Dobrý den, prosím o kontrolu logu, v PC se určitě nějaké viry nebo adware naachází, i když nabíhá a internet jede. Projel jsem to jenom tak zkušebně tím AVG, co je tady a našlo to 16 různých potvor, tak myslím, že to bude chtít hloubkovou kontrolu.
Zde log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-10-2015
Ran by Veronika (administrator) on VERONIKA-PC (31-10-2015 13:03:46)
Running from C:\Documents and Settings\Veronika\Plocha
Loaded Profiles: Veronika (Available Profiles: Veronika)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Ralink Technology, Corp.) C:\Program Files\RALINK\Common\RaUI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\loggingserver.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2569616 2015-10-31] ()
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2011-12-06] (ATI Technologies Inc.)
Winlogon\Notify\WgaLogon: C:\WINDOWS\system32\WgaLogon.dll [2009-03-25] ()
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {1165b4c6-6bf8-11df-964e-000e2eecf6ce} - F:\setupSNK.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {44f99b53-2fcc-11e4-ab99-000e2eecf6ce} - F:\Startme.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {9e9fa8c0-d14f-11e0-9d8b-806d6172696f} - E:\setup.exe
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe -update plugin
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk [2013-09-22]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.133.0.37 10.133.37.37
Tcpip\..\Interfaces\{CB88B4A6-721F-4311-8BC5-6E19111FD3FB}: [DhcpNameServer] 10.133.0.37 10.133.37.37
Internet Explorer:
==================
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=112555&tt=290312_bexdll&babsrc=HP_ss&mntrId=7c469046000000000000000272c2a7d0
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://isearch.avg.com/tab?cid={3711D1E1-F767-4BD8-8B38-268B0D6D896D}&mid=771f6da2108e47d6b4edd14b34264e23-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=AVG&coid=&cmpid=&pr=fr&d=2012-08-05 23:07:22&v=17.3.0.49&pid=avg&sg=0&sap=nt" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=106&systemid=430&sr=0&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=106&systemid=430&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> DefaultScope {E9D0A5B1-27D9-42C6-8FCF-3AD14DF9C496} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {E9D0A5B1-27D9-42C6-8FCF-3AD14DF9C496} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-05] (Oracle Corporation)
BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\18.9.0.230\AVG Secure Search_toolbar.dll [2015-10-31] (AVG Secure Search)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-05] (Oracle Corporation)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.9.0.230\AVG Secure Search_toolbar.dll [2015-10-31] (AVG Secure Search)
Toolbar: HKLM - No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274962586484
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.9.0\ViProtocol.dll [2015-10-31] (AVG Secure Search)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546
FF Homepage: hxxps://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-31] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.9.0\\npsitesafety.dll [No File]
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-05] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-31] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-31] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1960408961-1957994488-725345543-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF user.js: detected! => C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\user.js [2014-05-08]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-10-31]
FF Extension: Site Finder - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\sitefinder@sitefinder.com [2014-03-07] [not signed]
FF Extension: Mozilla Firefox Hotfixer - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\veggy@veggyAddon.com [2015-10-31] [not signed]
FF Extension: Ultimate Finder - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-05] [not signed]
FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\jid1-FB1bBgFMk5H6Wg@jetpack.xpi [2014-04-07] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-27] [not signed]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\18.9.0.230
FF Extension: AVG Security Toolbar - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\18.9.0.230 [2015-10-31] [not signed]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\sitefinder@sitefinder.com [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\veggy@veggyAddon.com [not found]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-02-20]
Chrome:
=======
CHR StartupUrls: Default -> "file:///C:/Documents%20and%20Settings/Veronika/Plocha/ASROCK-K8A780LM--AMD-Sempron-2600-1gb-Ram.php.htm","hxxp://www.google.cz/services/hp/#utm_source=c ... google.cz/"
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?p2=%5EB2Z%5EYYYY ... earchTerms}
CHR DefaultSearchKeyword: Default -> ask search
CHR DefaultSuggestURL: Default -> hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll => No File
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-20]
CHR Extension: (Gmail) - C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-11]
CHR HKLM\...\Chrome\Extension: [fjbbjfdilbioabojmcplalojlmdngbjl] - C:\Documents and Settings\Veronika\Local Settings\Temp\swlfiles\smileyswelovetoolbar.crx <not found>
CHR HKLM\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files\WebCake\WebCakeLayers.crx <not found>
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-05-01]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [1025352 2011-07-26] ()
S2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-12-05] (Oracle Corporation)
R2 LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904 2007-10-19] (Logitech Inc.)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [141848 2007-10-19] (Logitech Inc.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 vToolbarUpdater18.9.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\ToolbarUpdater.exe [1862032 2015-10-31] (AVG Secure Search)
R2 ZuneBusEnum; c:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21419 2010-05-28] (Meetinghouse Data Communications) [File not signed]
R0 ahcix86; C:\WINDOWS\System32\drivers\ahcix86.sys [189968 2009-04-08] (Advanced Micro Devices, Inc)
S3 AMBFilt; C:\WINDOWS\System32\drivers\AMBFilt.sys [1656960 2009-06-26] (Creative) [File not signed]
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
S3 ATIXBAR; C:\WINDOWS\System32\DRIVERS\atinxbxx.sys [31744 2008-04-13] (ATI Technologies Inc.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [198936 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 cpuz133; C:\WINDOWS\system32\drivers\cpuz133_x32.sys [20968 2010-03-30] (Windows (R) Win 7 DDK provider)
R3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-03-08] (Disc Soft Ltd)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 LVcKap; C:\WINDOWS\System32\DRIVERS\LVcKap.sys [2109976 2007-10-19] (Logitech Inc.)
