Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

PC - Safe Finder - FRST - prośba o utworzenie fixlist

Seratrice 22 Lut 2016 12:41 549 2
  • #1 22 Lut 2016 12:41
    Seratrice
    Poziom 2  

    Dzień dobry,
    nie mogę poradzić sobie z usunięciem Safe Finder. Jestem osobą o bardzo podstawowej wiedzy komputerowej, przeczytałam o programie FRST i utworzyłam logi.
    Bardzo proszę o fixlist do nich i z góry dziękuję za pomoc.

    0 2
  • Pomocny post
    #2 22 Lut 2016 12:50
    Kolobos
    Spec od komputerów

    Odinstaluj: WinZipper

    Fixlist.txt dla FRST:
    CustomCLSID: HKU\S-1-5-21-281008416-2574428919-1045516745-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Boczek\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku
    Task: {6814A4EF-143A-4861-824F-AE5D3EF46AD6} - System32\Tasks\{1EED8907-47F8-4C6E-A8CA-DBB4EAC3B773} => pcalua.exe -a E:\Launcher\LAUNCHER.EXE -d E:\
    Task: {AD85870D-42CB-49FB-8B86-C71D3C3E60D3} - System32\Tasks\{FEC54CF0-7333-403F-AFD0-8BFDC08FC775} => C:\Program Files\Electronic Arts\The Sims 3 Wymarzone Podróże\Game\Bin\TS3EP01.exe
    Task: {EB222E90-29DC-4065-A9A2-3035CE0DE0E1} - System32\Tasks\0614aUpdateInfo => C:\ProgramData\Avg_Update_0614a\0614a_AVG-Secure-Search-Update.exe
    ShortcutWithArgument: C:\Users\Boczek\Desktop\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
    ShortcutWithArgument: C:\Users\Boczek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
    ShortcutWithArgument: C:\Users\Boczek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1456097219&a=1053301&src=sh&uuid=0c3d24c3-23ad-499d-858d-417e5197cb3a"
    ShortcutWithArgument: C:\Users\Boczek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
    ShortcutWithArgument: C:\Users\Boczek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
    2016-02-22 00:27 - 2016-02-22 00:27 - 00667136 _____ () C:\ProgramData\CloudPrinter\CloudPrinter.exe
    () C:\ProgramData\CloudPrinter\CloudPrinter.exe
    HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe
    HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
    HKU\S-1-5-21-281008416-2574428919-1045516745-1000\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\Boczek\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=d6ef390da6dd47d28218cd77c23b8733-84e8df04c1b49f9959cbd979078c160800db7bd4 /CMPID=1213b
    HKU\S-1-5-21-281008416-2574428919-1045516745-1000\...\Run: [GoogleChromeAutoLaunch_F8CD4EC2AFC338540E652F42174D49E8] => C:\Program Files\Google\Chrome\Application\chrome.exe [746648 2016-02-18] (Google Inc.)
    HKU\S-1-5-21-281008416-2574428919-1045516745-1000\...\MountPoints2: {6f0e4fe3-a7f0-11e4-a0f5-1c3e84df6ec0} - H:\windows\Install\Install.exe
    HKU\S-1-5-21-281008416-2574428919-1045516745-1000\...\MountPoints2: {89ef14fc-3bf9-11e4-8986-1c3e84df6ec0} - G:\Autorun.exe




