Do notatnika wklej i zapisz jako
fixlist.txt
Kod:
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
BootExecute: autocheck autochk * sh4native Sh4Removal
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPALL13/175
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPALL13/175
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3788707431-4183721749-822431625-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPALL13/175
HKU\S-1-5-21-3788707431-4183721749-822431625-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPALL13/175
HKU\S-1-5-21-3788707431-4183721749-822431625-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.uk.msn.com/HPALL13/175
URLSearchHook: [S-1-5-21-3788707431-4183721749-822431625-1001] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> {4ACD6455-78D0-403D-B2CF-5AB8B8BA3556} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {4ACD6455-78D0-403D-B2CF-5AB8B8BA3556} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3788707431-4183721749-822431625-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3788707431-4183721749-822431625-1002 -> {4ACD6455-78D0-403D-B2CF-5AB8B8BA3556} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
Toolbar: HKU\S-1-5-21-3788707431-4183721749-822431625-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -No File
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2013-04-01]
CHR HKLM-x32\...\Chrome\Extension: [kanflfepiobnpjbljmngfgegijhdpljm] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2013-04-01]
R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2014-01-09] (Enigma Software Group USA, LLC.)
S2 SPDRIVER_1503.0.0.0; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1503.0.0.0\jsdrv.sys [X]
C:\spyhunter.fix
C:\Users\Piotr\Downloads\MyRLS - Daily Updated Free Downloads.url
C:\Users\Piotr\Downloads\87856526.pfx
C:\Users\Piotr\AppData\Local\unins000.dat
C:\Users\Piotr\AppData\Local\unins000.exe
C:\Users\Piotr\AppData\Local\unins000.msg
Task: {0989DEED-071B-48A2-B2B2-2A9054ECDBDD} - \a6a7b757-13f2-4c67-97d2-303c2fd16e92-1-7 No Task File <==== ATTENTION
Task: {19E5462F-E27B-46C9-8417-F4EE86F9E360} - \d1bda9ce-47a7-49d9-bd22-db286096d380-4 No Task File <==== ATTENTION
Task: {263DC768-3872-46AC-AB9F-189A90A579CC} - \a6a7b757-13f2-4c67-97d2-303c2fd16e92-5_user No Task File <==== ATTENTION
Task: {2FA223A5-68EF-4AF3-9297-1B5AA66490AE} - System32\Tasks\FQGHUUB => C:\Users\Piotr\AppData\Roaming\FQGHUUB.exe <==== ATTENTION
Task: {3C4A0D08-859E-4345-ADA1-F65D409E6D9A} - \a6a7b757-13f2-4c67-97d2-303c2fd16e92-1-6 No Task File <==== ATTENTION
Task: {3E65A227-E854-4432-AE8B-9BA48A5BA919} - \SPBIW_UpdateTask_Time_313838323632353831362d6c555a6c5b5a32572d413434 No Task File <==== ATTENTION
Task: {3EC5A214-D1BE-4BA3-B8DB-3EF7E50478C8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker
Task: {48E3A338-19F9-4699-9F6B-9EE03BB9FF34} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {5846DBFD-6D33-48AA-94CE-C5EC54CDBC12} - System32\Tasks\MYI => C:\Users\Piotr\AppData\Roaming\MYI.exe <==== ATTENTION
Task: {678C7423-FCA0-451F-A83B-0259F9712CB0} - \d1bda9ce-47a7-49d9-bd22-db286096d380-1-6 No Task File <==== ATTENTION
Task: {6F97C310-9CA5-40C5-B763-25AAE2CAAA1E} - \d1bda9ce-47a7-49d9-bd22-db286096d380-5 No Task File <==== ATTENTION
Task: {770B24A0-E81F-417C-9A89-851C9CD0FEB6} - \a6a7b757-13f2-4c67-97d2-303c2fd16e92-4 No Task File <==== ATTENTION
Task: {805BF51E-2D24-4F7C-B176-60FE3C0EA2DB} - \YTAUpdate No Task File <==== ATTENTION
Task: {88ABE04E-D3A9-4AEB-BFFC-90A2A891F805} - \d1bda9ce-47a7-49d9-bd22-db286096d380-5_user No Task File <==== ATTENTION
Task: {A9BC43E7-A79B-4B2D-935F-96D493A0FEB0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {B76802D3-770A-45EC-99DF-BBB1C41E8CAC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {B864CB03-3C38-470D-8630-FA4911DD3FB8} - \a6a7b757-13f2-4c67-97d2-303c2fd16e92-5 No Task File <==== ATTENTION
Task: {BF8C227C-538C-4F2A-94A7-8606C3CDACBE} - System32\Tasks\{55401B1C-AF9E-4A0D-B961-881FF91694C0} => pcalua.exe -a "C:\Program Files (x86)\SourceApp\SourceAppuninstall.exe"
Task: {CF6C644A-FA25-40C2-8473-999275A88296} - System32\Tasks\SpyHunter4Startup => C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-02-16] (Enigma Software Group USA, LLC.)
Task: {D5A00178-47FF-48D1-BAA0-4858F9B21A63} - \d1bda9ce-47a7-49d9-bd22-db286096d380-1-7 No Task File <==== ATTENTION
Task: {D7D1EBC9-003E-4504-B394-A7CAFD0E34A2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {F24CB5E3-CE90-4CEF-89F7-5F37D968EEB3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
Emptytemp:
Zapisany skrypt umieść obok ściągniętego programu
FRST
Następnie w programie kliknij
Fix,po wykonaniu pokaż raport z tego działania.
Odinstaluj:
Java 8 Update 25
SpyHunter
Google Chrome
Ustawienia > karta Ustawienia > Pokaż ustawienia zaawansowane > zjedź na sam spód i uruchom opcję "Zresetuj ustawienia przeglądarki".
W przeglądarce Firefox
Otwórz menu w górnym rogu po prawej stronie > otwórz menu pomoc oznaczone czerwoną ramką.
[Aby zobaczyć linki, zarejestruj się tutaj]
Informacje dla pomocy technicznej > Zresetuj program Firefox.
Zainstaluj:
IE11
[Aby zobaczyć linki, zarejestruj się tutaj]
Java jre-8u31-windows-i586.exe
[Aby zobaczyć linki, zarejestruj się tutaj]
Zrób nowe logi i przedstaw z FRST.txt > Addition.txt