Odinstaluj:
Bing Bar (HKLM-x32\...\{E461E45A-2B48-42FA-90E1-6F36D85DF101}) (Version: 7.2.233.0 - Microsoft Corporation)
Bueno Chrome Toolbar (HKLM-x32\...\Bueno Chrome Toolbar) (Version: - BuenoSearch) <==== ATTENTION
ConvertAd (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION
Java 7 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417017FF}) (Version: 7.0.170 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Lyrmix (HKLM-x32\...\{111ae63b-ff99-406c-92c8-cb1160233642}) (Version: - Lyrixsoft) <==== ATTENTION
Lyrmix (HKLM-x32\...\lyrmix@Lyrixsoft.co) (Version: - Lyrixsoft) <==== ATTENTION
MixiDJ chrome Toolbar (HKLM-x32\...\MixiDJ chrome Toolbar) (Version: - MixiDJ) <==== ATTENTION
Qtrax Player (HKCU\...\4151965013.portal.qtrax.com) (Version: - portal.qtrax.com)
Video Converter Packages (HKCU\...\Video Converter Packages) (Version: - ) <==== ATTENTION
vShare.tv plugin 1.3 (HKLM-x32\...\vShare.tv plugin) (Version: 1.3 - vShare.tv, Inc.) <==== ATTENTION
PestPatrol
Obok frst.exe utworz plik fixlist.txt z zawartoscia:
Task: {1206D6E2-7971-4F0C-99D6-C12CDF6783FD} - \EPUpdater ATTENTION ====> No Task File
Task: {177A7E52-AE09-42EB-9121-FCC21A509A74} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: {23B021BB-3FD3-4C00-B1B1-0C546F69B733} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: {5ACAFBD0-ADFB-4FCC-BA3A-2ACC2B546679} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3771841667-1574406204-2929946191-1000Core => C:\Users\Kowalscy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-23] (Facebook Inc.)
Task: {79680DD5-58C3-454E-A3C4-CE0BF290B98E} - \Desk 365 RunAsStdUser ATTENTION ====> No Task File
Task: {97FEBD82-8754-42ED-BB19-F749D21C3CBA} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{35ADBBE7-31AC-4B11-B60B-95F4315ED02B}.exe
Task: {AFD7FB37-124A-4091-B6A9-E079421C71B7} - \Lyrmix Update ATTENTION ====> No Task File
Task: {ED09B1D6-90FA-4996-95DD-0D4F7BC1DB5A} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: {F738C7E9-53DE-4893-B5AD-961E7D7075DB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3771841667-1574406204-2929946191-1000UA => C:\Users\Kowalscy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-23] (Facebook Inc.)
Task: {FB4A3405-E6AD-48F8-9BB5-DCFA5E7684B9} - \DSite ATTENTION ====> No Task File
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{35ADBBE7-31AC-4B11-B60B-95F4315ED02B}.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3771841667-1574406204-2929946191-1000Core.job => C:\Users\Kowalscy\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3771841667-1574406204-2929946191-1000UA.job => C:\Users\Kowalscy\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Lyrmix Update.job => C:\Program Files (x86)\Lyrmix\LymxUD.exe <==== ATTENTION
() C:\Users\Kowalscy\Desktop\XRAY MTA.exe
HKLM-x32\...\Run: [ConvertAd] => C:\Users\Kowalscy\AppData\Local\ConvertAd\ConvertAd.exe
HKLM-x32\...\Run: [PestPatrol Control Center] => C:\Program Files (x86)\PestPatrol\PPControl.exe
HKU\S-1-5-21-3771841667-1574406204-2929946191-1000\...\Run: [Driver Detective] => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
HKU\S-1-5-21-3771841667-1574406204-2929946191-1000\...\Winlogon: [Shell] explorer.exe, C:\Users\Kowalscy\Desktop\XRAY MTA.exe [475136 2014-02-26] () <==== ATTENTION
ProxyServer: 127.0.0.1:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://yamdex.net/?searchid=1&l10n=ru&fromsearch=1&text= {searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://yamdex.net/?searchid=1&l10n=ru&fromsearch=1&text= {searchTerms}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL =
http://yamdex.net/?searchid=1&l10n=ru&fromsearch=1&text= {searchTerms}
SearchScopes: HKCU - {24A42C78-3EF5-4E93-80B5-01FED7FD3660} URL =
http://start.facemoods.com/?a=mca&s= {searchTerms}&f=4
SearchScopes: HKCU - {44B75110-A8BD-485C-8055-E28C68264D32} URL =
http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q= {searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=ECA0F592-BBB1-4291-B26F-3A0DCD501BB1&apn_sauid=9AA1684D-4E15-4A42-9A1B-BC271BE30FC0
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FF NetworkProxy: "backup.ftp", "127.0.0.1"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "127.0.0.1"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "127.0.0.1"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF HKCU\...\Firefox\Extensions: [lyrmix@Lyrixsoft.co] - C:\Program Files (x86)\Lyrmix\125.xpi
FF HKCU\...\Firefox\Extensions: [{dde15e35-c9b3-4c30-b055-730c5f4a45d3}] - C:\Program Files (x86)\Lyrmix\133.xpi
CHR HKLM-x32\...\Chrome\Extension: [jofdlbdmefjogcipddjnblinigmpagoj] - C:\Program Files (x86)\Lyrmix\125.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [kidmhllhjmmmnpbiaihafgchacpmokof] - C:\Program Files (x86)\Lyrmix\133.crx [2013-11-06]
S3 ghlvlrjc; C:\Program Files (x86)\ophcrack\pwdump\servpw.exe [X]
S3 wcivmkax; C:\Program Files (x86)\ophcrack\pwdump\servpw.exe [X]
S3 wrodul; C:\Program Files (x86)\ophcrack\pwdump\servpw.exe [X]
S3 ynycyfi; C:\Program Files (x86)\ophcrack\pwdump\servpw.exe [X]
U3 aotj5scv; C:\Windows\System32\Drivers\aotj5scv.sys [0 ] (Advanced Micro Devices)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\D:\PC Wizard 2013\pcwiz_x64.sys [X]
S3 dump_wmimmc; \??\D:\AeriaGames\Wolfteam-PL\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S1 giiqmmbk; \??\C:\Windows\system32\drivers\giiqmmbk.sys [X]
S3 ipswuio; System32\DRIVERS\ipswuio.sys [X]
S1 MpKsl5e244fd4; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9440B51A-1499-4F7C-A136-6FD570658D93}\MpKsl5e244fd4.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2014-04-07 21:04 - 2014-02-26 19:19 - 00475136 ___SH () C:\Users\Kowalscy\Desktop\XRAY MTA.exe
2014-04-19 10:18 - 2013-10-23 14:57 - 00000368 _____ () C:\Windows\Tasks\Lyrmix Update.job
2014-04-19 10:18 - 2013-06-03 19:39 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-04-19 08:19 - 2013-07-23 23:12 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3771841667-1574406204-2929946191-1000UA.job
2014-04-18 23:17 - 2013-07-23 23:12 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3771841667-1574406204-2929946191-1000Core.job
C:\Windows\Tasks\{FFEBECFC-028F-4315-997F-6AE966390ED1}.job
W Frst wybierz Fix.
