Do notatnika wklej i zapisz jako
fixlist.txt
Kod:
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Monika Gujda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\INformel.lnk
ShortcutTarget: INformel.lnk ->(No File)
HKU\S-1-5-21-3908056110-466929256-2686052346-1000\...\Run: [ALLUpdate] => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep"
HKU\S-1-5-21-3908056110-466929256-2686052346-1000\...\Run: [Tiny download manager] => "C:\Users\Monika Gujda\AppData\Local\DM\TinyDM.exe" /M
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {C4B2AC6D-6218-4370-8E9D-D6E96FC030EA} URL = http://www.google.com/search?hl=pl&q={searchTerms}
BHO: ShopDrop -> {A2744B9B-6C59-744C-3EB8-39B23A161A97} -> C:\ProgramData\ShopDrop\Cbo.x64.dll No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: ShopDrop -> {A2744B9B-6C59-744C-3EB8-39B23A161A97} -> C:\ProgramData\ShopDrop\Cbo.dll No File
Toolbar: HKLM-x32 - No Name - {e5d4f4fd-a039-4670-8354-633c30a5f54e} -No File
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
CHR HKLM-x32\...\Chrome\Extension: [ippenodjaoidmkkfdlmdhofiebnpjddb] - C:\Program Files (x86)\BrowseSmart\ippenodjaoidmkkfdlmdhofiebnpjddb.crx [2014-07-31]
CHR HKLM-x32\...\Chrome\Extension: [ppcdpabdaaenpfihggajpnehffdcbima] - C:\ProgramData\FlashPlayer\ext i ri_2.crx [2014-07-31]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 699fd52f; "C:\Windows\system32\rundll32.exe" "c:\progra~3\assist~1\AssistantSvc.dll",service
C:\Users\Monika Gujda\ArtRage211Install.exe
C:\Users\Monika Gujda\AppData\Local\Temp\Quarantine.exe
CustomCLSID: HKU\S-1-5-21-3908056110-466929256-2686052346-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Monika Gujda\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll No File
Task: {0057696B-8AF3-4A01-BF83-6FAAF4063AEE} - System32\Tasks\RMAutoUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe [2013-05-24] (PC Tools)
Task: {241EADAE-8642-4958-9CFA-2E005BFD1282} - System32\Tasks\Funmoods Chat => C:\Users\MONIKA~1\AppData\Roaming\FUNMOO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {3D0A2F05-FB5D-4834-8DE1-E3E634BED168} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {922C2292-F0E5-40C7-A7BB-861B8447A6FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {9E3B1081-9E80-49FD-92D9-8F5A5E90F75B} - System32\Tasks\SN.Booster-S-86014281 => c:\programdata\excellent4app\sn.booster\SN.Booster.exe <==== ATTENTION
Task: {E55A37C6-E072-481E-9CEF-C611064DC37B} - System32\Tasks\Norton Security Scan for Monika Gujda => C:\Program Files (x86)\Norton Security Scan\Engine\4.0.3.26\Nss.exe [2013-09-25] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Funmoods Chat.job => C:\Users\MONIKA~1\AppData\Roaming\FUNMOO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Norton Security Scan for Monika Gujda.job => C:\PROGRA~2\NORTON~2\Engine\403~1.26\Nss.exe
Task: C:\Windows\Tasks\RMAutoUpdate.job => C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe
Task: C:\Windows\Tasks\SN.Booster-S-86014281.job => c:\programdata\excellent4app\sn.booster\SN.Booster.exe <==== ATTENTION
AlternateDataStreams: C:\Windows\Temp:temp
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pszczółka Ula\Instrukcja.lnk -> C:\Program Files (x86)\Pszczółka Ula\Instrukcja.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pszczółka Ula\Odinstaluj.lnk -> C:\Program Files (x86)\Pszczółka Ula\Uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pszczółka Ula\Pszczółka Ula.lnk -> C:\Program Files (x86)\Pszczółka Ula\Ula.exe (No File)
Shortcut: C:\Users\Monika Gujda\Nowy folder\Documents\ALLPlayer\ALLPlayer.lnk -> C:\Program Files (x86)\ALLPlayer\ALLPlayer.exe (No File)
