Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Chiński program, który sam się instaluje.

bearq 30 Kwi 2015 00:45 9441 2
  • #1 30 Kwi 2015 00:45
    bearq
    Poziom 36  

    Witam,

    na komputerze siedzi jakiś chiński program, którego nie da się odinstalować (sam się instaluje ponownie), który przy okazji pobiera i ściąga jakieś mniejsze programy.
    Logi z FRST:

    1 2
  • CControls
  • #2 30 Kwi 2015 08:47
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    CloseProcesses:
    Task: {06B99F68-01E3-4F8E-ACBE-80EAB6AF46C3} - System32\Tasks\429c536b-2ea8-4824-8b2e-5175daadc8f1-5_user => C:\Program Files (x86)\Object Browser\429c536b-2ea8-4824-8b2e-5175daadc8f1-5.exe <==== ATTENTION
    Task: {0D328A27-A4BE-4785-BC0F-96CA43F57FA0} - System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10.exe <==== ATTENTION
    Task: {0EC9B2D4-9A98-4251-9C79-7BE997290B61} - System32\Tasks\temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe <==== ATTENTION
    Task: {143A573A-3AE1-49F1-A4BE-74F5BC19D648} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
    Task: {14E62E2D-A314-4AE4-97C9-0FD7548CECC5} - System32\Tasks\DWHBKK => C:\Users\Patryk\AppData\Roaming\DWHBKK.exe [2015-01-28] (ObjectB) <==== ATTENTION
    Task: {2F8AF3BF-28E5-4852-AD8B-4869D530D28F} - System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7 => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.exe <==== ATTENTION
    Task: {3E025DC5-7C30-411C-8FEA-C42585969880} - System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7 => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.exe <==== ATTENTION
    Task: {42BB4B7B-F754-4FA9-A08F-3C3D9DE00739} - System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe <==== ATTENTION
    Task: {486BF7B9-5BC9-443C-A50D-12863C439825} - System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.exe <==== ATTENTION
    Task: {56E54BE6-672E-401E-A696-7BD5E2FF0F2A} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
    Task: {61BA0D39-E677-45D5-BB27-A7DFDC8B7AF9} - System32\Tasks\5c948784-b920-4c5f-92a1-0cbcf203e38b-6 => C:\Program Files (x86)\iWebar\5c948784-b920-4c5f-92a1-0cbcf203e38b-6.exe <==== ATTENTION
    Task: {61C89AEC-4A72-4982-B746-0B1A62BD9608} - System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe <==== ATTENTION
    Task: {7377BB7F-C65D-4970-AC52-831350363558} - System32\Tasks\429c536b-2ea8-4824-8b2e-5175daadc8f1-6 => C:\Program Files (x86)\Object Browser\429c536b-2ea8-4824-8b2e-5175daadc8f1-6.exe <==== ATTENTION
    Task: {975CBA51-9BA9-432F-9375-0A1EB8435E49} - System32\Tasks\429c536b-2ea8-4824-8b2e-5175daadc8f1-2 => C:\Program Files (x86)\Object Browser\429c536b-2ea8-4824-8b2e-5175daadc8f1-2.exe <==== ATTENTION




