Prosím o pomoc. Hodně se mi zpomalil počítač při práci na netu. Asi nějaký vir. Přikládám log. Předem moc díky za rady co s tím.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:13:47, on 10.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal
Running processes:
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Mirdass\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\PDF24\pdf24.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Mirdass\Desktop\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by QIP.ru
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: (no name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O3 - Toolbar: (no name) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Mirdass\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: Dropbox.lnk = Mirdass\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BB98357-4495-C7B2-4A2A-72462C3D3314}: NameServer = 93.153.117.1 93.153.117.33
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13831 bytes
Zpomalení počítače při práci na internetu
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Zpomalení počítače při práci na internetu
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Pokud budou problémy , spusť v nouz. režimu.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Zpomalení počítače při práci na internetu
# AdwCleaner v3.023 - Report created 10/04/2014 at 19:32:40
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Mirdass - MIRDASS-PC
# Running from : C:\Users\Mirdass\Desktop\Downloads\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : ICQ Service
***** [ Files / Folders ] *****
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin.gif
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin.src
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-10.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-11.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-12.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-4.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-5.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-6.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-7.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-8.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-9.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\qip-search.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\user.js
File Found : C:\Windows\System32\Tasks\Express FilesUpdate
Folder Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\Extensions\{32A1FD71-835E-4B11-8E54-886FDA0B4C89}
Folder Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Found C:\Program Files (x86)\Common Files\Software Update Utility
Folder Found C:\Program Files (x86)\ExpressFiles
Folder Found C:\Program Files (x86)\ICQ6Toolbar
Folder Found C:\Program Files\DAEMON Tools Toolbar
Folder Found C:\Program Files\Winamp Toolbar
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\ICQ\ICQToolbar
Folder Found C:\ProgramData\Winamp Toolbar
Folder Found C:\Users\Mirdass\AppData\Local\Babylon
Folder Found C:\Users\Mirdass\AppData\Local\PackageAware
Folder Found C:\Users\Mirdass\AppData\Roaming\Babylon
Folder Found C:\Users\Mirdass\AppData\Roaming\ExpressFiles
Folder Found C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\ICQToolbarData
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\dt soft\daemon tools toolbar
Key Found : HKCU\Software\ExpressFiles
Key Found : HKCU\Software\ICQ\ICQToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Found : HKCU\Software\Winamp Toolbar
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\dt soft\daemon tools toolbar
Key Found : [x64] HKCU\Software\ExpressFiles
Key Found : [x64] HKCU\Software\ICQ\ICQToolbar
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : [x64] HKCU\Software\Winamp Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Found : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Key Found : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{507591C2-2F4E-46A7-92D6-E6CFF82E5F26}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\dt soft\daemon tools toolbar
Key Found : HKLM\Software\ExpressFiles
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8C2644D-BF72-4A89-A88C-D85F565F2F46}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : HKLM\Software\Winamp Toolbar
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16521
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Window Title] - Windows Internet Explorer provided by QIP.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.qip.ru/ie
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://search.qip.ru/ie
-\\ Mozilla Firefox v27.0.1 (cs)
[ File : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\prefs.js ]
Line Found : user_pref("icqtoolbar.allowSendURL", false);
Line Found : user_pref("icqtoolbar.engineVerified", true);
Line Found : user_pref("icqtoolbar.firstTbRun", false);
Line Found : user_pref("icqtoolbar.geolastmodified", 1396886290);
Line Found : user_pref("icqtoolbar.hiddenElements", "itb_options itb_people itb_zoom_in itb_zoom_out itb_zoom_default itb_games itb_highlight");
Line Found : user_pref("icqtoolbar.history", "pizza%20finezza%20motol||wikipedia.cz||slavnosti%20sn%C4%9B%C5%BEenek||pizza%20papa%20cipolla%20praha%205||tv%20prog||slevov%C3%A9%20port%C3%A1ly||%C5%BEi%C5%BEkovsk%C[...]
