Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Ślamazarnie działający system.

DamianDrzy 14 Sty 2016 18:02 567 2
  • #2 14 Sty 2016 18:26
    Acorus 20
    Spec od komputerów

    Odinstaluj AnySend, PriceFountain, Safari Packages, Setup, Update for PriceFountain. Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {3B20AA61-CD60-4806-AABA-50F381AB91F9} - System32\Tasks\Price Fountain => C:\Users\Damian\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: {8A23B35E-61BC-4BF2-A160-C9EE83E9C309} - System32\Tasks\DamianYelledQuintupledV2 => Rundll32.exe PopcornTranscribe.dll,main 7 1 <==== ATTENTION
    Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\Damian\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    ShortcutWithArgument: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.istartsurf.com/?type=sc&ts=141...d=WDCXWD6400BPVT-75HXZT3_WD-WXM1A61E2413E2413
    AlternateDataStreams: C:\ProgramData\Microsoft:Dk9DJ2dZ1BCRdQFizXuLTgUvP
    AlternateDataStreams: C:\ProgramData\Microsoft:g5Ili9mlTHBvVFLPHLMkH7
    AlternateDataStreams: C:\ProgramData\Microsoft:mdFWbB0d8OLDY37tFdBZG63
    AlternateDataStreams: C:\ProgramData\Microsoft:XaxhoAhstwAkJSlbS2QA7Pggrie
    AlternateDataStreams: C:\ProgramData\PACE:8D90B6CE045680F7
    AlternateDataStreams: C:\Users\Damian\Cookies:L6zsxDVSR4VabCPl3SpMa2UwajTk
    AlternateDataStreams: C:\Users\Damian\Cookies:zISxdolEVspUnaFTfgLY3v8n
    AlternateDataStreams: C:\Users\Damian\Local Settings:CN87X0x2kqh8qhgWPFf4kIS
    AlternateDataStreams: C:\Users\Damian\Local Settings:HAbWO78fgpfVD64JjsY59x4xX
    AlternateDataStreams: C:\Users\Damian\Local Settings:N8ain4XK2erzzp7k7
    AlternateDataStreams: C:\Users\Damian\Local Settings:TbgMIGI1qWK7UYo9J2JM3q99wek
    AlternateDataStreams: C:\Users\Damian\Local Settings:vmCJFAUJIV5bw7ShlwvHpZzr6IFU
    AlternateDataStreams: C:\Users\Damian\AppData\Local:CN87X0x2kqh8qhgWPFf4kIS
    AlternateDataStreams: C:\Users\Damian\AppData\Local:HAbWO78fgpfVD64JjsY59x4xX
    AlternateDataStreams: C:\Users\Damian\AppData\Local:N8ain4XK2erzzp7k7
    AlternateDataStreams: C:\Users\Damian\AppData\Local:TbgMIGI1qWK7UYo9J2JM3q99wek
    AlternateDataStreams: C:\Users\Damian\AppData\Local:vmCJFAUJIV5bw7ShlwvHpZzr6IFU
    AlternateDataStreams: C:\Users\Damian\AppData\Local\Application Data:CN87X0x2kqh8qhgWPFf4kIS
    AlternateDataStreams: C:\Users\Damian\AppData\Local\Application Data:HAbWO78fgpfVD64JjsY59x4xX
    AlternateDataStreams: C:\Users\Damian\AppData\Local\Application Data:N8ain4XK2erzzp7k7
    AlternateDataStreams: C:\Users\Damian\AppData\Local\Application Data:TbgMIGI1qWK7UYo9J2JM3q99wek
    AlternateDataStreams: C:\Users\Damian\AppData\Local\Application Data:vmCJFAUJIV5bw7ShlwvHpZzr6IFU
    AlternateDataStreams: C:\Users\Damian\AppData\Local\Temp:Fumamivv2qECgtKkHvprjOv




