Fixlog.txt

OTL - Prośba o sprawdzenie loga

Wklejam rezultat działania aplikacji.


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-08-2014 01
Ran by app at 2014-08-24 16:48:28 Run:1
Running from C:\Users\app\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\.DEFAULT\Software\Classes\.exe: exefile = & gt; " %1 " %* & lt; ===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: " %1 " %* & lt; ===== ATTENTION!
HKU\360SandBox\Software\Classes\.exe: exefile = & gt; " %1 " %* & lt; ===== ATTENTION!
HKU\360SandBox\Software\Classes\exefile: " %1 " %* & lt; ===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile = & gt; " %1 " %* & lt; ===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: " %1 " %* & lt; ===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile = & gt; " %1 " %* & lt; ===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: " %1 " %* & lt; ===== ATTENTION!
HKU\S-1-5-21-3779274457-241525021-3594938619-1000\Software\Classes\.exe: exefile = & gt; " %1 " %* & lt; ===== ATTENTION!
HKU\S-1-5-21-3779274457-241525021-3594938619-1000\Software\Classes\exefile: " %1 " %* & lt; ===== ATTENTION!
HKU\S-1-5-21-3779274457-241525021-3594938619-1000\...\Run: [] = & gt; [X]
HKU\S-1-5-21-3779274457-241525021-3594938619-1000\...\MountPoints2: {028cd2bc-e73b-11e2-9321-001fd059ad03} - E:\AutoRun.exe
HKU\S-1-5-21-3779274457-241525021-3594938619-1000\...\MountPoints2: {7390c5b5-7b78-11e3-8651-001fd059ad03} - E:\AutoRun.exe
HKU\S-1-5-21-3779274457-241525021-3594938619-1000\...\MountPoints2: {80b94c24-ed97-11e3-8bf3-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-3779274457-241525021-3594938619-1000\...\MountPoints2: {c8f2dfe4-f081-11e2-9fef-001fd059ad03} - E:\iLinker.exe
HKU\S-1-5-21-3779274457-241525021-3594938619-1000\...\MountPoints2: {dc99cdd3-de97-11e2-87a6-001fd059ad03} - E:\AutoRun.exe
HKU\S-1-5-21-3779274457-241525021-3594938619-1000\...\MountPoints2: {dc99cde0-de97-11e2-87a6-001fd059ad03} - E:\AutoRun.exe
ShellIconOverlayIdentifiers-x32: ###MegaShellExtPending - & gt; {056D528D-CE28-4194-9BA3-BA2E9197FF8C} = & gt; No File
ShellIconOverlayIdentifiers-x32: ###MegaShellExtSynced - & gt; {05B38830-F4E9-4329-978B-1DD28605D202} = & gt; No File
ShellIconOverlayIdentifiers-x32: ###MegaShellExtSyncing - & gt; {0596C850-7BDD-4C9D-AFDF-873BE6890637} = & gt; No File
BootExecute: autocheck autochk * ?????????????
R2 postgresmm-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N " postgresmm-9.0 " -D " C:/Program Files (x86)/PostgreSQL/9.0/data " [X]
S2 VMAuthdService; " C:\Program Files (x86)\VMware\VMware Server\vmware-authd.exe " [X]
S2 vmserverdWin32; " C:\Program Files (x86)\VMware\VMware Server\vmserverdWin32.exe " [X]
S3 FwHookDrv; \??\C:\Windows\system32\drivers\FwHookDrv.sys [X]
S3 Fwleaf; system32\DRIVERS\fwleaf.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 WPRO_41_1742; system32\drivers\WPRO_41_1742.sys [X]
S0 ybJhRgJq; System32\drivers\ybJhRgJq.sys [X]
2014-08-06 20:11 - 2014-08-06 20:11 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-06 20:10 - 2014-08-12 20:40 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-06 20:10 - 2014-08-12 19:27 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-06 20:08 - 2014-08-06 20:08 - 46525608 ____N (Safer-Networking Ltd. ) C:\Users\app\Downloads\spybot-2.4.exe
C:\Windows\Tasks\{915ED9CB-7196-4396-8194-34519CCCA219}.job
EmptyTemp:
*****************

