Prosím o kontrolu logu Vyřešeno

[FooDMasteR]

Dobrý den. Jsem tdy ještě s mojim netbookem. Vše se strašně seká a já nevím čím to je, často programy ukazují "neodpovídá".
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:53:04, on 21.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)

FIREFOX: 28.0 (cs)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\Explorer.EXE
C:\windows\system32\Dwm.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Hotspot Shield\bin\hsscp.exe
C:\Users\Aleš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BitMeter2.exe
C:\Users\Aleš\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Users\Aleš\Downloads\HijackThis.exe
C:\windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
O2 - BHO: Zula Games - {2A836234-186C-41A0-9863-40BECDEDED9F} - C:\Program Files\Zula Games\ScriptHost.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: Speed Analysis 3 - {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files\Speed Analysis 3\ScriptHost.dll
O2 - BHO: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Minibar.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKLM\..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AtherosBtStack] "C:\Program Files\Bluetooth Suite\BtvStack.exe"
O4 - HKLM\..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Aleš\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Aleš\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: BitMeter2.exe
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WebCapture.dll2.htm
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WebCapture.dll.htm
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Visit AppsHat.com - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\Minibar.dll
O9 - Extra button: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\system32\AsusService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: STI Simulator - Unknown owner - C:\windows\System32\PAStiSvc.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: Update LemurLeap - Unknown owner - C:\Program Files\LemurLeap\updateLemurLeap.exe
O23 - Service: Util LemurLeap - Unknown owner - C:\Program Files\LemurLeap\bin\utilLemurLeap.exe
O23 - Service: vToolbarUpdater18.0.5 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe

--
End of file - 12234 bytes

[Reklama]

[Orcus]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[FooDMasteR]

ATF Cleaner-provedeno
TFC-provedeno

AdwCleaner

# AdwCleaner v3.212 - Report created 21/06/2014 at 18:32:41
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Starter Service Pack 1 (32 bits)
# Username : Aleš - ALES-PC
# Running from : C:\Users\Aleš\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[x] Not Deleted : hshld
[x] Not Deleted : hsstrayservice
[x] Not Deleted : hsswd
[#] Service Deleted : Update LemurLeap
[#] Service Deleted : Util LemurLeap
Service Deleted : vToolbarUpdater18.0.5

