VIRY.CZ

Dobrý den,
prosím o pomoc s odstraněním malware.
Přikládám log FRST.

Děkuji za pomoc

valf


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-01-2014 01
Ran by owner (administrator) on ZAKAZNIK on 13-01-2014 10:39:39
Running from C:\Documents and Settings\owner\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\winzipersvc.exe
(Cherished Technololgy LIMITED) C:\Documents and Settings\All Users\Data aplikací\WPM\wprotectmanager.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Logitech Inc.) C:\WINDOWS\system32\LVCOMSX.EXE
(Logitech Inc.) C:\Program Files\Logitech\Video\LogiTray.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciTrayApp.exe
(MyHeritage) C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Václav Šimandl) C:\Program Files\Diar 5\diar.exe
(Rainy) C:\Program Files\Rainlendar\Rainlendar.exe
(Tošovský Jan) C:\Program Files\Noční obloha\vesmir.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Logitech Inc.) C:\Program Files\Logitech\Video\FxSvr2.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\owner\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [16116224 2007-01-30] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] - C:\Windows\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\Windows\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [LVCOMSX] - C:\WINDOWS\system32\LVCOMSX.EXE [221184 2005-07-19] (Logitech Inc.)
HKLM\...\Run: [LogitechVideoRepair] - C:\Program Files\Logitech\Video\ISStart.exe [458752 2005-06-08] (Logitech Inc.)
HKLM\...\Run: [LogitechVideoTray] - C:\Program Files\Logitech\Video\LogiTray.exe [217088 2005-06-08] (Logitech Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [TO2SSM_McciTrayApp] - C:\Program Files\TO2SSM\McciTrayApp.exe [1473536 2008-08-15] (Motive Communications, Inc.)
HKLM\...\Run: [Family Tree Builder Update] - C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2532864 2013-11-12] (MyHeritage)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [REGSHAVE] - C:\Program Files\REGSHAVE\REGSHAVE.EXE [53248 2002-02-04] (FUJI PHOTO FILM CO., LTD.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] - C:\program files\real\realplayer\update\realsched.exe [295512 2013-06-19] (RealNetworks, Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [1838592 2013-09-05] (Google)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-07] (AVAST Software)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKCU\...\Run: [LogitechSoftwareUpdate] - C:\Program Files\Logitech\Video\ManifestEngine.exe [196608 2005-06-08] (Logitech Inc.)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Documents and Settings\owner\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Documents and Settings\owner\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKCU\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe
AppInit_DLLs: C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [145408 2013-09-05] (Google)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AVerQuick.lnk
ShortcutTarget: AVerQuick.lnk -> C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe ()
Startup: C:\Documents and Settings\owner\Nabídka Start\Programy\Po spuštění\Diář.lnk
ShortcutTarget: Diář.lnk -> C:\Program Files\Diar 5\diar.exe (Václav Šimandl)
Startup: C:\Documents and Settings\owner\Nabídka Start\Programy\Po spuštění\Mozilla Firefox (2).lnk
ShortcutTarget: Mozilla Firefox (2).lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Startup: C:\Documents and Settings\owner\Nabídka Start\Programy\Po spuštění\Rainlendar.lnk
ShortcutTarget: Rainlendar.lnk -> C:\Program Files\Rainlendar\Rainlendar.exe (Rainy)
Startup: C:\Documents and Settings\owner\Nabídka Start\Programy\Po spuštění\Vesmír na dlani.lnk
ShortcutTarget: Vesmír na dlani.lnk -> C:\Program Files\Noční obloha\vesmir.exe (Tošovský Jan)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1380214342
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1380214342
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1380214342
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=cs
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80093
URLSearchHook: HKCU - (No Name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No File
URLSearchHook: HKCU - (No Name) - {7757CBCC-0975-4b79-A519-90B142CA3A23} - No File
URLSearchHook: HKCU - MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll ()
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377941230
SearchScopes: HKLM - {099EF85B-3260-4b87-9239-33355EE6A548} URL = http://results.myway.com/GGmain.jhtml?i ... earchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1377941233
SearchScopes: HKLM - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {099EF85B-3260-4b87-9239-33355EE6A548} URL = http://results.myway.com/GGmain.jhtml?i ... earchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://mixidj.delta-search.com/?q={sear ... 5&tsp=4991
