Zdravim.. dostal jsem do ruky tento PC. Je ponekud pomalejsi, prosim tedy o kontrolu logu. Predem dekuji
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-04-2016
Ran by Rita (administrator) on YOUR-B04E565902 (21-04-2016 16:19:32)
Running from C:\Documents and Settings\Rita\Desktop
Loaded Profiles: Rita (Available Profiles: Rita & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(America Online, Inc.) C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
() C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Sierra Wireless Inc.) C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe
() C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\soundman.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\realplay.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
() C:\WINDOWS\twain_32\D66U\D066UUTY.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(ATI Technologies, Inc.) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
(America Online, Inc) C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
() C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
(forum.viry.cz) C:\Documents and Settings\Rita\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EPSON Stylus Photo R200 Series] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE [99840 2003-09-11] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [WatcherHelper] => C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe [58648 2009-01-15] (Sierra Wireless Inc.)
HKLM\...\Run: [Vade Retro Outlook Express] => C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe [310272 2004-10-04] ()
HKLM\...\Run: [USBToolTip] => C:\Program Files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe [192512 2005-06-13] (Pinnacle Systems GmbH)
HKLM\...\Run: [USB2Check] => "RUNDLL32.EXE" "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
HKLM\...\Run: [TRUUpdater] => C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe [558360 2009-01-05] (Sierra Wireless, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe [75520 2006-12-15] (Sun Microsystems, Inc.)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2006-03-02] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Recguard] => C:\WINDOWS\SMINST\RECGUARD.EXE [212992 2002-09-13] ()
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [PinnacleDriverCheck] => C:\WINDOWS\system32\PSDrvCheck.exe [406016 2004-03-11] ()
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [D066UUtility] => C:\WINDOWS\TWAIN_32\D66U\D066UUTY.EXE [32768 2000-07-06] ()
HKLM\...\Run: [CanonSolutionMenuEx] => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2516296 2010-03-25] (CANON INC.)
HKLM\...\Run: [ATIPTA] => C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2005-09-15] (ATI Technologies, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [AOLDialer] => C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [496752 2004-04-08] (America Online, Inc)
HKLM\...\Run: [AOL Spyware Protection] => C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe [78960 2004-03-19] ()
HKLM\...\Run: [MSConfig] => C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [169984 2008-04-14] (Microsoft Corporation)
HKLM\...\RunOnce: [AskSBar Uninstall] => rundll32 C:\PROGRA~1\UNINST~1.DLL,O -3
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2005-09-15] (ATI Technologies Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-994202732-4198172448-1726955240-1005\...\MountPoints2: Z - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480
HKU\S-1-5-21-994202732-4198172448-1726955240-1005\...\MountPoints2: {9bb8bdca-07c5-11e6-b1b9-001195e99054} - "E:\Start PC.exe"
HKU\S-1-5-21-994202732-4198172448-1726955240-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\wpgldfsh.scr [4396544 2004-08-10] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [IETI] => C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART
Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Uninstall Webroot RunOnce.lnk [2016-04-21]
ShortcutTarget: Uninstall Webroot RunOnce.lnk -> C:\Documents and Settings\Administrator\Application Data\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2007-03-05]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk [2006-09-01]
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk [2006-09-01]
ShortcutTarget: AOL 9.0 Tray Icon.lnk -> C:\Program Files\AOL 9.0\aoltray.exe (America Online, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{261B078A-F5C9-4C75-BFC9-7431ADBB3A6A}: [DhcpNameServer] 192.168.32.1
Tcpip\..\Interfaces\{57331347-BC3E-443A-B83D-9861B4DCE9E6}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-994202732-4198172448-1726955240-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://uk.msn.com/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-994202732-4198172448-1726955240-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-994202732-4198172448-1726955240-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-994202732-4198172448-1726955240-1005\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
SearchScopes: HKLM -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-19 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-20 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-21-994202732-4198172448-1726955240-1005 -> DefaultScope {3153DAB0-74A1-49B5-A872-1C3B85C8BAE3} URL = hxxp://www.google.ie/search?q={searchTerms}&so ... 1I7_____en
