Jump to content

Chack PC of my Father


Guest
 Share

Recommended Posts

here DDS logs

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.45.2
Run by Luděk Kasterko at 11:26:24 on 2013-11-07
Systém Microsoft Windows XP Professional  5.1.2600.3.1250.420.1029.18.2038.1592 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.

BHO: Ask Toolbar: {4F524A2D-5637-006A-76A7-7A786E7484D7} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Lištička: {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - c:\program files\seznam.cz\listicka.dll
TB: Nástroje Lištičky: {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - c:\program files\seznam.cz\listicka.dll
TB: Ask Toolbar: {4F524A2D-5637-006A-76A7-7A786E7484D7} -
TB: Nástroje Lištičky: {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - c:\program files\seznam.cz\toolbar\toolbar.dll
TB: Ask Toolbar: {4F524A2D-5637-006A-76A7-7A786E7484D7} -
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [EPSON Stylus DX4400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_faticae.exe /fu "c:\windows\temp\E_S44.tmp" /EF "HKCU"
mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [ApnTBMon] "c:\program files\askpartnernetwork\toolbar\updater\TBNotifier.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\seznam.cz\listicka.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - c:\program files\seznam.cz\listicka.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{5E4D0ADC-0AFC-49F2-97B8-03DB73381340} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 211560]
R2 APNMCP;Ask Update Service;c:\program files\askpartnernetwork\toolbar\apnmcp.exe [2013-10-16 166352]
R2 ASFIPmon;Broadcom ASF IP Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2005-3-8 61440]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2008-4-13 69120]
.
=============== Created Last 30 ================
.
2013-11-07 10:25:42 688992 ------r- C:\dds.com
2013-10-29 05:11:13 -------- d-----w- c:\documents and settings\luděk kasterko\data aplikací\KB-ext
2013-10-18 05:13:14 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-18 05:13:09 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-17 14:08:16 -------- d-----w- c:\windows\system32\XPSViewer
2013-10-17 14:07:50 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2013-10-17 14:07:39 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2013-10-17 14:07:39 117760 ------w- c:\windows\system32\prntvpt.dll
2013-10-17 14:07:38 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2013-10-17 14:07:38 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2013-10-17 14:07:38 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2013-10-17 14:07:38 575488 ------w- c:\windows\system32\xpsshhdr.dll
2013-10-17 14:07:38 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2013-10-17 14:07:38 1676288 ------w- c:\windows\system32\xpssvcs.dll
2013-10-17 14:07:37 -------- d-----w- C:\9f4dea120a491eff81e386e24ae4a5db
2013-10-11 04:33:58 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2013-10-11 04:32:51 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2013-10-11 04:32:51 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
.
==================== Find3M  ====================
.
2013-10-09 14:04:43 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 14:04:43 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-23 18:25:11 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:25:09 43520 ------w- c:\windows\system32\licmgr10.dll
2013-09-23 18:25:09 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:25:06 18944 ----a-w- c:\windows\system32\corpol.dll
2013-09-23 18:06:48 385024 ------w- c:\windows\system32\html.iec
2013-09-10 11:28:21 4454952 ----a-w- C:\ccsetup405.exe
2013-09-10 11:21:16 20897792 ----a-w- C:\epson317808eu.exe
2013-09-10 11:20:25 10540032 ----a-w- C:\epson375127eu.exe
2013-09-10 10:53:22 23003252 ----a-w- C:\vlc-2.0.8-win32.exe
2013-08-29 07:01:55 1878656 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 11:26:57,78 ===============

