3-66272011CD7D%7D");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.popupblockedcnt", "1");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader.userId", "%12");
[zn16obbw.default\prefs.js] - Line Deleted : user_pref("speedbitvideodownloader_installed_version", "3.0.4");

-\\ Google Chrome v43.0.2357.130

[C:\Documents and Settings\LENKA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={C547DC87-2E30-4531-9E9D-8DDDEA5F3720}&mid=51596ba0226a47d08730d1574dd3593c-6d4b1b837918edba7d3f282f401fe03ee867c1bc&lang=cs&ds=gm011&pr=sa&d=2012-08-22 14:52:23&v=13.2.0.5&sap=dsp&q={searchTerms}
[C:\Documents and Settings\LENKA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=9M&apn_dtid=%5E&apn_uid=A1E65F2E-91D4-4E36-88E5-BD2469A05E86&apn_sauid=221CADE8-2710-4183-B5A8-C7C79FDAF901
[C:\Documents and Settings\LENKA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxps://isearch.avg.com/search?cid={C547DC87-2E30-4531-9E9D-8DDDEA5F3720}&mid=51596ba0226a47d08730d1574dd3593c-6d4b1b837918edba7d3f282f401fe03ee867c1bc&lang=cs&ds=gm011&pr=sa&d=2012-08-22 14:52:23&v=12.2.0.5&sap=dsp&q={searchTerms}
[C:\Documents and Settings\LENKA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [11101 bytes] - [30/06/2015 14:04:18]
AdwCleaner[S0].txt - [11415 bytes] - [30/06/2015 18:33:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11475 bytes] ##########

[simio.simsoft]

JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.2.3 (06.30.2015:1)
OS: Microsoft Windows XP x86
Ran by LENKA on Łt 30.06.2015 at 18:54:08.29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4083ABFD-D2D1-4AB6-B21A-58F9A5425839}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BD894F3C-348C-454C-A492-33CB876BFB7B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Documents and Settings\LENKA\Data aplikacˇ\software informer
Successfully deleted: [Folder] C:\WINDOWS\System32\ai_recyclebin



~~~ FireFox




~~~ Chrome


[C:\Documents and Settings\LENKA\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Documents and Settings\LENKA\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Documents and Settings\LENKA\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Documents and Settings\LENKA\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 30.06.2015 at 18:58:39.75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[simio.simsoft]

RogueKiller log

RogueKiller V10.8.7.0 [Jun 29 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno : Normální režim
Uživatel : LENKA [Práva správce]
Started from : C:\Documents and Settings\LENKA\Plocha\RogueKiller.exe
Mód : Prohledat -- Datum : 06/30/2015 19:10:54

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.HomePage] HKEY_USERS\S-1-5-21-583907252-1004336348-725345543-1003\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nalezeno
[PUM.SearchPage] HKEY_USERS\S-1-5-21-583907252-1004336348-725345543-1003\Software\Microsoft\Internet Explorer\Main | Search Bar : http://www.bing.com -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 2 ¤¤¤
[Suspicious.Startup|VT.Unknown][Soubor] HP Digital Imaging Monitor.lnk -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk -> Nalezeno
[Suspicious.Startup|VT.Unknown][Soubor] Windows Search.lnk -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk -> Nalezeno

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\WINDOWS\system32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 2 (Driver: Nahrán) ¤¤¤
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWindowsHookEx[549] : Unknown @ 0xf7bff8c6
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWinEventHook[552] : Unknown @ 0xf7bff8cb

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] zn16obbw.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST340014A +++++
--- User ---
[MBR] 2d2d40e5a4a4a86daf19fcfbcfb5f13e
[BSP] ff103b45e7c0b28d023f23e118592b89 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 37497 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK

[Orcus]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni
Zoek.exe

a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

====================================================

Co problémy? + nový log z HJT

[simio.simsoft]

Zde posílám log Rogue Killer, proceduru se zoek.exe už dneska nestihnu, ale zkusím ji udělat hned zítra.