Shortcut: C:\Users\Monika Gujda\Desktop\YouTubeDownloads\[{(@&^!)}]\(((((((((\Big Scale Racing — skrót.lnk -> C:\Program Files (x86)\Big Scale Racing\Big Scale Racing.exe (No File)
Shortcut: C:\Users\Monika Gujda\Desktop\YouTubeDownloads\[{(@&^!)}]\(((((((((\Trucker.lnk -> D:\Trucker\trucker.exe (No File)
Shortcut: C:\Users\Monika Gujda\Desktop\programy\Mobogenie.lnk -> C:\Program Files (x86)\Mobogenie\Mobogenie.exe (No File)
Shortcut: C:\Users\Monika Gujda\Desktop\programy\Norton Security Scan.lnk -> C:\Program Files (x86)\Norton Security Scan\Engine\3.7.2.10\Nss.exe (No File)
Shortcut: C:\Users\Monika Gujda\Desktop\programy\Razem w szkole klasa 3.lnk -> C:\Program Files (x86)\Razem w szkole klasa 3\razem_w_szkole_klasa_3.exe (No File)
Shortcut: C:\Users\Monika Gujda\Desktop\programy\RegClean Pro.lnk -> C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (No File)
Shortcut: C:\Users\Monika Gujda\Desktop\programy\Tiny download manager.lnk -> C:\Users\Monika Gujda\AppData\Local\DM\TinyDM.exe (No File)
Shortcut: C:\Users\Monika Gujda\Desktop\programy\Video Player.lnk -> C:\Program Files (x86)\FLVPlayer\FLVPlayer.exe (No File)
Shortcut: C:\Users\Monika Gujda\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player FLV Player.lnk -> C:\Program Files (x86)\FLVPlayer\FLVPlayer.exe (No File)
Shortcut: C:\Users\Monika Gujda\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player Uninstall FLV Player.lnk -> C:\Program Files (x86)\FLVPlayer\Uninstall\Uninstall.exe (No File)
Shortcut: C:\Users\Monika Gujda\AppData\Roaming\Microsoft\Windows\Start Menu\Video Player Uninstall Video Player.lnk -> C:\Program Files (x86)\FLVPlayer\Uninstall\Uninstall.exe (No File)
Shortcut: C:\Users\Monika Gujda\AppData\Roaming\Microsoft\Windows\Start Menu\Video Player Video Player.lnk -> C:\Program Files (x86)\FLVPlayer\FLVPlayer.exe (No File)
Shortcut: C:\Users\Monika Gujda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Uninstall Flvto Youtube Downloader.lnk -> C:\Users\Monika Gujda\AppData\Local\Flvto Youtube Downloader\UninstallFlvtoConverter.exe (No File)
Shortcut: C:\Users\Monika Gujda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\cfabdc50143e331a\Torch.lnk -> C:\Users\Monika Gujda\AppData\Local\Torch\Application\torch.exe (No File)
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
CMD: netsh advfirewall reset
CMD: ipconfig /flushdns
Reboot:
Zapisany skrypt umieść obok ściągniętego programu
FRST
Następnie w programie kliknij
Fix,po wykonaniu pokaż raport z tego działania.
Odinstaluj:
McAfee Security Scan Plus
Movies Toolbar for Chrome
Movies Toolbar for Internet Explorer
Norton Security Scan
PC Tools Registry Mechanic 11.1
PDF Creator Packages
PDF Creator Packages 69
PDF Writer Packages
Ringtones Maker Packages
Video Player
Google Chrome
Zresetuj cache wtyczek. W pasku adresów wpisz chrome://plugins i ENTER. Na liście wtyczek wybierz dowolną i kliknij Wyłącz. Następnie wtyczkę ponownie włącz.
Ustawienia > karta Historia > wyczyść
Ustawienia > karta Rozszerzenia > odinstaluj Adea Colors3
Ustawienia > karta Ustawienia > Pokaż ustawienia zaawansowane > zjedź na sam spód i uruchom opcję "Zresetuj ustawienia przeglądarki".
Zrób skan adwcleanerem,bo widzę że go masz i przedstaw log po wykonaniu.
Ściągnij
[Aby zobaczyć linki, zarejestruj się tutaj]
uruchom i kliknij Start.
Wklej na stronę raport z
SecurityCheck
[Aby zobaczyć linki, zarejestruj się tutaj]
Uruchom kliknij w dowolny klawisz,poczekaj aż program zakończy działanie.
Zrób nowe logi i przedstaw z FRST.txt > Addition.txt,Shortcut.txt+ OTL ale bez extras.