Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 20-04-2014 02
Ran by Mamka at 2014-04-21 13:35:46 Run:1
Running from C:\Users\Mamka\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [NeroFilterCheck] => C:\windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [Guard.Mail.ru.gui] => C:\Program Files\Guard-ICQ\GuardICQ.exe [1564368 2012-03-26] ()
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\iTunes\iTunesHelper.exe [421736 2012-03-27] (Apple Inc.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296056 2012-05-15] (RealNetworks, Inc.)
HKLM\...\Run: [SiteRanker] => "C:\Program Files\SiteRanker\SiteRankTray.exe"
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1061960 2013-03-21] ()
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-08] (Hewlett-Packard)
HKU\S-1-5-21-3787819946-3620248423-3096216792-1005\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKU\S-1-5-21-3787819946-3620248423-3096216792-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Děda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3787819946-3620248423-3096216792-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Děda\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3787819946-3620248423-3096216792-1005\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3787819946-3620248423-3096216792-1005\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-3787819946-3620248423-3096216792-1005\User: Group Policy restriction detected <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.bing.com
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {25098803-09df-430e-9c00-a3c6c71725ca} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
BHO: IMPI - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll ()
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKCU - No Name - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
R2 Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [1564368 2012-03-26] ()
R2 IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [185856 2013-02-05] ()
DisableService: c2cautoupdatesve
DisableService: c2cpnrsvc
FF Extension: IMPI - C:\Program Files\IMPI\Firefox [2013-03-12]
C:\Program Files\Guard-ICQ
2014-04-20 13:52 - 2014-04-20 13:52 - 00112640 _____ (forum.viry.cz) C:\Users\Děda\Downloads\FRSTLauncher.exe
2014-04-19 10:53 - 2014-04-19 10:26 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-04-19 10:42 - 2014-04-19 10:58 - 00003166 _____ () C:\folders.log
2014-04-19 10:42 - 2014-04-19 10:52 - 00000000 ____D () C:\zoek
2014-04-19 10:29 - 2014-04-19 10:58 - 00154741 _____ () C:\zoek-results.log
2014-04-19 10:23 - 2014-04-19 10:55 - 00000000 ____D () C:\zoek_backup
2014-04-19 10:23 - 2014-04-19 10:23 - 01285120 _____ () C:\Users\Děda\Desktop\zoek.exe
2014-04-19 10:20 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Děda\Desktop\zoek.pif
2014-04-19 10:19 - 2014-04-19 10:20 - 04235514 _____ () C:\Users\Děda\Desktop\zoek.rar
2014-04-19 09:47 - 2014-04-19 09:47 - 01258805 _____ () C:\Users\Děda\Desktop\adwcleaner.exe
2014-04-19 09:36 - 2014-04-19 09:36 - 00016636 _____ () C:\Users\Děda\Desktop\JRT.txt
2014-04-19 09:31 - 2014-04-19 09:31 - 01257353 _____ () C:\Users\Děda\Desktop\AdwCleaner(1).exe
2014-04-19 09:30 - 2014-04-19 09:30 - 01016261 _____ (Thisisu) C:\Users\Děda\Desktop\JRT.exe
2014-04-20 13:53 - 2014-04-20 13:53 - 00000000 ____D () C:\Users\Děda\Desktop\FRST-OlderVersion
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3787819946-3620248423-3096216792-1001Core.job => ?
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3787819946-3620248423-3096216792-1001UA.job => ?
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3787819946-3620248423-3096216792-1001Core.job => ?
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3787819946-3620248423-3096216792-1001UA.job => ?
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3787819946-3620248423-3096216792-1004Core.job => ?
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3787819946-3620248423-3096216792-1004UA.job => ?
Task: C:\windows\Tasks\HPCeeScheduleForHanka.job => ?
Task: C:\windows\Tasks\Norton Security Scan for Hanka.job => ?
Hosts:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Guard.Mail.ru.gui => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SiteRanker => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NCPluginUpdater => Value deleted successfully.
HKU\S-1-5-21-3787819946-3620248423-3096216792-1005\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value not found.
HKU\S-1-5-21-3787819946-3620248423-3096216792-1005\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value not found.
HKU\S-1-5-21-3787819946-3620248423-3096216792-1005\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value not found.
HKU\S-1-5-21-3787819946-3620248423-3096216792-1005\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => Value not found.
HKU\S-1-5-21-3787819946-3620248423-3096216792-1005\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => Value not found.
C:\windows\system32\GroupPolicyUsers\S-1-5-21-3787819946-3620248423-3096216792-1005\User => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF} => Key deleted successfully.
HKCR\CLSID\{17E113E6-CD0E-4045-B154-65F0E57959EF} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value not found.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => Value not found.
HKCR\CLSID\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} => Value not found.
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} => Key deleted successfully.
Guard.Mail.ru => Service stopped successfully.
Guard.Mail.ru => Service deleted successfully.
IMPI Updater => Service stopped successfully.
IMPI Updater => Service deleted successfully.
c2cautoupdatesve service key not found.
c2cpnrsvc service was disabled
C:\Program Files\IMPI\Firefox => Moved successfully.
C:\Program Files\Guard-ICQ => Moved successfully.
C:\Users\Děda\Downloads\FRSTLauncher.exe => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\folders.log => Moved successfully.
C:\zoek => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Děda\Desktop\zoek.exe => Moved successfully.
C:\Users\Děda\Desktop\zoek.pif => Moved successfully.
C:\Users\Děda\Desktop\zoek.rar => Moved successfully.
C:\Users\Děda\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Děda\Desktop\JRT.txt => Moved successfully.
C:\Users\Děda\Desktop\AdwCleaner(1).exe => Moved successfully.
C:\Users\Děda\Desktop\JRT.exe => Moved successfully.
C:\Users\Děda\Desktop\FRST-OlderVersion => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3787819946-3620248423-3096216792-1001Core.job => Moved successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3787819946-3620248423-3096216792-1001UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3787819946-3620248423-3096216792-1001Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3787819946-3620248423-3096216792-1001UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3787819946-3620248423-3096216792-1004Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3787819946-3620248423-3096216792-1004UA.job => Moved successfully.
C:\windows\Tasks\HPCeeScheduleForHanka.job => Moved successfully.
C:\windows\Tasks\Norton Security Scan for Hanka.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
The system needed a reboot.
==== End of Fixlog ====
Tvorba fixlistu pro FRST
Přispějete na provoz fóra?