prosím o kontrolu logu

[memphisto]

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

[Reklama]

[inteleczech2]

o ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by U§ivatel on so 06.07.2013 at 18:45:14,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-300451717-1202190986-3798559650-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\icq service.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduituninstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduituninstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT1561552
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT2192277
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3072253
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{642B343D-0607-4247-8E17-DAEB17668630}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B5EBD928-EEA3-4D5D-BDCB-C37A60163565}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BFF051FC-0E33-4651-96E7-C9BB32DF3A97}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"



~~~ Files

Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\clsoft ltd"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\Users\U§ivatel\appdata\local\tempdir"
Successfully deleted: [Folder] "C:\Users\U§ivatel\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\icq6toolbar"
Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"
Successfully deleted: [Folder] "C:\Users\U§ivatel\appdata\locallow\asktoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\ask.com"
Successfully deleted: [Folder] "C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search.xml"
Successfully deleted: [File] C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\jr6tggrn.default\user.js
Successfully deleted: [File] C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\jr6tggrn.default\invalidprefs.js
Successfully deleted: [File] C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\jr6tggrn.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\jr6tggrn.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\jr6tggrn.default\searchplugins\privitize.xml
Successfully deleted: [Folder] C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\jr6tggrn.default\conduitcommon
Successfully deleted: [Folder] C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\jr6tggrn.default\smartbar
Successfully deleted: [Folder] C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\jr6tggrn.default\extensions\toolbar@ask.com
Successfully deleted: [Folder] C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\jr6tggrn.default\extensions\{687578B9-7132-4A7A-80E4-30EE31099E03}
Successfully deleted the following from C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\jr6tggrn.default\prefs.js

user_pref("CT2765711.1000082.isPlayDisplay", "true");
user_pref("CT2765711.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");
user_pref("CT2765711.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2765711.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2765711.FirstTime", "true");
user_pref("CT2765711.FirstTimeFF3", "true");
user_pref("CT2765711.GK_HotspotShield_NOTIF_26_02_SENT.enc", "MQ==");
user_pref("CT2765711.LoginRevertSettingsEnabled", true);
user_pref("CT2765711.PG_ENABLE", "dHJ1ZQ==");
user_pref("CT2765711.RevertSettingsEnabled", true);
user_pref("CT2765711.SearchAppState.enc", "MQ==");
user_pref("CT2765711.SearchAppTracking.enc", "c2VudA==");
user_pref("CT2765711.UserID", "UN48747605697118457");
user_pref("CT2765711.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT2765711.cbcountry_001", "US");
user_pref("CT2765711.cbfirsttime", "Sun Oct 21 2012 20:35:37 GMT+0200");
user_pref("CT2765711.defaultSearch", "FALSE");
user_pref("CT2765711.enableAlerts", "always");
user_pref("CT2765711.enableFix404ByUser", "TRUE");
user_pref("CT2765711.firstTimeDialogOpened", "true");
user_pref("CT2765711.fixPageNotFoundErrorByUser", "TRUE");
user_pref("CT2765711.fixPageNotFoundErrorInHidden", "true");
user_pref("CT2765711.fixUrls", true);
user_pref("CT2765711.homepageuserchanged", true);
user_pref("CT2765711.installId", "ConduitStubGeneric");
user_pref("CT2765711.installType", "ConduitStubIntegration");
user_pref("CT2765711.isCheckedStartAsHidden", true);
user_pref("CT2765711.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2765711.isFirstTimeToolbarLoading", "false");
user_pref("CT2765711.isNewTabEnabled", false);
user_pref("CT2765711.isPerformedSmartBarTransition", "true");
user_pref("CT2765711.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT2765711.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2765711&octid=CT2765711&SearchSource=15&CUI=UN487476056971184
user_pref("CT2765711.lastVersion", "10.16.1.521");
user_pref("CT2765711.migrateAppsAndComponents", true);