    Task: {AB2C00EA-74E4-44F5-986C-2135BFD0C72B} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
    Task: {B1A971ED-F000-4404-8147-56FA2AFA3194} - System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3 => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.exe <==== ATTENTION
    Task: {B6D595F5-F845-459D-AC69-6549B87D8EF8} - System32\Tasks\429c536b-2ea8-4824-8b2e-5175daadc8f1-7 => C:\Program Files (x86)\Object Browser\429c536b-2ea8-4824-8b2e-5175daadc8f1-7.exe <==== ATTENTION
    Task: {B79F737D-48A8-4FD6-83C1-CF95E611A7F0} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
    Task: {C2BB9C7B-7761-406C-8014-9D8B9D223BA3} - System32\Tasks\temp_429c536b-2ea8-4824-8b2e-5175daadc8f1-6 => C:\Program Files (x86)\Object Browser\429c536b-2ea8-4824-8b2e-5175daadc8f1-6.exe <==== ATTENTION
    Task: {C48171F0-C2CE-4A6D-9708-92AD68BD3E20} - System32\Tasks\429c536b-2ea8-4824-8b2e-5175daadc8f1-5 => C:\Program Files (x86)\Object Browser\429c536b-2ea8-4824-8b2e-5175daadc8f1-5.exe <==== ATTENTION
    Task: {D34E2415-A0E7-4F3D-9FCB-73EF6A5267BE} - System32\Tasks\temp_429c536b-2ea8-4824-8b2e-5175daadc8f1-2 => C:\Users\Patryk\AppData\Local\Temp\nsvB6D3.tmp\429c536b-2ea8-4824-8b2e-5175daadc8f1-2.exe <==== ATTENTION
    Task: {D42482D4-9D43-4598-84EE-2CDB39751B19} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
    Task: {D98D3962-5681-44C3-A7C7-AC1FE4D0286F} - System32\Tasks\temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.exe <==== ATTENTION
    Task: {E97507DC-A8BC-4856-8F71-BDFFE12EC475} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3081470877-721788275-3281369317-1001Core => C:\Users\Patryk\AppData\Local\Facebook\Update\FacebookUpdate.exe [2015-03-01] (Facebook Inc.)
    Task: {EC63A6F9-69CA-412D-9AB6-FD8AF07CCDFF} - System32\Tasks\BYAIAMUF => C:\Users\Patryk\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
    Task: {F7DB3B77-6525-4B30-A094-85A7A91A76C5} - System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5 => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe <==== ATTENTION
    Task: C:\Windows\Tasks\BYAIAMUF.job => C:\Users\Patryk\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
    Task: C:\Windows\Tasks\DWHBKK.job => C:\Users\Patryk\AppData\Roaming\DWHBKK.exe <==== ATTENTION
    Task: C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe <==== ATTENTION
    Task: C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.job => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.exe <==== ATTENTION
    Task: C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user.job => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10.exe <==== ATTENTION
    Task: C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.job => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.exe <==== ATTENTION
    Task: C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.job => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe <==== ATTENTION
    Task: C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe <==== ATTENTION
    Task: C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.job => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.exe <==== ATTENTION
    Task: C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.job => C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.exe <==== ATTENTION
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3081470877-721788275-3281369317-1001Core.job => C:\Users\Patryk\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
    Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [baidusdTray] => C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe [3257240 2015-04-29] (百度在线网络技术(北京)有限公司)
    HKLM-x32\...\Run: [BaiduAnTray] => C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe [3042312 2015-04-29] (百度在线网络技术(北京)有限公司)
    HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe [355296 2015-04-29] (Tencent)
    HKU\S-1-5-21-3081470877-721788275-3281369317-1001\...\Run: [Facebook Update] => C:\Users\Patryk\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2015-03-01] (Facebook Inc.)
    HKU\S-1-5-21-3081470877-721788275-3281369317-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe [65536 2015-04-06] ()