SearchScopes: HKU\S-1-5-21-994202732-4198172448-1726955240-1005 -> {105E99FF-8B9A-4492-B155-06194B9056D2} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97 ... -SearchBox
SearchScopes: HKU\S-1-5-21-994202732-4198172448-1726955240-1005 -> {3153DAB0-74A1-49B5-A872-1C3B85C8BAE3} URL = hxxp://www.google.ie/search?q={searchTerms}&so ... 1I7_____en
SearchScopes: HKU\S-1-5-21-994202732-4198172448-1726955240-1005 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14] (Adobe Systems Incorporated)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll [2009-08-26] (Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL [2009-08-26] (Symantec Corporation)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19] (Microsoft Corporation)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll [2006-12-15] (Sun Microsystems, Inc.)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll [2009-08-26] (Symantec Corporation)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKU\.DEFAULT -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\.DEFAULT -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKU\S-1-5-21-994202732-4198172448-1726955240-1005 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
Toolbar: HKU\S-1-5-21-994202732-4198172448-1726955240-1005 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-994202732-4198172448-1726955240-1005 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll [2009-08-26] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-994202732-4198172448-1726955240-1005 -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll [2009-08-26] (Symantec Corporation)
FireFox:
========
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2010-01-21] (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-21] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-21] (Google Inc.)
FF Plugin: @viewpoint.com/VMP -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-21] ()
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-08] [not signed]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.delfi.lt/","hxxp://uk.msn.com/?pc=U ... DD0C&SSPV="
CHR Profile: C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-21]
CHR Extension: (Google Search) - C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-10]
CHR Extension: (Skype) - C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-21]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-21]
CHR Extension: (ShopperPro) - C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc [2014-03-26]
CHR Extension: (Gmail) - C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-10]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [1135728 2004-04-08] (America Online, Inc.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [516096 2005-09-15] () [File not signed]
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [9158656 2008-12-18] (Microsoft Corporation)
S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [73728 2005-05-04] (Microsoft Corporation) [File not signed]
R2 Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [117640 2009-08-26] (Symantec Corporation)
S2 PinnacleSys.MediaServer; c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe [49152 2006-01-19] (Pinnacle Systems) [File not signed]
S3 SQLAgent$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [323584 2005-05-03] (Microsoft Corporation) [File not signed]
R2 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1251720 2008-08-10] ()
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [3960896 2006-03-31] (Realtek Semiconductor Corp.)
R3 ASAPIW2K; C:\WINDOWS\System32\drivers\ASAPIW2k.sys [11264 2005-02-23] (VOB Computersysteme GmbH) [File not signed]
R2 ASCTRM; C:\WINDOWS\system32\Drivers\ASCTRM.sys [8552 2006-09-01] (Windows (R) 2000 DDK provider) [File not signed]
R1 BHDrvx86; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\BHDrvx86.sys [259632 2009-08-26] (Symantec Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 ccHP; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\ccHPx86.sys [482432 2009-10-04] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [371248 2009-10-02] (Symantec Corporation)
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-06] (Microsoft Corporation)
R1 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20091217.002\IDSxpx86.sys [329592 2009-10-29] (Symantec Corporation)
R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171008 2005-06-02] (Pinnacle Systems GmbH) [File not signed]
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]
S3 PinnacleMarvinUsb; C:\WINDOWS\System32\DRIVERS\MarvinUsb.sys [425984 2005-06-29] (Pinnacle Systems)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R3 rt2500usb; C:\WINDOWS\System32\DRIVERS\rt2500usb.sys [243456 2005-03-12] (Ralink Technology Inc.)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
S3 SRTSP; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SRTSP.SYS [308272 2009-08-26] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NIS\1007020.00B\SRTSPX.SYS [43696 2009-08-26] (Symantec Corporation)
S3 swmsflt; C:\WINDOWS\System32\DRIVERS\swmsflt.sys [28288 2009-01-22] ()
S3 SWNC8U90; C:\WINDOWS\System32\DRIVERS\swnc8u90.sys [173312 2008-12-02] (Sierra Wireless Inc.)
