Re: Prosím o kontrolu logu
Napsal: 14 říj 2014 18:38
Dobrý podvečer,
zasílám log:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-10-2014 02
Ran by Spikl at 2014-10-14 19:32:22 Run:1
Running from C:\Users\Spikl\Desktop
Loaded Profile: Spikl (Available profiles: Spikl)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKU\S-1-5-19\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
HKU\S-1-5-20\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-224793288-567479514-1610664160-1002\...\MountPoints2: {589b1802-1e32-11e3-a9e7-bb0b50c9f99c} - "D:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-224793288-567479514-1610664160-1002\...\MountPoints2: {90bfee4d-9055-11e0-af5e-b2a6dab48197} - D:\Autorun.exe
HKU\S-1-5-21-224793288-567479514-1610664160-1002\...\MountPoints2: {90bfee5b-9055-11e0-af5e-b2a6dab48197} - D:\Autorun.exe
HKU\S-1-5-18\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
C:\Program Files (x86)\Zrychleni Pocitace
2014-10-05 17:19 - 2014-10-05 17:20 - 00027588 _____ () C:\Users\Spikl\Desktop\FRST.txt
2014-10-05 17:17 - 2014-10-05 17:17 - 00112640 _____ (forum.viry.cz) C:\Users\Spikl\Desktop\FRSTLauncher.exe
2014-10-05 16:33 - 2014-10-05 16:17 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-10-05 16:18 - 2014-10-05 16:35 - 00010119 _____ () C:\zoek-results.log
2014-10-05 16:17 - 2014-10-05 16:30 - 00000000 ____D () C:\zoek_backup
2014-10-05 16:16 - 2014-10-05 16:17 - 01290752 _____ () C:\Users\Spikl\Desktop\zoek.exe
2014-10-04 20:17 - 2014-10-04 20:17 - 23635896 _____ (Citrix Systems, Inc.) C:\Users\Spikl\Downloads\CitrixOnlinePluginWeb(1).exe
2014-10-04 19:40 - 2014-10-04 19:42 - 00000000 ____D () C:\AdwCleaner
2014-10-04 19:39 - 2014-10-04 19:39 - 00009887 _____ () C:\Users\Spikl\Desktop\JRT.txt
2014-10-04 19:35 - 2014-10-04 19:35 - 00000000 ____D () C:\windows\ERUNT
2014-10-04 19:32 - 2014-10-04 17:46 - 01694116 _____ (Thisisu) C:\Users\Spikl\Desktop\JRT_NEW.exe
2014-10-04 19:30 - 2014-10-04 19:30 - 01375089 _____ () C:\Users\Spikl\Desktop\adwcleaner_3.311.exe
2014-10-03 20:53 - 2014-10-03 20:53 - 00000000 ____D () C:\rsit
2014-10-03 20:53 - 2014-10-03 20:53 - 00000000 ____D () C:\Program Files\trend micro
2014-10-03 20:49 - 2014-10-03 20:49 - 00832273 _____ () C:\Users\Spikl\Desktop\RSITx64.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForSpikl.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent" /f
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender_298 => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender_298 => value deleted successfully.
"HKU\S-1-5-21-224793288-567479514-1610664160-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{589b1802-1e32-11e3-a9e7-bb0b50c9f99c}" => Key deleted successfully.
"HKCR\CLSID\{589b1802-1e32-11e3-a9e7-bb0b50c9f99c}" => Key not found.
"HKU\S-1-5-21-224793288-567479514-1610664160-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90bfee4d-9055-11e0-af5e-b2a6dab48197}" => Key deleted successfully.
"HKCR\CLSID\{90bfee4d-9055-11e0-af5e-b2a6dab48197}" => Key not found.
"HKU\S-1-5-21-224793288-567479514-1610664160-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90bfee5b-9055-11e0-af5e-b2a6dab48197}" => Key deleted successfully.
"HKCR\CLSID\{90bfee5b-9055-11e0-af5e-b2a6dab48197}" => Key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender_298 => value deleted successfully.
C:\Program Files (x86)\Zrychleni Pocitace => Moved successfully.
C:\Users\Spikl\Desktop\FRST.txt => Moved successfully.
"C:\Users\Spikl\Desktop\FRSTLauncher.exe" => File/Directory not found.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
"C:\Users\Spikl\Desktop\zoek.exe" => File/Directory not found.
C:\Users\Spikl\Downloads\CitrixOnlinePluginWeb(1).exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Spikl\Desktop\JRT.txt => Moved successfully.
C:\windows\ERUNT => Moved successfully.
"C:\Users\Spikl\Desktop\JRT_NEW.exe" => File/Directory not found.
C:\Users\Spikl\Desktop\adwcleaner_3.311.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Spikl\Desktop\RSITx64.exe => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\HPCeeScheduleForSpikl.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.4 GB temporary data.