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... 1C4F1C20F5
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.com/search/dispatche ... tbid=60040
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
SearchScopes: HKCU - {5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} URL = http://search.alot.com/web?q={searchTer ... .5.18000.3
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {74D88BB3-30D7-4813-8326-84686CAC6826} URL = http://websearch.ask.com/redirect?clien ... 1C4F1C20F5
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2475029
SearchScopes: HKCU - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox.com/search/dispatc ... 093&lng=cs
SearchScopes: HKCU - {D482BCAD-A777-451A-BB0C-46A0A8A9E5FD} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: Video Player - {19e6b0ed-4856-4cb2-8756-f72ecb172b34} - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta4\ie\VideoPlayerV3beta4.dll ()
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: AccelerateTab - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)
BHO: Webexp Enhanced - {73d78f1b-734b-4529-88b2-d0b546c7e124} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha801\ie\WebexpEnhancedV1alpha801.dll ()
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - No File
Toolbar: HKLM - &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll (Seznam.cz a.s.)
Toolbar: HKLM - No Name - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File
Toolbar: HKLM - No Name - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
Toolbar: HKLM - &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\System32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKCU - &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll (Seznam.cz a.s.)
Toolbar: HKCU - &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
Toolbar: HKCU - No Name - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File
Toolbar: HKCU - No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKCU - No Name - {EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} http://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546
FF user.js: detected! => C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\user.js
FF SearchEngineOrder.1: Google
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @IObitBar.com/Plugin - C:\Program Files\IObitBar\toolbar\1.bin\NPi0Stub.dll No File
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.2.32 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.1 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\owner\Data aplikací\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\owner\Data aplikací\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF SearchPlugin: C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\searchplugins\ask-search.xml
FF SearchPlugin: C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\searchplugins\babylon.xml
FF SearchPlugin: C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\searchplugins\filmova-databaze-fdbcz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: AD Block - C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\Extensions\searchads@instair.net [2013-11-15]
FF Extension: AccelerateTab - C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\Extensions\speeddial@instair.net [2013-11-09]
FF Extension: Lišta Centrum.cz - C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\Extensions\toolbar@centrumholdings.com [2013-11-07]
FF Extension: Seznam lištička - C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-09-11]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\iobit@mybrowserbar.com [2013-12-11]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\wtxpcom@mybrowserbar.com [2013-12-11]
FF Extension: ICQ Toolbar - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2013-12-11]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-11]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-11]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} [2013-12-11]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [i0ffxtbr@IObitBar.com] - C:\Program Files\IObitBar\toolbar\1.bin
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-09-26]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-06-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-14]
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files\BetterSurf\ff
FF Extension: BetterSurf - C:\Program Files\BetterSurf\ff [2013-11-14]
FF HKLM\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files\Better-Surf\ff
FF Extension: Better-Surf - C:\Program Files\Better-Surf\ff [2013-11-26]
FF HKLM\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files\BetterSurf\BetterSurfPlus\ff
FF Extension: Better Surf Plus - C:\Program Files\BetterSurf\BetterSurfPlus\ff [2013-12-10]
FF HKLM\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha801.net] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha801\ff