Line Found : user_pref("icqtoolbar.icqgeo", 42);
Line Found : user_pref("icqtoolbar.installTime", "1350236774");
Line Found : user_pref("icqtoolbar.installsource", "1");
Line Found : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Found : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Found : user_pref("icqtoolbar.numberOfSearches", 0);
Line Found : user_pref("icqtoolbar.previousFFVersion", "27.0.1");
Line Found : user_pref("icqtoolbar.skip_default_search", "no");
Line Found : user_pref("icqtoolbar.suggestions", false);
Line Found : user_pref("icqtoolbar.uniqueID", "135005328713500535321350132534999");
Line Found : user_pref("icqtoolbar.usageStatstTimestamp", 1397113638);
Line Found : user_pref("icqtoolbar.version", "1.5.3");
Line Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Found : user_pref("icqtoolbar.voucherWasShown", 0);
Line Found : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Found : user_pref("icqtoolbar.xmlLanguage", "cs");
-\\ Google Chrome v33.0.1750.154
[ File : C:\Users\Mirdass\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [15063 octets] - [10/04/2014 19:32:40]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [15124 octets] ##########
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Mirdass - MIRDASS-PC
# Running from : C:\Users\Mirdass\Desktop\Downloads\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : ICQ Service
***** [ Files / Folders ] *****
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin.gif
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin.src
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-10.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-11.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-12.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-4.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-5.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-6.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-7.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-8.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\icqplugin-9.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\searchplugins\qip-search.xml
File Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\user.js
File Found : C:\Windows\System32\Tasks\Express FilesUpdate
Folder Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\Extensions\{32A1FD71-835E-4B11-8E54-886FDA0B4C89}
Folder Found : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Found C:\Program Files (x86)\Common Files\Software Update Utility
Folder Found C:\Program Files (x86)\ExpressFiles
Folder Found C:\Program Files (x86)\ICQ6Toolbar
Folder Found C:\Program Files\DAEMON Tools Toolbar
Folder Found C:\Program Files\Winamp Toolbar
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\ICQ\ICQToolbar
Folder Found C:\ProgramData\Winamp Toolbar
Folder Found C:\Users\Mirdass\AppData\Local\Babylon
Folder Found C:\Users\Mirdass\AppData\Local\PackageAware
Folder Found C:\Users\Mirdass\AppData\Roaming\Babylon
Folder Found C:\Users\Mirdass\AppData\Roaming\ExpressFiles
Folder Found C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\ICQToolbarData
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\dt soft\daemon tools toolbar
Key Found : HKCU\Software\ExpressFiles
Key Found : HKCU\Software\ICQ\ICQToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Found : HKCU\Software\Winamp Toolbar
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\dt soft\daemon tools toolbar
Key Found : [x64] HKCU\Software\ExpressFiles
Key Found : [x64] HKCU\Software\ICQ\ICQToolbar
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : [x64] HKCU\Software\Winamp Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Found : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Key Found : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{507591C2-2F4E-46A7-92D6-E6CFF82E5F26}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\dt soft\daemon tools toolbar
Key Found : HKLM\Software\ExpressFiles
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8C2644D-BF72-4A89-A88C-D85F565F2F46}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : HKLM\Software\Winamp Toolbar
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16521
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Window Title] - Windows Internet Explorer provided by QIP.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.qip.ru/ie
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://search.qip.ru/ie
-\\ Mozilla Firefox v27.0.1 (cs)
[ File : C:\Users\Mirdass\AppData\Roaming\Mozilla\Firefox\Profiles\hqk4buvc.default\prefs.js ]
Line Found : user_pref("icqtoolbar.allowSendURL", false);
Line Found : user_pref("icqtoolbar.engineVerified", true);
Line Found : user_pref("icqtoolbar.firstTbRun", false);
Line Found : user_pref("icqtoolbar.geolastmodified", 1396886290);
Line Found : user_pref("icqtoolbar.hiddenElements", "itb_options itb_people itb_zoom_in itb_zoom_out itb_zoom_default itb_games itb_highlight");
Line Found : user_pref("icqtoolbar.history", "pizza%20finezza%20motol||wikipedia.cz||slavnosti%20sn%C4%9B%C5%BEenek||pizza%20papa%20cipolla%20praha%205||tv%20prog||slevov%C3%A9%20port%C3%A1ly||%C5%BEi%C5%BEkovsk%C[...]
Line Found : user_pref("icqtoolbar.icqgeo", 42);
Line Found : user_pref("icqtoolbar.installTime", "1350236774");
Line Found : user_pref("icqtoolbar.installsource", "1");
Line Found : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Found : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Found : user_pref("icqtoolbar.numberOfSearches", 0);
Line Found : user_pref("icqtoolbar.previousFFVersion", "27.0.1");
Line Found : user_pref("icqtoolbar.skip_default_search", "no");
Line Found : user_pref("icqtoolbar.suggestions", false);
Line Found : user_pref("icqtoolbar.uniqueID", "135005328713500535321350132534999");
Line Found : user_pref("icqtoolbar.usageStatstTimestamp", 1397113638);
Line Found : user_pref("icqtoolbar.version", "1.5.3");
Line Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Found : user_pref("icqtoolbar.voucherWasShown", 0);
Line Found : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Found : user_pref("icqtoolbar.xmlLanguage", "cs");
-\\ Google Chrome v33.0.1750.154
[ File : C:\Users\Mirdass\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [15063 octets] - [10/04/2014 19:32:40]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [15124 octets] ##########
Re: Zpomalení počítače při práci na internetu
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 10.4.2014
Scan Time: 19:45:13
Logfile: log.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.10.07
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Mirdass
Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 201943
Time Elapsed: 2 min, 55 sec
Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Scan Date: 10.4.2014
Scan Time: 19:45:13
Logfile: log.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.10.07
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Mirdass
Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 201943
Time Elapsed: 2 min, 55 sec
Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Zpomalení počítače při práci na internetu
V adw nech vše smazat a dodej log po smazání
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Zpomalení počítače při práci na internetu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Mirdass on źt 10.04.2014 at 20:15:47,38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnu.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\icq service.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\winamptbserver.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\winamp toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\winamp toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0C24BC3C-0805-478F-9287-7B6E2EF39F2B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
~~~ Files
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npdnu.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npdnu.xpt"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npdnupdater2.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npdnupdater2.xpt"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\winamp toolbar"
Successfully deleted: [Folder] "C:\Users\Mirdass\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Program Files (x86)\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\software update utility"
~~~ FireFox
Successfully deleted: [File] C:\Users\Mirdass\AppData\Roaming\mozilla\firefox\profiles\hqk4buvc.default\user.js
Successfully deleted: [File] C:\Users\Mirdass\AppData\Roaming\mozilla\firefox\profiles\hqk4buvc.default\searchplugins\qip-search.xml
Emptied folder: C:\Users\Mirdass\AppData\Roaming\mozilla\firefox\profiles\hqk4buvc.default\minidumps [118 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 10.04.2014 at 20:25:50,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Mirdass on źt 10.04.2014 at 20:15:47,38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnu.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\icq service.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\winamptbserver.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\winamp toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\winamp toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0C24BC3C-0805-478F-9287-7B6E2EF39F2B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