S3 LVMVDrv; C:\WINDOWS\System32\DRIVERS\LVMVDrv.sys [2142488 2007-10-11] (Logitech Inc.)
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25624 2007-10-11] ()
S3 LVUSBSta; C:\WINDOWS\System32\drivers\LVUSBSta.sys [41752 2007-10-12] (Logitech Inc.)
S3 MonFilt; C:\WINDOWS\System32\drivers\MonFilt.sys [1389056 2008-12-02] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PID_0928; C:\WINDOWS\System32\DRIVERS\LV561AV.SYS [490776 2007-10-12] (Logitech Inc.)
S3 RT80x86; C:\WINDOWS\System32\DRIVERS\RT2860.sys [507264 2007-03-12] (Ralink Technology, Corp.)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-03-07] (Duplex Secure Ltd.)
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1617408 2009-11-24] (VIA Technologies, Inc.) [File not signed]
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S3 cpuz130; \??\C:\DOCUME~1\Veronika\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
U3 a3s919h7; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-31 13:03 - 2015-10-31 13:04 - 00023003 _____ C:\Documents and Settings\Veronika\Plocha\FRST.txt
2015-10-31 13:03 - 2015-10-31 13:03 - 00000000 ____D C:\FRST
2015-10-31 13:01 - 2015-10-31 13:01 - 01701888 _____ (Farbar) C:\Documents and Settings\Veronika\Plocha\FRST.exe
2015-10-31 10:58 - 2008-04-14 00:15 - 00010624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gameenum.sys
2015-10-31 10:58 - 2008-04-14 00:15 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gameenum.sys
2015-10-31 10:58 - 2001-08-17 20:19 - 00003712 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctljystk.sys
2015-10-31 10:58 - 2001-08-17 20:19 - 00003712 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\ctljystk.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-31 13:04 - 2012-11-05 16:35 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-31 13:04 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika\Local Settings\Temp
2015-10-31 13:03 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika\Plocha
2015-10-31 12:56 - 2010-05-27 11:03 - 01831678 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-31 12:55 - 2010-05-27 12:58 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-10-31 12:55 - 2010-05-27 12:58 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-10-31 12:54 - 2014-03-10 12:56 - 00000228 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-10-31 12:54 - 2012-11-05 16:35 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-31 12:54 - 2010-05-27 11:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-31 12:52 - 2010-05-27 11:12 - 00000178 ___SH C:\Documents and Settings\Veronika\ntuser.ini
2015-10-31 12:52 - 2010-05-27 11:11 - 00032618 _____ C:\WINDOWS\SchedLgU.Txt
2015-10-31 12:46 - 2013-11-02 14:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-31 11:47 - 2012-06-15 15:54 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-10-31 11:47 - 2011-08-22 19:27 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-10-31 11:34 - 2013-08-11 11:42 - 00000000 ____D C:\Documents and Settings\Veronika\Data aplikací\Movdap
2015-10-31 11:34 - 2013-07-21 14:51 - 00000000 ____D C:\Documents and Settings\Veronika\Data aplikací\WebCake
2015-10-31 11:33 - 2013-03-17 22:55 - 00000000 ____D C:\Documents and Settings\Veronika\Data aplikací\HoolappForAndroid
2015-10-31 11:27 - 2014-09-15 15:36 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG2015
2015-10-31 11:25 - 2012-11-05 16:36 - 00001813 _____ C:\Documents and Settings\Veronika\Plocha\Google Chrome.lnk
2015-10-31 11:23 - 2010-05-27 11:12 - 00000000 __RHD C:\Documents and Settings\Veronika\Data aplikací
2015-10-31 11:22 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika
2015-10-31 11:19 - 2012-12-17 23:14 - 00001004 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1957994488-725345543-1003UA.job
2015-10-31 11:17 - 2014-12-19 14:31 - 00000000 ____D C:\Documents and Settings\Veronika\Local Settings\Data aplikací\SoftonicAssistant
2015-10-31 11:14 - 2010-05-27 12:54 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-10-31 11:13 - 2010-05-28 14:33 - 00000000 ___RD C:\Program Files\Skype
2015-10-31 11:12 - 2010-05-27 11:12 - 00000000 ___RD C:\Documents and Settings\Veronika\Nabídka Start\Programy
2015-10-31 11:12 - 2010-05-27 11:12 - 00000000 ___HD C:\Documents and Settings\Veronika\Local Settings\Data aplikací
2015-10-31 11:09 - 2011-01-12 17:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2015-10-31 11:09 - 2010-05-27 12:54 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-10-31 11:07 - 2014-12-18 15:32 - 00001092 _____ C:\Documents and Settings\Veronika\Plocha\Live PC Help.lnk
2015-10-31 11:07 - 2014-12-12 22:12 - 00000000 ____D C:\Documents and Settings\Veronika\Data aplikací\systweak
2015-10-31 11:07 - 2010-05-27 12:54 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-10-31 11:01 - 2014-03-10 12:56 - 00000222 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-10-31 11:01 - 2001-10-25 15:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-10-31 10:59 - 2012-08-05 22:07 - 00000000 ____D C:\Program Files\AVG Secure Search
2015-10-31 10:59 - 2011-11-30 18:34 - 00000000 ____D C:\WINDOWS\system32\cache
2015-10-31 10:59 - 2011-10-25 14:48 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
==================== Files in the root of some directories =======
2013-06-27 10:27 - 2014-07-16 15:11 - 0003728 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2010-05-28 14:10 - 2010-05-28 14:10 - 0000760 _____ () C:\Documents and Settings\Veronika\Data aplikací\setup_ldm.iss
2010-05-30 15:32 - 2015-01-03 11:43 - 0052736 _____ () C:\Documents and Settings\Veronika\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Documents and Settings\Veronika\Local Settings\Temp\CleanSchedule.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola PC po cca 2 letech
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola PC po cca 2 letech
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola PC po cca 2 letech
Provedeno, zde log z AdwCleaneru:
# AdwCleaner v5.015 - Logfile created 01/11/2015 at 09:36:33
# Updated 26/10/2015 by Xplode
# Database : 2015-10-29.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Veronika - VERONIKA-PC
# Running from : C:\Documents and Settings\Veronika\Plocha\adwcleaner_5.015.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : AVG Security Toolbar Service
[-] Service Deleted : vToolbarUpdater18.9.0
***** [ Folders ] *****
[-] Folder Deleted : C:\DOCUME~1\Veronika\LOCALS~1\Temp\apn
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
