Re: Prosím o kontrolu logu z FRST
Napsal: 07 lis 2013 17:37
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-10-2013
Ran by standa at 2013-11-07 14:41:36 Run:1
Running from C:\Users\standa\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [172032 2010-05-31] (Sun Microsystems, Inc.)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\standa\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\standa\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
MountPoints2: {8c66ba76-431a-11e3-a197-70f3955964cf} - G:\autorun.exe
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] - "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
Startup: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater.lnk
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKCU - No Name - {5347542D-5637-006A-76A7-7A786E7484D7} - No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
CHR HomePage: hxxp://www.seznam.cz/?clid=12454
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (qone8) - http://start.qone8.com/web/?type=ds&ts= ... VJ6LXYV&q={searchTerms}
CHR DefaultSuggestURL: (qone8) - "suggest_url": "",
S2 S; C [x]
2013-11-07 13:12 - 2013-11-07 13:12 - 00001802 _____ C:\sc-cleaner.txt
2013-11-07 13:10 - 2013-11-07 13:10 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\standa\Desktop\sc-cleaner.exe
2013-11-07 13:09 - 2013-11-07 13:09 - 01034531 _____ (Thisisu) C:\Users\standa\Desktop\JRT.exe
2013-11-07 13:08 - 2013-11-07 13:08 - 01073262 _____ C:\Users\standa\Desktop\adwcleaner.exe
2013-11-07 13:22 - 2013-11-07 13:24 - 00000000 ____D C:\AdwCleaner
2013-11-07 13:21 - 2013-11-07 13:21 - 00002987 _____ C:\Users\standa\Desktop\JRT.txt
2013-11-07 13:13 - 2013-11-07 13:13 - 00001802 _____ C:\Users\standa\Desktop\sc-cleaner.txt
2013-11-07 13:30 - 2013-11-07 13:30 - 00002797 _____ C:\Users\standa\Desktop\AdwCleaner[S0].txt
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForstanda.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Hosts:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c66ba76-431a-11e3-a197-70f3955964cf} => Key deleted successfully.
HKCR\CLSID\{8c66ba76-431a-11e3-a197-70f3955964cf} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater.lnk => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5347542D-5637-006A-76A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{5347542D-5637-006A-76A7-7A786E7484D7} => Key not found.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
CHR HomePage: hxxp://www.seznam.cz/?clid=12454 ==> The Chrome "Settings" can be used to fix the entry.
CHR RestoreOnStartup: "hxxp://www.google.com/" ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: (qone8) - http://start.qone8.com/web/?type=ds&ts= ... VJ6LXYV&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSuggestURL: (qone8) - "suggest_url": "", ==> The Chrome "Settings" can be used to fix the entry.
S => Service deleted successfully.
C:\sc-cleaner.txt => Moved successfully.
C:\Users\standa\Desktop\sc-cleaner.exe => Moved successfully.
C:\Users\standa\Desktop\JRT.exe => Moved successfully.
C:\Users\standa\Desktop\adwcleaner.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
"C:\Users\standa\Desktop\JRT.txt" => File/Directory not found.
"C:\Users\standa\Desktop\sc-cleaner.txt" => File/Directory not found.
"C:\Users\standa\Desktop\AdwCleaner[S0].txt" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\HPCeeScheduleForstanda.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
==== End of Fixlog ====
Ran by standa at 2013-11-07 14:41:36 Run:1
Running from C:\Users\standa\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [172032 2010-05-31] (Sun Microsystems, Inc.)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\standa\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\standa\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
MountPoints2: {8c66ba76-431a-11e3-a197-70f3955964cf} - G:\autorun.exe
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] - "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
Startup: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater.lnk
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKCU - No Name - {5347542D-5637-006A-76A7-7A786E7484D7} - No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
CHR HomePage: hxxp://www.seznam.cz/?clid=12454
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (qone8) - http://start.qone8.com/web/?type=ds&ts= ... VJ6LXYV&q={searchTerms}
CHR DefaultSuggestURL: (qone8) - "suggest_url": "",
S2 S; C [x]
2013-11-07 13:12 - 2013-11-07 13:12 - 00001802 _____ C:\sc-cleaner.txt
2013-11-07 13:10 - 2013-11-07 13:10 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\standa\Desktop\sc-cleaner.exe
2013-11-07 13:09 - 2013-11-07 13:09 - 01034531 _____ (Thisisu) C:\Users\standa\Desktop\JRT.exe
2013-11-07 13:08 - 2013-11-07 13:08 - 01073262 _____ C:\Users\standa\Desktop\adwcleaner.exe
2013-11-07 13:22 - 2013-11-07 13:24 - 00000000 ____D C:\AdwCleaner
2013-11-07 13:21 - 2013-11-07 13:21 - 00002987 _____ C:\Users\standa\Desktop\JRT.txt
2013-11-07 13:13 - 2013-11-07 13:13 - 00001802 _____ C:\Users\standa\Desktop\sc-cleaner.txt
2013-11-07 13:30 - 2013-11-07 13:30 - 00002797 _____ C:\Users\standa\Desktop\AdwCleaner[S0].txt
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForstanda.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Hosts:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c66ba76-431a-11e3-a197-70f3955964cf} => Key deleted successfully.
HKCR\CLSID\{8c66ba76-431a-11e3-a197-70f3955964cf} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater.lnk => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5347542D-5637-006A-76A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{5347542D-5637-006A-76A7-7A786E7484D7} => Key not found.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
CHR HomePage: hxxp://www.seznam.cz/?clid=12454 ==> The Chrome "Settings" can be used to fix the entry.
CHR RestoreOnStartup: "hxxp://www.google.com/" ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: (qone8) - http://start.qone8.com/web/?type=ds&ts= ... VJ6LXYV&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSuggestURL: (qone8) - "suggest_url": "", ==> The Chrome "Settings" can be used to fix the entry.
S => Service deleted successfully.
C:\sc-cleaner.txt => Moved successfully.
C:\Users\standa\Desktop\sc-cleaner.exe => Moved successfully.
C:\Users\standa\Desktop\JRT.exe => Moved successfully.
C:\Users\standa\Desktop\adwcleaner.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
"C:\Users\standa\Desktop\JRT.txt" => File/Directory not found.
"C:\Users\standa\Desktop\sc-cleaner.txt" => File/Directory not found.
"C:\Users\standa\Desktop\AdwCleaner[S0].txt" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\HPCeeScheduleForstanda.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
==== End of Fixlog ====
T-Cleaner 
Zase nekdy 