S3 SWUMX90; C:\WINDOWS\System32\DRIVERS\swumx90.sys [145280 2008-11-17] (Sierra Wireless Inc.)
R0 SymEFA; C:\WINDOWS\System32\drivers\NIS\1007020.00B\SYMEFA.SYS [310320 2009-08-26] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [124976 2009-10-04] (Symantec Corporation)
R3 SYMFW; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMFW.SYS [89904 2009-08-26] (Symantec Corporation)
R3 SYMIDS; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMIDS.SYS [33072 2009-08-26] (Symantec Corporation)
S3 SymIM; C:\WINDOWS\System32\DRIVERS\SymIM.sys [36400 2009-08-26] (Symantec Corporation)
R3 SymIMMP; C:\WINDOWS\System32\DRIVERS\SymIM.sys [36400 2009-08-26] (Symantec Corporation)
R2 symlcbrd; C:\WINDOWS\system32\drivers\symlcbrd.sys [10344 2006-09-01] (Symantec Corporation)
R3 SYMNDIS; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMNDIS.SYS [36400 2009-08-26] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMTDI.SYS [217136 2009-08-26] (Symantec Corporation)
R3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-11] (America Online, Inc.)
S3 NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091228.004\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091228.004\NAVEX15.SYS [X]
R4 pwipf6; \SystemRoot\system32\drivers\pwipf6.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SWUMX20; system32\DRIVERS\swumx20.sys [X]
S3 SYMDNS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS [X]
S3 SYMREDRV; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS [X]
U4 tabsrv; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-21 16:19 - 2016-04-21 16:20 - 00025440 _____ C:\Documents and Settings\Rita\Desktop\FRST.txt
2016-04-21 16:18 - 2016-04-21 16:19 - 00000000 ____D C:\FRST
2016-04-21 16:18 - 2016-04-21 16:18 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Rita\Desktop\FRSTLauncher.exe
2016-04-21 16:15 - 2016-04-21 16:15 - 01726464 _____ (Farbar) C:\Documents and Settings\Rita\Desktop\FRST.exe
2016-04-21 16:05 - 2016-04-21 16:05 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Webroot
2016-04-21 16:01 - 2016-04-21 16:01 - 05555080 _____ (Webroot Software, Inc.) C:\Documents and Settings\Administrator\Application Data\wruninstall.exe
2016-04-21 15:58 - 2016-04-21 15:58 - 00000788 _____ C:\Documents and Settings\LocalService\Start Menu\Programs\Windows Media Player.lnk
2016-04-21 15:58 - 2010-03-14 11:50 - 00267592 _____ (Ask.com) C:\Program Files\Uninstall Ask Toolbar.dll
2016-04-21 15:55 - 2016-04-21 15:55 - 00000000 ____D C:\Documents and Settings\Rita\Local Settings\Application Data\Skype
2016-04-21 15:50 - 2016-04-21 15:50 - 00001120 _____ C:\WINDOWS\SchedLgU.Txt
2016-04-21 15:48 - 2016-04-21 15:48 - 00000000 ____D C:\Qoobox
2016-04-21 15:47 - 2016-04-21 15:47 - 00000000 ____D C:\WINDOWS\erdnt
2016-04-21 15:46 - 2016-04-21 15:48 - 00000000 ___SD C:\32788R22FWJFW
2016-04-21 15:43 - 2016-04-21 15:46 - 02286574 _____ C:\Documents and Settings\Rita\My Documents\cc_20160421_154313.reg
2016-04-21 15:34 - 2016-04-21 15:34 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2016-04-21 15:34 - 2016-04-21 15:34 - 00000000 ____D C:\Program Files\CCleaner
2016-04-21 14:35 - 2016-04-21 14:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB980232$
2016-04-21 14:35 - 2016-04-21 14:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB980218$
2016-04-21 14:34 - 2016-04-21 14:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB979683$
2016-04-21 14:34 - 2016-04-21 14:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB979559$
2016-04-21 14:33 - 2016-04-21 14:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB979482$
2016-04-21 14:33 - 2016-04-21 14:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB979309$
2016-04-21 14:33 - 2016-04-21 14:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978706$
