Elektroda.pl
Elektroda.pl
X

Wyszukiwarki naszych partnerów

Wyszukaj w ofercie 200 tys. produktów TME
Europejski lider sprzedaży techniki i elektroniki.
Proszę, dodaj wyjątek elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Woodenseal, wirusy - posiadam logi FRST

skoczix 11 Maj 2015 22:53 738 12
  • #2 12 Maj 2015 09:53
    Acorus 20
    Spec od komputerów

    Odinstaluj GamesDesktop 008.109, PruiceeLess, SmartWeb, SpyHunter 4, Support PL 1.1. Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.
    Pokaż nowe logi z FRST.

  • #4 13 Maj 2015 10:39
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {0E2BF72D-8C43-499F-AB85-839F99B2BF16} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3336590126-2083561906-2081572458-1000Core => C:\Users\MS\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-18] (Facebook Inc.)
    Task: {3AD00384-DE58-4435-AE04-C31493A9449D} - System32\Tasks\nvE1QKK => C:\Users\MS\AppData\Roaming\nvE1QKK.exe <==== ATTENTION
    Task: {C5B2D681-D004-4E24-849D-79B815AA1254} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3336590126-2083561906-2081572458-1000UA => C:\Users\MS\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-18] (Facebook Inc.)
    Task: {C8110FBD-5525-4412-99F2-782605720E8B} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{9F996331-B707-45E9-A860-4DD522CE208B}.exe
    Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{9F996331-B707-45E9-A860-4DD522CE208B}.exe <==== ATTENTION
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3336590126-2083561906-2081572458-1000Core.job => C:\Users\MS\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3336590126-2083561906-2081572458-1000UA.job => C:\Users\MS\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\nvE1QKK.job => C:\Users\MS\AppData\Roaming\nvE1QKK.exe <==== ATTENTION
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
    HKLM\...\Run: [Java(TM) ME Platform SDK 3.4] => C:\Java_ME_platform_SDK_3.4\bin\device-manager.exe [131072 2013-08-13] ()
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
    HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [mbot_pl_193] => [X]
    HKLM\...\Run: [gmsd_pl_109] => [X]
    HKU\S-1-5-21-3336590126-2083561906-2081572458-1000\...\Run: [Facebook Update] => C:\Users\MS\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-18] (Facebook Inc.)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3336590126-2083561906-2081572458-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL =




    CHR Extension: (Bookmark Manager) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-29]
    CHR Extension: (Wooden Seal) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\kapbfigegdiifmempdhdmfflahbindbd [2015-05-11]
    CHR HKU\S-1-5-21-3336590126-2083561906-2081572458-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MS\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-12-04]
    CHR HKU\S-1-5-21-3336590126-2083561906-2081572458-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
    S3 FLEXnet Licensing Service; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [X]
    S2 liwucuni; C:\Users\MS\AppData\Local\6E2933F3-1430237457-11DE-9877-44E92F030082\cnsh4C3F.tmp [X]
    2015-05-12 17:30 - 2015-05-12 17:36 - 00000000 ____D () C:\AdwCleaner
    2015-05-11 10:54 - 2015-05-11 01:29 - 00043152 ____N (StdLib) C:\Windows\system32\Drivers\{8489dc05-027a-4989-b3f9-771fc8b095d9}w.sys
    2015-05-11 10:43 - 2015-05-12 16:59 - 00000000 ____D () C:\Users\MS\AppData\Roaming\Enigma Software Group
    2015-05-11 10:43 - 2015-05-11 10:43 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2015-05-11 10:34 - 2015-05-11 10:34 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\MS\Desktop\SpyHunter-Installer.exe
    2015-05-11 09:54 - 2015-05-10 12:26 - 00043152 ____N (StdLib) C:\Windows\system32\Drivers\{e8807d86-5aac-4a22-9f35-da4dfcd4a67d}w.sys
    2015-05-11 09:50 - 2015-05-07 18:47 - 00043152 ____N (StdLib) C:\Windows\system32\Drivers\{e8807d86-5aac-4a22-9f35-da4dfcd4a67d}Gw.sys
    2015-05-07 07:36 - 2015-05-06 12:00 - 00043152 ____N (StdLib) C:\Windows\system32\Drivers\{2f5382ee-8543-4e85-88b0-1fbda91a5501}w.sys
    2015-05-05 10:27 - 2015-05-04 21:01 - 00043152 ____N (StdLib) C:\Windows\system32\Drivers\{2f5382ee-8543-4e85-88b0-1fbda91a5501}Gw.sys
    2015-05-03 19:18 - 2015-05-03 06:00 - 00043152 _____ (StdLib) C:\Windows\system32\Drivers\{df98b4bc-0486-43f6-82e9-55124a0a3851}Gw.sys
    2015-04-29 09:09 - 2015-04-29 09:08 - 00613255 _____ (CMI Limited) C:\Users\MS\AppData\Local\nsf20E7.tmp
    2015-04-29 08:59 - 2015-04-28 22:05 - 00043152 ____N (StdLib) C:\Windows\system32\Drivers\{54567227-7c1c-4efc-bf38-4ac4c6032ba2}Gw.sys
    015-04-28 16:29 - 2015-04-28 16:29 - 00613255 _____ (CMI Limited) C:\Users\MS\AppData\Local\nseE776.tmp
    2015-04-28 16:25 - 2015-05-12 17:38 - 00000974 _____ () C:\Windows\Tasks\nvE1QKK.job
    2015-04-28 16:10 - 2015-04-28 16:10 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
    2015-04-28 16:08 - 2015-04-28 16:08 - 00000000 ____D () C:\Users\MS\AppData\Local\CrashRpt
    2015-04-28 16:08 - 2015-04-28 16:08 - 00000000 ____D () C:\ProgramData\15487363407758109683
    2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\MS\AppData\Roaming\nvE1QKK
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix.

  • #5 13 Maj 2015 11:06
    skoczix
    Poziom 4  

    Zrobiłem FIX.
    Nadal mam jakieś chińskie programy, których nie da się usunąć.
    Woodenseal, wirusy - posiadam logi FRST

  • #6 13 Maj 2015 16:19
    Acorus 20
    Spec od komputerów

    Pokaż nowe logi z FRST.

