Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Safefinder - I kilka dziwnych folderow

Qdx 01 Sty 2016 20:53 699 4
  • #1 01 Sty 2016 20:53
    Qdx
    Poziom 4  

    Witam, mam problem z usunieciem Safefidera z przegladarki.
    Dodatkowo razem z nim pojawilo sie na dysku c: kilka folderow ktorych nie moge sie pozbyc.
    progam file/cmdidx
    programdata/caMyciloP
    programdata/caMyciloPs
    programdata/Medlights
    programdata/ApplicationHosting

    zalaczam logi FRST.txt Download (45.56 kB) i Additi..txt Download (25.48 kB).

    0 4
  • Pomocny post
    #2 01 Sty 2016 23:52
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:

    Task: {1F69AE88-5EDB-4DB5-9AA7-D7A8139BDC7A} - System32\Tasks\{DCD833C6-861C-4F7D-8168-3BF6E3D66E11} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Topstring\uninstall.exe" -c -f "C:\Program Files (x86)\Common Files\Topstring\uninstall.dat" -a uninstallme 9152F2A1-9A3D-4593-8273-8B2F99ED03F7 DeviceId=bd0bfcbf-9b5f-878c-cfff-6daef6de2330 BarcodeId=50027003 ChannelId=3 DistributerName=APSnapdoAMRev
    () C:\ProgramData\caMyciloP\caMyciloP.exe
    () C:\Program Files\cmdidx\cmdidx.exe
    () C:\ProgramData\caMyciloP\caMyciloP.exe
    () C:\ProgramData\ApplicationHosting\ApplicationHosting.exe
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-2523051751-2984767087-1214534822-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-2523051751-2984767087-1214534822-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-2523051751-2984767087-1214534822-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=dspp&...p;uid=3B4C1E2DD6054d5cB1BFB5070582C151&q={searchTerms}
    HKU\S-1-5-21-2523051751-2984767087-1214534822-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F...XtCBjfY5gHaEATAU7IuIaeB2BQd5XVV18aa_62iI6iA,,,,




    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
    SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...CMEu4O44iuarwgclFwesi3f-tN-Xb0cp-1Tg,,&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2523051751-2984767087-1214534822-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...CMEu4O44iuarwgclFwesi3f-tN-Xb0cp-1Tg,,&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2523051751-2984767087-1214534822-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...CMEu4O44iuarwgclFwesi3f-tN-Xb0cp-1Tg,,&q={searchTerms}
    BHO-x32: No Name -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> No File
    CHR DefaultSearchURL: Profile 1 -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...bKXyNueTuv7BeOoQNjwZxmhObUg1OKWFzYGg,,&q={searchTerms}
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
    CHR DefaultSearchKeyword: Profile 1 -> feed.sonic-search.com
    CHR DefaultSuggestURL: Profile 1 -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
    CHR Session Restore: Profile 1 -> is enabled.
    CHR Profile: C:\Users\Spacjonea\AppData\Local\Google\Chrome\User Data\Default
    CHR Profile: C:\Users\Spacjonea\AppData\Local\Google\Chrome\User Data\Profile 1
    CHR HKLM-x32\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx
    R2 ApplicationHosting; C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe [508416 2016-01-01] () [File not signed]
    R2 caMyciloP; C:\ProgramData\\caMyciloP\\caMyciloP.exe [508416 2016-01-01] () [File not signed]
    R2 cmdidx; C:\Program Files\cmdidx\cmdidx.exe [383488 2016-01-01] () [File not signed]
    R2 ApplicationHosting; C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe [508416 2016-01-01] () [File not signed]
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
    S3 vpnva; \SystemRoot\system32\DRIVERS\vpnva64-6.sys [X]
    2016-01-01 19:27 - 2016-01-01 20:22 - 00000000 ____D C:\ProgramData\caMyciloP
    2016-01-01 19:27 - 2016-01-01 19:27 - 00000000 ____D C:\ProgramData\caMyciloPs
    2016-01-01 18:28 - 2016-01-01 20:05 - 00000000 ____D C:\Program Files\cmdidx
    2015-07-21 11:02 - 2015-08-21 11:56 - 0449736 _____ (TODO: <公司名>) C:\Program Files (x86)\SSFK.exe
    EmptyTemp:




    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #5 02 Sty 2016 01:08
    Qdx
    Poziom 4  

    Po czyszczeniu z uzyciem AdwCleaner'a problem nadal wystepowal. Zalaczam logi AdwCleane..1].txt Download (1.59 kB).

    Zresetowalem Chrome do ustawien standardowych i wyglada na to ze SafeFinder juz sie nie pokazuje jako strona domowa ani nie jest uzywany jako wyszukiwarka.

    Dzieki za pomoc.

    0