Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Firstsputnik.ru jak usunąć? - . Ajdahoa

Ajdahoa 30 Gru 2015 03:10 930 4
  • Pomocny post
    #2 30 Gru 2015 04:56
    krzychupar
    Poziom 41  

    Otwórz notatnik systemowy i wklej:

    Cytat:

    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    BootExecute: autocheck autochk * ?????
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
    GroupPolicyScripts: Restriction <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-3576755363-4101934631-3631175856-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-3576755363-4101934631-3631175856-500\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-3576755363-4101934631-3631175856-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    Toolbar: HKU\S-1-5-21-3576755363-4101934631-3631175856-500 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No File
    Handler: WSWSVCUchrome - No CLSID Value
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    S3 GENERICDRV; no ImagePath
    S3 massfilter_lte; no ImagePath
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
    2015-12-29 10:25 - 2015-12-29 10:25 - 00042497 _____ C:\ComboFix.txt
    2015-12-29 10:11 - 2015-12-29 10:25 - 00000000 ____D C:\Qoobox
    2015-12-29 10:11 - 2015-12-29 10:25 - 00000000 ____D C:\ComboFix
    2015-12-29 10:11 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
    2015-12-10 21:17 - 2015-12-10 21:17 - 00001543 _____ C:\AdwCleaner[C13].txt
    2015-12-10 21:15 - 2015-12-10 21:16 - 00001370 _____ C:\AdwCleaner[S15].txt
    2015-12-29 11:04 - 2015-10-06 12:13 - 00000000 ____D C:\AdwCleaner



    EmptyTemp:
    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.


    0
  • #3 03 Sty 2016 01:55
    Ajdahoa
    Poziom 6  

    Zrobione :) dzięki wielkie

    0
  • #4 03 Sty 2016 10:13
    Kolobos
    Spec od komputerów

    @Ajdahoa fix podany przez @krzychupar jest wybrakowany.

    Wykonaj taki fixlist.txt:
    Toolbar: HKU\S-1-5-21-3576755363-4101934631-3631175856-500 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No File
    Handler: WSWSVCUchrome - No CLSID Value
    R2 TDataSvr; C:\Program Files (x86)\TDataDld\TData.exe [228072 2015-12-25] (TData.com)
    S3 GENERICDRV; no ImagePath
    S3 massfilter_lte; no ImagePath
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
    2015-12-29 10:11 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
    2015-12-29 10:11 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2015-12-29 10:11 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2015-12-29 10:11 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2015-12-29 10:11 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
    2015-12-29 10:11 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
    2015-12-29 10:11 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
    2015-12-29 09:12 - 2015-12-29 09:12 - 00000000 ____D C:\ProgramData\3WdM3
    2015-12-29 05:37 - 2015-12-29 05:36 - 00000292 _____ C:\Windows\system32\Drivers\etc\hp.bak
    2015-12-29 05:35 - 2015-12-29 05:35 - 00000000 ____D C:\Program Files (x86)\TDataDld
    2015-12-29 05:18 - 2015-12-29 05:18 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\FiraxisLive
    2015-12-10 21:17 - 2015-12-10 21:17 - 00001543 _____ C:\AdwCleaner[C13].txt
    2015-12-10 21:15 - 2015-12-10 21:16 - 00001370 _____ C:\AdwCleaner[S15].txt
    2015-12-29 11:04 - 2015-10-06 12:13 - 00000000 ____D C:\AdwCleaner
    2015-02-14 20:20 - 2015-02-14 20:20 - 0000005 _____ () C:\Program Files (x86)\is.dat
    2015-02-14 20:21 - 2015-02-14 20:21 - 0016384 _____ () C:\Program Files (x86)\uik.dat


    Zainstaluj tez: https://support.microsoft.com/en-us/kb/2545227

    0
  • #5 05 Sty 2016 02:55
    Ajdahoa
    Poziom 6  

    Zrozumiałem. Zrobiłem co kazałeś. Narazie cisza, jest ok.

    0