Re: prosím o kontrolu
Napsal: 11 úno 2014 20:25
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-02-2014 01
Ran by Dominik at 2014-02-11 20:24:29 Run:1
Running from C:\Documents and Settings\Dominik.DODO\Plocha
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-602162358-1645522239-1644491937-1004\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => File Not Found
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {189B9496-A9F9-4F5D-8CD5-764A04FA1062} URL = http://search.zonealarm.com/search?src= ... er=&&r=421
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
2014-02-11 11:27 - 2014-02-11 11:26 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Dominik.DODO\Plocha\FRSTLauncher.exe
2014-02-11 08:22 - 2014-02-11 08:19 - 00001006 _____ () C:\zoek-results2014-02-11-071926.log
2014-02-11 08:18 - 2014-02-11 08:17 - 00000958 _____ () C:\zoek-results2014-02-11-071753.log
2014-02-11 08:17 - 2014-02-11 08:16 - 00000910 _____ () C:\zoek-results2014-02-11-071614.log
2014-02-11 08:02 - 2014-02-11 08:01 - 00000814 _____ () C:\zoek-results2014-02-11-070138.log
2014-02-11 08:01 - 2014-02-11 08:01 - 04227036 _____ () C:\Documents and Settings\Dominik.DODO\Plocha\zoek.rar
2014-02-11 08:01 - 2014-02-02 23:27 - 01412052 _____ () C:\Documents and Settings\Dominik.DODO\Plocha\zoek.scr
2014-02-11 08:01 - 2014-02-02 23:27 - 01412052 _____ () C:\Documents and Settings\Dominik.DODO\Plocha\zoek.pif
2014-02-11 08:01 - 2014-02-02 23:27 - 01412052 _____ () C:\Documents and Settings\Dominik.DODO\Plocha\zoek.com
2014-02-11 08:00 - 2014-02-11 07:59 - 00000847 _____ () C:\zoek-results2014-02-11-065924.log
2014-02-11 07:58 - 2014-02-11 11:21 - 00001104 _____ () C:\zoek-results.log
2014-02-11 07:56 - 2014-02-11 07:56 - 00000000 ____D () C:\zoek_backup
2014-02-11 07:56 - 2014-02-11 07:55 - 01283584 _____ () C:\Documents and Settings\Dominik.DODO\Plocha\zoek.exe
2014-02-11 11:20 - 2014-02-11 08:23 - 00001055 _____ () C:\zoek-results2014-02-11-072308.log
2014-02-09 23:54 - 2014-02-09 23:53 - 01166132 _____ () C:\Documents and Settings\Dominik.DODO\Plocha\adwcleaner (1).exe
2014-02-09 21:41 - 2014-02-09 21:37 - 05180173 ____R (Swearware) C:\Documents and Settings\Dominik.DODO\Plocha\xyz.exe
2014-02-08 09:30 - 2014-02-08 09:30 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2014-02-08 01:01 - 2014-02-08 01:01 - 00000000 ____D () C:\Documents and Settings\Dominik.DODO\Data aplikací\TrojanHunter
2014-02-08 00:50 - 2014-02-11 11:20 - 00000000 ____D () C:\Program Files\TrojanHunter 5.3
2014-02-07 23:20 - 2014-02-07 23:21 - 00000000 ____D () C:\Documents and Settings\Dominik.DODO\Local Settings\Data aplikací\SearchProtect
2014-02-07 23:13 - 2013-09-04 15:08 - 01028757 _____ (Thisisu) C:\Documents and Settings\Dominik.DODO\Plocha\JRT.exe
2014-02-07 23:13 - 2013-08-24 20:44 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Dominik.DODO\Plocha\TFC (1).exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck => Value deleted successfully.
HKU\S-1-5-21-602162358-1645522239-1644491937-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
"C:\\PROGRA~1\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dll" => Value Data removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{189B9496-A9F9-4F5D-8CD5-764A04FA1062} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{189B9496-A9F9-4F5D-8CD5-764A04FA1062} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Value deleted successfully.
HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Key not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\FRSTLauncher.exe => Moved successfully.
C:\zoek-results2014-02-11-071926.log => Moved successfully.
C:\zoek-results2014-02-11-071753.log => Moved successfully.
C:\zoek-results2014-02-11-071614.log => Moved successfully.
C:\zoek-results2014-02-11-070138.log => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\zoek.rar => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\zoek.scr => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\zoek.pif => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\zoek.com => Moved successfully.
C:\zoek-results2014-02-11-065924.log => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\zoek.exe => Moved successfully.
C:\zoek-results2014-02-11-072308.log => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\adwcleaner (1).exe => Moved successfully.
"C:\Documents and Settings\Dominik.DODO\Plocha\xyz.exe" => File/Directory not found.
C:\WINDOWS\system32\bootdelete.exe => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Data aplikací\TrojanHunter => Moved successfully.
