Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Findit chyba. Wirus w laptopie - Logi co mogę usunąć?

darecki777 13 Sty 2016 22:00 1311 2
  • CControls
  • CControls
  • #3 13 Sty 2016 22:26
    krzychupar
    Poziom 40  

    Odinstaluj
    Body Text Feathering
    GamesDesktop 008.005010206
    Kingdom Video
    RegClean Pro
    Setup
    SpaceSoundPro
    SVH
    Otwórz notatnik systemowy i wklej:
    Task: {01F21EAD-2EC6-42A5-AB71-28D2A1AA632E} - System32\Tasks\psv_NamSancore => /c regedit.exe /s "C:\ProgramData\Zoobam\Zaamtrax.reg" &amp; del "C:\ProgramData\Zoobam\Zaamtrax.reg" &amp; SCHTASKS /Delete /TN "psv_NamSancore" /F <==== UWAGA
    Task: {06980837-38DD-47AF-B095-700F03D4C4B2} - System32\Tasks\Total Video => Rundll32.exe "C:\Users\DELL\AppData\Local\Total Video\{A7A5EC4A-6428-0909-DA1D-2014A7CA7976}\TotalVideo.dll",#1 <==== UWAGA
    Task: {2E44130E-DFB8-42C0-A764-48E981013F1A} - System32\Tasks\snf => C:\ProgramData\Zoobam\Zoobam.exe <==== UWAGA
    Task: {4F452FD9-CA4A-42CB-8702-60C7476639AD} - System32\Tasks\psv_Tresair => /c regedit.exe /s "C:\ProgramData\Zoobam\Tonfix.reg" &amp; del "C:\ProgramData\Zoobam\Tonfix.reg" &amp; SCHTASKS /Delete /TN "psv_Tresair" /F <==== UWAGA
    Task: {51691AAF-CD47-4621-9724-EE7BE5340937} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro3\updater.exe <==== UWAGA
    Task: {65F0BD6E-BED3-494D-B62D-FE4E26B5E408} - System32\Tasks\psv_UnoNix => /c regedit.exe /s "C:\ProgramData\Zoobam\Doublesolkix.reg" &amp; del "C:\ProgramData\Zoobam\Doublesolkix.reg" &amp; SCHTASKS /Delete /TN "psv_UnoNix" /F <==== UWAGA
    Task: {6FF6F7CC-A6E6-478F-9477-280BA00F85FB} - System32\Tasks\psv_Salt-Com => /c regedit.exe /s "C:\ProgramData\Zoobam\Zoo-Light.reg" &amp; del "C:\ProgramData\Zoobam\Zoo-Light.reg" &amp; SCHTASKS /Delete /TN "psv_Salt-Com" /F <==== UWAGA
    Task: {884705BA-023D-40CF-90AB-4AF40FC3DE99} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-11-20] () <==== UWAGA
    Task: {928E1727-4BB1-4C0A-9CBE-E540794C8A41} - System32\Tasks\Kingdom Video => Rundll32.exe "C:\Users\DELL\AppData\Local\Kingdom Video\{A7A5EC4A-6428-0909-DA1D-2014A7CA7976}\KingdomVideo.dll",#1 <==== UWAGA
    Task: {A45AB648-C9E5-4710-9761-4E049E66F797} - System32\Tasks\Total Video2 => Rundll32.exe "C:\Users\DELL\AppData\Local\Total Video\{A7A5EC4A-6428-0909-DA1D-2014A7CA7976}\fgfepyox.dll",#1 <==== UWAGA
    Task: {B92BD2F0-8054-43DD-9F2C-70061160885F} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-11-20] () <==== UWAGA
    Task: {CD7774EF-EBB1-43AE-8F72-B0EEC210A13A} - System32\Tasks\Inst_Rep => C:\Users\DELL\AppData\Local\Installer\Install_2918\ytdieamodc_amodc_inst.exe [2016-01-12] () <==== UWAGA
    Task: {CD7774EF-EBB1-43AE-8F72-B0EEC210A13A} - System32\Tasks\Inst_Rep => C:\Users\DELL\AppData\Local\Installer\Install_2918\ytdieamodc_amodc_inst.exe [2016-01-12] () <==== UWAGA
    Task: {F4CDF335-FD17-4716-B25F-43B5A53E6D27} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-11-20] () <==== UWAGA




