Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Proszę o wykonanie fixlist

danivil 14 Paź 2015 08:40 444 4
  • #1 14 Paź 2015 08:40
    danivil
    Poziom 9  

    Komputer wolna działa,ogólnie mówiąc,więc warto wykonać fixlist, ale ja tego nie potrafię,więc proszę o pomoc. Zamieszczam logi z FRST i Addition i proszę o pomoc.

    0 4
  • CControls
  • #2 14 Paź 2015 08:56
    Domino_2
    Pomocny dla użytkowników

    Odinstaluj BatBrowse, Bonanza Deals, Defaulttab, Delta Chrome Toolbar, FlvPlayer, metaCrawler, Reimage Repair, Update_for_BonanzaDeals, VIS, Yahoo! Search.

    Cytat:

    Task: {1BFE8D68-175B-46F7-BD00-A5E6B2405065} - System32\Tasks\DefaultReg => c:\Users\All Users\dtdata\R001.exe <==== UWAGA
    Task: {3A4B71D4-41AA-4680-9227-BBE89FF37083} - System32\Tasks\DefaultCheck => c:\Users\All Users\dtdata\R002.exe <==== UWAGA
    Task: {417E6790-985A-449B-A7A1-FA3B72D8A56F} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe <==== UWAGA
    Task: {5D20F16E-EF06-483E-8A9A-7F6F3A02EF26} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert <==== UWAGA
    Task: {9E80C8F9-D9F7-4487-9BFF-779C94879A1C} - System32\Tasks\Yahoo! Search => C:\Users\Samsung\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe <==== UWAGA
    Task: {BE50ED47-503B-43D8-9187-D1BD0D6C682F} - System32\Tasks\Default2Check => c:\Users\All Users\dtdata\R003.exe <==== UWAGA
    Task: {CF506150-CB2F-41CE-A83C-291A4AC9DED9} - System32\Tasks\BonanzaDealsUpdate => C:\Program <==== UWAGA
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-1735395495-2726210869-181527219-1001\...\Policies\Explorer: [NoFolderOptions] 0
    HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\Policies\Explorer: [NoFolderOptions] 0
    HKU\S-1-5-21-1735395495-2726210869-181527219-1005\...\Policies\Explorer: [NoFolderOptions] 0
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    GroupPolicyScripts: Ograniczenia <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    URLSearchHook: [S-1-5-21-1735395495-2726210869-181527219-1005] UWAGA => Brak domyślnego URLSearchHook
    SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
    SearchScopes: HKU\S-1-5-21-1735395495-2726210869-181527219-1002 -> DefaultScope {779A2E64-4866-4DC0-893A-609F3F79FCD6} URL =
    SearchScopes: HKU\S-1-5-21-1735395495-2726210869-181527219-1002 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    SearchScopes: HKU\S-1-5-21-1735395495-2726210869-181527219-1002 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=34ABCAF7335D9BB7&affID=119357&tsp=4963
    SearchScopes: HKU\S-1-5-21-1735395495-2726210869-181527219-1002 -> {15E99233-EDC9-48F5-8959-39AD38F3DC01} URL = hxxp://www.mysearchresults.com/search?c=3524&t=01&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1735395495-2726210869-181527219-1002 -> {779A2E64-4866-4DC0-893A-609F3F79FCD6} URL =




    SearchScopes: HKU\S-1-5-21-1735395495-2726210869-181527219-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={4D63C3D7-B06F-4579-A538-7E29BFAC1D36}&mid=e678097cad4d47cd9d7819be75b97249-de6d25eb738df0d863d5d1957a8a792cb3343436&lang=pl&ds=AVG&coid=avgtbavg&cmpid=1214tb&pr=fr&d=2014-12-03 23:58:13&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
    BHO-x32: Brak nazwy -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> => Brak pliku
    BHO-x32: Brak nazwy -> {b67b3dbb-c1c9-49d2-b016-2748b0b5017e} -> => Brak pliku
    BHO-x32: Brak nazwy -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> => Brak pliku
    BHO-x32: Brak nazwy -> {C35B7206-62EB-F808-5475-18A6FDE7DD94} -> => Brak pliku
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.8.0\\npsitesafety.dll [Brak pliku]
    CHR Extension: (Delta Toolbar) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2015-04-20]
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    S3 EraserUtilDrv11313; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [X]
    S3 EraserUtilDrv11511; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11511.sys [X]
    S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [X]
    U0 sr; Brak ImagePath
    S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X]
    C:\ProgramData\MakeMarkerFile.exe
    C:\Users\EasySurvey\EasySurvey.exe
    EmptyTemp:


    Wklej to do notatnika i zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się plik FRST.exe, odpal go i kliknij Fix/Napraw.

    Przeskanuj komputer programami ADWCleaner i MBAM i usuń wszystko co znalazły.

    0
  • CControls
  • #3 14 Paź 2015 08:57
    Acorus 20
    Spec od komputerów

    Odinstaluj BatBrowse 1.0.0, Bonanza Deals (remove only), Defaulttab, Delta Chrome Toolbar, FlvPlayer, metaCrawler, Reimage Repair, Update_for_BonanzaDeals, Yahoo! Search. Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.
    Pokaż nowe logi z FRST.

    0
  • #5 14 Paź 2015 13:00
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
    HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    S3 EraserUtilDrv11511; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11511.sys [X]
    2015-10-14 12:35 - 2015-10-14 12:39 - 00000000 ____D C:\AdwCleaner
    2015-10-14 12:11 - 2015-10-14 12:11 - 00003108 _____ C:\windows\System32\Tasks\{9C965A6E-40E6-4AF3-ABFA-186FC6CA3AC1}
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw. Skasuj folder C:\FRST.

    0