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\DSearchLink
Folder Deleted : C:\ProgramData\hotspot shield
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\hotspot shield
[!] Folder Deleted : C:\Program Files\LemurLeap
Folder Deleted : C:\Program Files\Minibar
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\Speed Analysis 3
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\windows\system32\hotspot shield
[!] Folder Deleted : C:\Users\Aleš\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Aleš\AppData\Local\Conduit
Folder Deleted : C:\Users\Aleš\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\Aleš\AppData\Local\Minibar
Folder Deleted : C:\Users\Aleš\AppData\Local\webplayer
Folder Deleted : C:\Users\Aleš\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Aleš\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Aleš\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\Aleš\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Aleš\AppData\Roaming\file scout
Folder Deleted : C:\Users\Aleš\AppData\Roaming\hotspot shield
Folder Deleted : C:\Users\Aleš\AppData\Roaming\SearchProtect
Folder Deleted : C:\Users\Aleš\AppData\Roaming\SpeedAnalysis3
Folder Deleted : C:\Users\Aleš\AppData\Roaming\zulagames
Folder Deleted : C:\Users\Aleš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\Martin3\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Aleš\AppData\Roaming\Mozilla\Firefox\Profiles\tpmdim26.default\Smartbar
Folder Deleted : C:\Users\Aleš\AppData\Roaming\Mozilla\Firefox\Profiles\tpmdim26.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
Folder Deleted : C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Folder Deleted : C:\Users\Martin3\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Folder Deleted : C:\Users\Martin3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Folder Deleted : C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj
Folder Deleted : C:\Users\Martin3\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj
Folder Deleted : C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Martin3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Aleš\AppData\Roaming\Mozilla\Firefox\Profiles\tpmdim26.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
File Deleted : C:\Users\Aleš\AppData\Roaming\Mozilla\Firefox\Profiles\tpmdim26.default\Extensions\speedanalysis03@SpeedAnalysis.com.xpi
File Deleted : C:\Users\Aleš\AppData\Roaming\Mozilla\Firefox\Profiles\tpmdim26.default\Extensions\zulagames@ZulaGames.com.xpi
File Deleted : C:\END
File Deleted : C:\Users\Aleš\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\Aleš\Desktop\SpeedAnalysis.lnk
File Deleted : C:\Users\Aleš\Desktop\ZulaGames.lnk
File Deleted : C:\Users\Aleš\AppData\Roaming\Mozilla\Firefox\Profiles\tpmdim26.default\invalidprefs.js
File Deleted : C:\Program Files\Mozilla Firefox\browser\nsprotector.js
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Aleš\Desktop\Search.lnk
Shortcut Disinfected : C:\Users\Aleš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.BackgroundHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.BackgroundHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.Navbar
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.Navbar.1
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.Tool
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.BackgroundHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.BackgroundHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.Navbar
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.Navbar.1
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.ScriptHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.ScriptHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.Tool
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.Tool.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchProtectAll
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{24F3378A-5B52-491F-AD90-88D583C42C77}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A836234-186C-41A0-9863-40BECDEDED9F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{58B849FB-ECBE-4F1B-BEE0-2DC418CF68F7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ACE0D5AB-50C8-4052-BD02-977569E56291}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0771C34F-730F-4535-AD4C-37B74D27188E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{15998F3C-BBA9-476D-8FC2-09BE9E3B8751}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A09B0156-EFCE-46B4-9118-BC270EA654C1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D88E0FD9-31EB-48EF-BC89-35EBCE0E813C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A836234-186C-41A0-9863-40BECDEDED9F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A836234-186C-41A0-9863-40BECDEDED9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A836234-186C-41A0-9863-40BECDEDED9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\hotspotshield
Key Deleted : HKLM\Software\Minibar
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zulagames
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\Aleš\AppData\Roaming\Mozilla\Firefox\Profiles\tpmdim26.default\prefs.js ]