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Systém Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10.9.2013 11:59:46
System Uptime: 7.11.2013 11:04:16 (0 hours ago)
.
Motherboard: Dell Inc.           |  | 0FH884
Processor:               Intel® Pentium® D CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 134,905 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1: 10.9.2013 12:03:43 - Kontrolní bod systému
RP2: 10.9.2013 12:12:39 - Installed Chipset Software Installer
RP3: 10.9.2013 12:15:19 - Installed SoundMAX
RP4: 10.9.2013 12:15:24 - Installed SoundMAX
RP5: 10.9.2013 12:23:08 - Installed Broadcom ASF Management Applications
RP6: 10.9.2013 12:24:19 - Installed Broadcom Gigabit Integrated Controller
RP7: 10.9.2013 12:32:09 - Installed Microsoft Office Enterprise 2007
RP8: 10.9.2013 12:36:22 - Je nainstalován ovladač tiskárny Send To Microsoft OneNote Driv
RP9: 10.9.2013 13:16:40 - Software Distribution Service 3.0
RP10: 10.9.2013 13:23:58 - Byl nainstalován nepodepsaný ovladač tiskárny EPSON Stylus DX4.
RP11: 10.9.2013 14:16:00 - Software Distribution Service 3.0
RP12: 10.9.2013 15:34:49 - Software Distribution Service 3.0
RP13: 10.9.2013 15:38:34 - Byla nainstalována aplikace Windows Internet Explorer 8.
RP14: 10.9.2013 15:39:30 - Software Distribution Service 3.0
RP15: 10.9.2013 17:52:36 - Software Distribution Service 3.0
RP16: 12.9.2013 8:43:59 - Software Distribution Service 3.0
RP17: 13.9.2013 8:13:38 - Software Distribution Service 3.0
RP18: 13.9.2013 8:23:04 - Software Distribution Service 3.0
RP19: 13.9.2013 8:55:51 - Software Distribution Service 3.0
RP20: 13.9.2013 12:23:21 - Software Distribution Service 3.0
RP21: 13.9.2013 13:29:59 - Software Distribution Service 3.0
RP22: 13.9.2013 17:00:29 - Software Distribution Service 3.0
RP23: 14.9.2013 15:51:41 - Software Distribution Service 3.0
RP24: 14.9.2013 16:03:59 - Software Distribution Service 3.0
RP25: 16.9.2013 5:40:31 - Software Distribution Service 3.0
RP26: 17.9.2013 6:38:11 - Software Distribution Service 3.0
RP27: 20.9.2013 6:41:51 - Software Distribution Service 3.0
RP28: 20.9.2013 13:13:13 - Installed Java 7 Update 40
RP29: 20.9.2013 13:36:09 - Removed Java 7 Update 40
RP30: 20.9.2013 13:42:45 - Installed Java 7 Update 40
RP31: 20.9.2013 14:02:27 - Nainstalováno Windows XP WgaNotify.
RP32: 21.9.2013 8:52:25 - Software Distribution Service 3.0
RP33: 22.9.2013 14:47:02 - Software Distribution Service 3.0
RP34: 23.9.2013 15:33:33 - Kontrolní bod systému
RP35: 24.9.2013 4:45:40 - Software Distribution Service 3.0
RP36: 25.9.2013 6:38:48 - Software Distribution Service 3.0
RP37: 27.9.2013 7:49:27 - Software Distribution Service 3.0
RP38: 28.9.2013 15:28:48 - Software Distribution Service 3.0
RP39: 30.9.2013 7:19:13 - Software Distribution Service 3.0
RP40: 1.10.2013 14:56:05 - Software Distribution Service 3.0
RP41: 3.10.2013 6:40:48 - Software Distribution Service 3.0
RP42: 4.10.2013 7:45:44 - Kontrolní bod systému
RP43: 5.10.2013 7:03:21 - Software Distribution Service 3.0
RP44: 6.10.2013 8:12:57 - Software Distribution Service 3.0
RP45: 7.10.2013 8:21:58 - Kontrolní bod systému
RP46: 7.10.2013 11:20:13 - Software Distribution Service 3.0
RP47: 8.10.2013 14:37:47 - Software Distribution Service 3.0
RP48: 9.10.2013 14:46:28 - Kontrolní bod systému
RP49: 10.10.2013 7:05:21 - Software Distribution Service 3.0
RP50: 11.10.2013 8:31:40 - Kontrolní bod systému
RP51: 11.10.2013 12:49:58 - Software Distribution Service 3.0
RP52: 12.10.2013 7:12:39 - Software Distribution Service 3.0
RP53: 14.10.2013 8:17:53 - Software Distribution Service 3.0
RP54: 15.10.2013 8:59:01 - Kontrolní bod systému
RP55: 16.10.2013 16:04:23 - Software Distribution Service 3.0
RP56: 16.10.2013 19:40:02 - Software Distribution Service 3.0
RP57: 17.10.2013 16:04:49 - Software Distribution Service 3.0
RP58: 18.10.2013 6:52:57 - Software Distribution Service 3.0
RP59: 18.10.2013 7:12:30 - Installed Java 7 Update 45
RP60: 18.10.2013 13:05:46 - Software Distribution Service 3.0
RP61: 19.10.2013 9:23:55 - Software Distribution Service 3.0
RP62: 20.10.2013 22:06:45 - Software Distribution Service 3.0
RP63: 22.10.2013 6:24:38 - Software Distribution Service 3.0
RP64: 23.10.2013 14:00:33 - Software Distribution Service 3.0
RP65: 24.10.2013 14:39:13 - Software Distribution Service 3.0
RP66: 25.10.2013 16:03:37 - Software Distribution Service 3.0
RP67: 27.10.2013 4:52:53 - Software Distribution Service 3.0
RP68: 28.10.2013 5:47:51 - Software Distribution Service 3.0
