Prosím o kontrolu logu - pomalý počítač Vyřešeno

[Parek228]

Zdravím, jsem na notebooku rodičů a mají už dlouho pomalý počítač (hlavně, když jsou na internetu a chtějí jít na nějakou stránku, tak to dlouho trvá). Internet máme všichni stejní a na 2 PC to jde v pohodě, takže si myslím, že internetem to nebude. Jinak, bohužel tady je Windows XP (tipuji, že tu bude i hodně virů) a neplánuje se reinstalace na Win 7 (důvody nebudu říkat).

Mám ještě otázku, jestli viry mohou třeba zpomalit chod načítání stránek na internetu, ale PC jede v pohodě (zapnutí exe souborů atd.).

Díky moc za pomoc a tady je log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:55:43, on 7.3.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\Documents and Settings\All Users\Data aplikací\IePluginService\PluginService.exe
C:\Documents and Settings\All Users\Data aplikací\IePluginServices\PluginService.exe
C:\Documents and Settings\All Users\Data aplikací\WindowsMangerProtect\ProtectWindowsManager.exe
C:\Program Files\WinZipper\winzipersvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\CMonitor\MonitorService.exe
C:\CMonitor\Monitor.exe
C:\Program Files\ESET\ESET Endpoint Antivirus\ekrn.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\netupdsrv.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Elex-tech\YAC\iSafeTray.exe
C:\CMonitor\Monitor.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\AccelerometerSt.Exe
C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\FilesFrog Update Checker\update_checker.exe
C:\Documents and Settings\patakova\Local Settings\Data aplikací\WebPlayer\FLV Player\WebPlayer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Documents and Settings\patakova\Data aplikací\Seznam.cz\bin\szndesktop.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\patakova\Dokumenty\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts= ... J8231J8231
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_ ... default&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_ ... default&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts= ... J8231J8231
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts= ... J8231J8231
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts= ... J8231J8231
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qvo6.com/web/?utm_source= ... 1377191210
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.qvo6.com/web/?utm_source= ... 1377191210
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll
O2 - BHO: phpnuke Helper Object - {890CA547-B66C-48BF-9663-DBE0BFDC7D0C} - C:\Program Files\phpnuke\phpnuke\1.8.16.4\bh\phpnuke.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.3.0.885\AVG Secure Search_toolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files\DealPly\DealPlyIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll
O3 - Toolbar: phpnuke Toolbar - {7B206A1E-933F-4A50-9E60-5167598BDB03} - C:\Program Files\phpnuke\phpnuke\1.8.16.4\phpnukeTlbr.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.3.0.885\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [CMonitor] C:\CMonitor\Monitor.exe /GUI
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.Exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [filesfrog_apt_flvplayer] "C:\DOCUME~1\patakova\LOCALS~1\Temp\\BI_RunOnce.exe" /initurl http://bi.bisrv.com/:affid:/:sid:/:uid:? /affid "filesfrog_apt_flvplayer" /id "flvplayerqjgi" /name "FLV Player Update" /uniqid FLVPlayerUpdate_downloader_by_FLVPlayerUpdate ${CUSTOM_ARGS} /uuid 396E0F55-17FA-11DE-9140-64A4BF0CB0E6 /biosserial CNU9190VX1 /biosversion HPQOEM - f /csname HP Compaq 6730s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\patakova\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\patakova\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [FLV Player] C:\Documents and Settings\patakova\Local Settings\Data aplikací\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-823518204-1409082233-1801674531-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'user')
O4 - HKUS\S-1-5-21-823518204-1409082233-1801674531-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9419180390
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = carling.cz
O17 - HKLM\Software\..\Telephony: DomainName = carling.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = carling.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = carling.cz
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: C-Monitor Service (CMonitorService) - SEAL IT Services, s.r.o. - C:\CMonitor\MonitorService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - C:\Documents and Settings\All Users\Data aplikací\IePluginService\PluginService.exe
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\Documents and Settings\All Users\Data aplikací\IePluginServices\PluginService.exe
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\WINDOWS\system32\nethtsrv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\WINDOWS\system32\netupdsrv.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: vToolbarUpdater15.4.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
O23 - Service: vToolbarUpdater18.3.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - SysTool PasSame LIMITED - C:\Documents and Settings\All Users\Data aplikací\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files\WinZipper\winzipersvc.exe

--
End of file - 15347 bytes

[Reklama]

[jaro3]