Line Deleted : user_pref("CT1561552.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1561552.FirstTime", "true");
Line Deleted : user_pref("CT1561552.FirstTimeFF3", "true");
Line Deleted : user_pref("CT1561552.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?octid=CT1561552&ctid=CT1561552&SearchSource=2&CUI=UN14510399784281728&UM=1&q=");
Line Deleted : user_pref("CT1561552.UserID", "UN14510399784281728");
Line Deleted : user_pref("CT1561552.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT1561552.browser.search.defaultthis.engineName", true);
Line Deleted : user_pref("CT1561552.countryCode", "US");
Line Deleted : user_pref("CT1561552.defaultSearch", "true");
Line Deleted : user_pref("CT1561552.embeddedsData", "[{\"appId\":\"128491907208256770\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT1561552.enableAlerts", "true");
Line Deleted : user_pref("CT1561552.enableFix404ByUser", "TRUE");
Line Deleted : user_pref("CT1561552.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT1561552.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT1561552.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT1561552.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT1561552.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT1561552.fixUrls", true);
Line Deleted : user_pref("CT1561552.fullUserID", "UN14510399784281728.IN.20130712225431");
Line Deleted : user_pref("CT1561552.installId", "conduitinstaller.exe");
Line Deleted : user_pref("CT1561552.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT1561552.installUsage", "2013-07-12T23:56:11.2092279+03:00");
Line Deleted : user_pref("CT1561552.installUsageEarly", "2013-07-12T23:56:02.9300291+03:00");
Line Deleted : user_pref("CT1561552.installerVersion", "1.5.4.4");
Line Deleted : user_pref("CT1561552.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT1561552.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1561552.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT1561552.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT1561552.keyword", true);
Line Deleted : user_pref("CT1561552.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT1561552&octid=CT1561552&SearchSource=15&CUI=UN14510399784281728&SSPV=&Lay=1&UM=false\"[...]
Line Deleted : user_pref("CT1561552.lastVersion", "10.16.4.19");
Line Deleted : user_pref("CT1561552.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT1561552.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT1561552.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://HotspotShield.OurToolbar.com/\",\"EB_T[...]
Line Deleted : user_pref("CT1561552.openThankYouPage", "false");
Line Deleted : user_pref("CT1561552.openUninstallPage", "true");
Line Deleted : user_pref("CT1561552.originalHomepage", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("CT1561552.originalSearchAddressUrl", "data:text/plain,keyword.URL=hxxp://search.seznam.cz/?sourceid=FF_3&q=");
Line Deleted : user_pref("CT1561552.originalSearchEngine", "Seznam");
Line Deleted : user_pref("CT1561552.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT1561552.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT1561552.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT1561552.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT1561552.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT1561552.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1561552.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1561552.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT1561552.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT1561552\"}");
Line Deleted : user_pref("CT1561552.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://HotspotShield.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT1561552.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Hotspot Shield\"}");
Line Deleted : user_pref("CT1561552.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1561552.serviceLayer_services_Configuration_lastUpdate", "1373662562952");
Line Deleted : user_pref("CT1561552.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1373662568086");
Line Deleted : user_pref("CT1561552.serviceLayer_services_appsMetadata_lastUpdate", "1373662567895");
Line Deleted : user_pref("CT1561552.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1373662567499");
Line Deleted : user_pref("CT1561552.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1373662561744");
Line Deleted : user_pref("CT1561552.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1373662571039");
Line Deleted : user_pref("CT1561552.serviceLayer_services_login_10.16.4.19_lastUpdate", "1373662569031");
Line Deleted : user_pref("CT1561552.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1373662567204");
Line Deleted : user_pref("CT1561552.serviceLayer_services_searchAPI_lastUpdate", "1373662562898");
Line Deleted : user_pref("CT1561552.serviceLayer_services_serviceMap_lastUpdate", "1373662551078");
Line Deleted : user_pref("CT1561552.serviceLayer_services_toolbarContextMenu_lastUpdate", "1373662566569");
Line Deleted : user_pref("CT1561552.serviceLayer_services_toolbarSettings_lastUpdate", "1373662562089");
Line Deleted : user_pref("CT1561552.serviceLayer_services_translation_lastUpdate", "1373662567937");
Line Deleted : user_pref("CT1561552.settingsINI", true);
Line Deleted : user_pref("CT1561552.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT1561552.showToolbarPermission", "false");
Line Deleted : user_pref("CT1561552.smartbar.CTID", "CT1561552");
Line Deleted : user_pref("CT1561552.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT1561552.smartbar.homepage", true);
Line Deleted : user_pref("CT1561552.smartbar.toolbarName", "Hotspot Shield ");
Line Deleted : user_pref("CT1561552.startPage", "true");
Line Deleted : user_pref("CT1561552.toolbarBornServerTime", "12-7-2013");
Line Deleted : user_pref("CT1561552.toolbarCurrentServerTime", "12-7-2013");
Line Deleted : user_pref("CT1561552.toolbarLoginClientTime", "Fri Jul 12 2013 22:56:09 GMT+0200");
Line Deleted : user_pref("CT1561552.versionFromInstaller", "10.16.4.19");
Line Deleted : user_pref("CT1561552.xpeMode", "0");
Line Deleted : user_pref("CT1561552_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1373662544704,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?octid=CT1561552&ctid=CT1561552&CUI=UN14510399784281728&UM=1&SearchSource=13");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "Hotspot Shield Customized Web Search");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?octid=CT1561552&ctid=CT1561552&SearchSource=2&CUI=UN14510399784281728&UM=1&q=");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "data:text/plain,keyword.URL=hxxp://search.seznam.cz/?sourceid=FF_3&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT1561552");
Line Deleted : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=FE09E0B9A5CD07C6&affID=123831&tt=02102013_mx10rsa&tsp=5032");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=FE09E0B9A5CD07C6&affID=123831&tt=02102013_mx10rsa&tsp=5032");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?octid=CT1561552&ctid=CT1561552&SearchSource=2&CUI=UN14510399784281728&UM=1&q=");