[-] Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\myfree codec
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\DriverCure
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\HoolappforAndroid
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Movdap
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\OpenCandy
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\ParetoLogic
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\searchquband
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\SimilarSites
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Systweak
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\WebCake
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\YourFileDownloader
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\sitefinder@sitefinder.com
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\veggy@veggyAddon.com
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\AVG Security Toolbar
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Conduit
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\VNT
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\SoftonicAssistant
[-] Folder Deleted : C:\Documents and Settings\Veronika\Nabídka Start\Programy\MyPC Backup
[-] Folder Deleted : C:\Program Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Conduit
[-] Folder Deleted : C:\Program Files\ICQ6Toolbar
[-] Folder Deleted : C:\Program Files\MyPC Backup
[-] Folder Deleted : C:\Program Files\ParetoLogic
[-] Folder Deleted : C:\Program Files\SimilarSites
[-] Folder Deleted : C:\Program Files\AVG\AVG10\Toolbar
[-] Folder Deleted : C:\Program Files\myfree codec
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
***** [ Files ] *****
[-] File Deleted : C:\user.js
[-] File Deleted : C:\Documents and Settings\All Users\Plocha\Get The Best Facebook Chat Messenger.lnk
[-] File Deleted : C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\user.js
[-] File Deleted : C:\Documents and Settings\Veronika\Plocha\Live PC Help.lnk
[-] File Deleted : C:\Documents and Settings\Veronika\Plocha\MyPC Backup.lnk
[-] File Deleted : C:\Documents and Settings\Veronika\Plocha\Sync Folder.lnk
[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\WINDOWS\system32\roboot.exe
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\FilesFrog Update Checker
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\MyPC Backup
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Classes\S
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363F46BE-27B4-4C8D-99E7-B1E049B84376}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{90A9B7D2-3794-45EA-9E23-140E3938D2D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A753A1EC-973E-4718-AF8E-A3F554D45C44}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02AFA80F-4BEE-41FD-8572-214B58A9EF90}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\BI
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\DataMngr
[-] Key Deleted : HKCU\Software\InstallCore
[-] Key Deleted : HKCU\Software\Microsoft\Babylon
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKCU\Software\SmileysWeLove
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\ParetoLogic
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : HKLM\SOFTWARE\AdGazelle
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
[-] Data Restored : HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main [Start Page]
[!] Data Not Restored : HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2430}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
***** [ Web browsers ] *****
[-] [C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://www.search.ask.com/web?p2=%5EB2Z%5EYYYY ... earchTerms}
[-] [C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaajepeddfdaihpmdgnickofffkdlpb
[-] [C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fjoijdanhaiflhibkljeklcghcmmfffh
[-] [C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ndibdjnfmopecpmkdieinmbadjfpblof
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [19668 bytes] ##########
# AdwCleaner v5.015 - Logfile created 01/11/2015 at 09:36:33
# Updated 26/10/2015 by Xplode
# Database : 2015-10-29.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Veronika - VERONIKA-PC
# Running from : C:\Documents and Settings\Veronika\Plocha\adwcleaner_5.015.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : AVG Security Toolbar Service
[-] Service Deleted : vToolbarUpdater18.9.0
***** [ Folders ] *****
[-] Folder Deleted : C:\DOCUME~1\Veronika\LOCALS~1\Temp\apn
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
[-] Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\myfree codec
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\DriverCure
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\HoolappforAndroid
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Movdap
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\OpenCandy
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\ParetoLogic
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\searchquband
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\SimilarSites
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Systweak
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\WebCake
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\YourFileDownloader
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\sitefinder@sitefinder.com
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\veggy@veggyAddon.com
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\AVG Security Toolbar
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Conduit
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\VNT
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\SoftonicAssistant
[-] Folder Deleted : C:\Documents and Settings\Veronika\Nabídka Start\Programy\MyPC Backup
[-] Folder Deleted : C:\Program Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Conduit
[-] Folder Deleted : C:\Program Files\ICQ6Toolbar
[-] Folder Deleted : C:\Program Files\MyPC Backup
[-] Folder Deleted : C:\Program Files\ParetoLogic
[-] Folder Deleted : C:\Program Files\SimilarSites
[-] Folder Deleted : C:\Program Files\AVG\AVG10\Toolbar
[-] Folder Deleted : C:\Program Files\myfree codec
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
***** [ Files ] *****
[-] File Deleted : C:\user.js
[-] File Deleted : C:\Documents and Settings\All Users\Plocha\Get The Best Facebook Chat Messenger.lnk
[-] File Deleted : C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\user.js