Odinstaluj:
AVG Secure Search

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Offline Reg
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Parek228]

Adw Cleaner:
# AdwCleaner v4.111 - Logfile created 08/03/2015 at 13:53:49
# Updated 18/02/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : patakova - CITNB17
# Running from : C:\Documents and Settings\patakova\Plocha\adwcleaner_4.111.exe
# Option : Scan

***** [ Services ] *****

Service Found : IePluginService
Service Found : IePluginServices
Service Found : iSafeKrnl
Service Found : iSafeKrnlBoot
Service Found : iSafeKrnlKit
Service Found : iSafeKrnlR3
Service Found : iSafeNetFilter
Service Found : iSafeService
Service Found : NethxxpService
Service Found : ServiceUpdater
Service Found : WindowsMangerProtect
Service Found : winzipersvc
Service Found : iSafeKrnlMon

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\patakova\Local Settings\Data aplikací\funmoods.crx
File Found : C:\Documents and Settings\patakova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ep.crx
File Found : C:\Documents and Settings\patakova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Found : C:\Documents and Settings\patakova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
File Found : C:\Documents and Settings\patakova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Found : C:\Documents and Settings\patakova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Found : C:\WINDOWS\system32\drivers\iSafeKrnlBoot.sys
File Found : C:\WINDOWS\system32\Drivers\iSafeNetFilter.sys
File Found : C:\WINDOWS\system32\installd.exe
File Found : C:\WINDOWS\system32\nethtsrv.exe
File Found : C:\WINDOWS\system32\netupdsrv.exe
File Found : C:\WINDOWS\system32\roboot.exe
Folder Found : C:\Documents and Settings\administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Found : C:\Documents and Settings\administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Found : C:\Documents and Settings\All Users\Data aplikací\IePluginService
Folder Found : C:\Documents and Settings\All Users\Data aplikací\IePluginServices
Folder Found : C:\Documents and Settings\All Users\Data aplikací\SweetIM
Folder Found : C:\Documents and Settings\All Users\Data aplikací\WindowsMangerProtect
Folder Found : C:\Documents and Settings\All Users\Data aplikací\WPM
Folder Found : C:\Documents and Settings\All Users\Nabídka Start\Programy\WinZipper
Folder Found : C:\Documents and Settings\patakova\Data aplikací\337
Folder Found : C:\Documents and Settings\patakova\Data aplikací\337Games
Folder Found : C:\Documents and Settings\patakova\Data aplikací\Babylon
Folder Found : C:\Documents and Settings\patakova\Data aplikací\DealPly
Folder Found : C:\Documents and Settings\patakova\Data aplikací\Desk 365
Folder Found : C:\Documents and Settings\patakova\Data aplikací\eCyber
Folder Found : C:\Documents and Settings\patakova\Data aplikací\Elex-tech
Folder Found : C:\Documents and Settings\patakova\Data aplikací\Funmoods
Folder Found : C:\Documents and Settings\patakova\Data aplikací\goforfiles
Folder Found : C:\Documents and Settings\patakova\Data aplikací\iSafe
Folder Found : C:\Documents and Settings\patakova\Data aplikací\Omiga Plus
Folder Found : C:\Documents and Settings\patakova\Data aplikací\OpenCandy
Folder Found : C:\Documents and Settings\patakova\Data aplikací\SupTab
Folder Found : C:\Documents and Settings\patakova\Data aplikací\SwvUpdater
Folder Found : C:\Documents and Settings\patakova\Data aplikací\Systweak
Folder Found : C:\Documents and Settings\patakova\Data aplikací\WinZipper
Folder Found : C:\Documents and Settings\patakova\Local Settings\Data aplikací\AVG Secure Search
Folder Found : C:\Documents and Settings\patakova\Local Settings\Data aplikací\DownTango
Folder Found : C:\Documents and Settings\patakova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Folder Found : C:\Documents and Settings\patakova\Local Settings\Data aplikací\webplayer
Folder Found : C:\Documents and Settings\patakova\Nabídka Start\Programy\Browser Manager
Folder Found : C:\Documents and Settings\patakova\Nabídka Start\Programy\DealPly
Folder Found : C:\Documents and Settings\patakova\Nabídka Start\Programy\FilesFrog Update Checker
Folder Found : C:\Documents and Settings\patakova\Nabídka Start\Programy\FLV Player
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\AVG Security Toolbar
Folder Found : C:\Program Files\BetterSurf
Folder Found : C:\Program Files\Better-Surf
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Program Files\DealPly
Folder Found : C:\Program Files\Elex-tech
Folder Found : C:\Program Files\FilesFrog Update Checker
Folder Found : C:\Program Files\Funmoods
Folder Found : C:\Program Files\iSafe
Folder Found : C:\Program Files\Omiga Plus
Folder Found : C:\Program Files\Red Sky
Folder Found : C:\Program Files\SupTab
Folder Found : C:\Program Files\SweetIM
Folder Found : C:\Program Files\WinZipper