~~~ Files
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npdnu.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npdnu.xpt"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npdnupdater2.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npdnupdater2.xpt"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\winamp toolbar"
Successfully deleted: [Folder] "C:\Users\Mirdass\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Program Files (x86)\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\software update utility"
~~~ FireFox
Successfully deleted: [File] C:\Users\Mirdass\AppData\Roaming\mozilla\firefox\profiles\hqk4buvc.default\user.js
Successfully deleted: [File] C:\Users\Mirdass\AppData\Roaming\mozilla\firefox\profiles\hqk4buvc.default\searchplugins\qip-search.xml
Emptied folder: C:\Users\Mirdass\AppData\Roaming\mozilla\firefox\profiles\hqk4buvc.default\minidumps [118 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 10.04.2014 at 20:25:50,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Zpomalení počítače při práci na internetu
RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Mirdass [Práva správce]
Mód : Kontrola -- Datum : 04/10/2014 20:30:06
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{2BB98357-4495-C7B2-4A2A-72462C3D3314} : NameServer (93.153.117.1 93.153.117.33 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{2BB98357-4495-C7B2-4A2A-72462C3D3314} : NameServer (93.153.117.1 93.153.117.33 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS002\[...]\{2BB98357-4495-C7B2-4A2A-72462C3D3314} : NameServer (93.153.117.1 93.153.117.33 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 2 ¤¤¤
[FF][PUP] hqk4buvc.default : QipAuthorizer
[FF][PUP] hqk4buvc.default : ICQ Toolbar
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
[Address] EAT @explorer.exe (AppCacheCheckManifest) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD52D2BC)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD52A1D8)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651BE0)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651C38)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD52A2BC)
[Address] EAT @explorer.exe (AppCacheFinalize) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651C90)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651CE8)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD595488)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD558570)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651DCC)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651E24)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651E7C)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD595464)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651ED4)
[Address] EAT @explorer.exe (AppCacheGetInfo) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651F2C)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD52BB30)
[Address] EAT @explorer.exe (AppCacheLookup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5456B8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD535F8C)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4EBF24)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F1F50)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD629180)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD553808)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5536B8)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD535CC0)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD597200)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5971DC)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD652E4C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD657394)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD558BE0)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5494D0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD55BD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD55BD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD55A1B0)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD652F4C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD610270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD610694)
[Address] EAT @explorer.exe (DispatchAPICall) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D14E8)
[Address] EAT @explorer.exe (DllCanUnloadNow) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD54DC70)
[Address] EAT @explorer.exe (DllGetClassObject) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4E7470)
[Address] EAT @explorer.exe (DllInstall) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD58CD10)
[Address] EAT @explorer.exe (DllRegisterServer) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2E30)
[Address] EAT @explorer.exe (DllUnregisterServer) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2E64)
[Address] EAT @explorer.exe (FindCloseUrlCache) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D553C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F183C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4DE8C8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD54C580)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D64A0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4E89FC)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD552DE0)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD653044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F1CA0)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4DEB5C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD54C704)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD65318C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD65335C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4E8680)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD65352C)
[Address] EAT @explorer.exe (ForceNexusLookup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD629390)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6293E0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD653648)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5578B8)
[Address] EAT @explorer.exe (FtpCommandA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FD968)
[Address] EAT @explorer.exe (FtpCommandW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601494)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FDA4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601630)
[Address] EAT @explorer.exe (FtpDeleteFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FDAEC)
[Address] EAT @explorer.exe (FtpDeleteFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601798)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FDB8C)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601900)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FDDF8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601AD8)
[Address] EAT @explorer.exe (FtpGetFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FDEB8)
[Address] EAT @explorer.exe (FtpGetFileEx) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601C60)
[Address] EAT @explorer.exe (FtpGetFileSize) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FE0DC)
[Address] EAT @explorer.exe (FtpGetFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601DF4)
[Address] EAT @explorer.exe (FtpOpenFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FE36C)
[Address] EAT @explorer.exe (FtpOpenFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601EF8)
[Address] EAT @explorer.exe (FtpPutFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FE44C)
[Address] EAT @explorer.exe (FtpPutFileEx) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601F88)
[Address] EAT @explorer.exe (FtpPutFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6020EC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FE7CC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6021C0)
[Address] EAT @explorer.exe (FtpRenameFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FE86C)
[Address] EAT @explorer.exe (FtpRenameFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60231C)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FE920)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60253C)