[-] File Deleted : C:\Documents and Settings\Veronika\Plocha\Live PC Help.lnk
[-] File Deleted : C:\Documents and Settings\Veronika\Plocha\MyPC Backup.lnk
[-] File Deleted : C:\Documents and Settings\Veronika\Plocha\Sync Folder.lnk
[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\WINDOWS\system32\roboot.exe
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\FilesFrog Update Checker
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\MyPC Backup
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Classes\S
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363F46BE-27B4-4C8D-99E7-B1E049B84376}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{90A9B7D2-3794-45EA-9E23-140E3938D2D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A753A1EC-973E-4718-AF8E-A3F554D45C44}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02AFA80F-4BEE-41FD-8572-214B58A9EF90}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\BI
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\DataMngr
[-] Key Deleted : HKCU\Software\InstallCore
[-] Key Deleted : HKCU\Software\Microsoft\Babylon
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKCU\Software\SmileysWeLove
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\ParetoLogic
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : HKLM\SOFTWARE\AdGazelle
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
[-] Data Restored : HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main [Start Page]
[!] Data Not Restored : HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2430}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
***** [ Web browsers ] *****
[-] [C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://www.search.ask.com/web?p2=%5EB2Z%5EYYYY ... earchTerms}
[-] [C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaajepeddfdaihpmdgnickofffkdlpb
[-] [C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fjoijdanhaiflhibkljeklcghcmmfffh
[-] [C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ndibdjnfmopecpmkdieinmbadjfpblof
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [19668 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola PC po cca 2 letech
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola PC po cca 2 letech
Zde nový log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-10-2015
Ran by Veronika (administrator) on VERONIKA-PC (01-11-2015 15:39:59)
Running from C:\Documents and Settings\Veronika\Plocha
Loaded Profiles: Veronika (Available Profiles: Veronika)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Ralink Technology, Corp.) C:\Program Files\RALINK\Common\RaUI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
() C:\Program Files\AVG\AVG2015\avgmfapx.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2011-12-06] (ATI Technologies Inc.)
Winlogon\Notify\WgaLogon: C:\WINDOWS\system32\WgaLogon.dll [2009-03-25] ()
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {1165b4c6-6bf8-11df-964e-000e2eecf6ce} - F:\setupSNK.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {44f99b53-2fcc-11e4-ab99-000e2eecf6ce} - F:\Startme.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {9e9fa8c0-d14f-11e0-9d8b-806d6172696f} - E:\setup.exe
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe -update plugin
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk [2013-09-22]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.133.0.37 10.133.37.37
Tcpip\..\Interfaces\{CB88B4A6-721F-4311-8BC5-6E19111FD3FB}: [DhcpNameServer] 10.133.0.37 10.133.37.37
Internet Explorer:
==================
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> DefaultScope {E9D0A5B1-27D9-42C6-8FCF-3AD14DF9C496} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {E9D0A5B1-27D9-42C6-8FCF-3AD14DF9C496} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-05] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-05] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274962586484
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546
FF Homepage: hxxps://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-31] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-05] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-31] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-31] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1960408961-1957994488-725345543-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Extension: Ultimate Finder - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-05] [not signed]
FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\jid1-FB1bBgFMk5H6Wg@jetpack.xpi [2014-04-07] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-27] [not signed]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\sitefinder@sitefinder.com [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\veggy@veggyAddon.com [not found]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-02-20]
Chrome:
=======
CHR StartupUrls: Default -> "file:///C:/Documents%20and%20Settings/Veronika/Plocha/ASROCK-K8A780LM--AMD-Sempron-2600-1gb-Ram.php.htm","hxxp://www.google.cz/services/hp/#utm_source=c ... google.cz/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll => No File
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-01]
CHR Extension: (Gmail) - C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-01]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-12-05] (Oracle Corporation)
R2 LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904 2007-10-19] (Logitech Inc.)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [141848 2007-10-19] (Logitech Inc.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 ZuneBusEnum; c:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21419 2010-05-28] (Meetinghouse Data Communications) [File not signed]
R0 ahcix86; C:\WINDOWS\System32\drivers\ahcix86.sys [189968 2009-04-08] (Advanced Micro Devices, Inc)
S3 AMBFilt; C:\WINDOWS\System32\drivers\AMBFilt.sys [1656960 2009-06-26] (Creative) [File not signed]
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
S3 ATIXBAR; C:\WINDOWS\System32\DRIVERS\atinxbxx.sys [31744 2008-04-13] (ATI Technologies Inc.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [198936 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 cpuz133; C:\WINDOWS\system32\drivers\cpuz133_x32.sys [20968 2010-03-30] (Windows (R) Win 7 DDK provider)
R3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-03-08] (Disc Soft Ltd)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 LVcKap; C:\WINDOWS\System32\DRIVERS\LVcKap.sys [2109976 2007-10-19] (Logitech Inc.)