***** [ Scheduled tasks ] *****

Task Found : AmiUpdXp
Task Found : GoforFilesUpdate

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\5e28b8bb234e442
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DealPly
Key Found : HKCU\Software\Funmoods
Key Found : HKCU\Software\GoforFiles
Key Found : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\DealPly
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\FilesFrog Update Checker
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Somoto
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\V9
Key Found : HKCU\Software\Webplayer
Key Found : HKLM\SOFTWARE\5e28b8bb234e442
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\BetterSurf
Key Found : HKLM\SOFTWARE\Better-Surf
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Found : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Key Found : HKLM\SOFTWARE\Classes\f
Key Found : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Key Found : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Key Found : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Found : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Found : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Found : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Found : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\DealPly
Key Found : HKLM\SOFTWARE\delta-homesSoftware
Key Found : HKLM\SOFTWARE\Desksvc
Key Found : HKLM\SOFTWARE\Elex-tech
Key Found : HKLM\SOFTWARE\Funmoods
Key Found : HKLM\SOFTWARE\GoforFiles
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ainbkicbloikcngphmjfpjdemblcojdd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Found : HKLM\SOFTWARE\hdcode
Key Found : HKLM\SOFTWARE\IePlugin
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Desk 365
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FilesFrog Update Checker
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\HandyUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IePlugins
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\inethnfd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iSafe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SupTab
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\winzipper
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wpm
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WsysControl
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HandyUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Found : HKLM\SOFTWARE\omigaplusSvc
Key Found : HKLM\SOFTWARE\qvo6Software
Key Found : HKLM\SOFTWARE\SupDp
Key Found : HKLM\SOFTWARE\SupTab
Key Found : HKLM\SOFTWARE\supWindowsMangerProtect
Key Found : HKLM\SOFTWARE\supWPM
Key Found : HKLM\SOFTWARE\SweetIM
Key Found : HKLM\SOFTWARE\systweak
Key Found : HKLM\SOFTWARE\V9
Key Found : HKLM\SOFTWARE\winzipersvc
Key Found : HKLM\SOFTWARE\Wpm
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FLV Player]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.delta-homes.com/web/?utm_ ... default&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?type=hp&ts= ... J8231J8231
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts= ... J8231J8231
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.delta-homes.com/web/?utm_ ... default&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts= ... J8231J8231
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?type=hp&ts= ... J8231J8231
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://mixidj.delta-search.com/?babsrc= ... 5&tsp=4982
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://search.qvo6.com/web/?utm_source= ... 1377191210
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://search.qvo6.com/web/?utm_source= ... 1377191210

-\\ Google Chrome v40.0.2214.115

[C:\Documents and Settings\administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=142183 ... 31j8231&q={searchTerms}&ref=d3d3LnY5LmNvbQ==
[C:\Documents and Settings\patakova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://isearch.avg.com/search?cid={40600A77-F7A4-4349-9283-05F0FB1F6C32}&mid=Unknown&lang=it&ds=hk011&pr=sa&d=2013-07-31%2018:02:38&v=14.0.0.12&pid=avg&sg=0&sap=dsp&q={searchTerms}
[C:\Documents and Settings\patakova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://mixidj.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=54EB0022FA4C1892&affID=121125&tsp=4982
[C:\Documents and Settings\patakova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10025&barid={779A2CD7-12D1-11E2-B892-0022FA4C1892}
[C:\Documents and Settings\patakova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtByEzztCyCyB0CyEzz0CyCzzzztAtN0D0Tzu0CtAtAyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1243583669
[C:\Documents and Settings\patakova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.delta-homes.com/web/?type ... 31J8231&q={searchTerms}
[C:\Documents and Settings\patakova\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.delta-homes.com/web/?type ... 31J8231&q={searchTerms}
*************************

AdwCleaner[R0].txt - [26922 bytes] - [08/03/2015 13:53:49]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [26982 bytes] ##########