2016-04-21 14:32 - 2016-04-21 14:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978601$
2016-04-21 14:32 - 2016-04-21 14:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978542$
2016-04-21 14:31 - 2016-04-21 14:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978338$
2016-04-21 14:31 - 2016-04-21 14:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978251$
2016-04-21 14:30 - 2016-04-21 14:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978037$
2016-04-21 14:30 - 2016-04-21 14:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB977914$
2016-04-21 14:29 - 2016-04-21 14:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB977165-v2$
2016-04-21 14:29 - 2016-04-21 14:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975713$
2016-04-21 14:28 - 2016-04-21 14:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975562$
2016-04-21 14:28 - 2016-04-21 14:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975561$
2016-04-21 14:27 - 2016-04-21 14:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975560$
2016-04-21 14:27 - 2016-04-21 14:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975467$
2016-04-21 14:26 - 2016-04-21 14:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975025$
2016-04-21 14:26 - 2016-04-21 14:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974571$
2016-04-21 14:25 - 2016-04-21 14:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974392$
2016-04-21 14:25 - 2016-04-21 14:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974318$
2016-04-21 14:25 - 2016-04-21 14:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974112$
2016-04-21 14:24 - 2016-04-21 14:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973869$
2016-04-21 14:24 - 2016-04-21 14:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973815$
2016-04-21 14:23 - 2016-04-21 14:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973687$
2016-04-21 14:23 - 2016-04-21 14:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973507$
2016-04-21 14:23 - 2016-04-21 14:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973354$
2016-04-21 14:22 - 2016-04-21 14:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB972270$
2016-04-21 14:22 - 2016-04-21 14:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971737$
2016-04-21 14:21 - 2016-04-21 14:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971657$
2016-04-21 14:21 - 2016-04-21 14:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971633$
2016-04-21 14:20 - 2016-04-21 14:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971557$
2016-04-21 14:20 - 2016-04-21 14:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971486$
2016-04-21 14:19 - 2016-04-21 14:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971468$
2016-04-21 14:19 - 2016-04-21 14:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB970430$
2016-04-21 14:18 - 2016-04-21 14:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB970238$
2016-04-21 14:18 - 2016-04-21 14:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB969947$
2016-04-21 14:17 - 2016-04-21 14:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB969059$
2016-04-21 14:17 - 2016-04-21 14:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB968537$
2016-04-21 14:17 - 2016-04-21 14:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB968389$
2016-04-21 14:16 - 2016-04-21 14:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB967715$
2016-04-21 14:15 - 2016-04-21 14:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961503$
2016-04-21 14:15 - 2016-04-21 14:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961501$
2016-04-21 14:14 - 2016-04-21 14:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961373$
2016-04-21 14:14 - 2016-04-21 14:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961371$
2016-04-21 14:13 - 2016-04-21 14:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961118$
