Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Safe Finder - jak to usunąć?

darek_gl 14 Lut 2016 13:23 579 4
  • CControls
  • #2 14 Lut 2016 13:37
    Acorus 20
    Spec od komputerów

    Odinstaluj SafeFinder. Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {05C266BD-D0F8-4809-8BD4-3F5053EF1E7E} - \{E334AA20-7709-4D40-B4BC-05625781D3D1} -> Brak pliku <==== UWAGA
    Task: {08711AF2-9485-44B9-AF53-021529BB2A89} - \e-pity2015_styczen -> Brak pliku <==== UWAGA
    Task: {11858BA9-17DD-43FD-A956-F11F5F469CD2} - \EVGAPrecisionX -> Brak pliku <==== UWAGA
    Task: {11A9A47C-FEF5-406D-B322-AF9F5A24CC01} - \{B45D592D-171C-4368-BEC3-147185ABE022} -> Brak pliku <==== UWAGA
    Task: {2BCFEE2C-7FB2-43C9-A35A-5ABC4B40A638} - \e-pity2013_kwiecien -> Brak pliku <==== UWAGA
    Task: {45F7C0F5-2FC8-4E0A-B068-6733D0B62B84} - \{4416BCEA-2A78-49FB-A6EB-9BBEAD03E433} -> Brak pliku <==== UWAGA
    Task: {4642E12E-A255-4C4E-8D82-3A5CDA97A620} - \{752A310B-216F-40A5-9055-4D83A57FA6B6} -> Brak pliku <==== UWAGA
    Task: {4FD6DB25-4105-405B-9B88-BE7514749455} - \{3E3D1D5E-A149-48FB-B628-5D930ED3AADC} -> Brak pliku <==== UWAGA
    Task: {5265BF2F-4AEF-42F6-86EA-476FF488DA0A} - \SYSTEM -> Brak pliku <==== UWAGA
    Task: {5C5CBCFF-B056-47C0-BF00-17B0DF4508AD} - \{E0CD304F-0246-4F91-99DE-D4EF23CE2FBF} -> Brak pliku <==== UWAGA
    Task: {751F87D5-A783-48FA-A67E-3A9EF82E69DA} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== UWAGA
    Task: {75233C55-1AA4-4DEC-8975-B078A21ED44E} - \{03D23056-F02A-4CFE-9D23-B78195D0C282} -> Brak pliku <==== UWAGA
    Task: {7F1DB52B-9509-4957-BC64-EA11B19A8035} - \{94C43673-9EE7-466C-9D74-A1BC0FBBCC15} -> Brak pliku <==== UWAGA
    Task: {81015ACB-E68E-4FA1-9D90-7AC6C4026038} - \e-pity2013_styczen -> Brak pliku <==== UWAGA
    Task: {A5683375-AA3C-4756-9719-0E3BA5966E21} - \{2CC517EC-2ED9-4CB5-BADF-50CC6B395DF9} -> Brak pliku <==== UWAGA
    Task: {B11E83C1-13B9-4550-9B73-C4D343DFC5D8} - \Install_NSS -> Brak pliku <==== UWAGA
    Task: {B4FB7B94-927E-4C05-AA47-8CDE4E5F686B} - \{1B841B7A-D99C-4602-98FD-0224F1E06BCD} -> Brak pliku <==== UWAGA
    Task: {B9DE9918-8627-4983-A5AA-890C4288E61A} - \DealPlyUpdate -> Brak pliku <==== UWAGA
    Task: {CD7F75D9-DBF6-4614-AFE0-ECD1FA248150} - \{84DBBD5A-3730-428E-A589-A252260FA123} -> Brak pliku <==== UWAGA
    Task: {D5479225-C399-4691-87D2-4F6E948B591C} - \{537FC705-694A-4E06-BDCF-B62031739942} -> Brak pliku <==== UWAGA
    Task: {F721F96A-CF60-4F56-AFBD-D529AD2858B8} - \e-pity2015_kwiecien -> Brak pliku <==== UWAGA
    Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== UWAGA
    Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== UWAGA
    AppInit_DLLs: C:\ProgramData\Lightzap\Zumozelax.dll => C:\ProgramData\Lightzap\Zumozelax.dll [805376 2016-02-14] ()
    AppInit_DLLs-x32: C:\ProgramData\Lightzap\Re-Bam.dll => C:\ProgramData\Lightzap\Re-Bam.dll [257536 2016-02-14] ()




    ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    BootExecute: autocheck autochk * SmartDefragBootTime.exe
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...7021&uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...7021&uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&...p;uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&...p;uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...7021&uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...7021&uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&...p;uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&...p;uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W&q={searchTerms}
    HKU\S-1-5-21-1086802672-3031293242-3377965031-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...7K35Y3QMFKqZtlZS3SubF9xxq8_9vB6uZuJL8,&q={searchTerms}
    HKU\S-1-5-21-1086802672-3031293242-3377965031-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F...zZJtj85Wpl9_hJ5jRPA7ZzbAHKGqe43SWp1ZQxtXF0BA,,
    HKU\S-1-5-21-1086802672-3031293242-3377965031-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...7021&uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W
    HKU\S-1-5-21-1086802672-3031293242-3377965031-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...7K35Y3QMFKqZtlZS3SubF9xxq8_9vB6uZuJL8,&q={searchTerms}
    HKU\S-1-5-21-1086802672-3031293242-3377965031-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...7K35Y3QMFKqZtlZS3SubF9xxq8_9vB6uZuJL8,&q={searchTerms}
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...p;uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...p;uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
    SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...7K35Y3QMFKqZtlZS3SubF9xxq8_9vB6uZuJL8,&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...p;uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1086802672-3031293242-3377965031-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...7K35Y3QMFKqZtlZS3SubF9xxq8_9vB6uZuJL8,&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1086802672-3031293242-3377965031-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=84EEA6F3C10E6370&affID=119357&tsp=5020
    SearchScopes: HKU\S-1-5-21-1086802672-3031293242-3377965031-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...p;uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1086802672-3031293242-3377965031-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...7K35Y3QMFKqZtlZS3SubF9xxq8_9vB6uZuJL8,&q={searchTerms}
    BHO-x32: Brak nazwy -> {9cf699ca-2174-4ed8-bec1-ba82095edce0} -> Brak pliku
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=144...=cor&uid=ST3250410AS_6RY6QG0WXXXX6RY6QG0W
    FF NewTab: C:\\ProgramData\\Lightzaps\\ff.NT
    FF DefaultSearchEngine: findit
    FF SelectedSearchEngine: webssearches
    FF Homepage: C:\\ProgramData\\Lightzaps\\ff.HP
    FF SearchPlugin: C:\Users\Bulv\AppData\Roaming\Mozilla\Firefox\Profiles\96alhg1r.default\searchplugins\findit.xml [2016-02-14]
    FF SearchPlugin: C:\Users\Bulv\AppData\Roaming\Mozilla\Firefox\Profiles\96alhg1r.default\searchplugins\webssearches.xml [2015-12-16]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\findit.xml [2016-02-14]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2014-10-07]
    FF Extension: YahooToolsProtected - C:\Users\Bulv\AppData\Roaming\Mozilla\Firefox\Profiles\96alhg1r.default\Extensions\yahooprotected@gmail.com [2015-12-16]
    FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Bulv\AppData\Roaming\Mozilla\Firefox\Profiles\96alhg1r.default\extensions\defsearchp@gmail.com => nie znaleziono
    FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Bulv\AppData\Roaming\Mozilla\Firefox\Profiles\96alhg1r.default\extensions\deskCutv2@gmail.com => nie znaleziono
    FF HKLM-x32\...\Firefox\Extensions: [sidebarff@gmail.com] - C:\Users\Bulv\AppData\Roaming\Mozilla\Firefox\Profiles\96alhg1r.default\extensions\sidebarff@gmail.com => nie znaleziono
    FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\Bulv\AppData\Roaming\Mozilla\Firefox\Profiles\96alhg1r.default\extensions\yahooprotected@gmail.com
    FF HKLM-x32\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\Bulv\AppData\Roaming\Mozilla\Firefox\Profiles\96alhg1r.default\extensions\default_newtabff@gmail.com => nie znaleziono
    CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F...5iPmNGqgCOJwBLgCT4GrVpfgRGDIZNubmaeMbtwTcDX0,,
    CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...Cs5GbymDXTbgrETsKTs3mnBZjgPHLLIaV4mNQ,&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
    CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
    R2 Lightzap; C:\ProgramData\\Lightzap\\Lightzap.exe [666112 2016-02-14] () [Brak podpisu cyfrowego]
    S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
    S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
    S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
    S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
    S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
    S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
    S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
    S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
    2016-02-14 12:00 - 2016-02-14 12:44 - 00000000 ____D C:\ProgramData\Lightzap
    2016-02-14 12:00 - 2016-02-14 12:00 - 07767040 _____ C:\Users\Bulv\AppData\Roaming\agent.dat
    2016-02-14 12:00 - 2016-02-14 12:00 - 01827538 _____ C:\Users\Bulv\AppData\Roaming\Zummasolodox.tst
    2016-02-14 12:00 - 2016-02-14 12:00 - 00666112 _____ C:\Users\Bulv\AppData\Roaming\Zummasolodox.exe
    2016-02-14 12:00 - 2016-02-14 12:00 - 00126976 _____ C:\Users\Bulv\AppData\Roaming\Installer.dat
    2016-02-14 12:00 - 2016-02-14 12:00 - 00126464 _____ C:\Users\Bulv\AppData\Roaming\noah.dat
    2016-02-14 12:00 - 2016-02-14 12:00 - 00062976 _____ C:\Users\Bulv\AppData\Roaming\Config.xml
    2016-02-14 12:00 - 2016-02-14 12:00 - 00018432 _____ C:\Users\Bulv\AppData\Roaming\Main.dat
    2016-02-14 12:00 - 2016-02-14 12:00 - 00011472 _____ C:\Users\Bulv\AppData\Roaming\InstallationConfiguration.xml
    2016-02-14 12:00 - 2016-02-14 12:00 - 00005568 _____ C:\Users\Bulv\AppData\Roaming\md.xml
    2016-02-14 12:00 - 2016-02-14 12:00 - 00000000 ____D C:\ProgramData\Lightzaps
    2016-02-04 18:22 - 2016-02-04 18:22 - 00000000 __SHD C:\Windows\system32\%APPDATA%
    C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.

    0
  • CControls
  • #3 14 Lut 2016 13:44
    wborek
    Poziom 11  

    Spróbuj Baidu Antivirus jest bardzo skuteczny i darmowy.

    0
  • #4 14 Lut 2016 14:08
    darek_gl
    Poziom 2  

    Acorus 20 napisał:
    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.


    Wszystko działa jak należy, dziękuję za szybką i wzorową pomoc.

    0
  • #5 14 Lut 2016 14:32
    swiercm
    Moderator na urlopie...

    wborek napisał:
    Spróbuj Baidu Antivirus jest bardzo skuteczny i darmowy.

    To tylko, być może, częściowe "lekarstwo".
    Wszystko widać w logach.
    darek_gl napisał:
    Wszystko działa jak należy, dziękuję za szybką i wzorową pomoc.

    Usuń folder C:\FRST i to wszystko.
    Zamykam temat.
    Safe Finder - jak to usunąć?

    0