S3 LVMVDrv; C:\WINDOWS\System32\DRIVERS\LVMVDrv.sys [2142488 2007-10-11] (Logitech Inc.)
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25624 2007-10-11] ()
S3 LVUSBSta; C:\WINDOWS\System32\drivers\LVUSBSta.sys [41752 2007-10-12] (Logitech Inc.)
S3 MonFilt; C:\WINDOWS\System32\drivers\MonFilt.sys [1389056 2008-12-02] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PID_0928; C:\WINDOWS\System32\DRIVERS\LV561AV.SYS [490776 2007-10-12] (Logitech Inc.)
S3 RT80x86; C:\WINDOWS\System32\DRIVERS\RT2860.sys [507264 2007-03-12] (Ralink Technology, Corp.)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-03-07] (Duplex Secure Ltd.)
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1617408 2009-11-24] (VIA Technologies, Inc.) [File not signed]
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S3 cpuz130; \??\C:\DOCUME~1\Veronika\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
U3 atwboezx; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-01 09:34 - 2015-11-01 09:36 - 00000000 ____D C:\AdwCleaner
2015-11-01 09:32 - 2015-11-01 09:32 - 01694208 _____ C:\Documents and Settings\Veronika\Plocha\adwcleaner_5.015.exe
2015-10-31 13:04 - 2015-10-31 13:04 - 00030386 _____ C:\Documents and Settings\Veronika\Plocha\Addition.txt
2015-10-31 13:03 - 2015-11-01 15:40 - 00018169 _____ C:\Documents and Settings\Veronika\Plocha\FRST.txt
2015-10-31 13:03 - 2015-11-01 15:40 - 00000000 ____D C:\FRST
2015-10-31 13:01 - 2015-10-31 13:01 - 01701888 _____ (Farbar) C:\Documents and Settings\Veronika\Plocha\FRST.exe
2015-10-31 10:58 - 2008-04-14 00:15 - 00010624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gameenum.sys
2015-10-31 10:58 - 2008-04-14 00:15 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gameenum.sys
2015-10-31 10:58 - 2001-08-17 20:19 - 00003712 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctljystk.sys
2015-10-31 10:58 - 2001-08-17 20:19 - 00003712 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\ctljystk.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-01 15:40 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika\Local Settings\Temp
2015-11-01 15:39 - 2011-01-12 17:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2015-11-01 15:34 - 2010-05-27 11:03 - 01842142 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-01 15:33 - 2014-03-10 12:56 - 00000228 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-11-01 15:33 - 2012-11-05 16:35 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-01 15:33 - 2010-05-27 12:58 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-11-01 15:33 - 2010-05-27 12:58 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-11-01 15:33 - 2010-05-27 11:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-01 10:04 - 2012-11-05 16:35 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-01 10:04 - 2010-05-27 11:12 - 00000178 ___SH C:\Documents and Settings\Veronika\ntuser.ini
2015-11-01 10:04 - 2010-05-27 11:11 - 00032618 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-01 09:46 - 2013-11-02 14:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-01 09:37 - 2010-05-27 12:54 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-11-01 09:37 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika\Plocha
2015-11-01 09:36 - 2010-05-27 12:54 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-11-01 09:36 - 2010-05-27 12:54 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-11-01 09:36 - 2010-05-27 11:12 - 00000000 __RHD C:\Documents and Settings\Veronika\Data aplikací
2015-11-01 09:36 - 2010-05-27 11:12 - 00000000 ___HD C:\Documents and Settings\Veronika\Local Settings\Data aplikací
2015-11-01 09:31 - 2014-05-08 13:08 - 00000000 ____D C:\Documents and Settings\Veronika\Local Settings\Data aplikací\AVG
2015-10-31 14:19 - 2012-12-17 23:14 - 00001004 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1957994488-725345543-1003UA.job
2015-10-31 11:47 - 2012-06-15 15:54 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-10-31 11:47 - 2011-08-22 19:27 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-10-31 11:27 - 2014-09-15 15:36 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG2015
2015-10-31 11:25 - 2012-11-05 16:36 - 00001813 _____ C:\Documents and Settings\Veronika\Plocha\Google Chrome.lnk
2015-10-31 11:22 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika
2015-10-31 11:13 - 2010-05-28 14:33 - 00000000 ___RD C:\Program Files\Skype
2015-10-31 11:12 - 2010-05-27 11:12 - 00000000 ___RD C:\Documents and Settings\Veronika\Nabídka Start\Programy
2015-10-31 11:01 - 2014-03-10 12:56 - 00000222 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-10-31 11:01 - 2001-10-25 15:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-10-31 10:59 - 2011-11-30 18:34 - 00000000 ____D C:\WINDOWS\system32\cache
==================== Files in the root of some directories =======