2016-04-21 14:13 - 2016-04-21 14:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB960859$
2016-04-21 14:12 - 2016-04-21 14:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB960803$
2016-04-21 14:12 - 2016-04-21 14:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB960225$
2016-04-21 14:11 - 2016-04-21 14:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB959426$
2016-04-21 14:11 - 2016-04-21 14:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB958690$
2016-04-21 14:10 - 2016-04-21 14:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB958687$
2016-04-21 14:10 - 2016-04-21 14:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB958644$
2016-04-21 14:10 - 2016-04-21 14:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB957097$
2016-04-21 14:09 - 2016-04-21 14:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB957095$
2016-04-21 14:09 - 2016-04-21 14:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956844$
2016-04-21 14:08 - 2016-04-21 14:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956841$
2016-04-21 14:08 - 2016-04-21 14:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956803$
2016-04-21 14:08 - 2016-04-21 14:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956802$
2016-04-21 14:07 - 2016-04-21 14:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956572$
2016-04-21 14:06 - 2016-04-21 14:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973687_1$
2016-04-21 14:06 - 2016-04-21 14:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB955759$
2016-04-21 14:06 - 2016-04-21 14:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB955069$
2016-04-21 14:05 - 2016-04-21 14:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974112_1$
2016-04-21 14:05 - 2016-04-21 14:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB954600$
2016-04-21 14:04 - 2016-04-21 14:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB954211$
2016-04-21 14:04 - 2016-04-21 14:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952954$
2016-04-21 14:03 - 2016-04-21 14:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952287$
2016-04-21 14:01 - 2016-04-21 14:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952004$
2016-04-21 13:58 - 2016-04-21 13:58 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951748$
2016-04-21 13:58 - 2016-04-21 13:58 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951698$
2016-04-21 13:58 - 2016-04-21 13:58 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951376-v2$
2016-04-21 13:57 - 2016-04-21 13:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951376$
2016-04-21 13:57 - 2016-04-21 13:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951066$
2016-04-21 13:56 - 2016-04-21 13:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950974$
2016-04-21 13:56 - 2016-04-21 13:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950762$
2016-04-21 13:55 - 2016-04-21 13:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB946648$
2016-04-21 13:55 - 2016-04-21 13:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB938464$
2016-04-21 13:55 - 2016-04-21 13:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB923561$
2016-04-21 13:54 - 2016-04-21 13:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2229593$
2016-04-21 13:40 - 2016-04-21 13:40 - 00000000 ____D C:\WINDOWS\system32\scripting
2016-04-21 13:40 - 2016-04-21 13:40 - 00000000 ____D C:\WINDOWS\system32\bits
2016-04-21 13:40 - 2016-04-21 13:40 - 00000000 ____D C:\WINDOWS\l2schemas
2016-04-21 13:31 - 2016-04-21 13:41 - 00000000 ____D C:\WINDOWS\network diagnostic
2016-04-21 13:18 - 2016-04-21 13:24 - 00000000 __HDC C:\WINDOWS\$NtServicePackUninstall$
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-21 16:20 - 2007-03-04 21:54 - 00000000 ____D C:\Documents and Settings\Rita\Local Settings\Temp
