Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Proszę o radę co zrobic z Safe Finderem

marcinziom94 06 Lis 2015 22:11 345 1
  • Pomocny post
    #2 06 Lis 2015 22:20
    Kolobos
    Spec od komputerów

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    () C:\Documents and Settings\All Users\Dane aplikacji\Itstock\Itstock.exe
    () C:\Documents and Settings\All Users\Dane aplikacji\Itstock\Zim-Tone.exe
    HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1164584 2010-09-16] ()
    HKU\S-1-5-21-1177238915-606747145-682003330-1003\...\Run: [] => [X]
    AppInit_DLLs: C:\DOCUME~1\ALLUSE~1\DANEAP~1\Itstock\Medlax.dll => C:\Documents and Settings\All Users\Dane aplikacji\Itstock\Medlax.dll [738816 2015-09-11] ()
    GroupPolicyScripts: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= UWAGA
    HKU\S-1-5-21-1177238915-606747145-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= UWAGA
    SearchScopes: HKLM -> URL hxxp://search.certified-toolbar.com?si=44393&...20375-17EB02C3FA72390F130EF807A43A142A&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1177238915-606747145-682003330-1003 -> URL hxxp://search.certified-toolbar.com?si=44393&...20375-17EB02C3FA72390F130EF807A43A142A&q={searchTerms}
    BHO: Brak nazwy -> {ca2fbf11-ffbb-49f8-b2fa-345f226e3a74} -> Brak pliku
    BHO: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> Brak pliku
    Toolbar: HKLM - Brak nazwy - {ca2fbf11-ffbb-49f8-b2fa-345f226e3a74} - Brak pliku
    FF NetworkProxy: "backup.ftp", "192.168.12.1"
    FF NetworkProxy: "backup.ftp_port", 8000
    FF NetworkProxy: "backup.gopher", "192.168.12.1"
    FF NetworkProxy: "backup.gopher_port", 8000
    FF NetworkProxy: "backup.socks", "192.168.12.1"
    FF NetworkProxy: "backup.socks_port", 8000
    FF NetworkProxy: "backup.ssl", "192.168.12.1"
    FF NetworkProxy: "backup.ssl_port", 8000
    FF NetworkProxy: "ftp", "192.168.12.1"
    FF NetworkProxy: "ftp_port", 8000
    FF NetworkProxy: "gopher", "192.168.12.1"
    FF NetworkProxy: "gopher_port", 8000
    FF NetworkProxy: "http", "192.168.12.1"
    FF NetworkProxy: "http_port", 8000
    FF NetworkProxy: "share_proxy_settings", true
    FF NetworkProxy: "socks", "192.168.12.1"
    FF NetworkProxy: "socks_port", 8000
    FF NetworkProxy: "ssl", "192.168.12.1"
    FF NetworkProxy: "ssl_port", 8000
    FF NetworkProxy: "type", 0
    CHR HKLM\...\Chrome\Extension: [pbpddpndgnknlaamgbgkhckcoppfhdhg] - <Brak Path\update_url>
    R2 Itstock; C:\Documents and Settings\All Users\Dane aplikacji\Itstock\Itstock.exe [38400 2015-09-10] () [Brak podpisu cyfrowego]
    S3 AtiHDAudioService; system32\drivers\AtihdXP3.sys [X]
    S3 ggflt; system32\DRIVERS\ggflt.sys [X]
    S3 ggsemc; system32\DRIVERS\ggsemc.sys [X]
    S3 SBFWIMCLMP; system32\DRIVERS\SBFWIM.sys [X]
    U1 WS2IFSL; Brak ImagePath
    S0 yvnubb; System32\drivers\ffxxi.sys [X]
    2015-11-04 20:11 - 2015-11-04 20:11 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Itstocks
    2015-11-06 21:00 - 2015-09-11 02:14 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Itstock
    EmptyTemp:

    W FRST wybierz Napraw.

    1