RP69: 29.10.2013 5:56:41 - Kontrolní bod systému
RP70: 29.10.2013 20:26:06 - Software Distribution Service 3.0
RP71: 31.10.2013 12:16:49 - Software Distribution Service 3.0
RP72: 1.11.2013 14:47:32 - Software Distribution Service 3.0
RP73: 2.11.2013 15:01:02 - Kontrolní bod systému
RP74: 3.11.2013 5:41:09 - Software Distribution Service 3.0
RP75: 4.11.2013 6:36:19 - Software Distribution Service 3.0
RP76: 6.11.2013 6:18:29 - Software Distribution Service 3.0
RP77: 7.11.2013 6:45:42 - Kontrolní bod systému
RP78: 7.11.2013 11:16:29 - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader XI (11.0.05) - Czech
Aktualizace systému Windows Internet Explorer 8 (KB2598845)
Aktualizace systému Windows XP (KB2345886)
Aktualizace systému Windows XP (KB2467659)
Aktualizace systému Windows XP (KB2661254-v2)
Aktualizace systému Windows XP (KB2749655)
Aktualizace systému Windows XP (KB2863058)
Aktualizace systému Windows XP (KB898461)
Aktualizace systému Windows XP (KB951978)
Aktualizace systému Windows XP (KB955759)
Aktualizace systému Windows XP (KB968389)
Aktualizace systému Windows XP (KB971029)
Aktualizace systému Windows XP (KB973815)
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111)
Aktualizace zabezpečení aplikace Windows Media Player (KB2803821-v2)
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)
Aktualizace zabezpečení aplikace Windows Media Player (KB975558)
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)
Aktualizace zabezpečení pro Microsoft Windows (KB2564958)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2870699)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381)
Aktualizace zabezpečení systému Windows XP (KB2115168)
Aktualizace zabezpečení systému Windows XP (KB2229593)
Aktualizace zabezpečení systému Windows XP (KB2296011)
Aktualizace zabezpečení systému Windows XP (KB2347290)
Aktualizace zabezpečení systému Windows XP (KB2387149)
Aktualizace zabezpečení systému Windows XP (KB2393802)
Aktualizace zabezpečení systému Windows XP (KB2419632)
Aktualizace zabezpečení systému Windows XP (KB2423089)
Aktualizace zabezpečení systému Windows XP (KB2440591)
Aktualizace zabezpečení systému Windows XP (KB2443105)
Aktualizace zabezpečení systému Windows XP (KB2478960)
Aktualizace zabezpečení systému Windows XP (KB2478971)
Aktualizace zabezpečení systému Windows XP (KB2479943)
Aktualizace zabezpečení systému Windows XP (KB2481109)
Aktualizace zabezpečení systému Windows XP (KB2483185)
Aktualizace zabezpečení systému Windows XP (KB2485663)
Aktualizace zabezpečení systému Windows XP (KB2506212)
Aktualizace zabezpečení systému Windows XP (KB2507938)
Aktualizace zabezpečení systému Windows XP (KB2508429)
Aktualizace zabezpečení systému Windows XP (KB2509553)
Aktualizace zabezpečení systému Windows XP (KB2535512)
Aktualizace zabezpečení systému Windows XP (KB2536276-v2)
Aktualizace zabezpečení systému Windows XP (KB2544893-v2)
Aktualizace zabezpečení systému Windows XP (KB2566454)
Aktualizace zabezpečení systému Windows XP (KB2570947)
Aktualizace zabezpečení systému Windows XP (KB2584146)
Aktualizace zabezpečení systému Windows XP (KB2585542)
Aktualizace zabezpečení systému Windows XP (KB2592799)
Aktualizace zabezpečení systému Windows XP (KB2598479)
Aktualizace zabezpečení systému Windows XP (KB2603381)
Aktualizace zabezpečení systému Windows XP (KB2618451)
Aktualizace zabezpečení systému Windows XP (KB2619339)
Aktualizace zabezpečení systému Windows XP (KB2620712)
Aktualizace zabezpečení systému Windows XP (KB2624667)
Aktualizace zabezpečení systému Windows XP (KB2631813)
Aktualizace zabezpečení systému Windows XP (KB2653956)
Aktualizace zabezpečení systému Windows XP (KB2655992)
Aktualizace zabezpečení systému Windows XP (KB2659262)
Aktualizace zabezpečení systému Windows XP (KB2661637)
Aktualizace zabezpečení systému Windows XP (KB2676562)
Aktualizace zabezpečení systému Windows XP (KB2686509)
Aktualizace zabezpečení systému Windows XP (KB2691442)
Aktualizace zabezpečení systému Windows XP (KB2698365)
Aktualizace zabezpečení systému Windows XP (KB2705219-v2)
Aktualizace zabezpečení systému Windows XP (KB2712808)
Aktualizace zabezpečení systému Windows XP (KB2719985)
Aktualizace zabezpečení systému Windows XP (KB2723135-v2)
Aktualizace zabezpečení systému Windows XP (KB2727528)
Aktualizace zabezpečení systému Windows XP (KB2753842-v2)
Aktualizace zabezpečení systému Windows XP (KB2757638)
Aktualizace zabezpečení systému Windows XP (KB2758857)
Aktualizace zabezpečení systému Windows XP (KB2770660)