    HKU\S-1-5-21-3081470877-721788275-3281369317-1001\...\Policies\Explorer: []
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91800134_hao_pg
    HKU\S-1-5-21-3081470877-721788275-3281369317-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91800134_hao_pg
    HKU\S-1-5-21-3081470877-721788275-3281369317-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSWebMon64.dat [2015-04-29] (Tencent)
    BHO-x32: WebMonBHO -> {15DEE173-1BE9-4424-81E0-58A87076E9B1} -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\websafe\WebMonBHO.dll [2014-11-06] (百度在线网络技术(北京)有限公司)
    FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll [2014-11-06] (百度在线网络技术(北京)有限公司)
    FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\npQMExtensionsMozilla.dll [2015-04-29] (Tencent Technology (Shenzhen) Company Limited)
    FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
    FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
    CHR Extension: (Bookmark Manager) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
    R2 BaiduHips; C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe [64008 2015-04-03] (百度在线网络技术(北京)有限公司)
    R2 BDKVRTP; C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe [793096 2014-11-06] (百度在线网络技术(北京)有限公司)
    R2 BDMRTP; C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe [1047048 2015-04-03] (百度在线网络技术(北京)有限公司)
    R2 YTDUpdt; C:\Program Files (x86)\YTDownloader\YTDUpdater.exe [178688 2014-12-17] (Goobzo) [File not signed]
    S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /svc [X] <==== ATTENTION
    S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X] <==== ATTENTION
    R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [202576 2015-04-03] (Baidu)
    R1 bd0001; C:\Windows\SysWOW64\DRIVERS\bd0001.sys [202704 2015-04-29] (Baidu)
    R1 bd0002; C:\Windows\System32\DRIVERS\bd0002.sys [196936 2015-04-03] (Baidu)
    R1 bd0002; C:\Windows\SysWOW64\DRIVERS\bd0002.sys [198600 2015-04-29] (Baidu)
    R1 bd0003; C:\Windows\System32\DRIVERS\bd0003.sys [67400 2014-11-06] (Baidu)
    R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2015-04-03] (Baidu Technology)
    S2 BDDefense; C:\Windows\system32\drivers\BDDefense.sys [103240 2015-04-03] (Baidu)
    R2 BDMNetMon; C:\Windows\System32\DRIVERS\BDMNetMon.sys [241992 2015-04-03] (Baidu)
    R1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [62280 2015-04-03] (Baidu)
    R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk64.sys [62264 2015-04-29] (Tencent)
    R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQSysMonX64.sys [127800 2015-04-29] (电脑管家)
    R2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-04-29] (Tencent)
    R2 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernel64.sys [174392 2015-04-29] (Tencent Technology(Shenzhen) Company Limited)
    R1 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-04-29] (电脑管家)
    R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tscpm64.sys [42296 2015-04-29] (电脑管家)
    S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSDefenseBT64.sys [28472 2015-04-29] (Tencent)
    R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSSysKit64.sys [87352 2015-04-29] (电脑管家)
    S1 BDFileDefend; system32\DRIVERS\BDFileDefend.sys [X]
    S1 BdSandBox; system32\DRIVERS\BdSandBox.sys [X]
    R3 HWiNFO32; \??\C:\Users\Patryk\AppData\Local\Temp\HWiNFO64A.SYS [X]
    2015-04-29 23:58 - 2015-04-29 23:58 - 00000000 ____D () C:\ProgramData\TXQMPC
    2015-04-29 23:47 - 2015-04-29 23:47 - 00202704 _____ (Baidu) C:\Windows\SysWOW64\Drivers\bd0001.sys
    2015-04-29 23:47 - 2015-04-29 23:47 - 00198600 _____ (Baidu) C:\Windows\SysWOW64\Drivers\bd0002.sys
    2015-04-29 23:44 - 2015-04-29 23:44 - 00000000 ____D () C:\Program Files\Common Files\Tencent
    2015-04-29 23:44 - 2015-04-29 23:39 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
    2015-04-29 23:44 - 2015-04-29 23:39 - 00099640 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
    2015-04-29 23:44 - 2015-04-29 23:39 - 00087864 _____ (电脑管家) C:\Windows\system32\Drivers\tfsfltX64.sys