[Address] EAT @explorer.exe (GetProxyDllInfo) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5E8D3C)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD653868)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5573F4)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD54B510)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD653B04)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD653CBC)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD53AB20)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD539C80)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD653F04)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD65416C)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5036A0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherGetAttributeA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherGetAttributeW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherOpenFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherOpenFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4FC8C0)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD502A20)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD615078)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD53BD00)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD53BE60)
[Address] EAT @explorer.exe (HttpEndRequestA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5356C0)
[Address] EAT @explorer.exe (HttpEndRequestW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD615714)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD62D5FC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F7BD4)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD546090)
[Address] EAT @explorer.exe (HttpOpenRequestA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD615D6C)
[Address] EAT @explorer.exe (HttpOpenRequestW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4FABE0)
[Address] EAT @explorer.exe (HttpPushClose) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F88B4)
[Address] EAT @explorer.exe (HttpPushEnable) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F8964)
[Address] EAT @explorer.exe (HttpPushWait) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F89BC)
[Address] EAT @explorer.exe (HttpQueryInfoA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4FF8B0)
[Address] EAT @explorer.exe (HttpQueryInfoW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD50F3A0)
[Address] EAT @explorer.exe (HttpSendRequestA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD592A14)
[Address] EAT @explorer.exe (HttpSendRequestExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD615814)
[Address] EAT @explorer.exe (HttpSendRequestExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5354A4)
[Address] EAT @explorer.exe (HttpSendRequestW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD50287C)
[Address] EAT @explorer.exe (HttpWebSocketClose) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD625E40)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6263CC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD625F88)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD626878)
[Address] EAT @explorer.exe (HttpWebSocketSend) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD626DBC)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD62707C)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5204A4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632440)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632618)
[Address] EAT @explorer.exe (InternetAttemptConnect) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ECC48)
[Address] EAT @explorer.exe (InternetAutodial) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F1EF0)
[Address] EAT @explorer.exe (InternetAutodialCallback) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5E955C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F1F88)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ECCB0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EE0CC)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ECDBC)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EE1DC)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6167F8)
[Address] EAT @explorer.exe (InternetCloseHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F8400)
[Address] EAT @explorer.exe (InternetCombineUrlA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED288)
[Address] EAT @explorer.exe (InternetCombineUrlW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F4DA8)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6333E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6333E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD58FA00)
[Address] EAT @explorer.exe (InternetConnectA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED3A0)
[Address] EAT @explorer.exe (InternetConnectW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD501460)
[Address] EAT @explorer.exe (InternetCrackUrlA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD51C300)
[Address] EAT @explorer.exe (InternetCrackUrlW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD551DD0)
[Address] EAT @explorer.exe (InternetCreateUrlA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED4CC)
[Address] EAT @explorer.exe (InternetCreateUrlW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F4880)
[Address] EAT @explorer.exe (InternetDial) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2018)
[Address] EAT @explorer.exe (InternetDialA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2018)
[Address] EAT @explorer.exe (InternetDialW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F20D0)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD616804)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD61686C)
[Address] EAT @explorer.exe (InternetErrorDlg) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD63349C)
[Address] EAT @explorer.exe (InternetFindNextFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD600DF0)
[Address] EAT @explorer.exe (InternetFindNextFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD603160)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F8A14)
[Address] EAT @explorer.exe (InternetFreeCookies) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD531254)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD563098)
[Address] EAT @explorer.exe (InternetGetCertByURL) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D21A8)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D21A8)
[Address] EAT @explorer.exe (InternetGetConnectedState) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F3FF0)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5961B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5961B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5112A4)
[Address] EAT @explorer.exe (InternetGetCookieA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617B40)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD531224)
[Address] EAT @explorer.exe (InternetGetCookieExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617B64)
[Address] EAT @explorer.exe (InternetGetCookieExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD53126C)
[Address] EAT @explorer.exe (InternetGetCookieW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617E70)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED564)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EE2D0)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD616950)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6169A0)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD562DE0)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EE48C)
[Address] EAT @explorer.exe (InternetGoOnline) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F217C)
[Address] EAT @explorer.exe (InternetGoOnlineA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F217C)
[Address] EAT @explorer.exe (InternetGoOnlineW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2220)
[Address] EAT @explorer.exe (InternetHangUp) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F22B8)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4EA100)
[Address] EAT @explorer.exe (InternetLockRequestFile) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD53B8D0)
[Address] EAT @explorer.exe (InternetOpenA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5146D0)
[Address] EAT @explorer.exe (InternetOpenUrlA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED81C)
[Address] EAT @explorer.exe (InternetOpenUrlW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EE590)
[Address] EAT @explorer.exe (InternetOpenW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD514540)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F0660)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F8A74)
[Address] EAT @explorer.exe (InternetQueryOptionA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F6F40)
[Address] EAT @explorer.exe (InternetQueryOptionW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F74F0)
[Address] EAT @explorer.exe (InternetReadFile) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5101F0)
[Address] EAT @explorer.exe (InternetReadFileExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD546D90)
[Address] EAT @explorer.exe (InternetReadFileExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD546D00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6327F0)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632960)
[Address] EAT @explorer.exe (InternetSetCookieA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617E90)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617EB8)