Aktualizace zabezpečení systému Windows XP (KB2780091)
Aktualizace zabezpečení systému Windows XP (KB2802968)
Aktualizace zabezpečení systému Windows XP (KB2807986)
Aktualizace zabezpečení systému Windows XP (KB2813345)
Aktualizace zabezpečení systému Windows XP (KB2820197)
Aktualizace zabezpečení systému Windows XP (KB2820917)
Aktualizace zabezpečení systému Windows XP (KB2834886)
Aktualizace zabezpečení systému Windows XP (KB2845187)
Aktualizace zabezpečení systému Windows XP (KB2847311)
Aktualizace zabezpečení systému Windows XP (KB2849470)
Aktualizace zabezpečení systému Windows XP (KB2850851)
Aktualizace zabezpečení systému Windows XP (KB2850869)
Aktualizace zabezpečení systému Windows XP (KB2859537)
Aktualizace zabezpečení systému Windows XP (KB2862330)
Aktualizace zabezpečení systému Windows XP (KB2862335)
Aktualizace zabezpečení systému Windows XP (KB2864063)
Aktualizace zabezpečení systému Windows XP (KB2876217)
Aktualizace zabezpečení systému Windows XP (KB2876315)
Aktualizace zabezpečení systému Windows XP (KB2883150)
Aktualizace zabezpečení systému Windows XP (KB923561)
Aktualizace zabezpečení systému Windows XP (KB946648)
Aktualizace zabezpečení systému Windows XP (KB950762)
Aktualizace zabezpečení systému Windows XP (KB950974)
Aktualizace zabezpečení systému Windows XP (KB951376-v2)
Aktualizace zabezpečení systému Windows XP (KB952004)
Aktualizace zabezpečení systému Windows XP (KB952954)
Aktualizace zabezpečení systému Windows XP (KB956572)
Aktualizace zabezpečení systému Windows XP (KB956802)
Aktualizace zabezpečení systému Windows XP (KB956844)
Aktualizace zabezpečení systému Windows XP (KB959426)
Aktualizace zabezpečení systému Windows XP (KB960803)
Aktualizace zabezpečení systému Windows XP (KB960859)
Aktualizace zabezpečení systému Windows XP (KB969059)
Aktualizace zabezpečení systému Windows XP (KB970430)
Aktualizace zabezpečení systému Windows XP (KB971657)
Aktualizace zabezpečení systému Windows XP (KB972270)
Aktualizace zabezpečení systému Windows XP (KB973507)
Aktualizace zabezpečení systému Windows XP (KB973869)
Aktualizace zabezpečení systému Windows XP (KB973904)
Aktualizace zabezpečení systému Windows XP (KB974112)
Aktualizace zabezpečení systému Windows XP (KB974318)
Aktualizace zabezpečení systému Windows XP (KB974392)
Aktualizace zabezpečení systému Windows XP (KB974571)
Aktualizace zabezpečení systému Windows XP (KB975025)
Aktualizace zabezpečení systému Windows XP (KB975467)
Aktualizace zabezpečení systému Windows XP (KB975560)
Aktualizace zabezpečení systému Windows XP (KB975713)
Aktualizace zabezpečení systému Windows XP (KB977816)
Aktualizace zabezpečení systému Windows XP (KB977914)
Aktualizace zabezpečení systému Windows XP (KB978338)
Aktualizace zabezpečení systému Windows XP (KB978542)
Aktualizace zabezpečení systému Windows XP (KB978706)
Aktualizace zabezpečení systému Windows XP (KB979309)
Aktualizace zabezpečení systému Windows XP (KB979482)
Aktualizace zabezpečení systému Windows XP (KB979687)
Aktualizace zabezpečení systému Windows XP (KB981997)
Aktualizace zabezpečení systému Windows XP (KB982132)
Aktualizace zabezpečení systému Windows XP (KB982665)
Ask Toolbar
Broadcom ASF Management Applications
Broadcom Gigabit Integrated Controller
CCleaner
EPSON Scan
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Intel® Graphics Media Accelerator Driver
Java 7 Update 45
Java Auto Updater
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Czech) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Czech) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (Czech) 2007
Microsoft Office InfoPath MUI (Czech) 2007
Microsoft Office OneNote MUI (Czech) 2007
Microsoft Office Outlook MUI (Czech) 2007
Microsoft Office PowerPoint MUI (Czech) 2007
Microsoft Office Proof (Czech) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Slovak) 2007
Microsoft Office Proofing (Czech) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Czech) 2007
Microsoft Office Shared MUI (Czech) 2007
Microsoft Office Word MUI (Czech) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Software Update for Web Folders  (Czech) 12
Oprava Hotfix systému Windows XP (KB952287)
Oprava Hotfix systému Windows XP (KB961118)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition
Seznam Lištička (Všichni uživatelé tohoto počítače.)
Software tiskárny EPSON
SoundMAX
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition
VLC media player 2.0.8
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
.
==== End Of File ===========================
 

 

 

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Next,

 

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

 

  • Double click on AdwCleaner.exe to run the tool.
  • Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted (if necessary):
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin

Link to post
Share on other sites

here are logs

 

# AdwCleaner v3.011 - Report created 07/11/2013 at 14:21:42
# Updated 03/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Luděk Kasterko - LUD-06A303B2CDD
# Running from : C:\Documents and Settings\Luděk Kasterko\Plocha\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : APNMCP

***** [ Files / Folders ] *****

Folder Found C:\DOCUME~1\LUDKKA~1\LOCALS~1\Temp\apn
Folder Found C:\DOCUME~1\LUDKKA~1\LOCALS~1\Temp\apn
Folder Found C:\DOCUME~1\LUDKKA~1\LOCALS~1\Temp\apn
Folder Found C:\Documents and Settings\All Users\Data aplikací\apn
Folder Found C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
Folder Found C:\Documents and Settings\Luděk Kasterko\Local Settings\Data aplikací\AskPartnerNetwork
Folder Found C:\Program Files\AskPartnerNetwork

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKLM\Software\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

*************************

AdwCleaner[R0].txt - [1833 octets] - [07/11/2013 14:21:42]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1893 octets] ##########

 

AdwCleaner v3.011 - Report created 07/11/2013 at 14:22:21
# Updated 03/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Luděk Kasterko - LUD-06A303B2CDD
# Running from : C:\Documents and Settings\Luděk Kasterko\Plocha\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
Folder Deleted : C:\Program Files\AskPartnerNetwork
Folder Deleted : C:\DOCUME~1\LUDKKA~1\LOCALS~1\Temp\apn
Folder Deleted : C:\Documents and Settings\Luděk Kasterko\Local Settings\Data aplikací\AskPartnerNetwork

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\AskPartnerNetwork

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

*************************

AdwCleaner[R0].txt - [1973 octets] - [07/11/2013 14:21:42]
AdwCleaner[s0].txt - [1830 octets] - [07/11/2013 14:22:21]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1890 octets] ##########

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by Luděk Kasterko (administrator) on LUD-06A303B2CDD on 07-11-2013 14:29:03
Running from C:\Documents and Settings\Luděk Kasterko\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SEIKO EPSON CORPORATION) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [soundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1404928 2004-10-14] (Analog Devices, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [EPSON Stylus DX4400 Series] - C:\WINDOWS\Temp\E_S44.tmp [132 2013-09-10] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {bc4ed66b-c52d-4daf-9b38-c2cd63df2a79} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {51369249-6fdf-42f5-ba82-e6f841992eba} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {6295ef09-82a5-4794-94e6-2433cf8050bc} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {62c353fb-357f-4be5-a00d-e75966763ecf} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=IE_5
SearchScopes: HKCU - {bc4ed66b-c52d-4daf-9b38-c2cd63df2a79} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} -  No File
Toolbar: HKCU - No Name - {4F524A2D-5637-006A-76A7-7A786E7484D7} -  No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

========================== Services (Whitelisted) =================

R2 6to4; C:\Windows\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
R2 ASFIPmon; C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [61440 2005-03-08] (Broadcom Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-08-12] (Microsoft Corporation)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

R3 b57w2k; C:\Windows\System32\DRIVERS\b57xp32.sys [132608 2005-03-17] (Broadcom Corporation)
R2 BASFND; C:\Program Files\Broadcom\ASFIPMon\BASFND.sys [6025 2003-04-24] (Broadcom Corporation)
R3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [830684 2005-04-05] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2001-10-25] (Microsoft Corporation)
R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2001-10-25] (Microsoft Corporation)
R3 senfilt; C:\Windows\System32\drivers\senfilt.sys [732928 2004-09-17] (Creative Technology Ltd.)
R1 Tcpip6; C:\Windows\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S4 IntelIde; No ImagePath
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-07 14:28 - 2013-11-07 14:28 - 01089445 _____ (Farbar) C:\Documents and Settings\Luděk Kasterko\Plocha\FRST.exe
2013-11-07 14:28 - 2013-11-07 14:28 - 00000000 ____D C:\FRST
2013-11-07 14:21 - 2013-11-07 14:22 - 00000000 ____D C:\AdwCleaner
2013-11-07 14:20 - 2013-11-07 14:21 - 01073262 _____ C:\Documents and Settings\Luděk Kasterko\Plocha\AdwCleaner.exe
2013-11-07 11:27 - 2013-11-07 11:27 - 00017531 _____ C:\Documents and Settings\Luděk Kasterko\Plocha\attach.txt
2013-11-07 11:27 - 2013-11-07 11:26 - 00007420 _____ C:\Documents and Settings\Luděk Kasterko\Plocha\dds.txt
2013-11-07 11:26 - 2013-11-07 11:26 - 00000000 ___RD C:\Documents and Settings\Luděk Kasterko\Nabídka Start\Programy\Nástroje pro správu
2013-11-07 11:26 - 2013-11-07 11:26 - 00000000 ___RD C:\Documents and Settings\Luděk Kasterko\Dokumenty\Filmy
2013-11-07 11:25 - 2013-11-07 11:25 - 00688992 ____R (Swearware) C:\dds.com
2013-10-29 06:11 - 2013-10-29 06:11 - 00000000 ____D C:\Documents and Settings\Luděk Kasterko\Data aplikací\KB-ext
2013-10-22 20:49 - 2013-10-22 20:59 - 00000000 ____D C:\Documents and Settings\Luděk Kasterko\Dokumenty\savci
2013-10-22 20:49 - 2013-10-22 20:49 - 00000000 ____D C:\Documents and Settings\Luděk Kasterko\Dokumenty\plazi
2013-10-22 20:47 - 2013-10-22 20:47 - 00000000 ____D C:\Documents and Settings\Luděk Kasterko\Dokumenty\rostliny
2013-10-18 12:23 - 2013-10-18 12:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961118$
2013-10-18 12:22 - 2013-10-18 12:23 - 00007214 _____ C:\WINDOWS\KB961118.log
2013-10-18 06:13 - 2013-10-18 06:13 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
2013-10-18 06:13 - 2013-10-08 06:50 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-10-18 06:13 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-18 06:13 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-18 06:13 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-18 06:13 - 2013-10-08 06:29 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2013-10-18 06:12 - 2013-10-18 06:13 - 00004113 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log
2013-10-17 15:08 - 2013-10-18 12:10 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-10-17 15:08 - 2013-10-17 15:08 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-10-17 15:07 - 2013-10-17 15:07 - 00000000 ____D C:\9f4dea120a491eff81e386e24ae4a5db
2013-10-17 15:07 - 2008-07-06 13:06 - 01676288 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpssvcs.dll
2013-10-17 15:07 - 2008-07-06 13:06 - 01676288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpssvcs.dll
2013-10-17 15:07 - 2008-07-06 13:06 - 00575488 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpsshhdr.dll
2013-10-17 15:07 - 2008-07-06 13:06 - 00575488 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpsshhdr.dll
2013-10-17 15:07 - 2008-07-06 13:06 - 00117760 ____N (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2013-10-17 15:07 - 2008-07-06 13:06 - 00089088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\filterpipelineprintproc.dll
2013-10-17 15:07 - 2008-07-06 11:50 - 00597504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe
2013-10-17 15:06 - 2013-10-19 05:57 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-17 04:09 - 2013-11-07 12:26 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-10-11 11:55 - 2013-10-11 11:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 11:54 - 2013-10-11 11:54 - 00009417 _____ C:\WINDOWS\KB2862335.log
2013-10-11 11:54 - 2013-10-11 11:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 11:51 - 2013-10-11 11:51 - 00011496 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-11 11:51 - 2013-10-11 11:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 11:50 - 2013-10-11 11:50 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-11 05:34 - 2013-10-11 11:55 - 00012511 _____ C:\WINDOWS\KB2847311.log
2013-10-11 05:33 - 2013-07-03 03:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2013-10-11 05:32 - 2013-08-09 01:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2013-10-11 05:32 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys

==================== One Month Modified Files and Folders =======

2013-11-07 14:28 - 2013-11-07 14:28 - 01089445 _____ (Farbar) C:\Documents and Settings\Luděk Kasterko\Plocha\FRST.exe
2013-11-07 14:28 - 2013-11-07 14:28 - 00000000 ____D C:\FRST
2013-11-07 14:28 - 2013-09-10 11:03 - 00000000 ____D C:\Documents and Settings\Luděk Kasterko\Plocha
2013-11-07 14:25 - 2013-09-10 14:39 - 00000000 ____D C:\Program Files\Seznam.cz
2013-11-07 14:24 - 2013-09-10 10:56 - 01948637 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-07 14:23 - 2013-09-10 12:51 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-07 14:23 - 2013-09-10 12:51 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-11-07 14:23 - 2013-09-10 11:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-07 14:23 - 2001-10-25 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-07 14:22 - 2013-11-07 14:21 - 00000000 ____D C:\AdwCleaner
2013-11-07 14:22 - 2013-09-10 12:48 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-11-07 14:22 - 2013-09-10 11:03 - 00000178 ___SH C:\Documents and Settings\Luděk Kasterko\ntuser.ini
2013-11-07 14:22 - 2013-09-10 11:03 - 00000000 ___HD C:\Documents and Settings\Luděk Kasterko\Local Settings\Data aplikací
2013-11-07 14:22 - 2013-09-10 11:00 - 00032540 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-07 14:21 - 2013-11-07 14:20 - 01073262 _____ C:\Documents and Settings\Luděk Kasterko\Plocha\AdwCleaner.exe
2013-11-07 14:04 - 2013-09-10 11:45 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-07 12:26 - 2013-10-17 04:09 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-07 11:27 - 2013-11-07 11:27 - 00017531 _____ C:\Documents and Settings\Luděk Kasterko\Plocha\attach.txt
2013-11-07 11:26 - 2013-11-07 11:27 - 00007420 _____ C:\Documents and Settings\Luděk Kasterko\Plocha\dds.txt
2013-11-07 11:26 - 2013-11-07 11:26 - 00000000 ___RD C:\Documents and Settings\Luděk Kasterko\Nabídka Start\Programy\Nástroje pro správu
2013-11-07 11:26 - 2013-11-07 11:26 - 00000000 ___RD C:\Documents and Settings\Luděk Kasterko\Dokumenty\Filmy
2013-11-07 11:26 - 2013-09-10 11:03 - 00000000 ___RD C:\Documents and Settings\Luděk Kasterko\Nabídka Start\Programy
2013-11-07 11:26 - 2013-09-10 11:03 - 00000000 ___RD C:\Documents and Settings\Luděk Kasterko\Dokumenty
2013-11-07 11:25 - 2013-11-07 11:25 - 00688992 ____R (Swearware) C:\dds.com
2013-11-03 05:33 - 2013-09-10 12:47 - 00193450 _____ C:\WINDOWS\setupact.log
2013-10-29 06:11 - 2013-10-29 06:11 - 00000000 ____D C:\Documents and Settings\Luděk Kasterko\Data aplikací\KB-ext
2013-10-29 06:11 - 2013-09-10 11:03 - 00000000 __RHD C:\Documents and Settings\Luděk Kasterko\Data aplikací
2013-10-27 04:42 - 2013-09-10 12:49 - 01022012 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-23 12:50 - 2013-09-10 11:37 - 00002563 _____ C:\Documents and Settings\Luděk Kasterko\Plocha\Microsoft Office Word 2007.lnk
2013-10-22 20:59 - 2013-10-22 20:49 - 00000000 ____D C:\Documents and Settings\Luděk Kasterko\Dokumenty\savci
2013-10-22 20:49 - 2013-10-22 20:49 - 00000000 ____D C:\Documents and Settings\Luděk Kasterko\Dokumenty\plazi
2013-10-22 20:47 - 2013-10-22 20:47 - 00000000 ____D C:\Documents and Settings\Luděk Kasterko\Dokumenty\rostliny
2013-10-19 05:57 - 2013-10-17 15:06 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-18 12:23 - 2013-10-18 12:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961118$
2013-10-18 12:23 - 2013-10-18 12:22 - 00007214 _____ C:\WINDOWS\KB961118.log
2013-10-18 12:23 - 2013-09-10 12:49 - 00982690 _____ C:\WINDOWS\iis6.log
2013-10-18 12:23 - 2013-09-10 12:49 - 00877127 _____ C:\WINDOWS\FaxSetup.log
2013-10-18 12:23 - 2013-09-10 12:49 - 00428612 _____ C:\WINDOWS\ocgen.log
2013-10-18 12:23 - 2013-09-10 12:49 - 00405756 _____ C:\WINDOWS\tsoc.log
2013-10-18 12:23 - 2013-09-10 12:49 - 00301368 _____ C:\WINDOWS\comsetup.log
2013-10-18 12:23 - 2013-09-10 12:49 - 00280156 _____ C:\WINDOWS\msmqinst.log
2013-10-18 12:23 - 2013-09-10 12:49 - 00181023 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-18 12:23 - 2013-09-10 12:49 - 00154410 _____ C:\WINDOWS\netfxocm.log
2013-10-18 12:23 - 2013-09-10 12:49 - 00060987 _____ C:\WINDOWS\MedCtrOC.log
2013-10-18 12:23 - 2013-09-10 12:49 - 00054925 _____ C:\WINDOWS\ocmsn.log
2013-10-18 12:23 - 2013-09-10 12:49 - 00044792 _____ C:\WINDOWS\tabletoc.log
2013-10-18 12:23 - 2013-09-10 12:49 - 00044131 _____ C:\WINDOWS\msgsocm.log
2013-10-18 12:23 - 2013-09-10 12:49 - 00001393 _____ C:\WINDOWS\imsins.log
2013-10-18 12:10 - 2013-10-17 15:08 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-10-18 06:13 - 2013-10-18 06:13 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
2013-10-18 06:13 - 2013-10-18 06:12 - 00004113 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log
2013-10-18 06:13 - 2013-09-20 12:42 - 00000000 ____D C:\Program Files\Java
2013-10-18 06:13 - 2013-09-10 12:48 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-10-18 05:41 - 2013-09-10 14:39 - 00010783 _____ C:\WINDOWS\spupdsvc.log
2013-10-18 05:41 - 2013-09-10 12:47 - 00269392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-18 05:41 - 2013-09-10 11:21 - 00068456 _____ C:\Documents and Settings\Luděk Kasterko\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2013-10-17 15:11 - 2013-09-10 11:00 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2013-10-17 15:08 - 2013-10-17 15:08 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-10-17 15:07 - 2013-10-17 15:07 - 00000000 ____D C:\9f4dea120a491eff81e386e24ae4a5db
2013-10-17 15:07 - 2013-09-10 12:48 - 00353118 _____ C:\WINDOWS\setupapi.log
2013-10-17 15:07 - 2013-09-10 12:43 - 00000000 ____D C:\WINDOWS\system32\spool
2013-10-17 15:06 - 2013-09-10 12:43 - 00000000 ____D C:\WINDOWS\system32\mui
2013-10-16 18:40 - 2013-09-10 12:04 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-10-16 18:40 - 2013-09-10 12:04 - 00001698 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
2013-10-16 18:40 - 2013-09-10 12:04 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-11 11:55 - 2013-10-11 11:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 11:55 - 2013-10-11 05:34 - 00012511 _____ C:\WINDOWS\KB2847311.log
2013-10-11 11:55 - 2013-09-10 12:49 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-10-11 11:55 - 2013-09-10 11:32 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-10-11 11:54 - 2013-10-11 11:54 - 00009417 _____ C:\WINDOWS\KB2862335.log
2013-10-11 11:54 - 2013-10-11 11:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 11:54 - 2013-09-13 11:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-11 11:53 - 2013-09-10 14:34 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-11 11:51 - 2013-10-11 11:51 - 00011496 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-11 11:51 - 2013-10-11 11:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 11:51 - 2013-09-10 14:38 - 00071741 _____ C:\WINDOWS\updspapi.log
2013-10-11 11:50 - 2013-10-11 11:50 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-09 15:04 - 2013-09-10 11:45 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-09 15:04 - 2013-09-10 11:45 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-08 06:50 - 2013-10-18 06:13 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-10-08 06:46 - 2013-10-18 06:13 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-08 06:46 - 2013-10-18 06:13 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-08 06:46 - 2013-10-18 06:13 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-08 06:29 - 2013-10-18 06:13 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl

Some content of TEMP:
====================
C:\Documents and Settings\Luděk Kasterko\Local Settings\Temp\APNSetup.exe
C:\Documents and Settings\Luděk Kasterko\Local Settings\Temp\ose00000.exe
C:\Documents and Settings\Luděk Kasterko\Local Settings\Temp\PKIComponent-KBExt-setup.exe
C:\Documents and Settings\Luděk Kasterko\Local Settings\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2008-04-14 07:52] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2008-04-14 07:52] - [2008-04-14 07:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 06:42] - [2008-04-14 06:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1

==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.


The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Open Malwarebytes, check for updates then run Quick scan. Full instructions follow if  Malwarebytes is not installed:

 

Download Malwarebytes from the following link and save it to your desktop.:

 

 

http://www.malwarebytes.org/mbam.php 

 

Double Click mbam-setup.exe to install the application.


Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

 

Next,

 

We need to run an online AV scan to ensure there are no remnants of any infection left on your system, this scan can take several hours to complete, it is very thorough and well worth running, please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

 

When the scan is complete

 

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

 

If threats were found

 

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

 

close program

 

copy and paste the report here

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop.

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Let me see those logs, also give an update on any remaining issues or concerns...

 

Kevin

 

fixlist.txt

Link to post
Share on other sites

FRST

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-10-2013
Ran by Luděk Kasterko at 2013-11-07 14:58:55 Run:1
Running from C:\Documents and Settings\Luděk Kasterko\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
C:\Documents and Settings\Lude(k Kasterko\Local Settings\Temp\APNSetup.exe
C:\Documents and Settings\Lude(k Kasterko\Local Settings\Temp\ose00000.exe
C:\Documents and Settings\Lude(k Kasterko\Local Settings\Temp\PKIComponent-KBExt-setup.exe
C:\Documents and Settings\Lude(k Kasterko\Local Settings\Temp\Quarantine.exe
End

 

*****************

"C:\Documents and Settings\Lude(k Kasterko\Local Settings\Temp\APNSetup.exe" => File/Directory not found.
"C:\Documents and Settings\Lude(k Kasterko\Local Settings\Temp\ose00000.exe" => File/Directory not found.
"C:\Documents and Settings\Lude(k Kasterko\Local Settings\Temp\PKIComponent-KBExt-setup.exe" => File/Directory not found.
"C:\Documents and Settings\Lude(k Kasterko\Local Settings\Temp\Quarantine.exe" => File/Directory not found.

==== End of Fixlog ====

 

Mbam

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.07.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Luděk Kasterko :: LUD-06A303B2CDD [administrátor]

7.11.2013 15:04:28
mbam-log-2013-11-07 (15-04-28).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 203125
Uplynulý čas: 11 minut, 47 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

 

Eset online scanner notihng found

 

screen317's Security Check

 Results of screen317's Security Check version 0.99.76 
 Windows XP Service Pack 3 x86  
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
Poźkejte, ne§ bude program WMIC nainstalov n.d
i
s
p
l
a
y
N
a
m
e
Re§im ECHO je vypnut.
M
i
c
r
o
s
o
f
t
Re§im ECHO je vypnut.
S
e
c
u
r
i
t
y
Re§im ECHO je vypnut.
E
s
e
n
t
i
a
l
s
Re§im ECHO je vypnut.
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 CCleaner    
 Java 7 Update 45 
 Adobe Reader XI 
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 
````````````````````End of Log``````````````````````
 

 

Link to post
Share on other sites

We need to remove FRST, first it is very important to deal with its Quarantine folder using FRST itself..

OK, we continue:

Delete any fixlist.txt file previously used, continue:

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). That will confirm the removal action, delete if successful. 

Next,

 

Delete FRST.exe from your Desktop or the folder it was saved to, navigate to and delete its folder C:\FRST

 

Next,

 

Uninstall adwcleaner.exe

  •   Please close all open programs and internet browsers.
  •   Double click on adwcleaner.exe to run the tool.
  •   Click on Uninstall
  • Click Yes at Would you like to Uninstall Adwcleaner

 

Next,

 

Remove ESET Online Scanner (Only if installed)

 


Click Start, click Run, type control appwiz.cpl in the Open box, and then press ENTER.
Click to select ESET Online Scanner from the application list, and then click Remove. Only re-boot if prompted

 

Next,

 

  • Download OTC by OldTimer from here http://oldtimer.geekstogo.com/OTC.exe or here http://www.itxassociates.com/OT-Tools/OTC.exe and save to your Desktop.
  • Double click OTC_Icon.jpg icon to start the program.
    If you are using Vista or Windows 7 accept UAC
  • Then Click the big CleanUp.jpg button.
  • You will get a prompt saying "Begining Cleanup Process". Please select Yes.
  • Restart your computer when prompted.
  • This will remove tools we have used and itself.

 

Any tools/logs remaining on the Desktop or downloads folder can be deleted.

 

Next,

 

We now need to reset your system restore points and create a new clean one. To do this "Turn off" System restore > Left click start > Right click My Computer > Left click Properties > Select System restore tab > put tick in Turn off System Restore box > apply > ok. To reverse as previous but remove the tick from Turn off System Restore > apply ok.


Create a new restore point > Start > all programs > accessories > system tools > system restore > create a restore point > In the Restore point description box give it a name for reference eg. Clean 1. The time and date are added automatically > then select create and follow the prompts.



Finally,

 

Read the following link, replies #1 through to #9  for answers to common security question and best answers:

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

 

Let me know if all ok, no issues and we can close out...

 

fixlist.txt

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.