FF Extension: Webexp Enhanced - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha801\ff [2013-12-20]
FF HKLM\...\Firefox\Extensions: [ext@VideoPlayerV3beta4.net] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta4\ff
FF Extension: Video Player - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta4\ff [2014-01-10]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-07] (AVAST Software)
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [1838592 2013-09-05] (Google)
S2 HidServ; C:\Windows\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S2 SecureUpdateSvc; C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe [2473296 2013-10-30] ()
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [424104 2013-09-03] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 Wpm; C:\Documents and Settings\All Users\Data aplikací\WPM\wprotectmanager.exe [499856 2014-01-02] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2006-06-18] (Advanced Micro Devices)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-01-07] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-01-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-05] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-01-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2014-01-07] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-01-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-07] ()
R3 AVerBDA3x; C:\Windows\System32\DRIVERS\AVerBDA3x.sys [1171456 2006-12-14] (AVerMedia TECHNOLOGIES, Inc.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 gdrv; C:\WINDOWS\gdrv.sys [14656 2007-08-17] (Windows (R) Codename Longhorn DDK provider)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
R3 LVUSBSta; C:\Windows\System32\drivers\lvusbsta.sys [22016 2005-05-27] (Logitech Inc.)
R2 MASPINT; C:\Windows\System32\Drivers\MASPINT.sys [8096 2000-03-29] (MicroStaff Co.,Ltd.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA))
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R0 nvata; C:\Windows\System32\DRIVERS\nvata.sys [105472 2006-10-18] (NVIDIA Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [58368 2006-11-27] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [19968 2006-11-27] (NVIDIA Corporation)
R2 PfFilter; C:\Program Files\IObit\Protected Folder\pffilter.sys [140848 2011-03-16] (IObit Information Technology)
R3 QCMerced; C:\Windows\System32\DRIVERS\LVCM.sys [1317152 2005-05-27] ()
R0 speedfan; C:\Windows\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider)
S3 cpuz134; \??\C:\DOCUME~1\owner\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [x]
S4 InCDFs; system32\drivers\InCDFs.sys [x]
S1 InCDPass; system32\drivers\InCDPass.sys [x]
S1 InCDRm; system32\drivers\InCDRm.sys [x]
S4 IntelIde; No ImagePath
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [x]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [x]
U5 P3; C:\Windows\System32\Drivers\P3.sys [46592 2008-04-14] (Microsoft Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-13 10:39 - 2014-01-13 10:39 - 00030736 _____ C:\Documents and Settings\owner\Plocha\FRST.txt
2014-01-13 10:38 - 2014-01-13 10:38 - 00000000 ____D C:\FRST
2014-01-13 10:37 - 2014-01-13 10:13 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\owner\Plocha\FRSTLauncher.exe
2014-01-13 10:28 - 2014-01-13 09:54 - 01219584 _____ (Farbar) C:\Documents and Settings\owner\Plocha\FRST.exe
2014-01-11 17:54 - 2014-01-11 17:57 - 00000000 ____D C:\rsit
2014-01-11 17:54 - 2014-01-11 17:54 - 00000000 ____D C:\Program Files\trend micro
2014-01-10 07:44 - 2014-01-10 07:44 - 00000000 ____D C:\Program Files\VideoPlayerV3
2014-01-07 09:17 - 2014-01-07 09:17 - 00000000 ____D C:\WINDOWS\system32\log
2014-01-07 09:17 - 2014-01-07 09:17 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\WPM
2014-01-07 08:11 - 2014-01-07 08:11 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Google+ Auto Backup
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\WINDOWS\system32\GPhotos.scr
2014-01-06 13:23 - 2014-01-13 08:00 - 00000278 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-823518204-1417001333-725345543-1003.job
2013-12-28 19:46 - 2013-12-28 19:46 - 00000000 ____D C:\Documents and Settings\NetworkService\Data aplikací\AVG
2013-12-27 19:46 - 2013-12-27 19:46 - 00000000 ____D C:\Documents and Settings\owner\Local Settings\Data aplikací\Avg2014
2013-12-27 19:23 - 2013-12-27 19:23 - 00000000 ____D C:\Documents and Settings\owner\Data aplikací\AVG
2013-12-27 19:19 - 2013-12-27 19:24 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG
2013-12-27 19:19 - 2013-12-27 19:19 - 00000000 __SHD C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-12-20 18:37 - 2013-12-20 18:37 - 00000000 ____D C:\Program Files\WebexpEnhancedV1
2013-12-16 13:14 - 2013-12-16 13:14 - 00001915 _____ C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
2013-12-16 13:14 - 2013-12-16 13:14 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Earth