[Parek228]

Roguekiller:
RogueKiller V10.5.1.0 [Mar 5 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno : Normální režim
Uživatel : patakova [Práva správce]
Started from : C:\Documents and Settings\patakova\Plocha\RogueKiller.exe
Mód : Prohledat -- Datum : 03/08/2015 14:16:43

¤¤¤ Procesy : 10 ¤¤¤
[Suspicious.Path] PluginService.exe(284) -- C:\Documents and Settings\All Users\Data aplikací\IePluginService\PluginService.exe[7] -> Zastaveno [TermProc]
[Suspicious.Path] PluginService.exe(312) -- C:\Documents and Settings\All Users\Data aplikací\IePluginServices\PluginService.exe[7] -> Zastaveno [TermProc]
[Suspicious.Path] ProtectWindowsManager.exe(440) -- C:\Documents and Settings\All Users\Data aplikací\WindowsMangerProtect\ProtectWindowsManager.exe[-] -> Zastaveno [TermProc]
[Proc.Injected] ekrn.exe(1932) -- C:\Program Files\ESET\ESET Endpoint Antivirus\ekrn.exe[7] -> Zastaveno [DrvNtTerm]
[Suspicious.Path] WebPlayer.exe(3684) -- C:\Documents and Settings\patakova\Local Settings\Data aplikací\WebPlayer\FLV Player\WebPlayer.exe[-] -> Zastaveno [TermProc]
[Suspicious.Path] szndesktop.exe(116) -- C:\Documents and Settings\patakova\Data aplikací\Seznam.cz\bin\szndesktop.exe[7] -> Zastaveno [TermProc]
[Suspicious.Path] explorer.exe(2828) -- C:\Documents and Settings\patakova\Data aplikací\Seznam.cz\bin\17224libfoxloader.dll[7] -> Uvolněno
[PUP] (SVC) ServiceUpdater -- C:\WINDOWS\system32\netupdsrv.exe[-] -> Zastaveno
[PUP] (SVC) vToolbarUpdater15.4.0 -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe[7] -> Zastaveno
[PUP] (SVC) winzipersvc -- C:\Program Files\WinZipper\winzipersvc.exe[7] -> Zastaveno