[Address] EAT @explorer.exe (InternetSetCookieExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617F18)
[Address] EAT @explorer.exe (InternetSetCookieExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD51BDA0)
[Address] EAT @explorer.exe (InternetSetCookieW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617FBC)
[Address] EAT @explorer.exe (InternetSetDialState) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2338)
[Address] EAT @explorer.exe (InternetSetDialStateA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2338)
[Address] EAT @explorer.exe (InternetSetDialStateW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2390)
[Address] EAT @explorer.exe (InternetSetFilePointer) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD59763C)
[Address] EAT @explorer.exe (InternetSetOptionA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F5EB0)
[Address] EAT @explorer.exe (InternetSetOptionExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EEBA4)
[Address] EAT @explorer.exe (InternetSetOptionExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EECA0)
[Address] EAT @explorer.exe (InternetSetOptionW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F6370)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD616A38)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD616AD0)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5164B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5164B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD55B9BC)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EE73C)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD547860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD547860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5AD9A8)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD593590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD593590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5934C0)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD53B644)
[Address] EAT @explorer.exe (InternetWriteFile) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD535760)
[Address] EAT @explorer.exe (InternetWriteFileExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (InternetWriteFileExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD519E94)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6543A0)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5973E4)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632AD0)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD51D40C)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD58CF94)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5346E4)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6544F0)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D2A20)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F13F8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD654600)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6547DC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6549B4)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD595FD0)
[Address] EAT @explorer.exe (RunOnceUrlCache) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D21A8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD654BB8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD654CEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD654DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD654DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5189B0)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD528EE8)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD654FB8)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655174)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655364)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655524)
[Address] EAT @explorer.exe (ShowCertificate) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632AD0)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632AD0)
[Address] EAT @explorer.exe (ShowSecurityInfo) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632AF0)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632C80)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD65577C)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD55FA10)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6558BC)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6559DC)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655A34)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655A80)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4DEC5C)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD558948)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD598A90)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD560A60)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655AD8)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD54C358)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655B30)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655B88)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655BE8)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655C40)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655C98)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655CF8)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD542E78)
[Address] EAT @explorer.exe (UrlZonesDetach) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD62D998)
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : PUP ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS +++++
--- User ---
[MBR] 1bac2b66cf575fa7a326ee62b1fdc6f2
[BSP] d3d18b1bdc44890c3cbdb5164238dbe8 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_04102014_203006.txt >>
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Mirdass [Práva správce]
Mód : Kontrola -- Datum : 04/10/2014 20:30:06
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{2BB98357-4495-C7B2-4A2A-72462C3D3314} : NameServer (93.153.117.1 93.153.117.33 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{2BB98357-4495-C7B2-4A2A-72462C3D3314} : NameServer (93.153.117.1 93.153.117.33 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS002\[...]\{2BB98357-4495-C7B2-4A2A-72462C3D3314} : NameServer (93.153.117.1 93.153.117.33 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 2 ¤¤¤
[FF][PUP] hqk4buvc.default : QipAuthorizer
[FF][PUP] hqk4buvc.default : ICQ Toolbar
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
[Address] EAT @explorer.exe (AppCacheCheckManifest) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD52D2BC)
[Address] EAT @explorer.exe (AppCacheCloseHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD52A1D8)
[Address] EAT @explorer.exe (AppCacheDeleteGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651BE0)
[Address] EAT @explorer.exe (AppCacheDeleteIEGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651C38)
[Address] EAT @explorer.exe (AppCacheDuplicateHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD52A2BC)
[Address] EAT @explorer.exe (AppCacheFinalize) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651C90)
[Address] EAT @explorer.exe (AppCacheFreeDownloadList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651CE8)
[Address] EAT @explorer.exe (AppCacheFreeGroupList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD595488)
[Address] EAT @explorer.exe (AppCacheFreeIESpace) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD558570)
[Address] EAT @explorer.exe (AppCacheFreeSpace) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651DCC)
[Address] EAT @explorer.exe (AppCacheGetDownloadList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651E24)
[Address] EAT @explorer.exe (AppCacheGetFallbackUrl) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651E7C)
[Address] EAT @explorer.exe (AppCacheGetGroupList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD595464)
[Address] EAT @explorer.exe (AppCacheGetIEGroupList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651ED4)
[Address] EAT @explorer.exe (AppCacheGetInfo) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD651F2C)
[Address] EAT @explorer.exe (AppCacheGetManifestUrl) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD52BB30)
[Address] EAT @explorer.exe (AppCacheLookup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5456B8)
[Address] EAT @explorer.exe (CommitUrlCacheEntryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD535F8C)
[Address] EAT @explorer.exe (CommitUrlCacheEntryBinaryBlob) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4EBF24)
[Address] EAT @explorer.exe (CommitUrlCacheEntryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F1F50)
[Address] EAT @explorer.exe (CreateMD5SSOHash) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD629180)
[Address] EAT @explorer.exe (CreateUrlCacheContainerA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD553808)
[Address] EAT @explorer.exe (CreateUrlCacheContainerW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5536B8)
[Address] EAT @explorer.exe (CreateUrlCacheEntryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD535CC0)
[Address] EAT @explorer.exe (CreateUrlCacheEntryExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD597200)