==================== One Month Modified Files and Folders =======

2014-01-13 10:39 - 2014-01-13 10:39 - 00030736 _____ C:\Documents and Settings\owner\Plocha\FRST.txt
2014-01-13 10:39 - 2009-06-14 18:21 - 00000466 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{E979B337-9A3F-438E-87C7-6198BD462FFC}.job
2014-01-13 10:39 - 2007-08-17 21:59 - 00000000 ____D C:\Documents and Settings\owner\Plocha
2014-01-13 10:38 - 2014-01-13 10:38 - 00000000 ____D C:\FRST
2014-01-13 10:38 - 2007-08-17 16:47 - 00000000 ____D C:\Documents and Settings\owner\Data aplikací\Skype
2014-01-13 10:37 - 2007-08-17 21:59 - 00000000 ___HD C:\Documents and Settings\owner\Local Settings\Data aplikací
2014-01-13 10:28 - 2007-08-28 18:51 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2014-01-13 10:13 - 2014-01-13 10:37 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\owner\Plocha\FRSTLauncher.exe
2014-01-13 10:13 - 2010-02-09 21:28 - 00000000 ____D C:\Documents and Settings\owner\Dokumenty\Stažené soubory
2014-01-13 10:10 - 2010-02-13 08:54 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-13 09:54 - 2014-01-13 10:28 - 01219584 _____ (Farbar) C:\Documents and Settings\owner\Plocha\FRST.exe
2014-01-13 09:42 - 2012-03-29 15:55 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-13 08:39 - 2013-07-23 07:05 - 00032468 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-13 08:36 - 2013-08-31 10:22 - 00000390 _____ C:\WINDOWS\Tasks\AmiUpdXp.job
2014-01-13 08:11 - 2007-08-17 22:20 - 01196556 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-13 08:05 - 2013-08-31 10:23 - 00000000 ____D C:\Documents and Settings\owner\Data aplikací\Seznam.cz
2014-01-13 08:00 - 2014-01-06 13:23 - 00000278 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-823518204-1417001333-725345543-1003.job
2014-01-13 08:00 - 2013-05-14 08:27 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-13 08:00 - 2012-12-23 11:32 - 00000286 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-823518204-1417001333-725345543-1003.job
2014-01-13 07:59 - 2013-07-23 07:06 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-13 07:59 - 2013-07-23 07:06 - 00000049 _____ C:\WINDOWS\wiaservc.log
2014-01-13 07:59 - 2010-03-18 08:30 - 00000278 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-823518204-1417001333-725345543-1003.job
2014-01-13 07:59 - 2010-02-13 08:54 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-13 07:58 - 2013-06-07 19:14 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-01-13 07:58 - 2013-06-03 12:50 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-01-13 07:58 - 2007-08-17 21:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-12 22:59 - 2007-08-17 21:59 - 00000272 ___SH C:\Documents and Settings\owner\ntuser.ini
2014-01-12 22:58 - 2007-08-17 21:59 - 00000000 ____D C:\Documents and Settings\owner
2014-01-11 17:57 - 2014-01-11 17:54 - 00000000 ____D C:\rsit
2014-01-11 17:54 - 2014-01-11 17:54 - 00000000 ____D C:\Program Files\trend micro
2014-01-11 08:21 - 2013-04-03 19:44 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2014-01-11 08:19 - 2007-08-17 16:47 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype
2014-01-11 07:55 - 2001-10-25 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-10 21:12 - 2007-08-17 18:15 - 00000000 ____D C:\Documents and Settings\owner\Local Settings\Data aplikací\Thunderbird
2014-01-10 07:44 - 2014-01-10 07:44 - 00000000 ____D C:\Program Files\VideoPlayerV3
2014-01-08 11:08 - 2010-03-18 08:30 - 00000286 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-823518204-1417001333-725345543-1003.job
