Anonim / 2 lata, 2 miesiące temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
Fix result of Farbar Recovery Scan Tool (x64) Version:09-07-2015
Ran by ewunia at 2015-07-11 09:40:10 Run:1
Running from C:\Users\ewunia\Desktop
Loaded Profiles: ewunia (Available Profiles: ewunia)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
HKLM\...\Run: [SuddenlyMusic Home Page Guard 64 bit] => "C:\PROGRA~2\SUDDEN~2\bar\1.bin\APPINT~1.EXE"
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3625697315-574066735-3411081838-1001\...\Run: [E48E5A56] => C:\Users\ewunia\AppData\Roaming\E48E5A56\bin.exe [47104 2015-07-10] ()
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
URLSearchHook: HKU\S-1-5-21-3625697315-574066735-3411081838-1001 - (No Name) - {7adecf8a-e794-45d2-80a3-6659421966ab} - C:\Program Files (x86)\SuddenlyMusic_93\bar\1.bin\93SrcAs.dll No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: No Name -> {5245414C-312D-5350-00A7-7A786E7484D7} ->  No File
BHO-x32: No Name -> {146decde-432d-45e9-a880-ec502dbc2df3} ->  No File
BHO-x32: No Name -> {5245414C-312D-5350-00A7-7A786E7484D7} ->  No File
BHO-x32: No Name -> {5d289117-1db4-4f0b-8dda-177e7882aad8} ->  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-3625697315-574066735-3411081838-1001 -> No Name - {5245414C-312D-5350-00A7-7A786E7484D7} -  No File
Toolbar: HKU\S-1-5-21-3625697315-574066735-3411081838-1001 -> No Name - {2D7F763A-6A99-4397-A009-195A1DF153FB} -  No File
CHR Extension: (Bookmark Manager) - C:\Users\ewunia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-07-01]
S2 wasvc_1.10.0.20; "C:\Program Files (x86)\WordAnchor_1.10.0.20\Service\wasvc.exe" [X]
2015-07-10 19:25 - 2015-07-10 19:26 - 00000000 ____D C:\AdwCleaner
2015-07-10 16:38 - 2015-07-10 16:54 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-07-10 16:38 - 2015-07-10 16:46 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-10 16:38 - 2015-07-10 16:38 - 00001405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-07-10 16:38 - 2015-07-10 16:38 - 00001393 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-07-10 16:38 - 2015-07-10 16:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-07-10 16:38 - 2015-07-10 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-07-10 16:38 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-07-10 16:36 - 2015-07-10 16:36 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\ewunia\Downloads\spybot-2.4.exe
2015-07-10 16:34 - 2015-07-10 16:34 - 00841232 _____ (Application Web ) C:\Users\ewunia\Desktop\Spybot-Search-Destroy(12546)-dp.exe
2015-07-10 16:17 - 2015-07-10 16:17 - 00000000 ___HD C:\Users\ewunia\AppData\Roaming\E48E5A56
2013-12-08 16:05 - 2013-12-08 16:05 - 0000021 _____ () C:\Users\ewunia\AppData\Roaming\my_intel.sys
2013-10-07 18:36 - 2015-07-10 21:17 - 0000380 _____ () C:\Users\ewunia\AppData\Roaming\sp_data.sys
2014-07-02 17:06 - 2014-07-02 17:06 - 0000000 _____ () C:\Users\ewunia\AppData\Local\{08B83068-0CDC-4AB5-B06B-678B4C109BA2}
2014-03-30 18:27 - 2014-03-30 18:27 - 0148736 _____ (Avanquest Software) C:\ProgramData\hpeE3C3.dll
Task: {0411C80C-C9C7-49E7-895E-77C30ACCC756} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {1D1C5050-8190-4DB0-B13D-C55DCEAB4C60} - System32\Tasks\Opera N Saturday => C:\Program Files (x86)\Opera\launcher.exe
Task: {3B5A8F92-3004-431E-B0D5-670C254FF8DA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {9ADF31F1-1CB8-4158-9303-3C18FB93BA6B} - System32\Tasks\Opera N Sunday => C:\Program Files (x86)\Opera\launcher.exe
Task: {B7A0CCDF-9E1F-4007-834E-18CC8A313D5D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
EmptyTemp:
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SuddenlyMusic Home Page Guard 64 bit => value removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => key not found. 