[ File : C:\Users\Martin3\AppData\Roaming\Mozilla\Firefox\Profiles\ce7aib2q.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Martin3\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : gflandjopdloblmlcoiidmncpinmmacn
Deleted [Extension] : jlnfdbbladgcmhhamgkioifhbobjaoof
Deleted [Extension] : mbmpjbkgemhgalmeiigcdljkccfcafoj
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

AdwCleaner[R0].txt - [25857 octets] - [21/06/2014 18:00:11]
AdwCleaner[S0].txt - [26229 octets] - [21/06/2014 18:32:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [26290 octets] ##########

[FooDMasteR]

Malwarebytes Anti-Malware

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 21.6.2014
Scan Time: 19:09:34
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.21.08
Rootkit Database: v2014.06.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Aleš

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 318603
Time Elapsed: 28 min, 55 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 11
PUP.Optional.SpeedAnalysis3.A, HKLM\SOFTWARE\CLASSES\Speed Analysis 3.ScriptHostObject, , [819be299265568ce10d88fecf70b847c],
PUP.Optional.SpeedAnalysis3.A, HKLM\SOFTWARE\CLASSES\Speed Analysis 3.ScriptHostObject.1, , [0c1035465f1cb185a048215a5aa88e72],
PUP.Optional.Zulagames.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{674837F7-D3A7-430A-8B81-66D2F05CED7A}, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{2320BF14-C0EE-43B7-9115-56C2438A5FAB}, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, HKLM\SOFTWARE\CLASSES\CLSID\{B15838CD-939E-41B7-AA99-36AF09EAAA27}, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B286788C-C2B1-4D32-92F1-3D274AD7525A}, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, HKLM\SOFTWARE\CLASSES\CLSID\{5720684D-F165-44DE-9752-AF026A11000B}, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A85FC301-3FF1-4A87-8BB3-A0A3343F487B}, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Zula Games, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.LemurLeap.A, HKLM\SOFTWARE\LemurLeap, , [1c00b6c5c2b91b1b771322c6bb48b848],
PUP.Optional.LemurLeap.A, HKU\S-1-5-21-3519817173-1874351568-3294493302-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\LemurLeap, , [70ac6a11c8b3bd79befefce52dd6a15f],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 3
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\mz, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.LemurLeap.A, C:\Users\Martin3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof, , [fe1ecdae700ba69017cec2cfdb27b848],

Files: 34
PUP.Optional.Conduit.A, C:\Users\Aleš\AppData\Roaming\Mozilla\Firefox\Profiles\tpmdim26.default\searchplugins\hotspot-shield-customized-web-search.xml, , [9389ef8c90ebf145f5b7edbaea1853ad],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\background.html, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\icon128.ico, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\AddonsFramework.Typelib.dll, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\AddonsFramework.Typelib64.dll, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\BackgroundHost.exe, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\BackgroundHost64.exe, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\bg.js, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\ButtonSite.dll, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\ButtonSite64.dll, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\config.xml, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\content.js, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\icon128.png, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\icon16.ico, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\icon16.png, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\icon18.ico, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\icon18.png, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\icon24.ico, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\icon24.png, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\icon32.ico, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\icon32.png, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\icon48.ico, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\icon48.png, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\jquery-1.9.1.min.js, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\json2.min.js, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\options.htm, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\ScriptHost.dll, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\ScriptHost64.dll, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\uninst.exe, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\uninstall.exe, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\updater.js, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\updaterWrapper.js, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\mz\background.js, , [13093645b0cbe84e012bf0f705febe42],
PUP.Optional.Zulagames.A, C:\Program Files\Zula Games\mz\content.js, , [13093645b0cbe84e012bf0f705febe42],