[Address] EAT @explorer.exe (CreateUrlCacheEntryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5971DC)
[Address] EAT @explorer.exe (CreateUrlCacheGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD652E4C)
[Address] EAT @explorer.exe (DeleteIE3Cache) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD657394)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD558BE0)
[Address] EAT @explorer.exe (DeleteUrlCacheContainerW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5494D0)
[Address] EAT @explorer.exe (DeleteUrlCacheEntry) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD55BD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD55BD40)
[Address] EAT @explorer.exe (DeleteUrlCacheEntryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD55A1B0)
[Address] EAT @explorer.exe (DeleteUrlCacheGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD652F4C)
[Address] EAT @explorer.exe (DeleteWpadCacheForNetworks) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD610270)
[Address] EAT @explorer.exe (DetectAutoProxyUrl) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD610694)
[Address] EAT @explorer.exe (DispatchAPICall) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D14E8)
[Address] EAT @explorer.exe (DllCanUnloadNow) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD54DC70)
[Address] EAT @explorer.exe (DllGetClassObject) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4E7470)
[Address] EAT @explorer.exe (DllInstall) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD58CD10)
[Address] EAT @explorer.exe (DllRegisterServer) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2E30)
[Address] EAT @explorer.exe (DllUnregisterServer) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2E64)
[Address] EAT @explorer.exe (FindCloseUrlCache) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D553C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F183C)
[Address] EAT @explorer.exe (FindFirstUrlCacheContainerW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4DE8C8)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD54C580)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D64A0)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4E89FC)
[Address] EAT @explorer.exe (FindFirstUrlCacheEntryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD552DE0)
[Address] EAT @explorer.exe (FindFirstUrlCacheGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD653044)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F1CA0)
[Address] EAT @explorer.exe (FindNextUrlCacheContainerW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4DEB5C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD54C704)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD65318C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD65335C)
[Address] EAT @explorer.exe (FindNextUrlCacheEntryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4E8680)
[Address] EAT @explorer.exe (FindNextUrlCacheGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD65352C)
[Address] EAT @explorer.exe (ForceNexusLookup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD629390)
[Address] EAT @explorer.exe (ForceNexusLookupExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6293E0)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD653648)
[Address] EAT @explorer.exe (FreeUrlCacheSpaceW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5578B8)
[Address] EAT @explorer.exe (FtpCommandA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FD968)
[Address] EAT @explorer.exe (FtpCommandW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601494)
[Address] EAT @explorer.exe (FtpCreateDirectoryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FDA4C)
[Address] EAT @explorer.exe (FtpCreateDirectoryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601630)
[Address] EAT @explorer.exe (FtpDeleteFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FDAEC)
[Address] EAT @explorer.exe (FtpDeleteFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601798)
[Address] EAT @explorer.exe (FtpFindFirstFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FDB8C)
[Address] EAT @explorer.exe (FtpFindFirstFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601900)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FDDF8)
[Address] EAT @explorer.exe (FtpGetCurrentDirectoryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601AD8)
[Address] EAT @explorer.exe (FtpGetFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FDEB8)
[Address] EAT @explorer.exe (FtpGetFileEx) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601C60)
[Address] EAT @explorer.exe (FtpGetFileSize) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FE0DC)
[Address] EAT @explorer.exe (FtpGetFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601DF4)
[Address] EAT @explorer.exe (FtpOpenFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FE36C)
[Address] EAT @explorer.exe (FtpOpenFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601EF8)
[Address] EAT @explorer.exe (FtpPutFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FE44C)
[Address] EAT @explorer.exe (FtpPutFileEx) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD601F88)
[Address] EAT @explorer.exe (FtpPutFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6020EC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FE7CC)
[Address] EAT @explorer.exe (FtpRemoveDirectoryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6021C0)
[Address] EAT @explorer.exe (FtpRenameFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FE86C)
[Address] EAT @explorer.exe (FtpRenameFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60231C)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5FE920)
[Address] EAT @explorer.exe (FtpSetCurrentDirectoryW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60253C)
[Address] EAT @explorer.exe (GetProxyDllInfo) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5E8D3C)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD653868)
[Address] EAT @explorer.exe (GetUrlCacheConfigInfoW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5573F4)
[Address] EAT @explorer.exe (GetUrlCacheEntryBinaryBlob) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD54B510)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD653B04)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD653CBC)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD53AB20)
[Address] EAT @explorer.exe (GetUrlCacheEntryInfoW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD539C80)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD653F04)
[Address] EAT @explorer.exe (GetUrlCacheGroupAttributeW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD65416C)
[Address] EAT @explorer.exe (GetUrlCacheHeaderData) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5036A0)
[Address] EAT @explorer.exe (GopherCreateLocatorA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherCreateLocatorW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherFindFirstFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherFindFirstFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherGetAttributeA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherGetAttributeW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherGetLocatorTypeW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherOpenFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (GopherOpenFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (HttpAddRequestHeadersA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4FC8C0)
[Address] EAT @explorer.exe (HttpAddRequestHeadersW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD502A20)
[Address] EAT @explorer.exe (HttpCheckDavCompliance) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD615078)
[Address] EAT @explorer.exe (HttpCloseDependencyHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD53BD00)
[Address] EAT @explorer.exe (HttpDuplicateDependencyHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD53BE60)
[Address] EAT @explorer.exe (HttpEndRequestA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5356C0)
[Address] EAT @explorer.exe (HttpEndRequestW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD615714)
[Address] EAT @explorer.exe (HttpGetServerCredentials) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD62D5FC)
[Address] EAT @explorer.exe (HttpGetTunnelSocket) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F7BD4)
[Address] EAT @explorer.exe (HttpOpenDependencyHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD546090)
[Address] EAT @explorer.exe (HttpOpenRequestA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD615D6C)
[Address] EAT @explorer.exe (HttpOpenRequestW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4FABE0)
[Address] EAT @explorer.exe (HttpPushClose) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F88B4)
[Address] EAT @explorer.exe (HttpPushEnable) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F8964)