2016-04-21 16:14 - 2007-03-12 20:50 - 00007168 ___SH C:\WINDOWS\Thumbs.db
2016-04-21 16:05 - 2010-11-11 08:42 - 00000000 __HDC C:\Documents and Settings\All Users\Application Data\~0
2016-04-21 16:01 - 2010-11-11 19:39 - 00000000 ____D C:\Documents and Settings\Rita\Local Settings\Application Data\Webroot
2016-04-21 15:59 - 2008-01-09 21:16 - 00000000 ____D C:\Program Files\Google
2016-04-21 15:59 - 2008-01-09 21:16 - 00000000 ____D C:\Documents and Settings\Rita\Local Settings\Application Data\Google
2016-04-21 15:59 - 2008-01-09 21:16 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google
2016-04-21 15:58 - 2006-08-09 04:26 - 00000209 __RSH C:\boot.ini
2016-04-21 15:58 - 2006-08-09 04:25 - 00000792 _____ C:\WINDOWS\win.ini
2016-04-21 15:58 - 2006-08-09 04:25 - 00000227 _____ C:\WINDOWS\system.ini
2016-04-21 15:57 - 2006-08-08 20:38 - 00000000 ____D C:\WINDOWS\Registration
2016-04-21 15:56 - 2007-03-04 21:54 - 00000000 ____D C:\Documents and Settings\Rita\Application Data\Skype
2016-04-21 15:55 - 2006-08-08 21:33 - 00554222 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-21 15:54 - 2010-09-25 14:31 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-21 15:54 - 2006-08-09 04:25 - 00001170 _____ C:\WINDOWS\system32\wpa.dbl
2016-04-21 15:50 - 2010-09-25 14:31 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-21 15:50 - 2006-09-01 20:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-21 15:49 - 2007-03-04 21:54 - 00000278 ___SH C:\Documents and Settings\Rita\ntuser.ini
2016-04-21 15:49 - 2007-03-04 21:54 - 00000000 ____D C:\Documents and Settings\Rita
2016-04-21 15:43 - 2007-03-04 21:54 - 00000000 ___RD C:\Documents and Settings\Rita\My Documents
2016-04-21 15:41 - 2009-12-03 14:42 - 00000000 ____D C:\Documents and Settings\Rita\Tracing
2016-04-21 15:33 - 2006-08-08 21:28 - 00000000 ___HD C:\WINDOWS\inf
2016-04-21 15:32 - 2007-03-04 21:54 - 00000738 _____ C:\Documents and Settings\Rita\Start Menu\Programs\Outlook Express.lnk
2016-04-21 15:32 - 2006-09-01 21:57 - 00000000 ____D C:\WINDOWS\pss
2016-04-21 15:24 - 2006-08-08 21:32 - 00309192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-21 15:24 - 2006-08-08 21:28 - 00000000 ____D C:\WINDOWS\system32\Setup
2016-04-21 15:24 - 2006-08-08 20:37 - 00000000 ____D C:\WINDOWS\system32\Com
2016-04-21 14:49 - 2007-03-04 23:59 - 00090816 _____ C:\Documents and Settings\Rita\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2016-04-21 14:48 - 2012-12-05 13:36 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-21 14:35 - 2006-09-08 06:27 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-04-21 14:32 - 2006-08-08 20:39 - 00000000 ____D C:\Program Files\Outlook Express
2016-04-21 14:28 - 2006-08-08 20:37 - 00000000 ____D C:\Program Files\Movie Maker
2016-04-21 13:59 - 2006-08-08 21:28 - 00000000 ____D C:\WINDOWS\security
2016-04-21 13:55 - 2006-08-08 20:37 - 00000000 ____D C:\Program Files\Messenger
2016-04-21 13:44 - 2006-08-08 20:41 - 00001563 _____ C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2016-04-21 13:41 - 2006-08-08 21:28 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-04-21 13:41 - 2006-08-08 21:28 - 00000000 ____D C:\WINDOWS\ime
2016-04-21 13:41 - 2006-08-08 21:28 - 00000000 ____D C:\WINDOWS\Help
2016-04-21 13:40 - 2006-08-08 21:28 - 00000000 ____D C:\WINDOWS\system32\usmt
2016-04-21 13:40 - 2006-08-08 21:28 - 00000000 ____D C:\WINDOWS\PeerNet
2016-04-21 13:34 - 2009-08-14 01:01 - 00000000 ____D C:\WINDOWS\ServicePackFiles
2016-04-21 13:34 - 2006-08-08 21:28 - 00000000 ____D C:\WINDOWS\system32\npp
2016-04-21 13:34 - 2006-08-08 21:28 - 00000000 ____D C:\WINDOWS\mui
2016-04-21 13:34 - 2006-08-08 21:28 - 00000000 ____D C:\WINDOWS\msagent
2016-04-21 13:34 - 2006-08-08 20:39 - 00000000 ____D C:\WINDOWS\srchasst
2016-04-21 13:34 - 2006-08-08 20:39 - 00000000 ____D C:\Program Files\NetMeeting