Physical Sectors: 0
(No malicious items detected)


(end)

[jaro3]

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[FooDMasteR]

Junkware Removal Tool by Thisisu

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Starter x86
Ran by Aleç on ne 22.06.2014 at 12:55:03,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{65EC3953-2A1F-4073-8293-C196CAFF94B9}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\hotspot shield"
Successfully deleted: [Folder] "C:\Program Files\hotspot shield"
Successfully deleted: [Folder] "C:\Program Files\lemurleap"
Successfully deleted: [Folder] "C:\Program Files\zula games"
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{09B4F530-43A0-4F17-B986-690B94604360}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{0C216157-1E96-4469-92F1-402037436C78}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{0C903E9D-BED8-4FC6-BB23-E208A31EE977}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{1429A2F5-4118-42F8-B986-FD32E890BBD2}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{1E2E19D6-7AEC-4989-BA0F-F853EE214D20}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{1F45BC2D-B430-4011-A044-90E178BA5DB2}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{1FAD0386-0C77-487A-A926-34188A1138FB}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{24619285-B55D-425F-A34C-4A2A89A79059}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{2483BE9D-EF6E-4C62-9C65-8C7C202A5210}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{252B1D44-4E61-408D-8988-41A1C5FFB8C3}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{29DBBE37-D4D4-4ED1-9839-7FB657F2995B}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{2A4640F0-DFE6-4CB7-9234-DA415FAE7CF3}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{337F7EBE-C5B9-422F-84E5-B0FD230F9DD3}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{3A2A3627-4C22-424A-990E-911126AAD900}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{3AA38B41-530C-49F4-A5E4-AAFD1EB51826}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{4609396D-888B-4C7E-A490-5E7A5CE3F588}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{46FC0F03-4BB3-409E-9ED1-9700DED80A2A}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{55DE0D94-7AB0-4DDE-996A-68F17ACE2848}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{56085D80-D519-4A6F-9247-54713DF38938}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{566283B7-FE7B-43FA-AD64-2E8715DC9AE9}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{58183A5D-5169-4F07-A26D-0C001E90ED92}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{6199F9C8-C8B8-4C02-857F-1B9FD92070DB}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{6AFAE6C2-605D-4E5C-9A18-2D4E4D39681D}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{6C606720-42AB-4C0C-8E1B-B91E32287271}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{74ACA6A1-DC02-4B68-8581-2E4236F0C224}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{7D42FCB2-BE54-4594-B308-987948616136}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{7D846C6D-8342-49A6-9B64-A5F0587D5CB2}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{80A94CCE-4E70-4585-A0FD-3B9ACBDE59C9}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{8488A81C-3112-43EE-ABB5-7FD7A24D6126}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{8B338FCF-5C68-4538-B755-AD52AE8FFA3E}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{8CD07AFA-43C6-4BB4-ABA1-3CECC9BF9907}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{8D3B2113-05FB-47FE-95AC-21B8CA4DB1CF}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{92F2FDFF-66A7-4B04-8CF6-E093887BB485}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{9813D932-4898-446D-970F-01B1AFACCE45}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{9BDD2FF0-3747-40DF-9415-FF46BC0C0FE2}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{9D79AE49-E2BB-4940-910B-700160162933}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{9FD8E84C-F34E-4D09-A534-30CDF2F4BAC9}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{A2E