HKU\S-1-5-21-3625697315-574066735-3411081838-1001\Software\Microsoft\Windows\CurrentVersion\Run\\E48E5A56 => value not found.
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-3625697315-574066735-3411081838-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{7adecf8a-e794-45d2-80a3-6659421966ab} => value removed successfully
"HKCR\Wow6432Node\CLSID\{7adecf8a-e794-45d2-80a3-6659421966ab}" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5245414C-312D-5350-00A7-7A786E7484D7}" => key removed successfully
HKCR\CLSID\{5245414C-312D-5350-00A7-7A786E7484D7} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{146decde-432d-45e9-a880-ec502dbc2df3}" => key removed successfully
HKCR\Wow6432Node\CLSID\{146decde-432d-45e9-a880-ec502dbc2df3} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5245414C-312D-5350-00A7-7A786E7484D7}" => key removed successfully
HKCR\Wow6432Node\CLSID\{5245414C-312D-5350-00A7-7A786E7484D7} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d289117-1db4-4f0b-8dda-177e7882aad8}" => key removed successfully
HKCR\Wow6432Node\CLSID\{5d289117-1db4-4f0b-8dda-177e7882aad8} => key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found. 
HKU\S-1-5-21-3625697315-574066735-3411081838-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5245414C-312D-5350-00A7-7A786E7484D7} => value removed successfully
HKCR\CLSID\{5245414C-312D-5350-00A7-7A786E7484D7} => key not found. 
HKU\S-1-5-21-3625697315-574066735-3411081838-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2D7F763A-6A99-4397-A009-195A1DF153FB} => value removed successfully
HKCR\CLSID\{2D7F763A-6A99-4397-A009-195A1DF153FB} => key not found. 
C:\Users\ewunia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik => moved successfully.
wasvc_1.10.0.20 => Service removed successfully
C:\AdwCleaner => moved successfully.
C:\ProgramData\Spybot - Search & Destroy => moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk" => File/Folder not found.
"C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk" => File/Folder not found.
C:\WINDOWS\System32\Tasks\Safer-Networking => moved successfully.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2" => File/Folder not found.
"C:\WINDOWS\system32\sdnclean64.exe" => File/Folder not found.
C:\Users\ewunia\Downloads\spybot-2.4.exe => moved successfully.
C:\Users\ewunia\Desktop\Spybot-Search-Destroy(12546)-dp.exe => moved successfully.
C:\Users\ewunia\AppData\Roaming\E48E5A56 => moved successfully.
C:\Users\ewunia\AppData\Roaming\my_intel.sys => moved successfully.
C:\Users\ewunia\AppData\Roaming\sp_data.sys => moved successfully.
C:\Users\ewunia\AppData\Local\{08B83068-0CDC-4AB5-B06B-678B4C109BA2} => moved successfully.
C:\ProgramData\hpeE3C3.dll => moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0411C80C-C9C7-49E7-895E-77C30ACCC756} => key not found. 
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D1C5050-8190-4DB0-B13D-C55DCEAB4C60}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D1C5050-8190-4DB0-B13D-C55DCEAB4C60}" => key removed successfully
C:\Windows\System32\Tasks\Opera N Saturday => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera N Saturday" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B5A8F92-3004-431E-B0D5-670C254FF8DA} => key not found. 
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9ADF31F1-1CB8-4158-9303-3C18FB93BA6B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9ADF31F1-1CB8-4158-9303-3C18FB93BA6B}" => key removed successfully
C:\Windows\System32\Tasks\Opera N Sunday => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera N Sunday" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7A0CCDF-9E1F-4007-834E-18CC8A313D5D} => key not found. 
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => key not found. 
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => key removed successfully
EmptyTemp: => 60 MB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 09:40:17 ====