Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o sprawdzenie logów FRST - Chiński soft - nie mogę sobie poradzić z nim.

carlos_1 26 Lut 2016 13:14 582 5
  • #1 26 Lut 2016 13:14
    carlos_1
    Poziom 7  

    Jak w temacie chciałem zainstalować stery sterowniki do monitora, a zamiast tego zainstalował mi się jakiś chiński program. Proszę o pomoc w usunięci tego świństwa. Dziękuję.

    0 5
  • CControls
  • #2 26 Lut 2016 14:03
    Kolobos
    Spec od komputerów

    Lepiej naucz sie korzystac z internetu i uwazaj na to co sciagasz, SpyHunter program o watpliwej reputacji (wytoczyli proces bleeping za pisanie porady o ich badziewnym programie), yac to szkodliwy program...

    Odinstaluj:
    Adobe Reader 9, zmien na najnowsza wersje AR lub na Foxit: http://ninite.com/foxit/
    McAfee Security Scan Plus
    浏览器保护 (pomin jezeli bedzie problem)

    W services.msc zatrzymaj i wylacz usluge aktualizaji, jest juz bedna.

    Uruchom system w trybie awaryjnym.

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    CloseProcesses:
    AV: 电脑管家系统防护 (Disabled - Up to date) {9AAC524A-BF34-49b0-91D2-71838CBB8110}
    Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1455103660.job => C:\Program Files\Opera\launcher.exe
    Task: C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job => C:\WINDOWS\system32\xp_eos.exe
    Task: C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job => C:\WINDOWS\system32\xp_eos.exe
    2016-02-09 13:46 - 2015-05-20 09:40 - 00310152 _____ () C:\Program Files\Baidu\BaiduAn\4.0.0.8029\BDMFrameWork.dll
    2016-02-09 13:46 - 2015-05-22 03:46 - 00265096 _____ () C:\Program Files\Baidu\BaiduAn\4.0.0.8029\BDXPc.dll
    2016-02-09 13:51 - 2016-02-09 13:51 - 00088416 _____ () C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\zlib.dll
    2016-02-09 13:51 - 2016-02-09 13:51 - 00108896 _____ () C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\QMAntiInject.dll
    2016-02-09 13:51 - 2016-02-09 13:51 - 00481632 _____ () C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\sqlite.dll
    2016-02-09 13:51 - 2016-02-09 13:51 - 00100704 _____ () C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\tinyxml.dll
    2016-02-09 13:51 - 2016-02-09 13:51 - 00018272 _____ () C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\QQFileFlt.dll
    2016-02-09 13:51 - 2016-02-09 13:51 - 00039776 _____ () C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
    2016-02-09 13:51 - 2016-02-23 06:50 - 00065008 _____ () C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
    2016-02-09 13:51 - 2016-02-09 13:51 - 00019296 _____ () C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\oDayProtect.dll
    2016-02-09 13:51 - 2016-02-09 13:51 - 00121184 _____ () c:\program files\tencent\qqpcmgr\11.2.17058.221\qmrtpcontroller.dll
    2016-02-18 07:28 - 2015-10-27 10:39 - 00048008 _____ () C:\Program Files\Baidu\BrowserProtect\4.2.2.390\BDCrashCatcher.dll
    2016-02-09 13:46 - 2015-05-20 09:40 - 00277384 _____ () C:\Program Files\Baidu\BaiduAn\4.0.0.8029\BDMCommon.dll
    2016-02-09 13:46 - 2015-05-20 09:40 - 00330632 _____ () C:\Program Files\Baidu\BaiduAn\4.0.0.8029\FTSOManager\BDMSOLiveAccDataMgr.dll