2013-06-27 10:27 - 2014-07-16 15:11 - 0003728 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2010-05-28 14:10 - 2010-05-28 14:10 - 0000760 _____ () C:\Documents and Settings\Veronika\Data aplikací\setup_ldm.iss
2010-05-30 15:32 - 2015-01-03 11:43 - 0052736 _____ () C:\Documents and Settings\Veronika\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Documents and Settings\Veronika\Local Settings\Temp\CleanSchedule.exe
C:\Documents and Settings\Veronika\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-10-2015
Ran by Veronika (administrator) on VERONIKA-PC (01-11-2015 15:39:59)
Running from C:\Documents and Settings\Veronika\Plocha
Loaded Profiles: Veronika (Available Profiles: Veronika)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Ralink Technology, Corp.) C:\Program Files\RALINK\Common\RaUI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
() C:\Program Files\AVG\AVG2015\avgmfapx.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2011-12-06] (ATI Technologies Inc.)
Winlogon\Notify\WgaLogon: C:\WINDOWS\system32\WgaLogon.dll [2009-03-25] ()
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {1165b4c6-6bf8-11df-964e-000e2eecf6ce} - F:\setupSNK.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {44f99b53-2fcc-11e4-ab99-000e2eecf6ce} - F:\Startme.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {9e9fa8c0-d14f-11e0-9d8b-806d6172696f} - E:\setup.exe
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe -update plugin
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk [2013-09-22]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.133.0.37 10.133.37.37
Tcpip\..\Interfaces\{CB88B4A6-721F-4311-8BC5-6E19111FD3FB}: [DhcpNameServer] 10.133.0.37 10.133.37.37
Internet Explorer:
==================
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> DefaultScope {E9D0A5B1-27D9-42C6-8FCF-3AD14DF9C496} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {E9D0A5B1-27D9-42C6-8FCF-3AD14DF9C496} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-05] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-05] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274962586484
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546
FF Homepage: hxxps://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-31] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-05] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-31] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-31] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1960408961-1957994488-725345543-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Extension: Ultimate Finder - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-05] [not signed]
FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\jid1-FB1bBgFMk5H6Wg@jetpack.xpi [2014-04-07] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-27] [not signed]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\sitefinder@sitefinder.com [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\veggy@veggyAddon.com [not found]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-02-20]
Chrome:
=======
CHR StartupUrls: Default -> "file:///C:/Documents%20and%20Settings/Veronika/Plocha/ASROCK-K8A780LM--AMD-Sempron-2600-1gb-Ram.php.htm","hxxp://www.google.cz/services/hp/#utm_source=c ... google.cz/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll => No File
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-01]
CHR Extension: (Gmail) - C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-01]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-12-05] (Oracle Corporation)
R2 LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904 2007-10-19] (Logitech Inc.)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [141848 2007-10-19] (Logitech Inc.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 ZuneBusEnum; c:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21419 2010-05-28] (Meetinghouse Data Communications) [File not signed]
R0 ahcix86; C:\WINDOWS\System32\drivers\ahcix86.sys [189968 2009-04-08] (Advanced Micro Devices, Inc)
S3 AMBFilt; C:\WINDOWS\System32\drivers\AMBFilt.sys [1656960 2009-06-26] (Creative) [File not signed]
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
S3 ATIXBAR; C:\WINDOWS\System32\DRIVERS\atinxbxx.sys [31744 2008-04-13] (ATI Technologies Inc.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [198936 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 cpuz133; C:\WINDOWS\system32\drivers\cpuz133_x32.sys [20968 2010-03-30] (Windows (R) Win 7 DDK provider)
R3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-03-08] (Disc Soft Ltd)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 LVcKap; C:\WINDOWS\System32\DRIVERS\LVcKap.sys [2109976 2007-10-19] (Logitech Inc.)
S3 LVMVDrv; C:\WINDOWS\System32\DRIVERS\LVMVDrv.sys [2142488 2007-10-11] (Logitech Inc.)
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25624 2007-10-11] ()
S3 LVUSBSta; C:\WINDOWS\System32\drivers\LVUSBSta.sys [41752 2007-10-12] (Logitech Inc.)