" HKU\.DEFAULT\Software\Classes\exefile " = & gt; Key deleted successfully.
" HKU\.DEFAULT\Software\Classes\.exe " = & gt; Key deleted successfully.
" HKU\.DEFAULT\Software\Classes\exefile " = & gt; Key not found.
" HKU\360SandBox\Software\Classes\exefile " = & gt; Key Deleted successfully.
" HKU\360SandBox\Software\Classes\.exe " = & gt; Key Deleted successfully.
" HKU\360SandBox\Software\Classes\exefile " = & gt; Key not found.
" HKU\S-1-5-19\Software\Classes\exefile " = & gt; Key deleted successfully.
" HKU\S-1-5-19\Software\Classes\.exe " = & gt; Key deleted successfully.
" HKU\S-1-5-19\Software\Classes\exefile " = & gt; Key not found.
" HKU\S-1-5-20\Software\Classes\exefile " = & gt; Key deleted successfully.
" HKU\S-1-5-20\Software\Classes\.exe " = & gt; Key deleted successfully.
" HKU\S-1-5-20\Software\Classes\exefile " = & gt; Key not found.
" HKU\S-1-5-21-3779274457-241525021-3594938619-1000\Software\Classes\exefile " = & gt; Key deleted successfully.
" HKU\S-1-5-21-3779274457-241525021-3594938619-1000\Software\Classes\.exe " = & gt; Key deleted successfully.
" HKU\S-1-5-21-3779274457-241525021-3594938619-1000\Software\Classes\exefile " = & gt; Key not found.
HKU\S-1-5-21-3779274457-241525021-3594938619-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ = & gt; value deleted successfully.
" HKU\S-1-5-21-3779274457-241525021-3594938619-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{028cd2bc-e73b-11e2-9321-001fd059ad03} " = & gt; Key deleted successfully.
" HKCR\CLSID\{028cd2bc-e73b-11e2-9321-001fd059ad03} " = & gt; Key not found.
" HKU\S-1-5-21-3779274457-241525021-3594938619-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7390c5b5-7b78-11e3-8651-001fd059ad03} " = & gt; Key deleted successfully.
" HKCR\CLSID\{7390c5b5-7b78-11e3-8651-001fd059ad03} " = & gt; Key not found.
" HKU\S-1-5-21-3779274457-241525021-3594938619-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80b94c24-ed97-11e3-8bf3-806e6f6e6963} " = & gt; Key deleted successfully.
" HKCR\CLSID\{80b94c24-ed97-11e3-8bf3-806e6f6e6963} " = & gt; Key not found.
" HKU\S-1-5-21-3779274457-241525021-3594938619-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8f2dfe4-f081-11e2-9fef-001fd059ad03} " = & gt; Key deleted successfully.
" HKCR\CLSID\{c8f2dfe4-f081-11e2-9fef-001fd059ad03} " = & gt; Key not found.
" HKU\S-1-5-21-3779274457-241525021-3594938619-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc99cdd3-de97-11e2-87a6-001fd059ad03} " = & gt; Key deleted successfully.
" HKCR\CLSID\{dc99cdd3-de97-11e2-87a6-001fd059ad03} " = & gt; Key not found.
" HKU\S-1-5-21-3779274457-241525021-3594938619-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc99cde0-de97-11e2-87a6-001fd059ad03} " = & gt; Key deleted successfully.
" HKCR\CLSID\{dc99cde0-de97-11e2-87a6-001fd059ad03} " = & gt; Key not found.
" HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending " = & gt; Key deleted successfully.
" HKCR\Wow6432Node\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} " = & gt; Key not found.
" HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced " = & gt; Key deleted successfully.
" HKCR\Wow6432Node\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} " = & gt; Key not found.
" HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing " = & gt; Key deleted successfully.
" HKCR\Wow6432Node\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} " = & gt; Key not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute = & gt; Value was restored successfully.
postgresmm-9.0 = & gt; Service stopped successfully.
postgresmm-9.0 = & gt; Service deleted successfully.
VMAuthdService = & gt; Service deleted successfully.
vmserverdWin32 = & gt; Service deleted successfully.
FwHookDrv = & gt; Service deleted successfully.
Fwleaf = & gt; Service deleted successfully.
gdrv = & gt; Service deleted successfully.
massfilter_hs = & gt; Service deleted successfully.
VMnetAdapter = & gt; Service deleted successfully.
WPRO_41_1742 = & gt; Service deleted successfully.
ybJhRgJq = & gt; Service deleted successfully.
C:\Windows\System32\Tasks\Safer-Networking = & gt; Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 = & gt; Moved successfully.
C:\ProgramData\Spybot - Search & Destroy = & gt; Moved successfully.
C:\Users\app\Downloads\spybot-2.4.exe = & gt; Moved successfully.
C:\Windows\Tasks\{915ED9CB-7196-4396-8194-34519CCCA219}.job = & gt; Moved successfully.
EmptyTemp: = & gt; Removed 1 GB temporary data.


The system needed a reboot.

==== End of Fixlog ====


Pobierz plik - link do postu