2014-01-07 15:49 - 2013-05-14 08:27 - 00001733 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2014-01-07 15:48 - 2013-05-14 08:27 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-07 15:48 - 2013-05-14 08:27 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-07 15:48 - 2013-05-14 08:27 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-07 15:48 - 2013-05-14 08:27 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-07 15:48 - 2013-05-14 08:27 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-01-07 15:48 - 2013-05-14 08:27 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-01-07 15:48 - 2013-05-14 08:26 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-07 15:48 - 2007-11-26 08:55 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-07 13:28 - 2008-01-14 17:16 - 00000000 ____D C:\INSTALL
2014-01-07 09:17 - 2014-01-07 09:17 - 00000000 ____D C:\WINDOWS\system32\log
2014-01-07 09:17 - 2014-01-07 09:17 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\WPM
2014-01-07 09:17 - 2013-08-31 10:28 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\eSafe
2014-01-07 09:17 - 2007-08-17 23:50 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2014-01-07 09:14 - 2007-08-17 21:59 - 00000000 ___RD C:\Documents and Settings\owner\Nabídka Start\Programy\Po spuštění
2014-01-07 08:11 - 2014-01-07 08:11 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Google+ Auto Backup
2014-01-07 08:11 - 2007-08-28 17:10 - 00000000 ____D C:\Program Files\Google
2014-01-07 08:11 - 2007-08-17 23:50 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-01-06 23:25 - 2007-08-17 23:46 - 00000000 ____D C:\WINDOWS\Help
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\WINDOWS\system32\GPhotos.scr
2013-12-29 22:29 - 2013-03-27 21:01 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2013-12-29 08:12 - 2007-08-17 23:50 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-12-28 19:46 - 2013-12-28 19:46 - 00000000 ____D C:\Documents and Settings\NetworkService\Data aplikací\AVG
2013-12-28 19:46 - 2007-08-17 21:59 - 00000000 ____D C:\Documents and Settings\NetworkService\Data aplikací
2013-12-27 19:46 - 2013-12-27 19:46 - 00000000 ____D C:\Documents and Settings\owner\Local Settings\Data aplikací\Avg2014
2013-12-27 19:24 - 2013-12-27 19:19 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG
2013-12-27 19:23 - 2013-12-27 19:23 - 00000000 ____D C:\Documents and Settings\owner\Data aplikací\AVG
2013-12-27 19:23 - 2007-08-17 21:59 - 00000000 __RHD C:\Documents and Settings\owner\Data aplikací
2013-12-27 19:19 - 2013-12-27 19:19 - 00000000 __SHD C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-12-27 19:17 - 2010-12-06 18:46 - 00000862 _____ C:\Documents and Settings\All Users\Plocha\GOM Player.lnk
2013-12-27 19:17 - 2010-06-01 06:39 - 00000862 _____ C:\Documents and Settings\owner\Nabídka Start\GOM Player.lnk
2013-12-27 19:16 - 2013-03-27 20:57 - 00000000 ____D C:\Documents and Settings\owner\Data aplikací\OpenCandy
2013-12-25 22:15 - 2010-11-16 22:27 - 00000838 _____ C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2013-12-24 16:33 - 2007-08-17 21:59 - 00000000 ___RD C:\Documents and Settings\owner\Dokumenty
2013-12-20 18:38 - 2013-03-07 12:18 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-12-20 18:37 - 2013-12-20 18:37 - 00000000 ____D C:\Program Files\WebexpEnhancedV1
2013-12-20 12:02 - 2008-04-24 17:40 - 00000774 _____ C:\Documents and Settings\owner\Plocha\MyHeritage Family Tree Builder.lnk
2013-12-18 13:12 - 2013-05-14 05:54 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Drive
2013-12-16 13:14 - 2013-12-16 13:14 - 00001915 _____ C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
2013-12-16 13:14 - 2013-12-16 13:14 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Earth