S3 MonFilt; C:\WINDOWS\System32\drivers\MonFilt.sys [1389056 2008-12-02] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PID_0928; C:\WINDOWS\System32\DRIVERS\LV561AV.SYS [490776 2007-10-12] (Logitech Inc.)
S3 RT80x86; C:\WINDOWS\System32\DRIVERS\RT2860.sys [507264 2007-03-12] (Ralink Technology, Corp.)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-03-07] (Duplex Secure Ltd.)
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1617408 2009-11-24] (VIA Technologies, Inc.) [File not signed]
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S3 cpuz130; \??\C:\DOCUME~1\Veronika\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
U3 atwboezx; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-01 09:34 - 2015-11-01 09:36 - 00000000 ____D C:\AdwCleaner
2015-11-01 09:32 - 2015-11-01 09:32 - 01694208 _____ C:\Documents and Settings\Veronika\Plocha\adwcleaner_5.015.exe
2015-10-31 13:04 - 2015-10-31 13:04 - 00030386 _____ C:\Documents and Settings\Veronika\Plocha\Addition.txt
2015-10-31 13:03 - 2015-11-01 15:40 - 00018169 _____ C:\Documents and Settings\Veronika\Plocha\FRST.txt
2015-10-31 13:03 - 2015-11-01 15:40 - 00000000 ____D C:\FRST
2015-10-31 13:01 - 2015-10-31 13:01 - 01701888 _____ (Farbar) C:\Documents and Settings\Veronika\Plocha\FRST.exe
2015-10-31 10:58 - 2008-04-14 00:15 - 00010624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gameenum.sys
2015-10-31 10:58 - 2008-04-14 00:15 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gameenum.sys
2015-10-31 10:58 - 2001-08-17 20:19 - 00003712 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctljystk.sys
2015-10-31 10:58 - 2001-08-17 20:19 - 00003712 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\ctljystk.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-01 15:40 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika\Local Settings\Temp
2015-11-01 15:39 - 2011-01-12 17:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2015-11-01 15:34 - 2010-05-27 11:03 - 01842142 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-01 15:33 - 2014-03-10 12:56 - 00000228 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-11-01 15:33 - 2012-11-05 16:35 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-01 15:33 - 2010-05-27 12:58 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-11-01 15:33 - 2010-05-27 12:58 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-11-01 15:33 - 2010-05-27 11:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-01 10:04 - 2012-11-05 16:35 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-01 10:04 - 2010-05-27 11:12 - 00000178 ___SH C:\Documents and Settings\Veronika\ntuser.ini
2015-11-01 10:04 - 2010-05-27 11:11 - 00032618 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-01 09:46 - 2013-11-02 14:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-01 09:37 - 2010-05-27 12:54 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-11-01 09:37 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika\Plocha
2015-11-01 09:36 - 2010-05-27 12:54 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-11-01 09:36 - 2010-05-27 12:54 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-11-01 09:36 - 2010-05-27 11:12 - 00000000 __RHD C:\Documents and Settings\Veronika\Data aplikací
2015-11-01 09:36 - 2010-05-27 11:12 - 00000000 ___HD C:\Documents and Settings\Veronika\Local Settings\Data aplikací
2015-11-01 09:31 - 2014-05-08 13:08 - 00000000 ____D C:\Documents and Settings\Veronika\Local Settings\Data aplikací\AVG
2015-10-31 14:19 - 2012-12-17 23:14 - 00001004 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1957994488-725345543-1003UA.job
2015-10-31 11:47 - 2012-06-15 15:54 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-10-31 11:47 - 2011-08-22 19:27 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-10-31 11:27 - 2014-09-15 15:36 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG2015
2015-10-31 11:25 - 2012-11-05 16:36 - 00001813 _____ C:\Documents and Settings\Veronika\Plocha\Google Chrome.lnk
2015-10-31 11:22 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika
2015-10-31 11:13 - 2010-05-28 14:33 - 00000000 ___RD C:\Program Files\Skype
2015-10-31 11:12 - 2010-05-27 11:12 - 00000000 ___RD C:\Documents and Settings\Veronika\Nabídka Start\Programy
2015-10-31 11:01 - 2014-03-10 12:56 - 00000222 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-10-31 11:01 - 2001-10-25 15:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-10-31 10:59 - 2011-11-30 18:34 - 00000000 ____D C:\WINDOWS\system32\cache
==================== Files in the root of some directories =======
2013-06-27 10:27 - 2014-07-16 15:11 - 0003728 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2010-05-28 14:10 - 2010-05-28 14:10 - 0000760 _____ () C:\Documents and Settings\Veronika\Data aplikací\setup_ldm.iss
2010-05-30 15:32 - 2015-01-03 11:43 - 0052736 _____ () C:\Documents and Settings\Veronika\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Documents and Settings\Veronika\Local Settings\Temp\CleanSchedule.exe
C:\Documents and Settings\Veronika\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola PC po cca 2 letech
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {1165b4c6-6bf8-11df-964e-000e2eecf6ce} - F:\setupSNK.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {44f99b53-2fcc-11e4-ab99-000e2eecf6ce} - F:\Startme.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {9e9fa8c0-d14f-11e0-9d8b-806d6172696f} - E:\setup.exe
URLSearchHook: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL =
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\sitefinder@sitefinder.com [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\veggy@veggyAddon.com [not found]
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
U3 atwboezx; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1957994488-725345543-1003UA.job
C:\Documents and Settings\Veronika\Local Settings\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola PC po cca 2 letech
Omlouvám se za prodlevu, dřív jsem se k tomu v týdnu nedostal. Zde Fixlist.txt:
Fix result of Farbar Recovery Scan Tool (x86) Version:31-10-2015
Ran by Veronika (2015-11-04 20:12:25) Run:1
Running from C:\Documents and Settings\Veronika\Plocha
Loaded Profiles: Veronika (Available Profiles: Veronika)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {1165b4c6-6bf8-11df-964e-000e2eecf6ce} - F:\setupSNK.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {44f99b53-2fcc-11e4-ab99-000e2eecf6ce} - F:\Startme.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {9e9fa8c0-d14f-11e0-9d8b-806d6172696f} - E:\setup.exe
URLSearchHook: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL =
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\sitefinder@sitefinder.com [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\veggy@veggyAddon.com [not found]
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
U3 atwboezx; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1957994488-725345543-1003UA.job
C:\Documents and Settings\Veronika\Local Settings\Temp
End
*****************
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1165b4c6-6bf8-11df-964e-000e2eecf6ce}" => key removed successfully.