[Address] EAT @explorer.exe (HttpPushWait) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F89BC)
[Address] EAT @explorer.exe (HttpQueryInfoA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4FF8B0)
[Address] EAT @explorer.exe (HttpQueryInfoW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD50F3A0)
[Address] EAT @explorer.exe (HttpSendRequestA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD592A14)
[Address] EAT @explorer.exe (HttpSendRequestExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD615814)
[Address] EAT @explorer.exe (HttpSendRequestExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5354A4)
[Address] EAT @explorer.exe (HttpSendRequestW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD50287C)
[Address] EAT @explorer.exe (HttpWebSocketClose) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD625E40)
[Address] EAT @explorer.exe (HttpWebSocketCompleteUpgrade) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6263CC)
[Address] EAT @explorer.exe (HttpWebSocketQueryCloseStatus) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD625F88)
[Address] EAT @explorer.exe (HttpWebSocketReceive) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD626878)
[Address] EAT @explorer.exe (HttpWebSocketSend) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD626DBC)
[Address] EAT @explorer.exe (HttpWebSocketShutdown) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD62707C)
[Address] EAT @explorer.exe (IncrementUrlCacheHeaderData) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5204A4)
[Address] EAT @explorer.exe (InternetAlgIdToStringA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632440)
[Address] EAT @explorer.exe (InternetAlgIdToStringW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632618)
[Address] EAT @explorer.exe (InternetAttemptConnect) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ECC48)
[Address] EAT @explorer.exe (InternetAutodial) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F1EF0)
[Address] EAT @explorer.exe (InternetAutodialCallback) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5E955C)
[Address] EAT @explorer.exe (InternetAutodialHangup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F1F88)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ECCB0)
[Address] EAT @explorer.exe (InternetCanonicalizeUrlW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EE0CC)
[Address] EAT @explorer.exe (InternetCheckConnectionA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ECDBC)
[Address] EAT @explorer.exe (InternetCheckConnectionW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EE1DC)
[Address] EAT @explorer.exe (InternetClearAllPerSiteCookieDecisions) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6167F8)
[Address] EAT @explorer.exe (InternetCloseHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F8400)
[Address] EAT @explorer.exe (InternetCombineUrlA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED288)
[Address] EAT @explorer.exe (InternetCombineUrlW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F4DA8)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossing) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6333E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6333E4)
[Address] EAT @explorer.exe (InternetConfirmZoneCrossingW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD58FA00)
[Address] EAT @explorer.exe (InternetConnectA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED3A0)
[Address] EAT @explorer.exe (InternetConnectW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD501460)
[Address] EAT @explorer.exe (InternetCrackUrlA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD51C300)
[Address] EAT @explorer.exe (InternetCrackUrlW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD551DD0)
[Address] EAT @explorer.exe (InternetCreateUrlA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED4CC)
[Address] EAT @explorer.exe (InternetCreateUrlW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F4880)
[Address] EAT @explorer.exe (InternetDial) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2018)
[Address] EAT @explorer.exe (InternetDialA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2018)
[Address] EAT @explorer.exe (InternetDialW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F20D0)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD616804)
[Address] EAT @explorer.exe (InternetEnumPerSiteCookieDecisionW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD61686C)
[Address] EAT @explorer.exe (InternetErrorDlg) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD63349C)
[Address] EAT @explorer.exe (InternetFindNextFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD600DF0)
[Address] EAT @explorer.exe (InternetFindNextFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD603160)
[Address] EAT @explorer.exe (InternetFortezzaCommand) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F8A14)
[Address] EAT @explorer.exe (InternetFreeCookies) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD531254)
[Address] EAT @explorer.exe (InternetFreeProxyInfoList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD563098)
[Address] EAT @explorer.exe (InternetGetCertByURL) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D21A8)
[Address] EAT @explorer.exe (InternetGetCertByURLA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D21A8)
[Address] EAT @explorer.exe (InternetGetConnectedState) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F3FF0)
[Address] EAT @explorer.exe (InternetGetConnectedStateEx) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5961B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5961B4)
[Address] EAT @explorer.exe (InternetGetConnectedStateExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5112A4)
[Address] EAT @explorer.exe (InternetGetCookieA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617B40)
[Address] EAT @explorer.exe (InternetGetCookieEx2) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD531224)
[Address] EAT @explorer.exe (InternetGetCookieExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617B64)
[Address] EAT @explorer.exe (InternetGetCookieExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD53126C)
[Address] EAT @explorer.exe (InternetGetCookieW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617E70)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED564)
[Address] EAT @explorer.exe (InternetGetLastResponseInfoW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EE2D0)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD616950)
[Address] EAT @explorer.exe (InternetGetPerSiteCookieDecisionW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6169A0)
[Address] EAT @explorer.exe (InternetGetProxyForUrl) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD562DE0)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURL) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED704)
[Address] EAT @explorer.exe (InternetGetSecurityInfoByURLW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EE48C)
[Address] EAT @explorer.exe (InternetGoOnline) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F217C)
[Address] EAT @explorer.exe (InternetGoOnlineA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F217C)
[Address] EAT @explorer.exe (InternetGoOnlineW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2220)
[Address] EAT @explorer.exe (InternetHangUp) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F22B8)
[Address] EAT @explorer.exe (InternetInitializeAutoProxyDll) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4EA100)
[Address] EAT @explorer.exe (InternetLockRequestFile) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD53B8D0)
[Address] EAT @explorer.exe (InternetOpenA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5146D0)
[Address] EAT @explorer.exe (InternetOpenUrlA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED81C)
[Address] EAT @explorer.exe (InternetOpenUrlW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EE590)
[Address] EAT @explorer.exe (InternetOpenW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD514540)
[Address] EAT @explorer.exe (InternetQueryDataAvailable) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F0660)
[Address] EAT @explorer.exe (InternetQueryFortezzaStatus) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F8A74)
[Address] EAT @explorer.exe (InternetQueryOptionA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F6F40)
[Address] EAT @explorer.exe (InternetQueryOptionW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F74F0)
[Address] EAT @explorer.exe (InternetReadFile) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5101F0)
[Address] EAT @explorer.exe (InternetReadFileExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD546D90)
[Address] EAT @explorer.exe (InternetReadFileExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD546D00)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6327F0)
[Address] EAT @explorer.exe (InternetSecurityProtocolToStringW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632960)