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2002-09-20 17:05] - [2008-04-14 04:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2002-09-20 17:05] - [2008-04-14 04:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2001-10-25 13:00] - [2008-04-14 04:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2001-10-25 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2002-09-20 17:04] - [2008-04-14 04:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2002-09-20 17:05] - [2008-04-14 04:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2001-10-25 13:00] - [2008-04-14 03:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Documents and Settings\owner\Data aplikací\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\WINDOWS\TEMP\{8BD110E1-DF66-44BE-B7AA-8CBF2F202D83}.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{5AB13F25-67BF-4035-BABC-9FFB51B20D43}.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-823518204-1417001333-725345543-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-823518204-1417001333-725345543-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-823518204-1417001333-725345543-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-823518204-1417001333-725345543-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{E979B337-9A3F-438E-87C7-6198BD462FFC}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:73B1147D

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\owner\Plocha" je 221 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\ICQ7.6\\ICQ.exe"="C:\\Program Files\\ICQ7.6\\ICQ.exe:*:Enabled:ICQ7.6"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\ICQ6.5\\ICQ.exe"="C:\\Program Files\\ICQ6.5\\ICQ.exe:*:Enabled:ICQ6"
"C:\\Documents and Settings\\owner\\Local Settings\\Data aplikac\\Google\\Google Talk Plugin\\googletalkplugin.dll"="C:\\Documents and Settings\\owner\\Local Settings\\Data aplikac\\Google\\Google Talk Plugin\\googletalkplugin.dll:*:Enabled:Google Talk Plugin"
"C:\\Documents and Settings\\owner\\Local Settings\\Data aplikac\\Google\\Google Talk Plugin\\googletalkplugin.exe"="C:\\Documents and Settings\\owner\\Local Settings\\Data aplikac\\Google\\Google Talk Plugin\\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\\Documents and Settings\\owner\\Data aplikac\\uTorrent\\utorrent.exe"="C:\\Documents and Settings\\owner\\Data aplikac\\uTorrent\\utorrent.exe:*:Enabled:uTorrent"
"C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"="C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe:*:Enabled:Google Earth"
"C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"="C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe:*:Enabled:Google Earth"
"C:\\Program Files\\ICQ7.6\\ICQ.exe"="C:\\Program Files\\ICQ7.6\\ICQ.exe:*:Enabled:ICQ7.6"
"C:\\Documents and Settings\\All Users\\Data aplikac\\eSafe\\eGdpSvc.exe"="C:\\Documents and Settings\\All Users\\Data aplikac\\eSafe\\eGdpSvc.exe:*:Enabled:WsysSvc"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP"="5985:TCP:*:Disabled:Vzdlen sprva systmu Windows "
"80:TCP"="80:TCP:*:Disabled:Vzdlen sprva systmu Windows - reim kompatibility (HTTP-In) "


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Jedna se o domaci PC nebo nejake pracovni\firemni??

Nebo to mate jako nejaky servisek??

Dobrý den,
jsem jen poučený laik a pokud to bude možné, tak ke mně tak i přistupujte, dopředu říkám, že to nebude žádná procházka růžovým sadem, spoléhám na na Vaši trpělivost. Jedná se o domácí PC.
valf

vyosek píše: Jedna se o domaci PC nebo nejake pracovni\firemni??

Toto je co prosim Ran by owner (administrator) on ZAKAZNIK on 13-01-2014 10:39:39

Jedná se o domácí PC

vyosek píše: Toto je co prosim Ran by owner (administrator) on ZAKAZNIK on 13-01-2014 10:39:39

omlouvám se, ale až kamarád mně teď přes Skype upozornil, že se ptáte na to run by owner, já jsem asi před 7 lety koupil PC s tímto systémem a jak jsem psal výše, moc o tom nevím a už patřím mezi 70+

Fajn, dekuji za vysvetleni

Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Spustte tradicne dvouklikem
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

tak to nevím jak to všechno zvládnu,musím si někam poznamenat ty adresy, když mám všechno zavřít, tak to nebudu mít odkud otevřít
asi pro jistotu počkám na zítra na Skype kamaráda a s jeho pomocí to snad dám dohromady, zatím děkuju a zítra snad uspěju

VSe nejdrive postahujte na plochu, pak vse pozavirejte a postupne spoustejte

tak jak to zkusím

Zitra budu online rano a pak od obeda defakto porad

Dobrý večer,

tak jsem to nějak postahoval, snad jsem to moc nepokazil, jsem na takovémhle fóru poprvé, omlouvám se za nemotornost,
děkuju za trpělivost
valf

sc-cleaner.txt

Shortcut Cleaner 1.2.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Microsoft Windows XP Service Pack 3
Program started at: 01/13/2014 09:54:13 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Documents and Settings\owner\Nabídka Start\

* Shortcut Cleaned: C:\Documents and Settings\owner\Nabídka Start\Programy\Příslušenství\Systémové nástroje\Internet Explorer (bez doplňků).lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377941230

Searching C:\Documents and Settings\All Users\Nabídka Start\

* Shortcut Cleaned: C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377941230

* Shortcut Cleaned: C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk => C:\Program Files\Mozilla Firefox\firefox.exe http://www.delta-homes.com/?utm_source= ... 1380214342

Searching C:\Documents and Settings\owner\Data aplikací\Microsoft\Internet Explorer\Quick Launch\

* Shortcut Cleaned: C:\Documents and Settings\owner\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377941230

* Shortcut Cleaned: C:\Documents and Settings\owner\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => C:\Program Files\Mozilla Firefox\firefox.exe http://www.delta-homes.com/?utm_source= ... 1380214342

* Shortcut Cleaned: C:\Documents and Settings\owner\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Spustit prohlížeč Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377941230

Searching C:\Documents and Settings\All Users\Plocha\

* Shortcut Cleaned: C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1377941230

Searching C:\Documents and Settings\owner\Plocha


7 bad shortcuts found.