¤¤¤ Registry : 72 ¤¤¤
[PUP] HKEY_CLASSES_ROOT\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77} -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (C:\Program Files\SupTab\SupTab.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237} (C:\Program Files\Common Files\AVG Secure Search\RewardsInstaller\17.1.2\AVGRewardsWorker.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} ("C:\Documents and Settings\patakova\Data aplikací\SwvUpdater\Updater.exe") -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA} -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} ("C:\Program Files\Funmoods\1.5.23.22\funmoodssrv.exe") -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC} -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (C:\Program Files\Funmoods\1.5.23.22\escortApp.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} (C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B} (C:\Program Files\DealPly\DealPlyIE.dll) -> Nalezeno
[PUP] HKEY_CLASSES_ROOT\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (C:\Program Files\Funmoods\1.5.23.22\escortEng.dll) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (C:\Program Files\SupTab\SupTab.dll) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} (C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B} (C:\Program Files\DealPly\DealPlyIE.dll) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | vProt : "C:\Program Files\AVG Secure Search\vprot.exe" -> Nalezeno
[PUP] HKEY_USERS\S-1-5-21-1910887362-732238332-377182475-5677\Software\Microsoft\Windows\CurrentVersion\Run | SDP : C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto -> Nalezeno
[Suspicious.Path] HKEY_USERS\S-1-5-21-1910887362-732238332-377182475-5677\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.autoupdate : "C:\Documents and Settings\patakova\Data aplikací\Seznam.cz\szninstall.exe" -c -> Nalezeno
[Suspicious.Path] HKEY_USERS\S-1-5-21-1910887362-732238332-377182475-5677\Software\Microsoft\Windows\CurrentVersion\Run | cz.seznam.software.szndesktop : "C:\Documents and Settings\patakova\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q -> Nalezeno
[PUP] HKEY_USERS\S-1-5-21-1910887362-732238332-377182475-5677\Software\Microsoft\Windows\CurrentVersion\Run | FLV Player : C:\Documents and Settings\patakova\Local Settings\Data aplikací\WebPlayer\FLV Player\WebPlayer.exe -> Nalezeno
[Suspicious.Path] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce | filesfrog_apt_flvplayer : "C:\DOCUME~1\patakova\LOCALS~1\Temp\\BI_RunOnce.exe" /initurl http://bi.bisrv.com/:affid:/:sid:/:uid:? /affid "filesfrog_apt_flvplayer" /id "flvplayerqjgi" /name "FLV Player Update" /uniqid FLVPlayerUpdate_downloader_by_FLVPlayerUpdate ${CUSTOM_ARGS} /uuid 396E0F55-17FA-11DE-9140-64A4BF0CB0E6 /biosserial CNU9190VX1 /biosversion HPQOEM - f /csname HP Compaq 6730s -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IePluginService (C:\Documents and Settings\All Users\Data aplikací\IePluginService\PluginService.exe -service) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IePluginServices (C:\Documents and Settings\All Users\Data aplikací\IePluginServices\PluginService.exe -service) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\iSafeKrnl (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\iSafeKrnlBoot (system32\DRIVERS\iSafeKrnlBoot.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\iSafeKrnlKit (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\iSafeKrnlR3 (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\iSafeNetFilter (system32\DRIVERS\iSafeNetFilter.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\iSafeService (C:\Program Files\Elex-tech\YAC\iSafeSvc.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetHttpService (C:\WINDOWS\system32\nethtsrv.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ServiceUpdater (C:\WINDOWS\system32\netupdsrv.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\vToolbarUpdater15.4.0 (C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WindowsMangerProtect (C:\Documents and Settings\All Users\Data aplikací\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\winzipersvc (C:\Program Files\WinZipper\winzipersvc.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IePluginService (C:\Documents and Settings\All Users\Data aplikací\IePluginService\PluginService.exe -service) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IePluginServices (C:\Documents and Settings\All Users\Data aplikací\IePluginServices\PluginService.exe -service) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnl (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnlBoot (system32\DRIVERS\iSafeKrnlBoot.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnlKit (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnlR3 (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeNetFilter (system32\DRIVERS\iSafeNetFilter.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeService (C:\Program Files\Elex-tech\YAC\iSafeSvc.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetHttpService (C:\WINDOWS\system32\nethtsrv.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ServiceUpdater (C:\WINDOWS\system32\netupdsrv.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vToolbarUpdater15.4.0 (C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WindowsMangerProtect (C:\Documents and Settings\All Users\Data aplikací\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\winzipersvc (C:\Program Files\WinZipper\winzipersvc.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\IePluginService (C:\Documents and Settings\All Users\Data aplikací\IePluginService\PluginService.exe -service) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\IePluginServices (C:\Documents and Settings\All Users\Data aplikací\IePluginServices\PluginService.exe -service) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnl (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnlBoot (system32\DRIVERS\iSafeKrnlBoot.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnlKit (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnlR3 (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeNetFilter (system32\DRIVERS\iSafeNetFilter.sys) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeService (C:\Program Files\Elex-tech\YAC\iSafeSvc.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NetHttpService (C:\WINDOWS\system32\nethtsrv.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ServiceUpdater (C:\WINDOWS\system32\netupdsrv.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\vToolbarUpdater15.4.0 (C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WindowsMangerProtect (C:\Documents and Settings\All Users\Data aplikací\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> Nalezeno
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\winzipersvc (C:\Program Files\WinZipper\winzipersvc.exe) -> Nalezeno
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.delta-homes.com/?type=hp&ts= ... J8231J8231 -> Nalezeno
[PUM.HomePage] HKEY_USERS\S-1-5-21-1910887362-732238332-377182475-5677\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.delta-homes.com/?type=hp&ts= ... J8231J8231 -> Nalezeno
[PUM.SearchPage] HKEY_USERS\S-1-5-21-1910887362-732238332-377182475-5677\Software\Microsoft\Internet Explorer\Main | Search Page : http://search.delta-homes.com/web/?utm_ ... default&q={searchTerms} -> Nalezeno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno

¤¤¤ Úlohy : 1 ¤¤¤
[Suspicious.Path] AmiUpdXp.job -- C:\Documents and Settings\patakova\Data aplikací\17961\a2690.exe -> Nalezeno

¤¤¤ Soubory : 1 ¤¤¤
[Suspicious.Startup][Soubor] HP Digital Imaging Monitor.lnk -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk -> Nalezeno

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\WINDOWS\System32\drivers\etc\hosts] 10.34.8.9 cml01.carling.local