69406-8887-4778-935E-A6D1EEA6F5CF}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{A368C1B8-B383-4D76-B0D9-1227FF34DDBC}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{A4E4C278-06A2-44BF-86D1-5972853472B0}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{A571773F-1780-4D2E-9EFE-BFD7C0E30860}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{AB496DDF-DACD-40FD-AEE7-13CF6A39BCF2}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{AC81533E-FB00-4496-A88F-A818A9D6C58A}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{B73E84C7-0E3E-400F-8884-6C9A452CF3A6}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{B8F1BBEC-5C52-49F6-98FE-B73A97E9E114}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{C406DA04-A9EC-42E7-8151-FAECA6D44161}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{C4A28E1A-FD36-4DF7-977A-F247EFBF14D3}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{C58611E7-DACD-4F92-A10B-6EFFB5E305AE}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{C6B03F3C-345B-4DF5-B7AE-52F9CE1DC209}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{C9732303-7638-4CE6-A19E-23C173F0AA6D}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{CA30652D-5933-47C4-AAF5-8B654D1F3354}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{D4243CA3-CBE2-4C37-BF85-D0C048A32044}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{DA2C0899-1EE6-4280-8965-A8345A13ABFA}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{DCCAA48D-5EBC-4802-B9BC-96CB48884587}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{E1BD7A0E-252C-40B8-A414-AAA306ABD77B}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{E1D79B4D-73B4-4D84-9C09-E1252F6BDDD1}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{E8D39B23-4581-453C-AF6D-E5BB5233DB4A}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{EABE5104-ABCF-4CBB-95D2-401D97D6933C}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{EEC496DD-4C06-403D-B359-F3594517925C}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{F17088BD-95A0-4174-8E5F-80B117AEFE18}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{F43EC143-7F91-4ABF-A345-399A2D6075BF}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{F742FDA5-8C5E-49CA-ABE8-D0CCA9417200}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{F751DFBA-78EF-40C8-8E0E-07A8CD8D9364}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{F8FAE171-2ACA-4479-B05F-EE87D86E19BD}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{FACC4215-829A-45C4-8314-FFC623F87570}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{FDCB6F24-5452-4959-9930-4685347723A4}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{FDF61B3B-F7DC-4B60-A916-BD9FA650723A}
Successfully deleted: [Empty Folder] C:\Users\Aleç\appdata\local\{FF59C060-032B-4F1D-8063-A601492BF5B5}



~~~ FireFox

Emptied folder: C:\Users\Aleç\AppData\Roaming\mozilla\firefox\profiles\tpmdim26.default\minidumps [224 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 22.06.2014 at 13:10:54,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MbAM

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 22.6.2014
Scan Time: 14:25:59
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.22.02
Rootkit Database: v2014.06.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: AleA!

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 318791
Time Elapsed: 34 min, 36 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 4
PUP.Optional.SpeedAnalysis3.A, HKLM\SOFTWARE\CLASSES\Speed Analysis 3.ScriptHostObject, Quarantined, [bac02655b2c90531e541522ab64c53ad],
PUP.Optional.SpeedAnalysis3.A, HKLM\SOFTWARE\CLASSES\Speed Analysis 3.ScriptHostObject.1, Quarantined, [c6b489f25a218bab72b4fd7f719159a7],
PUP.Optional.LemurLeap.A, HKLM\SOFTWARE\LemurLeap, Quarantined, [344613680b7091a5e1e731b7b05360a0],
PUP.Optional.LemurLeap.A, HKU\S-1-5-21-3519817173-1874351568-3294493302-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\LemurLeap, Quarantined, [bac04b301f5c003656a40ed31ee5fd03],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.LemurLeap.A, C:\Users\Martin3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof, Quarantined, [f981097223588fa790938012ef13e11f],

