Anonim / 2 lata, 5 miesięcy temu | Download | Plaintext | Odpowiedz |

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
Fix result of Farbar Recovery Scan Tool (x86) Version: 21-06-2015 01
Ran by Admin at 2015-06-21 16:34:21 Run:4
Running from C:\Documents and Settings\Admin\Pulpit
Loaded Profiles: Admin (Available Profiles: Admin & Meg)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CloseProcesses:
HKU\S-1-5-21-1417001333-1715567821-2146802571-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.ru/cnt/10445?gp=blackbear1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1417001333-1715567821-2146802571-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={896A5020-F34B-45E7-8DB3-4AE7E49C5D2B}&mid=4f5a32a404e347cdbd42d15e77ab2110-6cc37579bd616f4b264fbc6234459ec23c72e076&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0215pit&pr=fr&d=2015-06-15 20:40:06&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1417001333-1715567821-2146802571-1003 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?q={SearchTerms}&fr=ntg&gp=blackbear1
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\Documents and Settings\All Users\Dane aplikacji\WRData\pkg\LPBar.dll No File
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\Documents and Settings\All Users\Dane aplikacji\WRData\pkg\LPBar.dll No File
FF Keyword.URL: hxxp://go.mail.ru/search?fr=ntg&q=
S3 HWIONT; \??\C:\MoreTV\HWIONT.sys [X]
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath
2015-06-17 19:22 - 2015-06-18 11:42 - 00000000 ____D C:\AdwCleaner
Task: C:\WINDOWS\Tasks\PFExe.job => C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\PriceFountain\pricefountain.exe
C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\PriceFountain
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-1417001333-1715567821-2146802571-1003\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-1417001333-1715567821-2146802571-1003\Software\Classes\exefile: "%1" %* <===== ATTENTION!
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\okwwfhzlxa" /f
EmptyTemp:
*****************

Processes closed successfully.
HKU\S-1-5-21-1417001333-1715567821-2146802571-1003\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-1417001333-1715567821-2146802571-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. 
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. 
HKU\S-1-5-21-1417001333-1715567821-2146802571-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => key not found. 
HKCR\CLSID\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c8d5d964-2be8-4c5b-8cf5-6e975aa88504} => key not found. 
HKCR\CLSID\{c8d5d964-2be8-4c5b-8cf5-6e975aa88504} => key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{97ab88ef-346b-4179-a0b1-7445896547a5} => value not found.
HKCR\CLSID\{97ab88ef-346b-4179-a0b1-7445896547a5} => key not found. 
Firefox Keyword.URL removed successfully.
HWIONT => Service not found.
IntelIde => Service not found.
WS2IFSL => Service not found.
"C:\AdwCleaner" => File/Folder not found.
C:\WINDOWS\Tasks\PFExe.job not found.
"C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\PriceFountain" => File/Folder not found.
HKU\.DEFAULT\Software\Classes\.exe => key not found. 
HKU\.DEFAULT\Software\Classes\exefile => key not found. 
HKU\S-1-5-19\Software\Classes\.exe => key not found. 
HKU\S-1-5-19\Software\Classes\exefile => key not found. 
HKU\S-1-5-20\Software\Classes\.exe => key not found. 
HKU\S-1-5-20\Software\Classes\exefile => key not found. 
HKU\S-1-5-21-1417001333-1715567821-2146802571-1003\Software\Classes\.exe => key not found. 
HKU\S-1-5-21-1417001333-1715567821-2146802571-1003\Software\Classes\exefile => key not found. 

========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\okwwfhzlxa" /f =========


Błąd: system nie może odnaleźć określonego klucza rejestru lub wartości.


========= End of Reg: =========

EmptyTemp: => 502.1 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 16:35:28 ====