Program finished at: 01/13/2014 09:54:30 PM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)



JRT.exe

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by owner on po 13.01.2014 at 22:16:26,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C430996F-4AA8-4AA8-81DE-F54432CD5786}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&search
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\translate this web page with babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\translate with babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\qvo6software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imside1egate.application.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2475029
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{099EF85B-3260-4b87-9239-33355EE6A548}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{74D88BB3-30D7-4813-8326-84686CAC6826}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{099EF85B-3260-4b87-9239-33355EE6A548}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files

Successfully deleted: [File] C:\WINDOWS\Tasks\amiupdxp.job
Successfully deleted: [File] "C:\WINDOWS\system32\conduitengine.tmp"
Successfully deleted: [File] "C:\WINDOWS\system32\roboot.exe"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\owner\Data aplikacˇ\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\owner\Data aplikacˇ\desk 365"
Successfully deleted: [Folder] "C:\Documents and Settings\owner\Data aplikacˇ\opencandy"
Successfully deleted: [Folder] "C:\Documents and Settings\owner\Data aplikacˇ\pricegong"
Successfully deleted: [Folder] "C:\Documents and Settings\owner\Data aplikacˇ\swvupdater"
Successfully deleted: [Folder] "C:\Documents and Settings\owner\Data aplikacˇ\systweak"
Successfully deleted: [Folder] "C:\Program Files\babylon"
Successfully deleted: [Folder] "C:\Program Files\bettersurf"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\desk 365"
Successfully deleted: [Folder] "C:\Program Files\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files\icqtoolbar"
Successfully deleted: [Folder] "C:\Program Files\myashampoo"
Successfully deleted: [Folder] "C:\Program Files\secure speed dial"
Successfully deleted: [Folder] "C:\Program Files\Common Files\spigot"



~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\qvo6.xml"
Successfully deleted: [File] C:\Documents and Settings\owner\Data aplikacˇ\mozilla\firefox\profiles\ihpvjar7.default-1369290633546\user.js
Successfully deleted: [File] C:\Documents and Settings\owner\Data aplikacˇ\mozilla\firefox\profiles\ihpvjar7.default-1369290633546\searchplugins\babylon.xml
Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\iobit@mybrowserbar.com"
Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\wtxpcom@mybrowserbar.com"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 13.01.2014 at 22:22:29,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


AdwCleaner.......txt

# AdwCleaner v3.017 - Report created 13/01/2014 at 22:28:08
# Updated 12/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : owner - ZAKAZNIK
# Running from : C:\Documents and Settings\owner\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : winzipersvc
Service Found : Wpm

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\searchplugins\ask-search.xml
File Found : C:\Documents and Settings\owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\delta-homes.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\qvo6.xml
Folder Found : C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\Extensions\speeddial@instair.net
Folder Found : C:\Documents and Settings\owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Found : C:\Documents and Settings\owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Found : C:\Documents and Settings\owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Folder Found : C:\Documents and Settings\owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Found : C:\Documents and Settings\owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Found : C:\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Found C:\Documents and Settings\All Users\Data aplikací\apn
Folder Found C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Found C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Found C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
Folder Found C:\Documents and Settings\All Users\Data aplikací\eSafe
Folder Found C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Found C:\Documents and Settings\All Users\Data aplikací\WPM
Folder Found C:\Documents and Settings\All Users\Nabídka Start\Programy\WinZipper
Folder Found C:\Documents and Settings\owner\Data aplikací\Uniblue\DriverScanner
Folder Found C:\Documents and Settings\owner\Data aplikací\WinZipper
Folder Found C:\Documents and Settings\owner\Local Settings\Data aplikací\Conduit
Folder Found C:\Documents and Settings\owner\Local Settings\Data aplikací\ConduitEngine
Folder Found C:\Documents and Settings\owner\Local Settings\Data aplikací\MyAshampoo
Folder Found C:\Program Files\Better-Surf
Folder Found C:\Program Files\Common Files\337
Folder Found C:\Program Files\WinZipper

