Anonim / 1 rok, 10 miesięcy temu | Download | Plaintext | Odpowiedz |

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:25-01-2016
Uruchomiony przez ok (2016-01-27 10:57:17) Run:1
Uruchomiony z D:\pobieranie plik
Załadowane profile: ok (Dostępne profile: ok)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
Task: {7A33526B-DF1A-43C7-8844-62F3583F19B8} - System32\Tasks\PrerequisiteWaddiedV2 => Rundll32.exe VocabulariesVaulter.dll,main 7 1 <==== UWAGA
Task: {CA121C29-11FD-483B-A930-EB41D1CC2453} - System32\Tasks\Price Fountain => C:\Users\ok\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== UWAGA
Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\ok\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== UWAGA
HKLM-x32\...\Run: [MalwareProtectionLive] => C:\Users\ok\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe [850464 2015-10-16] ()
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1445281129&z=65b4967063c0aca5e4647d2gdzbz3wfo0b0g9gdo9t&from=cor&uid=wdcxwd2500bevs-22ust0_wd-wxc90770325803258&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1445281129&z=65b4967063c0aca5e4647d2gdzbz3wfo0b0g9gdo9t&from=cor&uid=wdcxwd2500bevs-22ust0_wd-wxc90770325803258&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1445281129&z=65b4967063c0aca5e4647d2gdzbz3wfo0b0g9gdo9t&from=cor&uid=wdcxwd2500bevs-22ust0_wd-wxc90770325803258
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1445281129&z=65b4967063c0aca5e4647d2gdzbz3wfo0b0g9gdo9t&from=cor&uid=wdcxwd2500bevs-22ust0_wd-wxc90770325803258
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1445281129&z=65b4967063c0aca5e4647d2gdzbz3wfo0b0g9gdo9t&from=cor&uid=wdcxwd2500bevs-22ust0_wd-wxc90770325803258&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1445281129&z=65b4967063c0aca5e4647d2gdzbz3wfo0b0g9gdo9t&from=cor&uid=wdcxwd2500bevs-22ust0_wd-wxc90770325803258&q={searchTerms}
HKU\S-1-5-21-3586635275-1815924953-2730075497-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1445281129&z=65b4967063c0aca5e4647d2gdzbz3wfo0b0g9gdo9t&from=cor&uid=wdcxwd2500bevs-22ust0_wd-wxc90770325803258
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3586635275-1815924953-2730075497-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1445281129&z=65b4967063c0aca5e4647d2gdzbz3wfo0b0g9gdo9t&from=cor&uid=wdcxwd2500bevs-22ust0_wd-wxc90770325803258&q={searchTerms}
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1445281129&z=65b4967063c0aca5e4647d2gdzbz3wfo0b0g9gdo9t&from=cor&uid=wdcxwd2500bevs-22ust0_wd-wxc90770325803258"
EmptyTemp:
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7A33526B-DF1A-43C7-8844-62F3583F19B8}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A33526B-DF1A-43C7-8844-62F3583F19B8}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\PrerequisiteWaddiedV2 => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PrerequisiteWaddiedV2 => klucz nie znaleziono. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA121C29-11FD-483B-A930-EB41D1CC2453}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA121C29-11FD-483B-A930-EB41D1CC2453}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\Price Fountain => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Price Fountain => klucz nie znaleziono. 
C:\Windows\Tasks\Price Fountain.job => nie znaleziono.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\MalwareProtectionLive => Wartość nie znaleziono.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-3586635275-1815924953-2730075497-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. 
HKU\S-1-5-21-3586635275-1815924953-2730075497-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. 
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. 
Chrome StartupUrls => pomyślnie usunięto
EmptyTemp: => 6.3 GB danych tymczasowych Usunięto.


System wymagał restartu.

==== Koniec  Fixlog 10:58:32 ====