¤¤¤ Antirootkit : 41 (Driver: Nahrán) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ \Device\Harddisk0\DR0 : \Driver\phylock @ Unknown (phylock.sys)
[Filter(Kernel.Filter)] \Driver\Disk @ \Device\Harddisk0\DR0 : \Driver\phylock @ Unknown (phylock.sys)
[IAT:Addr(Hook.IEAT)] (explorer.exe) USER32.dll - MoveWindow : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x100018c0
[IAT:Addr(Hook.IEAT)] (explorer.exe) USER32.dll - EndPaint : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001ce0
[IAT:Addr(Hook.IEAT)] (explorer.exe) USER32.dll - DeferWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001b60
[IAT:Addr(Hook.IEAT)] (explorer.exe) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Addr(Hook.IEAT)] (explorer.exe @ BROWSEUI.dll) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Addr(Hook.IEAT)] (explorer.exe @ BROWSEUI.dll) USER32.dll - MoveWindow : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x100018c0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ BROWSEUI.dll) USER32.dll - EndPaint : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001ce0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ ole32.dll) USER32.dll - MoveWindow : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x100018c0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ SHLWAPI.dll) USER32.dll - DeferWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001b60
[IAT:Addr(Hook.IEAT)] (explorer.exe @ SHLWAPI.dll) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Addr(Hook.IEAT)] (explorer.exe @ SHLWAPI.dll) USER32.dll - EndPaint : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001ce0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ SHDOCVW.dll) USER32.dll - EndPaint : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001ce0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ SHDOCVW.dll) USER32.dll - MoveWindow : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x100018c0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ SHDOCVW.dll) USER32.dll - DeferWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001b60
[IAT:Addr(Hook.IEAT)] (explorer.exe @ SHDOCVW.dll) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Addr(Hook.IEAT)] (explorer.exe @ CRYPTUI.dll) USER32.dll - EndPaint : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001ce0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ CRYPTUI.dll) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Addr(Hook.IEAT)] (explorer.exe @ CRYPTUI.dll) USER32.dll - MoveWindow : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x100018c0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ WININET.dll) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Addr(Hook.IEAT)] (explorer.exe @ urlmon.dll) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Addr(Hook.IEAT)] (explorer.exe @ SHELL32.dll) USER32.dll - EndPaint : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001ce0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ SHELL32.dll) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Addr(Hook.IEAT)] (explorer.exe @ SHELL32.dll) USER32.dll - DeferWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001b60
[IAT:Addr(Hook.IEAT)] (explorer.exe @ SHELL32.dll) USER32.dll - MoveWindow : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x100018c0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ UxTheme.dll) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Addr(Hook.IEAT)] (explorer.exe @ AcGenral.DLL) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Addr(Hook.IEAT)] (explorer.exe @ MSACM32.dll) USER32.dll - MoveWindow : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x100018c0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ USERENV.dll) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Addr(Hook.IEAT)] (explorer.exe @ IMM32.DLL) USER32.dll - EndPaint : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001ce0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ IMM32.DLL) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Addr(Hook.IEAT)] (explorer.exe @ comctl32.dll) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Addr(Hook.IEAT)] (explorer.exe @ comctl32.dll) USER32.dll - DeferWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001b60
[IAT:Addr(Hook.IEAT)] (explorer.exe @ comctl32.dll) USER32.dll - EndPaint : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001ce0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ comctl32.dll) USER32.dll - MoveWindow : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x100018c0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ comctl32.dll) USER32.dll - DeferWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001b60
[IAT:Addr(Hook.IEAT)] (explorer.exe @ comctl32.dll) USER32.dll - EndPaint : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001ce0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ comctl32.dll) USER32.dll - MoveWindow : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x100018c0
[IAT:Addr(Hook.IEAT)] (explorer.exe @ comctl32.dll) USER32.dll - SetWindowPos : C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll @ 0x10001a10
[IAT:Inl(Hook.IEAT)] (chrome.exe) SHELL32.dll - SHFileOperationW : C:\Program Files\Elex-tech\YAC\iSafeMon.dll @ 0x100013f0 (jmp 0xffffffff9e5113b1)

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200BEKT-00PVMT0 +++++
--- User ---
[MBR] 6337035e12dac03476171de94b30da55
[BSP] d26b9de76e6701e4807b54b7785d0c08 : Linux MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 209279 MB [Windows XP Bootstrap | Windows XP Bootloader]
1 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 428605438 | Size: 95965 MB
User = LL1 ... OK
User = LL2 ... OK

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:


- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.