user_pref("CT2765711.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp:/
user_pref("CT2765711.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2765711.openThankYouPage", "FALSE");
user_pref("CT2765711.search.searchAppId", "129279218435694344");
user_pref("CT2765711.search.searchCount", "0");
user_pref("CT2765711.searchInNewTabEnabled", "false");
user_pref("CT2765711.searchInNewTabEnabledByUser", "false");
user_pref("CT2765711.searchInNewTabEnabledInHidden", "true");
user_pref("CT2765711.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2765711.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2765711.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT2765711.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2765711\"}");
user_pref("CT2765711.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://AFHSS.OurToolbar.com//xpi\"}");
user_pref("CT2765711.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"AF-HSS\"}");
user_pref("CT2765711.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2765711.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
user_pref("CT2765711.serviceLayer_services_location_lastUpdate", "1368881798767");
user_pref("CT2765711.serviceLayer_services_login_10.10.27.6_lastUpdate", "1352058935066");
user_pref("CT2765711.serviceLayer_services_login_10.13.30.23_lastUpdate", "1352620420219");
user_pref("CT2765711.serviceLayer_services_login_10.13.40.15_lastUpdate", "1358705517014");
user_pref("CT2765711.serviceLayer_services_login_10.14.40.128_lastUpdate", "1359231849683");
user_pref("CT2765711.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360770216819");
user_pref("CT2765711.serviceLayer_services_login_10.14.65.43_lastUpdate", "1364207336869");
user_pref("CT2765711.serviceLayer_services_login_10.15.0.562_lastUpdate", "1366300706263");
user_pref("CT2765711.serviceLayer_services_login_10.15.2.523_lastUpdate", "1368176593552");
user_pref("CT2765711.serviceLayer_services_login_10.16.1.521_lastUpdate", "1368881799220");
user_pref("CT2765711.serviceLayer_services_serviceMap_lastUpdate", "1368881798401");
user_pref("CT2765711.serviceLayer_services_toolbarSettings_lastUpdate", "1368881799136");
user_pref("CT2765711.serviceLayer_services_translation_lastUpdate", "1368881798987");
user_pref("CT2765711.settingsINI", true);
user_pref("CT2765711.shouldFirstTimeDialog", "FALSE");
user_pref("CT2765711.showToolbarPermission", "false");
user_pref("CT2765711.smartbar.CTID", "CT2765711");
user_pref("CT2765711.smartbar.Uninstall", "0");
user_pref("CT2765711.smartbar.isHidden", true);
user_pref("CT2765711.smartbar.toolbarName", "AF-HSS ");
user_pref("CT2765711.startPage", "FALSE");
user_pref("CT2765711.toolbarBornServerTime", "20-10-2012");
user_pref("CT2765711.toolbarCurrentServerTime", "18-5-2013");
user_pref("CT2765711.toolbarDisabled", "true");
user_pref("CT2765711.toolbarLoginClientTime", "Mon Mar 25 2013 14:02:17 GMT+0100");
user_pref("CT2765711.url_history0001", "hxxp://www.facebook.com/photo.php?fbid=547040381979911&set=a.373202779363673.107492.373183022698982&type=1&relevant_count=1&ref=nf:::cl
user_pref("CT2765711_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1368881676173,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("CT3072253..clientLogIsEnabled", false);
user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
user_pref("CT3072253.BrowserCompStateIsOpen_130067979083742856", true);
user_pref("CT3072253.BrowserCompStateIsOpen_1359634299000", true);
user_pref("CT3072253.CTID", "CT3072253");
user_pref("CT3072253.CurrentServerDate", "18-5-2013");
user_pref("CT3072253.DSInstall", true);
user_pref("CT3072253.DialogsAlignMode", "LTR");
user_pref("CT3072253.DialogsGetterLastCheckTime", "Sat May 18 2013 14:54:37 GMT+0200");
user_pref("CT3072253.DownloadReferralCookieData", "");
user_pref("CT3072253.FirstServerDate", "20-10-2012");
user_pref("CT3072253.FirstTime", true);
user_pref("CT3072253.FirstTimeFF3", true);
user_pref("CT3072253.FirstTimeHiddenVer", true);
user_pref("CT3072253.FixPageNotFoundErrors", true);
user_pref("CT3072253.GroupingServerCheckInterval", 1440);
user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT3072253.HPInstall", false);
user_pref("CT3072253.HasUserGlobalKeys", true);
user_pref("CT3072253.Initialize", true);
user_pref("CT3072253.InitializeCommonPrefs", true);
user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
user_pref("CT3072253.InstallationType", "Unknown");
user_pref("CT3072253.InstalledDate", "Sat Oct 20 2012 14:35:12 GMT+0200");
user_pref("CT3072253.IsGrouping", false);
user_pref("CT3072253.IsInitSetupIni", true);
user_pref("CT3072253.IsMulticommunity", false);
user_pref("CT3072253.IsOpenThankYouPage", true);
user_pref("CT3072253.IsOpenUninstallPage", true);