    AlternateDataStreams: C:\Users\Damian\AppData\Local\Temp:SK4dSriJHXnXCdFlg8t
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
    HKLM-x32\...\Run: [mbot_pl_014010028] => [X]
    HKLM-x32\...\Run: [rec_pl_47] => [X]
    HKLM-x32\...\Run: [LemurDaemon] => C:\Program Files (x86)\Liine\Lemur Daemon.exe [2396160 2015-12-17] (Liine)
    HKU\S-1-5-21-1462623646-3811267617-1554019656-1000\...\Run: [Jing] => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2911224 2015-09-11] (TechSmith Corporation)
    HKU\S-1-5-21-1462623646-3811267617-1554019656-1000\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1651200 2015-12-03] (Informer Technologies, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts...D6400BPVT-75HXZT3_WD-WXM1A61E2413E2413&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts...D6400BPVT-75HXZT3_WD-WXM1A61E2413E2413&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=141...d=WDCXWD6400BPVT-75HXZT3_WD-WXM1A61E2413E2413
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=141...d=WDCXWD6400BPVT-75HXZT3_WD-WXM1A61E2413E2413
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts...D6400BPVT-75HXZT3_WD-WXM1A61E2413E2413&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts...D6400BPVT-75HXZT3_WD-WXM1A61E2413E2413&q={searchTerms}
    HKU\S-1-5-21-1462623646-3811267617-1554019656-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={4413489E-E13A-45C8-821C-6552F69C07E9}&mid=87dc6a76435147d2b6f17d3bcfb6d068-c13c7cba622b92d06c826e4a1caa81388c32e35a&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0615pi&pr=fr&d=2015-10-11 13:58:20&v=4.1.8.599&pid=wtu&sg=&sap=hp
    HKU\S-1-5-21-1462623646-3811267617-1554019656-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=141...d=WDCXWD6400BPVT-75HXZT3_WD-WXM1A61E2413E2413
    HKU\S-1-5-21-1462623646-3811267617-1554019656-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.wp.pl/?src01=dp120150412
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts...D6400BPVT-75HXZT3_WD-WXM1A61E2413E2413&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts...D6400BPVT-75HXZT3_WD-WXM1A61E2413E2413&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts...D6400BPVT-75HXZT3_WD-WXM1A61E2413E2413&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts...D6400BPVT-75HXZT3_WD-WXM1A61E2413E2413&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1462623646-3811267617-1554019656-1000 -> DefaultScope {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://pl.search.yahoo.com/search?fr=vmn&..._WCYID10099_swoc_campaign_150412__yaie&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-1462623646-3811267617-1554019656-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U270DF&PC=U270&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-1462623646-3811267617-1554019656-1000 -> {29C03954-88D9-4E3B-A983-A390A7D080F8} URL = hxxp://rts.dsrlte.com/?affID=na&q={searchTerms}&r=652
    SearchScopes: HKU\S-1-5-21-1462623646-3811267617-1554019656-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts...D6400BPVT-75HXZT3_WD-WXM1A61E2413E2413&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1462623646-3811267617-1554019656-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&...id=mystarttb&v=5_4&ent=ch_5108&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1462623646-3811267617-1554019656-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={4413489E-E13A-45C8-821C-6552F69C07E9}&mid=87dc6a76435147d2b6f17d3bcfb6d068-c13c7cba622b92d06c826e4a1caa81388c32e35a&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0615pi&pr=fr&d=2015-10-11 13:58:20&v=4.1.8.599&pid=wtu&sg=&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1462623646-3811267617-1554019656-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://pl.search.yahoo.com/search?fr=vmn&..._WCYID10099_swoc_campaign_150412__yaie&p={searchTerms}
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=141...d=WDCXWD6400BPVT-75HXZT3_WD-WXM1A61E2413E2413
    FF SearchEngineOrder.3: Bing
    FF SelectedSearchEngine: Bing
    FF Homepage: hxxp://searchinterneat-a.akamaihd.net/h?eq=U0...ZVV1IEgcFIk0FA18DB0VXfWFoKB8fHHRQM1BLFWkeSFtX
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=U270DF&PC=U270&q=
    FF SearchPlugin: C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\nxwefibj.default\searchplugins\avg-secure-search.xml [2015-10-11]
    FF SearchPlugin: C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\nxwefibj.default\searchplugins\bing-.xml [2015-09-09]
    FF SearchPlugin: C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\nxwefibj.default\searchplugins\default.xml [2016-01-10]
    FF Extension: Fast Start - C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\nxwefibj.default\extensions\faststartff@gmail.com [2014-09-18] [not signed]
    FF Extension: AVG Web TuneUp - C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\nxwefibj.default\extensions\avg@toolbar.xpi [2015-12-16]
    FF Extension: Assist Point - C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\nxwefibj.default\Extensions\{1774aaa2-8982-4dce-b187-b4c7dfa70c0d}.xpi [2015-04-12] [not signed]
    FF Extension: Digital More - C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\nxwefibj.default\Extensions\{a6472983-82c2-48e2-af83-11b7750b32b5}.xpi [2015-04-12] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\nxwefibj.default\extensions\faststartff@gmail.com
    CHR HKU\S-1-5-21-1462623646-3811267617-1554019656-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    R2 vToolbarUpdater40.2.4; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe [1923984 2015-12-16] (AVG Secure Search)
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.

    0
  • #3 15 Sty 2016 10:28
    DamianDrzy
    Poziom 2  

    Bardzo dziękuję. Zastosowałem i pomogło. Pozdrawiam

    0