Files: 1
PUP.Optional.Conduit.A, C:\Users\AleA!\AppData\Roaming\Mozilla\Firefox\Profiles\tpmdim26.default\searchplugins\hotspot-shield-customized-web-search.xml, Quarantined, [99e117645e1d4beba9419f0857ab32ce],

Physical Sectors: 0
(No malicious items detected)


(end)

Rogue Killer

RogueKiller V9.0.3.0 [Jun 17 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Aleš [Práva správce]
Mód : Kontrola -- Datum : 06/22/2014 17:46:28

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[Suspicious.Path] BitMeter2.exe -- C:\Users\Aleš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BitMeter2.exe[-] -> SMAZÁNO [TermProc]
[Suspicious.Path] szndesktop.exe -- C:\Users\Aleš\AppData\Roaming\Seznam.cz\bin\szndesktop.exe[7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 12 ¤¤¤
[Suspicious.Path] HKEY_USERS\S-1-5-21-3519817173-1874351568-3294493302-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Users\Aleš\AppData\Roaming\Seznam.cz\szninstall.exe" -c -> NALEZENO
[Suspicious.Path] HKEY_USERS\S-1-5-21-3519817173-1874351568-3294493302-1000\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Users\Aleš\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -> NALEZENO
[PUM.Proxy] HKEY_USERS\S-1-5-21-3519817173-1874351568-3294493302-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8555;https=127.0.0.1:8555 -> NALEZENO
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 62.113.218.34 8.8.8.8 -> NALEZENO
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{735C50A0-5878-4E16-9FB0-602F86247186} | DhcpNameServer : 172.23.45.1 8.8.8.8 -> NALEZENO
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{735C50A0-5878-4E16-9FB0-602F86247186} | DhcpNameServer : 172.23.45.1 8.8.8.8 -> NALEZENO
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{735C50A0-5878-4E16-9FB0-602F86247186} | DhcpNameServer : 172.23.45.1 8.8.8.8 -> NALEZENO
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{9FEF5923-7201-49A8-9A80-B3E65972D9DE} | DhcpNameServer : 62.113.218.34 8.8.8.8 -> NALEZENO
[PUM.Policies] HKEY_USERS\S-1-5-21-3519817173-1874351568-3294493302-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] HKEY_USERS\S-1-5-21-3519817173-1874351568-3294493302-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 21 ¤¤¤
[SSDT:Addr] NtCreateKey[70] : Unknown @ 0x881e8aa0
[SSDT:Addr] NtCreateMutant[74] : Unknown @ 0x8ac08a00
[SSDT:Addr] NtCreateProcess[79] : Unknown @ 0x881e75a0
[SSDT:Addr] NtCreateProcessEx[80] : Unknown @ 0x881e78a0
[SSDT:Addr] NtCreateSymbolicLinkObject[86] : Unknown @ 0x8ac08dc0
[SSDT:Addr] NtCreateThread[87] : Unknown @ 0x8ac08340
[SSDT:Addr] NtCreateThreadEx[88] : Unknown @ 0x8ac08520
[SSDT:Addr] NtCreateUserProcess[93] : Unknown @ 0x881e7ba0
[SSDT:Addr] NtDeleteKey[103] : Unknown @ 0x881e90a0
[SSDT:Addr] NtDeleteValueKey[106] : Unknown @ 0x881e99a0
[SSDT:Addr] NtDuplicateObject[111] : Unknown @ 0x8ac08fa0
[SSDT:Addr] NtLoadDriver[155] : Unknown @ 0x8ac08700
[SSDT:Addr] NtOpenProcess[190] : Unknown @ 0x881e7ea0
[SSDT:Addr] NtOpenSection[194] : Unknown @ 0x881e9f80
[SSDT:Addr] NtOpenThread[198] : Unknown @ 0x881e81a0
[SSDT:Addr] NtRenameKey[290] : Unknown @ 0x881e93a0
[SSDT:Addr] NtRestoreKey[302] : Unknown @ 0x881e96a0
[SSDT:Addr] NtSetSystemInformation[350] : Unknown @ 0x8ac08be0
[SSDT:Addr] NtSetValueKey[358] : Unknown @ 0x881e8da0
[SSDT:Addr] NtTerminateThread[371] : Unknown @ 0x881e87a0
[SSDT:Addr] NtWriteVirtualMemory[399] : Unknown @ 0x8ac08160

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS543225A7A384 +++++
--- User ---
[MBR] fa54dee2ac4bff7cc174017000216ab9
[BSP] 62aff7089ea12aba890dddd7b4d89648 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 102400 MB
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 241174528 | Size: 120697 MB
3 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 488361984 | Size: 16 MB
User = LL1 ... OK
User = LL2 ... OK

[jaro3]

Odinstaluj:
AVG Secure Search

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků