Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-10-2013
Ran by Dominik at 2013-10-22 15:42:24 Run:1
Running from C:\Users\Dominik\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
BootExecute: autocheck autochk * C:\PROGRA~3\SPYWAR~1\st_rsdel.exe \??\C:\ProgramData\Spyware
HKU\Guest\...\Run: [Google Update] - C:\Users\Guest\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-12] (Google Inc.)
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {79D206D7-DB82-4968-944D-95A8386AFD3D} URL =
http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
BHO-x32: IMPI - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll No File
BHO-x32: No Name - {230b9a15-0695-4130-93b8-a93d4f5df8ae} - No File
BHO-x32: PC Tools Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll No File
BHO-x32: Oovoo Toolbar - {4F564F32-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll" No File
BHO-x32: No Name - {db0cf5d9-13eb-435e-9db3-4a8aaf4c75ce} - No File
Toolbar: HKLM-x32 - No Name - {17f24f6d-0284-4a62-a3b7-fca9f2084af4} - No File
Toolbar: HKLM-x32 - Oovoo Toolbar - {4F564F32-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll" No File
Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll No File
FF SearchPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\DotSpot_2k.xml
FF SearchPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\utorrentcontrolv6-customized-web-search.xml
FF Extension: torntv - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\Extensions\
torntv@torntv.com.xpi
CHR Extension: (Google Drive) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR HKLM-x32\...\Chrome\Extension: [aaaainelhcgoinheohbeolppeofibjlh] - C:\ProgramData\AskPartnerNetwork\Toolbar\OVO2V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Dominik\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx
CHR HKLM-x32\...\Chrome\Extension: [doagiokpgboiomffjfhaiimafndmmpni] - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\richmediadownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [egkcbimocjlaegijlkhcphggjpblepbf] - C:\ProgramData\SaveAs\egkcbimocjlaegijlkhcphggjpblepbf.crx
CHR HKLM-x32\...\Chrome\Extension: [fkcdbkhjcaljlfolhllfneigeepmjfim] - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\playerextension.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Dominik\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 PnkBstrA;
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
2013-10-22 15:26 - 2013-10-22 15:26 - 00029696 _____ C:\Users\Dominik\AppData\Local\MSGBOX.EXE
2013-10-22 15:26 - 2013-10-22 15:26 - 00015327 _____ C:\Users\Dominik\Desktop\LM.bat
2013-10-21 19:46 - 2013-10-22 07:15 - 00011463 _____ C:\Users\Dominik\Desktop\attach.txt
2013-10-21 19:43 - 2013-10-21 19:43 - 00688992 ____R (Swearware) C:\Users\Dominik\Downloads\dds.exe
2013-10-21 19:43 - 2013-10-21 19:43 - 00688992 _____ (Swearware) C:\Users\Dominik\Downloads\dds (1).exe
2013-10-20 21:21 - 2013-10-20 21:22 - 23334896 _____ (Simply Super Software ) C:\Users\Dominik\Downloads\trjsetup688.exe
2013-10-20 21:10 - 2011-05-20 11:44 - 00149456 _____ (PC Tools) C:\Windows\SGDetectionTool.dll
C:\Users\Dominik\EPVP-MHS 4.1 by MarcoPolo , Banjo & Remus.exe
C:\Windows\AutoKMS
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job => C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job => C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
Hosts:
End
*****************
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKU\Guest\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\ToolbarSearchProviderProgress => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{79D206D7-DB82-4968-944D-95A8386AFD3D} => Key deleted successfully.
HKCR\CLSID\{79D206D7-DB82-4968-944D-95A8386AFD3D} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{17E113E6-CD0E-4045-B154-65F0E57959EF} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{230b9a15-0695-4130-93b8-a93d4f5df8ae} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{230b9a15-0695-4130-93b8-a93d4f5df8ae} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F564F32-5637-006A-76A7-7A786E7484D7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{4F564F32-5637-006A-76A7-7A786E7484D7} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db0cf5d9-13eb-435e-9db3-4a8aaf4c75ce} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{db0cf5d9-13eb-435e-9db3-4a8aaf4c75ce} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{17f24f6d-0284-4a62-a3b7-fca9f2084af4} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{17f24f6d-0284-4a62-a3b7-fca9f2084af4} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{4F564F32-5637-006A-76A7-7A786E7484D7} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{4F564F32-5637-006A-76A7-7A786E7484D7} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{472734EA-242A-422B-ADF8-83D1E48CC825} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825} => Key deleted successfully.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\DotSpot_2k.xml => Moved successfully.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\searchplugins-backup => Moved successfully.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\utorrentcontrolv6-customized-web-search.xml => Moved successfully.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\Extensions\
torntv@torntv.com.xpi => Moved successfully.
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaainelhcgoinheohbeolppeofibjlh => Key deleted successfully.
"C:\ProgramData\AskPartnerNetwork\Toolbar\OVO2V7\CRX\ToolbarCR.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp => Key deleted successfully.
"C:\Users\Dominik\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\doagiokpgboiomffjfhaiimafndmmpni => Key deleted successfully.
C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\richmediadownloader.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\egkcbimocjlaegijlkhcphggjpblepbf => Key deleted successfully.
"C:\ProgramData\SaveAs\egkcbimocjlaegijlkhcphggjpblepbf.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fkcdbkhjcaljlfolhllfneigeepmjfim => Key deleted successfully.
C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\playerextension.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc => Key deleted successfully.
"C:\Users\Dominik\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
PnkBstrA => Service deleted successfully.
WinRing0_1_2_0 => Service deleted successfully.
"C:\Users\Dominik\AppData\Local\MSGBOX.EXE" => File/Directory not found.
C:\Users\Dominik\Desktop\LM.bat => Moved successfully.
C:\Users\Dominik\Desktop\attach.txt => Moved successfully.
C:\Users\Dominik\Downloads\dds.exe => Moved successfully.
C:\Users\Dominik\Downloads\dds (1).exe => Moved successfully.
C:\Users\Dominik\Downloads\trjsetup688.exe => Moved successfully.
C:\Windows\SGDetectionTool.dll => Moved successfully.
C:\Users\Dominik\EPVP-MHS 4.1 by MarcoPolo , Banjo & Remus.exe => Moved successfully.
C:\Windows\AutoKMS => Moved successfully.
C:\Windows\Tasks\AutoKMS.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job => Moved successfully.
C:\ProgramData\TEMP => ":430C6D84" ADS removed successfully.
C:\ProgramData\TEMP => ":AD022376" ADS removed successfully.
C:\ProgramData\TEMP => ":CB0AACC9" ADS removed successfully.
C:\ProgramData\TEMP => ":DFC5A2B2" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
==== End of Fixlog ====
Tvorba fixlistu pro FRST
Přispějete na provoz fóra?