Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Asus K52JK - złapał wirusa.

kimosz 12 Wrz 2015 16:55 393 1
  • CControls
  • #2 12 Wrz 2015 17:23
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {F5C8E853-6785-4F1D-B62F-653DA5497413} - System32\Tasks\Browser Manager => Sc.exe start Browser Manager
    HKLM-x32\...\Run: [tuto4pc_pl_7] => [X]
    HKLM-x32\...\Run: [tuto4pc_pl_6] => [X]
    CHR HKLM\SOFTWARE\Policies\Google: Zasada ograniczeń <======= UWAGA
    HKU\S-1-5-21-731129293-3588377923-3338725868-1000\Software\Microsoft\Internet Explorer\Main,Start Page Restore = hxxps://isearch.avg.com/?cid={6F41E0E1-DEEE-47A9-A2D1-E4805D52E98A}&mid=b43ea290052347d08ea1f18676f8df15-e7e18c308975b129007dd90432966d4aa194ea33&lang=pl&ds=xn011&pr=sa&d=2012-10-10 23:21:22&v=13.0.0.7&sap=hp
    URLSearchHook: HKU\S-1-5-21-731129293-3588377923-3338725868-1000 - (Brak nazwy) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - Brak pliku
    SearchScopes: HKU\S-1-5-21-731129293-3588377923-3338725868-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL =
    Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.0.0\ViProtocol.dll [2012-10-10] ()
    FF DefaultSearchEngine: delta-homes
    FF SelectedSearchEngine: delta-homes
    FF Extension: The AdBlocker - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\wwxcld9c.default\Extensions\s_yatizgy_fkatc@avgpbdmxhfferqq.com [2015-08-20]
    FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\13.0.0.7
    FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\13.0.0.7 [2012-10-10]
    CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=14...7233&uid=ST9500325AS_6VEGG158XXXX6VEGG158
    CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1437650203&z=96b8afb08b0db8431fd825bgdz6c2mbq7w0e8o0o4g&from=wpm07233&uid=ST9500325AS_6VEGG158XXXX6VEGG158"
    S4 vToolbarUpdater13.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.0.0\ToolbarUpdater.exe [711112 2012-10-10] ()
    S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
    S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
    S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]
    R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [30568 2012-10-10] (AVG Technologies)
    S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
    U3 tmlwf; Brak ImagePath
    U3 tmwfp; Brak ImagePath
    S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
    2015-09-12 16:06 - 2015-09-12 16:06 - 00000000 ____D C:\Users\Asus\Doctor Web
    2015-09-12 15:48 - 2015-09-12 15:48 - 00000000 ____D C:\AdwCleaner
    2015-09-12 14:34 - 2015-09-12 14:34 - 00000000 _____ C:\autoexec.bat
    2015-09-12 14:24 - 2015-09-12 14:25 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Asus\Downloads\SpyHunter-Installer.exe
    2015-09-12 13:59 - 2015-09-12 13:59 - 00000000 ____D C:\Program Files (x86)\TrimEdit
    2015-09-12 16:11 - 2015-07-23 13:16 - 00000000 ____D C:\ProgramData\2WinManPro2
    2015-09-12 15:44 - 2015-07-23 13:18 - 00000000 ____D C:\Program Files (x86)\SFK
    2015-09-12 15:44 - 2015-07-08 15:18 - 00000000 ____D C:\Program Files (x86)\TakkeTheCOupON
    2015-09-12 15:44 - 2015-06-25 03:14 - 00000000 ____D C:\Program Files (x86)\DiiscouuntEExtensi
    2015-09-12 15:44 - 2015-06-22 14:12 - 00000000 ____D C:\Program Files (x86)\AllSaovver
    2015-09-12 15:44 - 2015-06-15 18:01 - 00000000 ____D C:\Program Files (x86)\PericeMIInuusu
    2015-09-12 15:44 - 2015-06-15 18:01 - 00000000 ____D C:\Program Files (x86)\Keep My OptOuts
    2012-11-24 22:00 - 2012-12-02 22:54 - 0000005 _____ () C:\Program Files (x86)\is.dat
    2012-11-24 22:01 - 2012-11-24 22:01 - 0016384 _____ () C:\Program Files (x86)\uik.dat
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw. Odinstaluj Chrome zaznaczając usunięcie danych przeglądania.
    Najpierw możesz wyeksportować zakładki: https://support.google.com/chrome/answer/96816?hl=pl
    Później zainstaluj stabilną wersję: https://www.google.pl/chrome/browser/desktop/

    0