The system needed a reboot.
==== End of Fixlog ====
zasílám log:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-10-2014 02
Ran by Spikl at 2014-10-14 19:32:22 Run:1
Running from C:\Users\Spikl\Desktop
Loaded Profile: Spikl (Available profiles: Spikl)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKU\S-1-5-19\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
HKU\S-1-5-20\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-224793288-567479514-1610664160-1002\...\MountPoints2: {589b1802-1e32-11e3-a9e7-bb0b50c9f99c} - "D:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-224793288-567479514-1610664160-1002\...\MountPoints2: {90bfee4d-9055-11e0-af5e-b2a6dab48197} - D:\Autorun.exe
HKU\S-1-5-21-224793288-567479514-1610664160-1002\...\MountPoints2: {90bfee5b-9055-11e0-af5e-b2a6dab48197} - D:\Autorun.exe
HKU\S-1-5-18\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
C:\Program Files (x86)\Zrychleni Pocitace
2014-10-05 17:19 - 2014-10-05 17:20 - 00027588 _____ () C:\Users\Spikl\Desktop\FRST.txt
2014-10-05 17:17 - 2014-10-05 17:17 - 00112640 _____ (forum.viry.cz) C:\Users\Spikl\Desktop\FRSTLauncher.exe
2014-10-05 16:33 - 2014-10-05 16:17 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-10-05 16:18 - 2014-10-05 16:35 - 00010119 _____ () C:\zoek-results.log
2014-10-05 16:17 - 2014-10-05 16:30 - 00000000 ____D () C:\zoek_backup
2014-10-05 16:16 - 2014-10-05 16:17 - 01290752 _____ () C:\Users\Spikl\Desktop\zoek.exe
2014-10-04 20:17 - 2014-10-04 20:17 - 23635896 _____ (Citrix Systems, Inc.) C:\Users\Spikl\Downloads\CitrixOnlinePluginWeb(1).exe
2014-10-04 19:40 - 2014-10-04 19:42 - 00000000 ____D () C:\AdwCleaner
2014-10-04 19:39 - 2014-10-04 19:39 - 00009887 _____ () C:\Users\Spikl\Desktop\JRT.txt
2014-10-04 19:35 - 2014-10-04 19:35 - 00000000 ____D () C:\windows\ERUNT
2014-10-04 19:32 - 2014-10-04 17:46 - 01694116 _____ (Thisisu) C:\Users\Spikl\Desktop\JRT_NEW.exe
2014-10-04 19:30 - 2014-10-04 19:30 - 01375089 _____ () C:\Users\Spikl\Desktop\adwcleaner_3.311.exe
2014-10-03 20:53 - 2014-10-03 20:53 - 00000000 ____D () C:\rsit
2014-10-03 20:53 - 2014-10-03 20:53 - 00000000 ____D () C:\Program Files\trend micro
2014-10-03 20:49 - 2014-10-03 20:49 - 00832273 _____ () C:\Users\Spikl\Desktop\RSITx64.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForSpikl.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent" /f
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender_298 => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender_298 => value deleted successfully.
"HKU\S-1-5-21-224793288-567479514-1610664160-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{589b1802-1e32-11e3-a9e7-bb0b50c9f99c}" => Key deleted successfully.
"HKCR\CLSID\{589b1802-1e32-11e3-a9e7-bb0b50c9f99c}" => Key not found.
"HKU\S-1-5-21-224793288-567479514-1610664160-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90bfee4d-9055-11e0-af5e-b2a6dab48197}" => Key deleted successfully.
"HKCR\CLSID\{90bfee4d-9055-11e0-af5e-b2a6dab48197}" => Key not found.
"HKU\S-1-5-21-224793288-567479514-1610664160-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90bfee5b-9055-11e0-af5e-b2a6dab48197}" => Key deleted successfully.
"HKCR\CLSID\{90bfee5b-9055-11e0-af5e-b2a6dab48197}" => Key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender_298 => value deleted successfully.
C:\Program Files (x86)\Zrychleni Pocitace => Moved successfully.
C:\Users\Spikl\Desktop\FRST.txt => Moved successfully.
"C:\Users\Spikl\Desktop\FRSTLauncher.exe" => File/Directory not found.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
"C:\Users\Spikl\Desktop\zoek.exe" => File/Directory not found.
C:\Users\Spikl\Downloads\CitrixOnlinePluginWeb(1).exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Spikl\Desktop\JRT.txt => Moved successfully.
C:\windows\ERUNT => Moved successfully.
"C:\Users\Spikl\Desktop\JRT_NEW.exe" => File/Directory not found.
C:\Users\Spikl\Desktop\adwcleaner_3.311.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Spikl\Desktop\RSITx64.exe => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\HPCeeScheduleForSpikl.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.4 GB temporary data.
The system needed a reboot.
==== End of Fixlog ====
DelFix 