    2015-04-29 23:41 - 2015-04-29 23:41 - 00007222 _____ () C:\Windows\System32\Tasks\temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-6
    2015-04-29 23:41 - 2015-04-29 23:41 - 00005178 _____ () C:\Windows\System32\Tasks\temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6
    2015-04-29 23:41 - 2015-04-29 23:41 - 00005178 _____ () C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7
    2015-04-29 23:41 - 2015-04-29 23:41 - 00005178 _____ () C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6
    2015-04-29 23:41 - 2015-04-29 23:41 - 00004486 _____ () C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5
    2015-04-29 23:41 - 2015-04-29 23:41 - 00003150 _____ () C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.job
    2015-04-29 23:41 - 2015-04-29 23:41 - 00003150 _____ () C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job
    2015-04-29 23:41 - 2015-04-29 23:41 - 00002458 _____ () C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user.job
    2015-04-29 23:41 - 2015-04-29 23:41 - 00002458 _____ () C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.job
    2015-04-29 23:41 - 2015-04-29 23:41 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
    2015-04-29 23:40 - 2015-04-29 23:40 - 00007558 _____ () C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6
    2015-04-29 23:40 - 2015-04-29 23:40 - 00007222 _____ () C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7
    2015-04-29 23:40 - 2015-04-29 23:40 - 00007174 _____ () C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3
    2015-04-29 23:40 - 2015-04-29 23:40 - 00005530 _____ () C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.job
    2015-04-29 23:40 - 2015-04-29 23:40 - 00005194 _____ () C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.job
    2015-04-29 23:40 - 2015-04-29 23:40 - 00004170 _____ () C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.job
    2015-04-29 23:40 - 2015-04-29 23:40 - 00003964 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
    2015-04-29 23:40 - 2015-04-29 23:40 - 00003730 _____ () C:\Windows\System32\Tasks\BYAIAMUF
    2015-04-29 23:40 - 2015-04-29 23:40 - 00002124 _____ () C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user.job
    2015-04-29 23:40 - 2015-04-29 23:40 - 00001706 _____ () C:\Windows\Tasks\BYAIAMUF.job
    2015-04-29 23:38 - 2015-04-29 23:58 - 00000000 ____D () C:\ProgramData\Tencent
    2015-04-29 23:38 - 2015-04-29 23:52 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Tencent
    2015-04-29 23:38 - 2015-04-29 23:38 - 00000000 ____D () C:\Program Files (x86)\Tencent
    2015-04-29 23:32 - 2015-04-03 07:02 - 00241992 _____ (Baidu) C:\Windows\system32\Drivers\BDMNetMon.sys
    2015-04-29 23:28 - 2015-04-03 07:02 - 00152392 _____ (Baidu Technology) C:\Windows\system32\Drivers\BDArKit.sys
    2015-04-29 23:28 - 2015-04-03 07:02 - 00062280 _____ (Baidu) C:\Windows\system32\Drivers\BDMWrench_x64.sys
    2015-04-29 23:28 - 2015-04-03 07:01 - 00202576 _____ (Baidu) C:\Windows\system32\Drivers\bd0001.sys
    2015-04-29 23:28 - 2015-04-03 07:01 - 00196936 _____ (Baidu) C:\Windows\system32\Drivers\bd0002.sys
    2015-04-29 23:28 - 2015-04-03 07:01 - 00103240 _____ (Baidu) C:\Windows\system32\Drivers\BDDefense.sys
    2015-04-29 23:28 - 2014-12-05 11:35 - 00202576 _____ (Baidu) C:\Windows\system32\Drivers\bd0001.sys_
    2015-04-29 23:28 - 2014-11-06 09:38 - 00067400 _____ (Baidu) C:\Windows\system32\Drivers\bd0003.sys
    2015-04-29 23:27 - 2015-04-29 23:28 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Baidu
    2015-04-29 23:25 - 2015-04-29 23:31 - 00000000 ____D () C:\Program Files (x86)\baidu
    2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Patryk\AppData\Roaming\BYAIAMUF
    2015-01-25 18:12 - 2015-01-25 18:12 - 0001248 _____ () C:\Users\Patryk\AppData\Roaming\DWHBKK
    2015-01-28 01:53 - 2015-01-28 01:53 - 1944040 _____ (ObjectB) C:\Users\Patryk\AppData\Roaming\DWHBKK.exe
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix. Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.

    4
  • CControls
  • #3 13 Wrz 2015 01:01
    bearq
    Poziom 36  

    Wszystko ok.
    Chiński program, który sam się instaluje.

    0