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command [(Default)] - "C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1380448191
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1377941230
Key Found : HKCU\Software\ICQToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Found : HKCU\Software\MyAshampoo
Key Found : HKCU\Software\MyAshampoo\toolbar
Key Found : HKCU\Software\V9
Key Found : HKCU\Toolbar
Key Found : HKLM\Software\BetterSurf
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Found : HKLM\Software\delta-homesSoftware
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Found : HKLM\Software\hdcode
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF577F14-EB90-48B4-9DC5-7FC36BAF5C2A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E979BCEC-881A-425E-B51D-7BEC23494B4E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyAshampoo Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\winzipper
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WsysControl
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2394E527-F7F7-4585-AC5B-6811B91043A9}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Found : HKLM\Software\MyAshampoo
Key Found : HKLM\Software\MyAshampoo\toolbar
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\supWPM
Key Found : HKLM\Software\Uniblue
Key Found : HKLM\Software\Uniblue\DriverScanner
Key Found : HKLM\Software\V9
Key Found : HKLM\Software\winzipersvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Found : HKCU\Software\Microsoft\Internet Explorer\Extensions\CmdMapping [{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant] - hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80093&tmpl=11&lng=cs
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch] - hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80093
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=ds&from=amt&uid=ST3250620A_5QE21JFLXXXX5QE21JFL&ts=1377941233
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=ds&from=amt&uid=ST3250620A_5QE21JFLXXXX5QE21JFL&ts=1377941233

-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\prefs.js ]


*************************

AdwCleaner[R0].txt - [12716 octets] - [13/01/2014 22:28:08]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12777 octets] ##########



# AdwCleaner v3.017 - Report created 13/01/2014 at 22:30:21
# Updated 12/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : owner - ZAKAZNIK
# Running from : C:\Documents and Settings\owner\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : winzipersvc
[#] Service Deleted : Wpm

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\eSafe
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\WPM
Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\WinZipper
Folder Deleted : C:\Program Files\Better-Surf
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\Common Files\337
Folder Deleted : C:\Documents and Settings\owner\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\Documents and Settings\owner\Local Settings\Data aplikací\ConduitEngine
Folder Deleted : C:\Documents and Settings\owner\Local Settings\Data aplikací\MyAshampoo
Folder Deleted : C:\Documents and Settings\owner\Data aplikací\Uniblue\DriverScanner
Folder Deleted : C:\Documents and Settings\owner\Data aplikací\WinZipper
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\Extensions\speeddial@instair.net
Folder Deleted : C:\Documents and Settings\owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Deleted : C:\Documents and Settings\owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Deleted : C:\Documents and Settings\owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Folder Deleted : C:\Documents and Settings\owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Deleted : C:\Documents and Settings\owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
File Deleted : C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\searchplugins\ask-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\delta-homes.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\qvo6.xml
File Deleted : C:\Documents and Settings\owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\newtab.crx

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Extensions\CmdMapping [{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2394E527-F7F7-4585-AC5B-6811B91043A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E979BCEC-881A-425E-B51D-7BEC23494B4E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF577F14-EB90-48B4-9DC5-7FC36BAF5C2A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe]
Key Deleted : HKCU\Software\ICQToolbar
Key Deleted : HKCU\Software\MyAshampoo\toolbar
Key Deleted : HKCU\Software\V9
Key Deleted : HKCU\Software\MyAshampoo
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\MyAshampoo\toolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKLM\Software\MyAshampoo
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\winzipper
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WsysControl
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyAshampoo Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Documents and Settings\owner\Data aplikací\Mozilla\Firefox\Profiles\ihpvjar7.default-1369290633546\prefs.js ]


*************************

AdwCleaner[R0].txt - [12858 octets] - [13/01/2014 22:28:08]
AdwCleaner[S0].txt - [11757 octets] - [13/01/2014 22:30:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11818 octets] ##########

Oznacite text toho logu = otevrete jej, klik pravym mysidlem "vybrat vse" pak kopirovat (ctrl+c) a do odpovedi v tematu jej vlozite (ctrl+v)

zkopíroval jsem to a včera jsem tady občas pobíhal a asi to nevyšlo s časem