HKCR\CLSID\{1165b4c6-6bf8-11df-964e-000e2eecf6ce} => key not found.
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44f99b53-2fcc-11e4-ab99-000e2eecf6ce}" => key removed successfully.
HKCR\CLSID\{44f99b53-2fcc-11e4-ab99-000e2eecf6ce} => key not found.
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e9fa8c0-d14f-11e0-9d8b-806d6172696f}" => key removed successfully.
HKCR\CLSID\{9e9fa8c0-d14f-11e0-9d8b-806d6172696f} => key not found.
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} => value removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} => value not found.
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2430}" => key removed successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} => key not found.
"HKCR\PROTOCOLS\Handler\linkscanner" => key removed successfully.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => key not found.
C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\sitefinder@sitefinder.com => not found.
C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} => moved successfully
C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\veggy@veggyAddon.com => not found.
IntelIde => service removed successfully.
WS2IFSL => service removed successfully.
atwboezx => service not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1957994488-725345543-1003UA.job => moved successfully
C:\Documents and Settings\Veronika\Local Settings\Temp => moved successfully
==== End of Fixlog 20:12:27 ====
Fix result of Farbar Recovery Scan Tool (x86) Version:31-10-2015
Ran by Veronika (2015-11-04 20:12:25) Run:1
Running from C:\Documents and Settings\Veronika\Plocha
Loaded Profiles: Veronika (Available Profiles: Veronika)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {1165b4c6-6bf8-11df-964e-000e2eecf6ce} - F:\setupSNK.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {44f99b53-2fcc-11e4-ab99-000e2eecf6ce} - F:\Startme.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {9e9fa8c0-d14f-11e0-9d8b-806d6172696f} - E:\setup.exe
URLSearchHook: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL =
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\sitefinder@sitefinder.com [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\veggy@veggyAddon.com [not found]
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
U3 atwboezx; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1957994488-725345543-1003UA.job
C:\Documents and Settings\Veronika\Local Settings\Temp
End
*****************
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1165b4c6-6bf8-11df-964e-000e2eecf6ce}" => key removed successfully.
HKCR\CLSID\{1165b4c6-6bf8-11df-964e-000e2eecf6ce} => key not found.
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44f99b53-2fcc-11e4-ab99-000e2eecf6ce}" => key removed successfully.
HKCR\CLSID\{44f99b53-2fcc-11e4-ab99-000e2eecf6ce} => key not found.
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e9fa8c0-d14f-11e0-9d8b-806d6172696f}" => key removed successfully.
HKCR\CLSID\{9e9fa8c0-d14f-11e0-9d8b-806d6172696f} => key not found.
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} => value removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} => value not found.
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2430}" => key removed successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} => key not found.
"HKCR\PROTOCOLS\Handler\linkscanner" => key removed successfully.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => key not found.
C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\sitefinder@sitefinder.com => not found.
C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} => moved successfully
C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\veggy@veggyAddon.com => not found.
IntelIde => service removed successfully.
WS2IFSL => service removed successfully.
atwboezx => service not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1957994488-725345543-1003UA.job => moved successfully
C:\Documents and Settings\Veronika\Local Settings\Temp => moved successfully
==== End of Fixlog 20:12:27 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola PC po cca 2 letech
Smazáno. Mělo by to být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola PC po cca 2 letech
Vypadá to dobře, jenom se ještě jaksi sekal Google Chrome, tak jsem ho cvičně přeinstaloval, a už taky vypadá naprosto v pohodě. Tak jestli je to všechno, tak děkuji za pomoc (lépe řečeno kolega, to je jeho počítač) a nashledanou. 
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola PC po cca 2 letech
Mělo by to být vše. Nemáte zač a mějte se!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?