    2016-02-09 13:46 - 2015-05-20 09:40 - 00052104 _____ () C:\Program Files\Baidu\BaiduAn\4.0.0.8029\FTSOManager\BDMNetMonMgrDll.dll
    2016-02-09 13:46 - 2015-05-20 09:40 - 00220040 _____ () C:\Program Files\Baidu\BaiduAn\4.0.0.8029\BDMScriptVM.dll
    2016-02-09 13:46 - 2015-05-20 09:40 - 00043912 _____ () C:\Program Files\Baidu\BaiduAn\4.0.0.8029\cjson.dll
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
    (百度在线网络技术(北京)有限公司) C:\Program Files\Common Files\Baidu\BaiduHips\1.2.0.892\BaiduHips.exe
    (百度在线网络技术(北京)有限公司) C:\Program Files\Baidu\BaiduAn\4.0.0.8029\BaiduAnSvc.exe
    (Tencent) C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\QQPCRTP.EXE
    (百度在线网络技术(北京)有限公司) C:\Program Files\Baidu\BaiduAn\4.0.0.8029\BaiduAnTray.exe
    HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
    HKLM\...\Run: [BaiduAnTray] => C:\Program Files\Baidu\BaiduAn\4.0.0.8029\BaiduAnTray.exe [2251784 2016-02-09] (百度在线网络技术(北京)有限公司)
    Winlogon\Notify\Antiwpa: antiwpa.dll [X]
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yac.mx/?utm_source=b&utm_me...Safe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.yac.mx/?utm_source=b&utm_me...Safe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.yac.mx/?utm_source=b&utm_me...Safe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yac.mx/?utm_source=b&utm_me...Safe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    SearchScopes: HKLM - DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=st3250410as_6ry67x0nxxxx6ry67x0n&ts=1455272691
    SearchScopes: HKLM - {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=st3250410as_6ry67x0nxxxx6ry67x0n&ts=1455272691
    SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
    SearchScopes: HKCU - {4AD43A14-AA87-4d4b-A345-B0BC1C61BC76} URL = http://www.google.cn/search?hl=zh-CN&q={searchTerms}
    SearchScopes: HKCU - {C3BBCD0B-9234-4d36-9151-EC49EE32FCE3} URL = http://www.baidu.com/s?wd={searchTerms}&tn=28026190_dg&ie=utf-8
    Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - No File
    CHR Extension: (AVG Secure Search) - C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-11-12]
    CHR Extension: (Lyoness Cashback Bar) - C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ibocncflemnoggjhchgnakpnhdiajnjl [2015-02-26]
    CHR Extension: (电脑管家上网防护) - C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-02-09]
    R2 BaiduHips; C:\Program Files\Common Files\Baidu\BaiduHips\1.2.0.892\BaiduHips.exe [89096 2016-02-09] (百度在线网络技术(北京)有限公司)
    R2 BDMRTP; C:\Program Files\Baidu\BaiduAn\4.0.0.8029\BaiduAnSvc.exe [1096712 2015-05-20] (百度在线网络技术(北京)有限公司)
    R2 QQPCRTP; C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\QQPCRTP.exe [301728 2016-02-16] (Tencent)
    U2 QQRepair1e82; C:\WINDOWS\GJFix\QQRepair1e82 [129504 2016-02-26] ()
    S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [X]
    S2 Util Wooden Seal; No ImagePath
    R1 bd0001; C:\WINDOWS\System32\DRIVERS\bd0001.sys [107528 2016-02-09] (Baidu)
    R1 bd0002; C:\WINDOWS\System32\DRIVERS\bd0002.sys [184328 2016-02-09] (Baidu)
    R2 BDArKit; C:\WINDOWS\System32\DRIVERS\BDArKit.sys [145224 2015-05-20] (Baidu Technology)
    R1 BDDefense; C:\WINDOWS\System32\drivers\BDDefense.sys [123720 2016-02-09] (Baidu)
    R1 BDEnhanceBoost; C:\WINDOWS\System32\DRIVERS\BDEnhanceBoost.sys [48328 2015-05-20] (Baidu)