[Address] EAT @explorer.exe (InternetSetCookieA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617E90)
[Address] EAT @explorer.exe (InternetSetCookieEx2) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617EB8)
[Address] EAT @explorer.exe (InternetSetCookieExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617F18)
[Address] EAT @explorer.exe (InternetSetCookieExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD51BDA0)
[Address] EAT @explorer.exe (InternetSetCookieW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD617FBC)
[Address] EAT @explorer.exe (InternetSetDialState) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2338)
[Address] EAT @explorer.exe (InternetSetDialStateA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2338)
[Address] EAT @explorer.exe (InternetSetDialStateW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F2390)
[Address] EAT @explorer.exe (InternetSetFilePointer) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD59763C)
[Address] EAT @explorer.exe (InternetSetOptionA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F5EB0)
[Address] EAT @explorer.exe (InternetSetOptionExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EEBA4)
[Address] EAT @explorer.exe (InternetSetOptionExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EECA0)
[Address] EAT @explorer.exe (InternetSetOptionW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4F6370)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD616A38)
[Address] EAT @explorer.exe (InternetSetPerSiteCookieDecisionW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD616AD0)
[Address] EAT @explorer.exe (InternetSetStatusCallback) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5164B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5164B0)
[Address] EAT @explorer.exe (InternetSetStatusCallbackW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD55B9BC)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURL) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5ED8B0)
[Address] EAT @explorer.exe (InternetShowSecurityInfoByURLW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5EE73C)
[Address] EAT @explorer.exe (InternetTimeFromSystemTime) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD547860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD547860)
[Address] EAT @explorer.exe (InternetTimeFromSystemTimeW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5AD9A8)
[Address] EAT @explorer.exe (InternetTimeToSystemTime) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD593590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD593590)
[Address] EAT @explorer.exe (InternetTimeToSystemTimeW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5934C0)
[Address] EAT @explorer.exe (InternetUnlockRequestFile) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD53B644)
[Address] EAT @explorer.exe (InternetWriteFile) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD535760)
[Address] EAT @explorer.exe (InternetWriteFileExA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (InternetWriteFileExW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (IsHostInProxyBypassList) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD519E94)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6543A0)
[Address] EAT @explorer.exe (IsUrlCacheEntryExpiredW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5973E4)
[Address] EAT @explorer.exe (LoadUrlCacheContent) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD60A424)
[Address] EAT @explorer.exe (ParseX509EncodedCertificateForListBoxEntry) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632AD0)
[Address] EAT @explorer.exe (PrivacyGetZonePreferenceW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD51D40C)
[Address] EAT @explorer.exe (PrivacySetZonePreferenceW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD58CF94)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStream) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5346E4)
[Address] EAT @explorer.exe (ReadUrlCacheEntryStreamEx) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6544F0)
[Address] EAT @explorer.exe (RegisterUrlCacheNotification) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D2A20)
[Address] EAT @explorer.exe (ResumeSuspendedDownload) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5F13F8)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD654600)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6547DC)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6549B4)
[Address] EAT @explorer.exe (RetrieveUrlCacheEntryStreamW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD595FD0)
[Address] EAT @explorer.exe (RunOnceUrlCache) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4D21A8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD654BB8)
[Address] EAT @explorer.exe (SetUrlCacheConfigInfoW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD654CEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroup) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD654DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD654DEC)
[Address] EAT @explorer.exe (SetUrlCacheEntryGroupW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD5189B0)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD528EE8)
[Address] EAT @explorer.exe (SetUrlCacheEntryInfoW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD654FB8)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655174)
[Address] EAT @explorer.exe (SetUrlCacheGroupAttributeW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655364)
[Address] EAT @explorer.exe (SetUrlCacheHeaderData) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655524)
[Address] EAT @explorer.exe (ShowCertificate) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632AD0)
[Address] EAT @explorer.exe (ShowClientAuthCerts) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632AD0)
[Address] EAT @explorer.exe (ShowSecurityInfo) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632AF0)
[Address] EAT @explorer.exe (ShowX509EncodedCertificate) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD632C80)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFile) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileA) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655644)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryFileW) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD65577C)
[Address] EAT @explorer.exe (UnlockUrlCacheEntryStream) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD55FA10)
[Address] EAT @explorer.exe (UpdateUrlCacheContentPath) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6558BC)
[Address] EAT @explorer.exe (UrlCacheCheckEntriesExist) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD6559DC)
[Address] EAT @explorer.exe (UrlCacheCloseEntryHandle) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655A34)
[Address] EAT @explorer.exe (UrlCacheContainerSetEntryMaximumAge) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655A80)
[Address] EAT @explorer.exe (UrlCacheCreateContainer) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD4DEC5C)
[Address] EAT @explorer.exe (UrlCacheFindFirstEntry) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD558948)
[Address] EAT @explorer.exe (UrlCacheFindNextEntry) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD598A90)
[Address] EAT @explorer.exe (UrlCacheFreeEntryInfo) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD560A60)
[Address] EAT @explorer.exe (UrlCacheGetContentPaths) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655AD8)
[Address] EAT @explorer.exe (UrlCacheGetEntryInfo) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD54C358)
[Address] EAT @explorer.exe (UrlCacheGetGlobalLimit) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655B30)
[Address] EAT @explorer.exe (UrlCacheReadEntryStream) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655B88)
[Address] EAT @explorer.exe (UrlCacheReloadSettings) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655BE8)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryFile) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655C40)
[Address] EAT @explorer.exe (UrlCacheRetrieveEntryStream) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655C98)
[Address] EAT @explorer.exe (UrlCacheSetGlobalLimit) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD655CF8)
[Address] EAT @explorer.exe (UrlCacheUpdateEntryExtraData) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD542E78)
[Address] EAT @explorer.exe (UrlZonesDetach) : NSI.dll -> HOOKED (C:\Windows\system32\WININET.dll @ 0xFD62D998)
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : PUP ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS +++++
--- User ---
[MBR] 1bac2b66cf575fa7a326ee62b1fdc6f2
[BSP] d3d18b1bdc44890c3cbdb5164238dbe8 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_04102014_203006.txt >>
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Zpomalení počítače při práci na internetu
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 65 hostů