C:\Program Files\TrojanHunter 5.3 => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Local Settings\Data aplikací\SearchProtect => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\JRT.exe => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\TFC (1).exe => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Ran by Dominik at 2014-02-11 20:24:29 Run:1
Running from C:\Documents and Settings\Dominik.DODO\Plocha
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-602162358-1645522239-1644491937-1004\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => File Not Found
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {189B9496-A9F9-4F5D-8CD5-764A04FA1062} URL = http://search.zonealarm.com/search?src= ... er=&&r=421
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
2014-02-11 11:27 - 2014-02-11 11:26 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Dominik.DODO\Plocha\FRSTLauncher.exe
2014-02-11 08:22 - 2014-02-11 08:19 - 00001006 _____ () C:\zoek-results2014-02-11-071926.log
2014-02-11 08:18 - 2014-02-11 08:17 - 00000958 _____ () C:\zoek-results2014-02-11-071753.log
2014-02-11 08:17 - 2014-02-11 08:16 - 00000910 _____ () C:\zoek-results2014-02-11-071614.log
2014-02-11 08:02 - 2014-02-11 08:01 - 00000814 _____ () C:\zoek-results2014-02-11-070138.log
2014-02-11 08:01 - 2014-02-11 08:01 - 04227036 _____ () C:\Documents and Settings\Dominik.DODO\Plocha\zoek.rar
2014-02-11 08:01 - 2014-02-02 23:27 - 01412052 _____ () C:\Documents and Settings\Dominik.DODO\Plocha\zoek.scr
2014-02-11 08:01 - 2014-02-02 23:27 - 01412052 _____ () C:\Documents and Settings\Dominik.DODO\Plocha\zoek.pif
2014-02-11 08:01 - 2014-02-02 23:27 - 01412052 _____ () C:\Documents and Settings\Dominik.DODO\Plocha\zoek.com
2014-02-11 08:00 - 2014-02-11 07:59 - 00000847 _____ () C:\zoek-results2014-02-11-065924.log
2014-02-11 07:58 - 2014-02-11 11:21 - 00001104 _____ () C:\zoek-results.log
2014-02-11 07:56 - 2014-02-11 07:56 - 00000000 ____D () C:\zoek_backup
2014-02-11 07:56 - 2014-02-11 07:55 - 01283584 _____ () C:\Documents and Settings\Dominik.DODO\Plocha\zoek.exe
2014-02-11 11:20 - 2014-02-11 08:23 - 00001055 _____ () C:\zoek-results2014-02-11-072308.log
2014-02-09 23:54 - 2014-02-09 23:53 - 01166132 _____ () C:\Documents and Settings\Dominik.DODO\Plocha\adwcleaner (1).exe
2014-02-09 21:41 - 2014-02-09 21:37 - 05180173 ____R (Swearware) C:\Documents and Settings\Dominik.DODO\Plocha\xyz.exe
2014-02-08 09:30 - 2014-02-08 09:30 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2014-02-08 01:01 - 2014-02-08 01:01 - 00000000 ____D () C:\Documents and Settings\Dominik.DODO\Data aplikací\TrojanHunter
2014-02-08 00:50 - 2014-02-11 11:20 - 00000000 ____D () C:\Program Files\TrojanHunter 5.3
2014-02-07 23:20 - 2014-02-07 23:21 - 00000000 ____D () C:\Documents and Settings\Dominik.DODO\Local Settings\Data aplikací\SearchProtect
2014-02-07 23:13 - 2013-09-04 15:08 - 01028757 _____ (Thisisu) C:\Documents and Settings\Dominik.DODO\Plocha\JRT.exe
2014-02-07 23:13 - 2013-08-24 20:44 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Dominik.DODO\Plocha\TFC (1).exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck => Value deleted successfully.
HKU\S-1-5-21-602162358-1645522239-1644491937-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
"C:\\PROGRA~1\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dll" => Value Data removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{189B9496-A9F9-4F5D-8CD5-764A04FA1062} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{189B9496-A9F9-4F5D-8CD5-764A04FA1062} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Value deleted successfully.
HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Key not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\FRSTLauncher.exe => Moved successfully.
C:\zoek-results2014-02-11-071926.log => Moved successfully.
C:\zoek-results2014-02-11-071753.log => Moved successfully.
C:\zoek-results2014-02-11-071614.log => Moved successfully.
C:\zoek-results2014-02-11-070138.log => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\zoek.rar => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\zoek.scr => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\zoek.pif => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\zoek.com => Moved successfully.
C:\zoek-results2014-02-11-065924.log => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\zoek.exe => Moved successfully.
C:\zoek-results2014-02-11-072308.log => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\adwcleaner (1).exe => Moved successfully.
"C:\Documents and Settings\Dominik.DODO\Plocha\xyz.exe" => File/Directory not found.
C:\WINDOWS\system32\bootdelete.exe => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Data aplikací\TrojanHunter => Moved successfully.
C:\Program Files\TrojanHunter 5.3 => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Local Settings\Data aplikací\SearchProtect => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\JRT.exe => Moved successfully.
C:\Documents and Settings\Dominik.DODO\Plocha\TFC (1).exe => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
T-Cleaner 
Zrejme nezbyde nic jineho nez zaloha + koupe noveho...
Zase nekdy 