RogueKiller V10.8.7.0 [Jun 29 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno : Normální režim
Uživatel : LENKA [Práva správce]
Started from : C:\Documents and Settings\LENKA\Plocha\RogueKiller.exe
Mód : Smazat -- Datum : 06/30/2015 20:42:38

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.HomePage] HKEY_USERS\S-1-5-21-583907252-1004336348-725345543-1003\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] HKEY_USERS\S-1-5-21-583907252-1004336348-725345543-1003\Software\Microsoft\Internet Explorer\Main | Search Bar : http://www.bing.com -> Nahrazeno (http://search.msn.com/spbasic.htm)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 2 ¤¤¤
[Suspicious.Startup|VT.Unknown][Soubor] HP Digital Imaging Monitor.lnk -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk -> Smazáno
[Suspicious.Startup|VT.Unknown][Soubor] Windows Search.lnk -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk -> Smazáno

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\WINDOWS\system32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 2 (Driver: Nahrán) ¤¤¤
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWindowsHookEx[549] : Unknown @ 0xf7bff8c6
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWinEventHook[552] : Unknown @ 0xf7bff8cb

¤¤¤ Webové prohlížeče : 6 ¤¤¤
[FIREFX:Addon] zn16obbw.default : Video DownloadHelper [{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] -> Smazáno
[FIREFX:Addon] zn16obbw.default : Microsoft .NET Framework Assistant [{20a82645-c095-46ed-80e3-08825760534b}] -> Smazáno
[FIREFX:Addon] zn16obbw.default : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> Smazáno
[FIREFX:Addon] zn16obbw.default : FlashGot Mass Downloader [{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}] -> Smazáno
[FIREFX:Addon] zn16obbw.default : My-Translator [My-Translator@eugenche.com] -> Smazáno
[PUM.HomePage][FIREFX:Config] zn16obbw.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST340014A +++++
--- User ---
[MBR] 2d2d40e5a4a4a86daf19fcfbcfb5f13e
[BSP] ff103b45e7c0b28d023f23e118592b89 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 37497 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_06302015_191054.log

[jaro3]

OK.

Pokud se Ti ještě něco nezdá:
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[simio.simsoft]

zoek-results


Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by LENKA on st 01.07.2015 at 10:02:36.73.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\LENKA\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

1.7.2015 10:03:39 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\Hewlett-Packard deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\DOCUME~1\LENKA\NABDKA~1\Programy\N stroje pro spr vu deleted successfully
C:\DOCUME~1\LENKA\NABDKA~1\Programy\Po spuçtŘnˇ deleted successfully
C:\DOCUME~1\ALLUSE~1\DATAAP~1\HPSSUPPLY deleted successfully
C:\DOCUME~1\ALLUSE~1\DATAAP~1\SpeedBit deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully
HKEY_USERS\S-1-5-21-583907252-1004336348-725345543-1003\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully
HKEY_USERS\S-1-5-21-583907252-1004336348-725345543-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-583907252-1004336348-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\Hewlett-Packard not found
C:\Program Files\WindowsUpdate deleted
C:\Program Files\Common Files\SpeedBit deleted
C:\install.exe deleted
C:\Documents and Settings\LENKA\wxD15E.tmp deleted
C:\Documents and Settings\LENKA\wxD160.tmp deleted
C:\Documents and Settings\LENKA\wxD305.tmp deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Package Cache deleted
C:\WINDOWS\system32\GroupPolicy\ADM deleted
C:\WINDOWS\system32\GroupPolicy\Machine deleted
C:\WINDOWS\system32\GroupPolicy\gpt.ini deleted
C:\WINDOWS\System32\AniGIF.ocx deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}"="C:\Documents and Settings\All Users\Data aplikacˇ\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [03.11.2012 19:05]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Documents and Settings\LENKA\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=31 folders=11 6259547 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Reset Hosts File ======================

Hosts File Reset Successfully

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\LENKA\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LENKA\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on st 01.07.2015 at 11:04:56.64 ======================

[jerabina]

Tak teď sem buď vlož nový log z HJT nebo udělej ComboFix pokud se ti něco nezdá.