    Task: {FEFE498D-4787-4CB7-8417-4355A48140D7} - System32\Tasks\Kingdom Video2 => Rundll32.exe "C:\Users\DELL\AppData\Local\Kingdom Video\{A7A5EC4A-6428-0909-DA1D-2014A7CA7976}\jjlrg.dll",#1 <==== UWAGA
    Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== UWAGA
    Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== UWAGA
    () C:\Program Files (x86)\rec_en_77\rec_en_77.exe
    HKLM\...\Run: [SpaceSoundPro] => C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe [4203520 2015-08-03] (Space Sound Pro)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [gmsd_pl_005010206] => C:\Program Files (x86)\gmsd_pl_005010206\gmsd_pl_005010206.exe [4006576 2016-01-13] ()
    HKLM-x32\...\Run: [rec_en_77] => C:\Program Files (x86)\rec_en_77\rec_en_77.exe [4004568 2016-01-13] ()
    HKLM-x32\...\RunOnce: [IOPROTECT] => C:\Program Files (x86)\SpaceSondPro_v53.11980\ioproduct_service.bat [164 2016-01-13] ()
    HKLM-x32\...\RunOnce: [upgmsd_pl_005010206.exe] => C:\Users\DELL\AppData\Local\gmsd_pl_005010206\upgmsd_pl_005010206.exe [3279024 2016-01-13] ()
    HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
    HKLM\...\Policies\Explorer\Run: [881281713] => C:\ProgramData\msxrxgrnd.exe [97421184 2010-11-21] ()
    HKLM\...\Policies\Explorer\Run: [1281858421] => C:\ProgramData\msxiz.exe [104296960 2010-11-21] ()
    HKU\S-1-5-21-499557954-418881905-3462982921-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...dlMplj6gLgprXubwEIlpCQlpfb_Wkjkjakusw,&q={searchTerms}
    HKU\S-1-5-21-499557954-418881905-3462982921-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F...L_Y36xRTUWwk6AVhDYlMQSx1XmEqicyYKTI8W5FhxZ5U,,
    HKU\S-1-5-21-499557954-418881905-3462982921-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...dlMplj6gLgprXubwEIlpCQlpfb_Wkjkjakusw,&q={searchTerms}
    HKU\S-1-5-21-499557954-418881905-3462982921-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...dlMplj6gLgprXubwEIlpCQlpfb_Wkjkjakusw,&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
    SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...dlMplj6gLgprXubwEIlpCQlpfb_Wkjkjakusw,&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-499557954-418881905-3462982921-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...dlMplj6gLgprXubwEIlpCQlpfb_Wkjkjakusw,&q={searchTerms}
    FF NewTab: chrome://quick_start/content/index.html
    FF DefaultSearchEngine: findit
    FF Homepage: hxxps://www.google.pl/?gfe_rd=cr&ei=w0WVVt2NBOTBuAHA4Y9I&gws_rd=ssl
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!EEF13F682B589555BB23372239D6A115EEF1.js [2016-01-13] <==== UWAGA
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\AFAD5CE7AF9662EAF15E692FF6B78D9EAFAD [2016-01-12] <==== UWAGA
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\EEF13F682B589555BB23372239D6A115EEF1 [2016-01-13] <==== UWAGA
    CHR HomePage: Default -> hxxp://www.omniboxes.com/?type=hp&ts=1452...mp;uid=st500lt012-1dg142_s3pp5nb3xxxxs3pp5nb3
    CHR StartupUrls: Default -> "hxxp://www.omniboxes.com/?type=hp&ts=1452614607&z=7c02a13d623d48fca098d79g2z1w3o1q9g6z8q2ecm&from=amt&uid=st500lt012-1dg142_s3pp5nb3xxxxs3pp5nb3"
    CHR DefaultSearchURL: Default -> hxxp://omniboxes.com/web?type=ds&ts=14526...st500lt012-1dg142_s3pp5nb3xxxxs3pp5nb3&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> omniboxes
    R1 swsedrvr_vt_1_10_0_25; system32\drivers\swsedrvr_vt_1_10_0_25.sys [X]
    2016-01-13 20:48 - 2016-01-13 20:54 - 00000264 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
    2016-01-13 20:48 - 2016-01-13 20:54 - 00000256 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
    2016-01-13 20:48 - 2016-01-13 20:51 - 00003090 _____ C:\Windows\System32\Tasks\RegClean Pro
    2016-01-13 20:48 - 2016-01-13 20:48 - 00003164 _____ C:\Windows\System32\Tasks\Kingdom Video
    2016-01-13 20:48 - 2016-01-13 20:48 - 00003150 _____ C:\Windows\System32\Tasks\Kingdom Video2
    2016-01-13 20:48 - 2016-01-13 20:48 - 00003014 _____ C:\Windows\System32\Tasks\RegClean Pro_UPDATES
    2016-01-13 20:48 - 2016-01-13 20:48 - 00002858 _____ C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
    2016-01-13 20:48 - 2016-01-13 20:48 - 00000991 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
    2016-01-13 20:48 - 2016-01-13 20:48 - 00000000 ____D C:\Users\DELL\AppData\Local\Kingdom Video
    2016-01-13 20:48 - 2016-01-13 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
    2016-01-13 20:47 - 2016-01-13 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
    2016-01-13 20:45 - 2016-01-13 20:48 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro_v53.11980
    2016-01-13 20:45 - 2016-01-13 20:45 - 00000876 _____ C:\Users\DELL\Desktop\SpaceSoundPro.lnk
    2016-01-13 20:45 - 2016-01-13 20:45 - 00000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0
    2016-01-13 20:45 - 2016-01-13 20:45 - 00000000 ____D C:\Program Files\SpaceSoundPro
    2016-01-13 20:45 - 2016-01-13 20:45 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro
    C:\ProgramData\msxiz.exe
    C:\ProgramData\msxrxgrnd.exe
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    0