2016-04-21 13:33 - 2006-08-08 21:28 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-04-21 13:33 - 2006-08-08 21:28 - 00000000 ____D C:\WINDOWS\system
2016-04-21 13:33 - 2006-08-08 20:39 - 00000000 ____D C:\Program Files\Common Files\System
2016-04-21 13:33 - 2006-08-08 20:37 - 00000000 ____D C:\Program Files\Windows NT
2016-04-21 13:27 - 2006-08-09 04:26 - 00250048 __RSH C:\ntldr
2016-04-21 13:25 - 2006-09-01 20:31 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
2016-04-21 13:17 - 2006-08-08 20:41 - 00001507 _____ C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2016-04-21 13:17 - 2006-08-08 20:40 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
==================== Files in the root of some directories =======
2016-04-21 15:58 - 2010-03-14 11:50 - 0267592 _____ (Ask.com) C:\Program Files\Uninstall Ask Toolbar.dll
2007-03-10 21:22 - 2010-11-01 12:52 - 0015816 _____ () C:\Documents and Settings\Rita\Application Data\wklnhst.dat
2007-03-04 23:56 - 2009-09-30 19:46 - 0018944 _____ () C:\Documents and Settings\Rita\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-03-08 08:24 - 2007-03-08 08:24 - 0000127 _____ () C:\Documents and Settings\Rita\Local Settings\Application Data\fusioncache.dat
2015-11-09 16:45 - 2015-11-09 16:45 - 0000000 _____ () C:\Documents and Settings\Rita\Local Settings\Application Data\{B11ECA13-6AF9-4C6A-A30D-E4369362697C}
2008-01-09 21:30 - 2008-01-09 21:30 - 0000032 _____ () C:\Documents and Settings\All Users\Application Data\ezsid.dat
Files to move or delete:
====================
C:\Documents and Settings\Rita\exe.js
Some files in TEMP:
====================
C:\Documents and Settings\Rita\Local Settings\Temp\GLB1A2B.EXE
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\Rita\Desktop" je 12154 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirCardEnabler
"C:\WINDOWS\system32\NeroCheck.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
"C:\Program Files\Real\RealPlayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray
"C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
ECHO is off.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
ehSched REG_DWORD 0x2
ehRecvr REG_DWORD 0x2
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe:*:Enabled:Studio"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Sierra Wireless Inc\\3G Watcher\\SwiApiMux.exe"="C:\\Program Files\\Sierra Wireless Inc\\3G Watcher\\SwiApiMux.exe:*:Enabled:SwiApiMux"
"C:\\Program Files\\Sierra Wireless Inc\\3G Watcher\\TRUUpdater.exe"="C:\\Program Files\\Sierra Wireless Inc\\WebUpdater\\TRUUpdater.exe:*:Enabled:TRUUpdater"
@=""
"C:\\Program Files\\Sierra Wireless Inc\\WebUpdater\\SwiApiMux.exe"="C:\\Program Files\\Sierra Wireless Inc\\WebUpdater\\SwiApiMux.exe:*:Enabled:SwiApiMux"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivne
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Scorpion91
- Návštěvník
- Příspěvky: 4
- Registrován: 21 dub 2016 15:09
Preventivne
- Přílohy
-
- Addition.rar
- (4.71 KiB) Staženo 44 x
Re: Preventivne
Zdravím, tak mu zkusíme pomoct.
Přes Odebrat programy nebo CCleaner níže odinstaluj :
AOL Spyware Protection
AOL Dialer
Ask SBar
a pokud to není placená verze tak i Webroot
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a spusť AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Přes Odebrat programy nebo CCleaner níže odinstaluj :
AOL Spyware Protection
AOL Dialer
Ask SBar
a pokud to není placená verze tak i Webroot
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a spusť AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
-
Scorpion91
- Návštěvník
- Příspěvky: 4
- Registrován: 21 dub 2016 15:09
Re: Preventivne
Dekuji. Odinstaloval jsem, co jste poradil plus jeste dalsi zbytecne programy. Vidite tam jeste nekde neco, co by mohlo jit pryc nebo je to jiz v poradku? 