user_pref("CT3072253.LanguagePackLastCheckTime", "Sat May 18 2013 14:54:37 GMT+0200");
user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT3072253.LastLogin_3.15.1.0", "Fri Nov 09 2012 17:27:14 GMT+0100");
user_pref("CT3072253.LastLogin_3.16.0.3", "Fri Feb 08 2013 22:40:13 GMT+0100");
user_pref("CT3072253.LastLogin_3.18.0.7", "Sat May 18 2013 14:54:37 GMT+0200");
user_pref("CT3072253.LatestVersion", "3.18.0.7");
user_pref("CT3072253.Locale", "en");
user_pref("CT3072253.MCDetectTooltipHeight", "83");
user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT3072253.MCDetectTooltipWidth", "295");
user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
user_pref("CT3072253.OriginalFirstVersion", "3.15.1.0");
user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
user_pref("CT3072253.SearchFromAddressBarIsInit", true);
user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=");
user_pref("CT3072253.SearchInNewTabEnabled", true);
user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
user_pref("CT3072253.SearchInNewTabLastCheckTime", "Sat May 18 2013 14:54:36 GMT+0200");
user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
user_pref("CT3072253.SearchInNewTabUserEnabled", false);
user_pref("CT3072253.SearchProtectorToolbarDisabled", true);
user_pref("CT3072253.SendProtectorDataViaLogin", true);
user_pref("CT3072253.ServiceMapLastCheckTime", "Sat May 18 2013 14:54:37 GMT+0200");
user_pref("CT3072253.SettingsLastCheckTime", "Sat May 18 2013 14:54:36 GMT+0200");
user_pref("CT3072253.SettingsLastUpdate", "1368864726");
user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
user_pref("CT3072253.ToolbarDisabled", true);
user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT3072253.UserID", "UN69323816812830217");
user_pref("CT3072253.alertChannelId", "1463702");
user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT3072253.homepageProtectorEnableByLogin", true);
user_pref("CT3072253.initDone", true);
user_pref("CT3072253.myStuffEnabled", true);
user_pref("CT3072253.myStuffPublihserMinWidth", 400);
user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT3072253.navigateToUrlOnSearch", false);
user_pref("CT3072253.revertSettingsEnabled", true);
user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
user_pref("CT3072253.searchProtectorEnableByLogin", true);
user_pref("CT3072253.testingCtid", "");
user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Sat May 18 2013 14:54:37 GMT+0200");
user_pref("CommunityToolbar.ConduitSearchList", "uTorrentControl2 Customized Web Search");
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT3072253", "\"9527f91e6fe74c0938f18a29caa408473\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT3072253", "\"1362324308\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.15.1.0", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.16.0.3", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.18.0.7", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT3072253", "\"6341c50648fd59897cde84cfa3927631\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... =EB_LOCALE", "\"eb1a84f2743af68bb6c3a3af1373b5ed\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"068369f89da85fc50d9483e784be683b\"");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");
user_pref("CommunityToolbar.ToolbarsList", "CT3072253");
user_pref("CommunityToolbar.ToolbarsList2", "CT3072253");
user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
user_pref("CommunityToolbar.globalUserId", "6b83ea53-40b2-413d-a6bc-b2893b53839d");
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("browser.search.defaultthis.engineName", "uTorrentControl2 Customized Web Search");
user_pref("browser.startup.homepage", "hxxp://searchou.com/?id=42ac871100000000000020107afa4024");
user_pref("extensions.515b232658b18.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.foxcub.config.encodedConfig", "{\"speedDial\":{\"rss.name\":[\"Tip Slune\rnice.cz\",\"Novinky.cz\"],\"rss.url\":[\"hxxp://export.iinfo.cz/seznam/listicka
user_pref("extensions.foxcub.prev.KWD", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=");
user_pref("extensions.privitize.admin", false);
user_pref("extensions.privitize.aflt", "orgnl");
user_pref("extensions.privitize.appId", "{301966DF-A84B-4255-AAB9-574B5CE237E4}");
user_pref("extensions.privitize.autoRvrt", "false");
user_pref("extensions.privitize.dfltLng", "");
user_pref("extensions.privitize.dfltSrch", true);
user_pref("extensions.privitize.dnsErr", true);
user_pref("extensions.privitize.excTlbr", true);
user_pref("extensions.privitize.ffxUnstlRst", false);
user_pref("extensions.privitize.hmpg", true);
user_pref("extensions.privitize.hmpgUrl", "hxxp://searchou.com/?id=42ac871100000000000020107afa4024");
user_pref("extensions.privitize.hpOld0", "hxxp://google.cz/");