    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
    HKU\S-1-5-21-281008416-2574428919-1045516745-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...W6IDJRYOg-91AIXK-RyKT_xr2jdl9QtcSlSIOIWzk5&q={searchTerms}
    SearchScopes: HKLM -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...W6IDJRYOg-91AIXK-RyKT_xr2jdl9QtcSlSIOIWzk5&q={searchTerms}
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1391279...r&uid=ST1000LM014-1EJ164_W3809S5NXXXXW3809S5N
    FF NewTab: C:\ProgramData\Santoms\ff.NT
    FF Homepage: C:\ProgramData\Santoms\ff.HP
    FF user.js: detected! => C:\Users\Boczek\AppData\Roaming\Mozilla\Firefox\Profiles\y45lturz.default\user.js [2014-03-01]
    FF SearchPlugin: C:\Users\Boczek\AppData\Roaming\Mozilla\Firefox\Profiles\y45lturz.default\searchplugins\findit.xml [2016-02-22]
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml [2014-02-26]
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\findit.xml [2016-02-22]
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\sweet-page.xml [2014-02-01]
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2014-10-08]
    FF Extension: Quick Start - C:\Users\Boczek\AppData\Roaming\Mozilla\Firefox\Profiles\y45lturz.default\Extensions\quick_start@gmail.com [2014-06-01] [Brak podpisu cyfrowego]
    FF HKLM\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\Boczek\AppData\Roaming\Mozilla\Firefox\Profiles\y45lturz.default\extensions\lightningnewtab@gmail.com.xpi => nie znaleziono
    FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Boczek\AppData\Roaming\Mozilla\Firefox\Profiles\y45lturz.default\extensions\quick_start@gmail.com
    CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F...L6KxBmYn-1DOX2ofBjP5o78so4AXyiPCf1TTvCjR_02Py
    CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...T0N3pLJlE6EJ1WskQ6Hj6Ce1F3BL5StjxRGJKDDh4V&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
    CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
    R2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe [667136 2016-02-22] () [Brak podpisu cyfrowego]
    S2 Update Jump Flip; "C:\Program Files\Jump Flip\updateJumpFlip.exe" [X]
    S3 AmUStor; system32\drivers\AmUStor.SYS [X]
    2016-02-22 00:29 - 2016-02-22 00:29 - 00000000 ____D C:\ProgramData\Santoms
    2016-02-22 00:28 - 2016-02-22 00:28 - 07951360 _____ C:\Users\Boczek\AppData\Roaming\agent.dat
    2016-02-22 00:28 - 2016-02-22 00:28 - 01881293 _____ C:\Users\Boczek\AppData\Roaming\Pluscom.tst
    2016-02-22 00:28 - 2016-02-22 00:28 - 00126464 _____ C:\Users\Boczek\AppData\Roaming\noah.dat
    2016-02-22 00:28 - 2016-02-22 00:28 - 00063696 _____ C:\Users\Boczek\AppData\Roaming\Config.xml
    2016-02-22 00:28 - 2016-02-22 00:28 - 00018432 _____ C:\Users\Boczek\AppData\Roaming\Main.dat
    2016-02-22 00:28 - 2016-02-22 00:27 - 00667136 _____ C:\Users\Boczek\AppData\Roaming\Pluscom.exe
    2016-02-22 00:27 - 2016-02-22 00:28 - 00005568 _____ C:\Users\Boczek\AppData\Roaming\md.xml
    2016-02-22 00:27 - 2016-02-22 00:27 - 00848437 _____ C:\Users\Boczek\AppData\Roaming\Ittaning.bin
    2016-02-22 00:27 - 2016-02-22 00:27 - 00667136 _____ C:\Users\Boczek\AppData\Roaming\Vaiahold.exe
    2016-02-22 00:27 - 2016-02-22 00:27 - 00126976 _____ C:\Users\Boczek\AppData\Roaming\Installer.dat
    2016-02-22 00:27 - 2016-02-22 00:27 - 00126464 _____ C:\Users\Boczek\AppData\Roaming\lobby.dat
    2016-02-22 00:27 - 2016-02-22 00:27 - 00072702 _____ C:\Users\Boczek\AppData\Roaming\Vaiahold.tst
    2016-02-22 00:27 - 2016-02-22 00:27 - 00054272 _____ C:\Users\Boczek\AppData\Roaming\ApplicationHosting.dat
    2016-02-22 00:27 - 2016-02-22 00:27 - 00015792 _____ C:\Users\Boczek\AppData\Roaming\InstallationConfiguration.xml
    2016-02-22 00:27 - 2016-02-22 00:27 - 00000000 ____D C:\ProgramData\CloudPrinter
    2016-02-22 00:28 - 2016-02-22 00:28 - 0032038 _____ () C:\Users\Boczek\AppData\Roaming\uninstall_temp.ico
    EmptyTemp:

    Po wykonaniu usun katalog C:\FRST i to wszystko.

    0
  • #3 22 Lut 2016 13:06
    Seratrice
    Poziom 2  

    Wszystko jest już w porządku, dziękuję bardzo.

    Temat zamknięty.
    PC - Safe Finder - FRST - prośba o utworzenie fixlist

    0