# AdwCleaner v5.112 - Logfile created 21/04/2016 at 18:11:22
# Updated 17/04/2016 by Xplode
# Database : 2016-04-19.5 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (X86)
# Username : Rita - YOUR-B04E565902
# Running from : C:\Documents and Settings\Rita\My Documents\Downloads\adwcleaner_5.112.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
[-] Folder Deleted : C:\Documents and Settings\Rita\Application Data\Viewpoint
[-] Folder Deleted : C:\Documents and Settings\Rita\Local Settings\Application Data\PackageAware
[-] Folder Deleted : C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc
[-] Folder Deleted : C:\Program Files\AskSBar
[-] Folder Deleted : C:\Program Files\Viewpoint
***** [ Files ] *****
[-] File Deleted : C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[-] File Deleted : C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WiseApi.WiseApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\WiseApi.WSCreateAccount.AccountManagementService
[-] Key Deleted : HKLM\SOFTWARE\Classes\WiseApi.WSCreateAccount.AuthHeader
[-] Key Deleted : HKLM\SOFTWARE\Classes\WiseApi.WSCreateAccount.UserAccount
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0579B4B1-0293-4D73-B02D-5EBB0BA0F0A2}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0579B4B1-0293-4D73-B02D-5EBB0BA0F0A2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FD31ED6-7C94-4BBC-8E95-F927F4D3A949}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Key Deleted : HKLM\SOFTWARE\ImInstaller
[-] Key Deleted : HKLM\SOFTWARE\MetaStream
[-] Key Deleted : HKLM\SOFTWARE\Viewpoint
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Key Deleted : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Key Deleted : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [2]
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [5605 bytes] - [21/04/2016 18:11:22]
C:\AdwCleaner\AdwCleaner[S1].txt - [5635 bytes] - [21/04/2016 18:08:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5751 bytes] ##########
# AdwCleaner v5.112 - Logfile created 21/04/2016 at 18:11:22
# Updated 17/04/2016 by Xplode
# Database : 2016-04-19.5 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (X86)
# Username : Rita - YOUR-B04E565902
# Running from : C:\Documents and Settings\Rita\My Documents\Downloads\adwcleaner_5.112.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
[-] Folder Deleted : C:\Documents and Settings\Rita\Application Data\Viewpoint
[-] Folder Deleted : C:\Documents and Settings\Rita\Local Settings\Application Data\PackageAware
[-] Folder Deleted : C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc
[-] Folder Deleted : C:\Program Files\AskSBar
[-] Folder Deleted : C:\Program Files\Viewpoint
***** [ Files ] *****
[-] File Deleted : C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[-] File Deleted : C:\Documents and Settings\Rita\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WiseApi.WiseApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\WiseApi.WSCreateAccount.AccountManagementService
[-] Key Deleted : HKLM\SOFTWARE\Classes\WiseApi.WSCreateAccount.AuthHeader
[-] Key Deleted : HKLM\SOFTWARE\Classes\WiseApi.WSCreateAccount.UserAccount
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0579B4B1-0293-4D73-B02D-5EBB0BA0F0A2}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0579B4B1-0293-4D73-B02D-5EBB0BA0F0A2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FD31ED6-7C94-4BBC-8E95-F927F4D3A949}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Key Deleted : HKLM\SOFTWARE\ImInstaller
[-] Key Deleted : HKLM\SOFTWARE\MetaStream
[-] Key Deleted : HKLM\SOFTWARE\Viewpoint
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Key Deleted : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Key Deleted : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [2]
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [5605 bytes] - [21/04/2016 18:11:22]
C:\AdwCleaner\AdwCleaner[S1].txt - [5635 bytes] - [21/04/2016 18:08:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5751 bytes] ##########
Re: Preventivne
Ještě mrkneme hlouběji, doporučuji pozorně číst, protože softík níže netoleruje chyby.Scorpion91 píše:Vidite tam jeste nekde neco, co by mohlo jit pryc nebo je to jiz v poradku?
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Přispějete na provoz fóra?