    R1 BDIC; C:\WINDOWS\system32\drivers\BDIC.sys [31496 2015-11-18] (Baidu)
    R2 BDMNetMon; C:\WINDOWS\System32\DRIVERS\BDMNetMon.sys [118472 2015-05-20] (Baidu)
    R1 BDMWrench; C:\WINDOWS\System32\DRIVERS\BDMWrench.sys [239432 2015-05-20] (Baidu)
    R2 BDPaHlp; C:\Program Files\Baidu\BrowserProtect\4.2.2.390\drivers\x86\BDPaHlp.sys [59272 2015-10-27] (Baidu)
    R1 QMUdisk; C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\QMUdisk.sys [78776 2016-02-09] (Tencent)
    R2 QQSysMon; C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\QQSysMon.sys [108984 2016-02-09] (电脑管家)
    R1 softaal; C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\softaal.sys [36280 2016-02-09] (Tencent)
    S3 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator.sys [114616 2016-02-09] (Tencent)
    R3 TFsFlt; C:\WINDOWS\System32\Drivers\TFsFlt.sys [150072 2016-02-09] (电脑管家)
    R1 TSDefenseBt; C:\WINDOWS\System32\DRIVERS\TSDefenseBt.sys [14008 2016-02-09] (Tencent)
    R0 TSFLTMGR; C:\WINDOWS\System32\DRIVERS\TSFLTMGR.SYS [128280 2016-01-14] (电脑管家)
    R1 tsksp; C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\TSKsp.sys [210072 2016-02-09] (电脑管家)
    S3 TSSK; C:\WINDOWS\System32\tssk.sys [74040 2015-12-28] (电脑管家)
    R1 TSSysKit; C:\Program Files\Tencent\QQPCMgr\11.2.17058.221\TSSysKit.sys [102200 2016-02-09] (电脑管家)
    R1 SRepairDrv; \??\C:\WINDOWS\GJFix\SRepairDrv [X]
    2016-02-18 07:28 - 2015-11-18 03:20 - 00031496 _____ (Baidu) C:\WINDOWS\system32\Drivers\BDIC.sys
    2016-02-16 11:46 - 2016-02-16 13:50 - 00002054 _____ () C:\sh4_service.log
    2016-02-16 11:38 - 2016-02-17 07:26 - 00000000 ____D () C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP
    2016-02-15 14:25 - 2016-02-15 14:27 - 45503175 _____ () C:\Documents and Settings\Uzytkownik\Moje dokumenty\SpyHunter_4.17.6.4336 [Eng] patch (1).rar
    2016-02-15 13:18 - 2016-02-15 13:18 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Documents and Settings\Uzytkownik\Moje dokumenty\SpyHunter-Installer (1).exe
    2016-02-15 12:42 - 2016-02-15 12:42 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Documents and Settings\Uzytkownik\Moje dokumenty\SpyHunter-Installer.exe
    2016-02-12 11:11 - 2014-11-03 09:40 - 00055464 _____ (Elex do Brasil Participações Ltda) C:\WINDOWS\system32\Drivers\iSafeNetFilter.sys
    2016-02-12 11:10 - 2016-02-12 11:50 - 00000000 ____D () C:\Program Files\iSafe
    2016-02-12 09:24 - 2016-02-12 09:25 - 00740312 _____ (Elex do Brasil Participações Ltda) C:\Documents and Settings\Uzytkownik\Moje dokumenty\Yet Another Cleaner Atywowany PL.exe
    2016-02-12 07:48 - 2016-02-12 07:50 - 27989848 _____ (Elex do Brasil Participações Ltda) C:\Documents and Settings\Uzytkownik\Moje dokumenty\yet_another_cleaner_sk_109931 (1).exe
    2016-02-12 07:47 - 2016-02-12 07:49 - 27989848 _____ (Elex do Brasil Participações Ltda) C:\Documents and Settings\Uzytkownik\Moje dokumenty\yet_another_cleaner_sk_109931.exe
    2016-02-10 12:27 - 2016-02-26 12:27 - 00000474 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1455103660.job
    2016-02-10 10:24 - 2016-02-10 10:24 - 00000000 ____D () C:\Documents and Settings\Uzytkownik\Dane aplikacji\Baidu
    2016-02-10 10:23 - 2016-02-18 07:27 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Baidu
    2016-02-10 08:05 - 2016-02-10 08:05 - 00000000 ____D () C:\Program Files\t_201602100805
