Do notatnika wklej i zapisz jako
fixlist.txt
Kod:
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2707719838-539045418-2495073625-1000\...\Run: [74733FBA] => C:\Users\hp\AppData\Roaming\74733FBA\bin.exe
HKU\S-1-5-21-2707719838-539045418-2495073625-1000\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-18\...\Policies\system: [WallpaperStyle] 2
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-2707719838-539045418-2495073625-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-2707719838-539045418-2495073625-1000 -> {23009706-443F-4BCA-8469-D891021B9ABA} URL = http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
DeleteKey: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes
DeleteKey: HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes
DeleteKey: HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes
BHO-x32: My Global Search Bar BHO -> {37B85A21-692B-4205-9CAD-2626E4993404} -> C:\Program Files (x86)\MyGlobalSearch\bar\1.bin\MGSBAR.DLL No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-07-02] (AOL LLC)
Toolbar: HKLM-x32 - My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files (x86)\MyGlobalSearch\bar\1.bin\MGSBAR.DLL No File
Toolbar: HKU\S-1-5-21-2707719838-539045418-2495073625-1000 -> No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
Toolbar: HKU\S-1-5-21-2707719838-539045418-2495073625-1000 -> No Name - {37B85A29-692B-4205-9CAD-2626E4993404} - No File
S2 Update Greener Web; "C:\Program Files (x86)\Greener Web\updateGreenerWeb.exe" [X]
S2 Util Greener Web; "C:\Program Files (x86)\Greener Web\bin\utilGreenerWeb.exe" [X]
U4 eabfiltr; No ImagePath
C:\Device
C:\Users\hp\AppData\Local\Google
C:\Users\hp\AppData\Roaming\Mozilla
C:\Users\hp\AppData\Local\BearShare
C:\Users\hp\AppData\Local\TB
C:\Users\hp\AppData\Local\DSwitch.txt
C:\Users\hp\AppData\Local\QSwitch.txt
C:\Users\hp\AppData\Local\tmpDOWÓD TYŁ.0
C:\Users\hp\AppData\Local\tmpDOWÓD TYŁ.JPG
C:\Users\hp\AppData\Local\tmpDSCN0441.JPG
C:\Users\hp\AppData\Local\tmpIMG.0
C:\Users\hp\AppData\Local\tmpIMG.1
C:\Users\hp\AppData\Local\tmpIMG.2
C:\Users\hp\AppData\Local\tmpIMG.3
C:\Users\hp\AppData\Local\tmpIMG.4
C:\Users\hp\AppData\Local\tmpIMG_0195.JPG
C:\ProgramData\HPWALog.txt
C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
C:\Users\hp\Doctor Web
C:\Program Files (x86)\GUT994F.tmp
C:\Users\hp\AppData\Roaming\74733FBA
C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
C:\Users\hp\EClea2_0.exe
DeleteKey: HKCU\Software\Google
DeleteKey: HKCU\Software\Mozilla
DeleteKey: HKCU\Software\MozillaPlugins
DeleteKey: HKLM\SOFTWARE\Mozilla
DeleteKey: HKLM\SOFTWARE\MozillaPlugins
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Google
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla
DeleteKey: HKLM\SOFTWARE\Wow6432Node\mozilla.org
DeleteKey: HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
CustomCLSID: HKU\S-1-5-21-2707719838-539045418-2495073625-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-2707719838-539045418-2495073625-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\hp\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll No File
CustomCLSID: HKU\S-1-5-21-2707719838-539045418-2495073625-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\dps.dll (crfiaroCootropotsnMi ) <==== ATTENTION
Task: {0B456A39-3E03-4DCC-8C69-30C6CC9B9213} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-19] (Avast Software s.r.o.)
Task: {13736190-4AFA-4A06-97CF-C23E64C462AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {1FD092AC-9EB3-4559-B152-30BE2A130F45} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-23] (CyberLink Corp.)
Task: {530BBE7F-6A48-45F9-A6F4-55D30B229B35} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-07-24] (CyberLink Corp.)
Task: {6ED7F1A4-F08C-40AC-8231-A8E59BF40571} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-07-24] (CL)
Task: {96D93A73-0B1A-415F-B2E5-3EDDFED8EF09} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {9A0B05F7-D0E8-4232-AA51-BCFCFB419B59} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-07-23] (CyberLink)
Task: {A9040EA5-DBD8-40F9-BA3E-01E3480E1023} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-07-24] (CL)
Task: {A97851D2-954E-4B06-B788-6653C4B5A9D0} - System32\Tasks\HPCeeScheduleForhp => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07] (Hewlett-Packard)
Task: {BBE3ECCF-EADA-4412-AD43-9BBBA249C7AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C74CCCF1-F5C8-4C3B-BB71-FB60A219338B} - System32\Tasks\{B8A0A35A-50FA-4C5B-BC9D-6B291345A8C7} => Chrome.exe http://ui.skype.com/ui/0/7.2.60.103/pl/abandoninstall?page=tsMain
Task: {C821B5BC-F2B9-4C79-A949-915088408607} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-08] (Hewlett-Packard)
Task: {DB4DE2DC-A67D-480D-BA5D-049ACD5351F4} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-07-24] (CL)
Task: {EFF35E4C-1333-4186-9E5B-89DD00227433} - System32\Tasks\Smlupd => C:\Users\hp\AppData\Roaming\Smlupd\smlupd.exe [2015-02-12] (Geo Builder)
Task: {F4B6C543-86A5-44AF-866E-7775C121F724} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F8D6F110-8145-48AF-80A9-AD56634E1ABC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\HPCeeScheduleForhp.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
RemoveDirectory: C:\AdwCleaner
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
CMD: netsh advfirewall reset
EmptyTemp:
Zapisany skrypt umieść obok ściągniętego programu
FRST
Następnie w programie kliknij
Fix,po wykonaniu pokaż raport z tego działania.
Odinstaluj:
Adobe Flash Player 17 ActiveX
Adobe Flash Player 17 NPAPI
McAfee Security Scan Plus
My Global Search Bar
Resetuj ustawienia przeglądarki Internet Explorer
[Aby zobaczyć linki, zarejestruj się tutaj]
Napisz jakie są reakcje.