user_pref("extensions.privitize.id", "42ac871100000000000020107afa4024");
user_pref("extensions.privitize.instlDay", "15797");
user_pref("extensions.privitize.instlRef", "");
user_pref("extensions.privitize.kw_url", "hxxp://searchou.com/?q={searchTerms}&id=42ac871100000000000020107afa4024");
user_pref("extensions.privitize.newTab", true);
user_pref("extensions.privitize.newTabUrl", "hxxp://searchou.com/?id=42ac871100000000000020107afa4024");
user_pref("extensions.privitize.prdct", "privitize");
user_pref("extensions.privitize.prtnrId", "privitize");
user_pref("extensions.privitize.rvrt", "false");
user_pref("extensions.privitize.smplGrp", "none");
user_pref("extensions.privitize.srchPrvdr", "Search The Web (privitize)");
user_pref("extensions.privitize.tlbrId", "base");
user_pref("extensions.privitize.tlbrSrchUrl", "hxxp://searchou.com/?id=42ac871100000000000020107afa4024&q=");
user_pref("extensions.privitize.vrsn", "1.8.16.22");
user_pref("extensions.privitize.vrsnTs", "1.8.16.2219:52:05");
user_pref("extensions.privitize.vrsni", "1.8.16.22");
user_pref("extensions.toolbar@ask.com.install-event-fired", true);
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=");
user_pref("smartbar.machineId", "YAPYGFVQLEPYYTT3SX17EXIUXYIQ9THGR4BTK6GZTP8GBGFYJAS9FPB8CLK3TGU89DIVKWBMDZQDMJ3SYHNARW");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\jr6tggrn.default\minidumps [401 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 06.07.2013 at 18:52:23,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





RogueKiller V8.6.2 _x64_ [Jul 2 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : hxxp://www.adlice.com/forum/
Webové stránky : hxxp://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Uživatel [Práva správce]
Mód : Odebrat -- Datum : 07/05/2013 21:08:05
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] szndesktop.exe -- C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 13 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : update.exe ("C:\Users\UIVATE~1\AppData\Local\Temp\IXP000.TMP\WPESPY~1.EXE" [x]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-300451717-1202190986-3798559650-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-300451717-1202190986-3798559650-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-300451717-1202190986-3798559650-1001\[...]\Run : update.exe ("C:\Users\UIVATE~1\AppData\Local\Temp\IXP000.TMP\WPESPY~1.EXE" [x]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-300451717-1202190986-3798559650-1002\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Drahuška\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-300451717-1202190986-3798559650-1002\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Drahuška\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : update.exe ("C:\Users\UIVATE~1\AppData\Local\Temp\IXP002.TMP\WPESPY~1.EXE" [x]) -> VYMAZÁNO
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V1][SUSP PATH] MagniPicUpdaterTask{86FEEEDB-ACD7-4257-BD19-A9540FC51CE6}.job : C:\ProgramData\Premium\MagniPic\MagniPic.exe - /schedule /profile "C:\ProgramData\Premium\MagniPic\profile.ini" [x][-] -> VYMAZÁNO

¤¤¤ spuštění položky : 1 ¤¤¤
[Uživatel][SUSP PATH] GameRanger.lnk : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk @C:\Users\Uživatel\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe /autostart [-][7] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 2 ¤¤¤
[FF][PROXY] jr6tggrn.default : user_pref("network.proxy.hxxp", "91.198.130.74"); -> NEBYLO ODSTRANĚNO, POUŽIJTE PROXYFIX
[FF][PROXY] jr6tggrn.default : user_pref("network.proxy.hxxp_port", 3128); -> NEBYLO ODSTRANĚNO, POUŽIJTE PROXYFIX

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS727575A9E364 +++++
--- User ---
[MBR] 2faafd63be49f09daa305f48536f0cb2
[BSP] d4065d26e0ae07e47fc70680adf8d2e7 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 692622 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1419106304 | Size: 17359 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1454657536 | Size: 5115 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 6621e0850933a7f232ff63fe7988a30b
[BSP] d4065d26e0ae07e47fc70680adf8d2e7 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 61440 Mo
2 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 167999488 | Size: 1001 Mo
3 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 171999232 | Size: 1000 Mo

Dokončeno : << RKreport[0]_D_07052013_210805.txt >>
RKreport[0]_S_07052013_205844.txt;RKreport[0]_S_07052013_210134.txt

[jaro3]

Spusť znovu RogueKiller
Pokud používáš Win Vista či W7, klikni na RogueKiller pravým a dej spustit jako správce.

Pak klikni na Oprava Proxy a Zpráva - otevře se log, ten sem vlož.


Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.