    2016-02-10 07:02 - 2016-02-10 07:02 - 00000000 ____D () C:\Program Files\t_201602100702
    2016-02-09 15:07 - 2016-02-09 15:07 - 00035720 _____ (Baidu) C:\WINDOWS\system32\Drivers\BDICx64(1).sys
    2016-02-09 15:07 - 2016-02-09 15:07 - 00032008 _____ (Baidu) C:\WINDOWS\system32\Drivers\BDIC(1).sys
    2016-02-09 14:59 - 2016-02-09 14:59 - 00000000 ____D () C:\Program Files\t_201602091459
    2016-02-09 14:43 - 2016-02-09 14:43 - 00000000 ____D () C:\Program Files\t_201602091443
    2016-02-09 14:27 - 2016-02-09 14:29 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\Tencent
    2016-02-09 14:27 - 2016-02-09 14:27 - 00030392 _____ (Tencent) C:\WINDOWS\system32\Drivers\TS888.sys
    2016-02-09 13:53 - 2016-02-09 13:51 - 00114616 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator.sys
    2016-02-09 13:52 - 2016-02-26 06:55 - 00000000 ____D () C:\WINDOWS\GJFix
    2016-02-09 13:52 - 2016-02-26 06:55 - 00000000 ____D () C:\Documents and Settings\All Users\TXQMPC
    2016-02-09 13:52 - 2016-02-09 13:52 - 00000000 ____D () C:\Program Files\Common Files\Tencent
    2016-02-09 13:52 - 2016-02-09 13:51 - 00150072 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFlt.sys
    2016-02-09 13:52 - 2016-02-09 13:51 - 00095032 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelXP.sys
    2016-02-09 13:52 - 2016-02-09 13:51 - 00014008 _____ (Tencent) C:\WINDOWS\system32\Drivers\TSDefenseBt.sys
    2016-02-09 13:52 - 2015-12-28 16:38 - 00074040 _____ (电脑管家) C:\WINDOWS\system32\TSSK.sys
    2016-02-09 13:51 - 2016-02-09 13:51 - 00000839 _____ () C:\Documents and Settings\All Users\Menu Start\强力卸载电脑上的软件 .lnk
    2016-02-09 13:51 - 2016-01-14 10:47 - 00128280 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TsFltMgr.sys
    2016-02-09 13:50 - 2016-02-09 14:41 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Tencent
    2016-02-09 13:50 - 2016-02-09 14:18 - 00000000 ____D () C:\Documents and Settings\Uzytkownik\Dane aplikacji\Tencent
    2016-02-09 13:50 - 2016-02-09 13:50 - 00000000 ____D () C:\Program Files\Tencent
    2016-02-09 13:47 - 2016-02-09 13:46 - 00123720 _____ (Baidu) C:\WINDOWS\system32\Drivers\BDDefense.sys
    2016-02-09 13:47 - 2015-05-20 09:40 - 00239432 _____ (Baidu) C:\WINDOWS\system32\Drivers\BDMWrench.sys
    2016-02-09 13:47 - 2015-05-20 09:40 - 00118472 _____ (Baidu) C:\WINDOWS\system32\Drivers\BDMNetMon.sys
    2016-02-09 13:47 - 2015-05-20 09:40 - 00048328 _____ (Baidu) C:\WINDOWS\system32\Drivers\BDEnhanceBoost.sys
    2016-02-09 13:46 - 2016-02-09 14:41 - 00184328 _____ (Baidu) C:\WINDOWS\system32\Drivers\bd0002.sys
    2016-02-09 13:46 - 2016-02-09 14:41 - 00107528 _____ (Baidu) C:\WINDOWS\system32\Drivers\bd0001.sys
    2016-02-09 13:46 - 2016-02-09 13:47 - 00000000 ____D () C:\Program Files\Common Files\Baidu
    2016-02-09 13:46 - 2016-02-09 13:46 - 00000000 ____D () C:\Program Files\Baidu
    2016-02-09 13:46 - 2016-02-09 13:46 - 00000000 ____D () C:\Documents and Settings\All Users\Baidu
    2016-02-09 13:46 - 2015-05-20 09:40 - 00145224 _____ (Baidu Technology) C:\WINDOWS\system32\Drivers\BDArKit.SYS
    2016-02-09 13:43 - 2016-02-09 13:43 - 00000000 ____D () C:\Program Files\t_201602091343
    2016-02-08 15:00 - 2014-03-19 06:49 - 00000226 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job
    EmptyTemp:

    W FRST wybierz Napraw.

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    0
  • CControls
  • #4 29 Lut 2016 11:46
    Kolobos
    Spec od komputerów

    Odinstaluj:
    Easy Driver Pro 8.0.3
    McAfee Security Scan Plus <- widze, ze ktos zainstalowal ponownie ten zbedny program.
    浏览器保护

    Nowy Fixlist.txt dla FRST:
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe
    Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk [2016-02-29]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yac.mx/?utm_source=b&utm_me...Safe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_me...Safe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yac.mx/?utm_source=b&utm_me...Safe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_me...Safe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yac.mx/?utm_source=b&utm_me...Safe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_me...Safe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKU\S-1-5-21-789336058-115176313-1177238915-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yac.mx/?utm_source=b&utm_me...Safe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKU\S-1-5-21-789336058-115176313-1177238915-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-789336058-115176313-1177238915-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_me...Safe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-789336058-115176313-1177238915-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-789336058-115176313-1177238915-1004 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
    SearchScopes: HKU\S-1-5-21-789336058-115176313-1177238915-1004 -> {4AD43A14-AA87-4d4b-A345-B0BC1C61BC76} URL = hxxp://www.google.cn/search?hl=zh-CN&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-789336058-115176313-1177238915-1004 -> {C3BBCD0B-9234-4d36-9151-EC49EE32FCE3} URL = hxxp://www.baidu.com/s?wd={searchTerms}&tn=28026190_dg&ie=utf-8
    Toolbar: HKU\S-1-5-21-789336058-115176313-1177238915-1004 -> Brak nazwy - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - Brak pliku
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [239880 2016-02-05] (McAfee, Inc.)
    S2 QQRepair1655; "C:\WINDOWS\GJFix\QQRepair1655" [X]
    2016-02-29 10:37 - 2016-02-29 10:37 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\McAfee Security Scan Plus
    2016-02-29 10:36 - 2016-02-29 10:37 - 00001812 _____ C:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk
    2016-02-29 10:36 - 2016-02-29 10:37 - 00000000 ____D C:\Program Files\McAfee Security Scan
    2016-02-29 10:36 - 2016-02-29 10:36 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan

    Po wykonaniu usun katalog C:\FRST.

    0
  • #6 29 Lut 2016 13:48
    Kolobos
    Spec od komputerów

    W IE nadal widac:
    HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yac.mx/?utm_source=b&utm_medium...om=iSafe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_medium...om=iSafe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKU\S-1-5-21-789336058-115176313-1177238915-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yac.mx/?utm_source=b&utm_medium...om=iSafe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    HKU\S-1-5-21-789336058-115176313-1177238915-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_medium...om=iSafe&uid=st3250410as_6ry67x0nxxxx6ry67x0n
    SearchScopes: HKU\S-1-5-21-789336058-115176313-1177238915-1004 -> {C3BBCD0B-9234-4d36-9151-EC49EE32FCE3} URL = hxxp://www.baidu.com/s?wd={searchTerms}&tn=28026190_dg&ie=utf-8
    Toolbar: HKU\S-1-5-21-789336058-115176313-1177238915-1004 -> Brak nazwy - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - Brak pliku

    Sprobuj przywrocic ustawienia domyslne przegladarki.
    Ewentualnie usunac recznie adresy tych stron przy pomocy regedit.

    0