Anonim / 2 lata, 9 miesięcy temu | Download | Plaintext | Odpowiedz |

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
Fix result of Farbar Recovery Scan Tool (x86) Version: 28-06-2015 01
Ran by hp at 2015-07-03 16:04:01 Run:1
Running from C:\Users\hp\Desktop\Downloads
Loaded Profiles: hp (Available Profiles: hp)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Windows\snuvcdsm.exeHKLM\...\Run: [] => [X]
HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
OPR StartupUrls: "hxxp://do-search.com/?type=hp&ts=1431457053&z=102ae01584751341f36ece6g7zbc5g6zdw1qdt0b3e&from=cor&uid=HitachiXHTS725032A9A364_100102PC6300VKG14SHAX"
OPR Extension: (Crazy Score) - C:\Users\hp\AppData\Roaming\Opera Software\Opera Stable\Extensions\gaeefepfglcilcepkkdgdpiocemcclel [2015-05-12]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
C:\Windows\system32\Drivers\asw*.tmp
2015-06-14 15:52 - 2015-06-14 15:52 - 00000000 ____D C:\temp
2015-06-12 23:26 - 2015-06-12 23:26 - 00000000 ____D C:\4bcc48085a33c9e2bb5b890c
2015-06-12 22:45 - 2015-07-03 14:15 - 00000000 ____D C:\AdwCleaner
2015-06-12 22:18 - 2015-05-12 20:57 - 00000000 ____D C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd
2015-06-12 22:18 - 2015-05-12 20:57 - 00000000 ____D C:\Program Files\Common Files\68f7eaff-0da4-47f4-8262-425ca2a087dd
2013-04-17 10:31 - 2013-04-17 10:31 - 0000000 _____ () C:\Users\hp\AppData\Local\AtStart.txt
2013-04-17 10:31 - 2013-04-17 10:31 - 0000000 _____ () C:\Users\hp\AppData\Local\DSwitch.txt
2014-01-06 17:36 - 2015-02-15 14:31 - 0000000 _____ () C:\Users\hp\AppData\Local\FnF4.txt
2013-04-17 10:31 - 2013-04-17 10:31 - 0000000 _____ () C:\Users\hp\AppData\Local\QSwitch.txt
EmptyTemp:
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Windows\snuvcdsm.exe => value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\CognizanceTS => value removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp" => key removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
Opera StartupUrls not found.
C:\Users\hp\AppData\Roaming\Opera Software\Opera Stable\Extensions\gaeefepfglcilcepkkdgdpiocemcclel => moved successfully.
blbdrive => Service removed successfully.
UIUSys => Service removed successfully.
C:\Windows\system32\Drivers\asw*.tmp => moved successfully.
C:\temp => moved successfully.
C:\4bcc48085a33c9e2bb5b890c => moved successfully.
C:\AdwCleaner => moved successfully.
C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd => moved successfully.
C:\Program Files\Common Files\68f7eaff-0da4-47f4-8262-425ca2a087dd => moved successfully.
C:\Users\hp\AppData\Local\AtStart.txt => moved successfully.
C:\Users\hp\AppData\Local\DSwitch.txt => moved successfully.
C:\Users\hp\AppData\Local\FnF4.txt => moved successfully.
C:\Users\hp\AppData\Local\QSwitch.txt => moved successfully.
EmptyTemp: => 1.2 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 16:05:00 ====