  • #8 13 Maj 2015 17:16
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    CloseProcesses:
    HKLM\...\Run: [BaiduSdTray] => C:\Program Files\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe [3257240 2015-04-28] (百度在线网络技术(北京)有限公司)
    HKLM\...\Run: [BaiduAnTray] => C:\Program Files\Baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe [3042312 2015-04-28] (百度在线网络技术(北京)有限公司)
    R2 BaiduHips; C:\Program Files\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe [64008 2015-04-03] (百度在线网络技术(北京)有限公司)
    R2 BDKVRTP; C:\Program Files\Baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe [793096 2014-11-06] (百度在线网络技术(北京)有限公司)
    R2 BDMRTP; C:\Program Files\Baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe [1047048 2015-04-03] (百度在线网络技术(北京)有限公司)
    R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [86344 2015-04-03] (Baidu)
    R1 bd0002; C:\Windows\System32\DRIVERS\bd0002.sys [168392 2015-04-28] (Baidu)
    R1 bd0003; C:\Windows\System32\DRIVERS\bd0003.sys [57160 2014-11-06] (Baidu)
    R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [145224 2015-04-03] (Baidu Technology)
    R1 BDDefense; C:\Windows\System32\drivers\BDDefense.sys [121992 2015-05-05] (Baidu)
    R1 BDEnhanceBoost; C:\Windows\System32\DRIVERS\BDEnhanceBoost.sys [48328 2015-04-03] (Baidu)
    R2 BDMNetMon; C:\Windows\System32\DRIVERS\BDMNetMon.sys [182088 2015-04-03] (Baidu)
    R1 BDMWrench; C:\Windows\System32\DRIVERS\BDMWrench.sys [239432 2015-04-03] (Baidu)
    R1 BdSandBox; C:\Windows\System32\DRIVERS\BdSandBox.sys [139784 2014-11-06] (Baidu)
    2015-04-28 16:19 - 2015-04-03 07:02 - 00182088 _____ (Baidu) C:\Windows\system32\Drivers\BDMNetMon.sys
    2015-04-28 16:19 - 2015-04-03 07:02 - 00048328 _____ (Baidu) C:\Windows\system32\Drivers\BDEnhanceBoost.sys
    2015-04-28 16:18 - 2015-05-12 19:14 - 00000000 ____D () C:\ProgramData\Baidu
    2015-04-28 16:18 - 2015-05-12 17:35 - 00000000 ____D () C:\Program Files\baidu
    2015-04-28 16:18 - 2015-05-05 10:36 - 00121992 _____ (Baidu) C:\Windows\system32\Drivers\BDDefense.sys
    2015-04-28 16:18 - 2015-04-28 16:35 - 00168392 _____ (Baidu) C:\Windows\system32\Drivers\bd0002.sys
    2015-04-28 16:18 - 2015-04-28 16:18 - 00000000 ____D () C:\Program Files\Common Files\Baidu
    2015-04-28 16:18 - 2015-04-03 07:02 - 00239432 _____ (Baidu) C:\Windows\system32\Drivers\BDMWrench.sys
    2015-04-28 16:18 - 2015-04-03 07:02 - 00145224 _____ (Baidu Technology) C:\Windows\system32\Drivers\BDArKit.sys
    2015-04-28 16:18 - 2015-04-03 07:01 - 00086344 _____ (Baidu) C:\Windows\system32\Drivers\bd0001.sys
    2015-04-28 16:18 - 2014-11-06 09:38 - 00139784 _____ (Baidu) C:\Windows\system32\Drivers\BdSandBox.sys
    2015-04-28 16:18 - 2014-11-06 09:38 - 00057160 _____ (Baidu) C:\Windows\system32\Drivers\bd0003.sys
    2015-04-28 16:18 - 2014-11-06 09:38 - 00026824 _____ (Baidu) C:\Windows\system32\Drivers\BDFileDefend.sys


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix.

  • Pomocny post
    #10 13 Maj 2015 18:04
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    S2 BaiduHips; "C:\Program Files\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe" [X]
    S2 BDKVRTP; "C:\Program Files\Baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe" -r [X]
    S2 BDMRTP; "C:\Program Files\Baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe" -r [X]
    R1 bd0001; system32\DRIVERS\bd0001.sys [X]
    R1 bd0002; system32\DRIVERS\bd0002.sys [X]
    R1 bd0003; system32\DRIVERS\bd0003.sys [X]
    R2 BDArKit; system32\DRIVERS\BDArKit.sys [X]
    R1 BDDefense; system32\drivers\BDDefense.sys [X]
    R1 BDEnhanceBoost; system32\DRIVERS\BDEnhanceBoost.sys [X]
    R2 BDMNetMon; system32\DRIVERS\BDMNetMon.sys [X]
    R1 BDMWrench; system32\DRIVERS\BDMWrench.sys [X]
    R1 BdSandBox; system32\DRIVERS\BdSandBox.sys [X]

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix. Skasuj folder C:\FRST.

  • #11 13 Maj 2015 18:16
    skoczix
    Poziom 4  

    Mam zrobić jeszcze raz logi FRST?

  • #13 13 Maj 2015 18:23
    skoczix
    Poziom 4  

    Ok, dzięki wielkie za pomoc.
    Woodenseal, wirusy - posiadam logi FRST

 Szukaj w ofercie
Zamknij 
Wyszukaj w ofercie 200 tys. produktów TME