Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Robak Pricefountain - Jak usunąć?

arekklu 06 Mar 2016 12:05 705 5
  • #3 06 Mar 2016 12:36
    krzychupar
    Poziom 41  

    Otwórz notatnik systemowy i wklej:


    Task: {2510A0F2-9A2A-4F93-AC7B-1508DB4B4FA8} - \bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-7 -> Brak pliku <==== UWAGA
    Task: {52A33BCF-7FB7-4D49-9EDC-7119F67FEDC7} - \bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-6 -> Brak pliku <==== UWAGA
    Task: {5E2E37BC-08F1-4C53-903D-778678B57C1F} - \bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-3 -> Brak pliku <==== UWAGA
    Task: {5F32A1B9-B7B0-46AA-A1D3-5ACD278D666C} - \bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-2 -> Brak pliku <==== UWAGA
    Task: {675AA7BA-0F20-47AF-995A-82D7EB18AFE2} - \bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-5 -> Brak pliku <==== UWAGA
    Task: {D770E148-B38E-4F02-865E-37A9216A7D97} - System32\Tasks\ArekAdheresBohemianV2 => Rundll32.exe TepiditiesGenerics.dll,main 7 1 <==== UWAGA
    Task: {F3A6D442-8ED3-4EB5-99A6-EDD5B462876D} - \bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-4 -> Brak pliku <==== UWAGA
    Task: {FE0B6525-D7D7-4D4A-9C64-D8ADD51B2718} - \bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-1 -> Brak pliku <==== UWAGA
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\Run: [ASRock A-Tuning] => [X]
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\Run: [ASRockHDMISwitch] => [X]
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\RunOnce: [AsrOMG_Day0] => [X]
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\RunOnce: [AsrOMG_Day1] => [X]
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\RunOnce: [AsrOMG_Day2] => [X]
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\RunOnce: [AsrOMG_Day3] => [X]
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\RunOnce: [AsrOMG_Day4] => [X]
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\RunOnce: [AsrOMG_Day5] => [X]
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\RunOnce: [AsrOMG_Day6] => [X]
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\MountPoints2: {32304197-a8f1-11e5-8752-d05099079f8c} - H:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\MountPoints2: {32c5276a-f3cf-11e3-89ea-d05099079f8c} - G:\Startme.exe
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\MountPoints2: {aa366dec-e45b-11e4-b2bf-d05099079f8c} - G:\HTC_Sync_Manager_PC.exe
    AppInit_DLLs-x32:  => Brak pliku
    SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => nie znaleziono
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze obok FRST64.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #4 06 Mar 2016 17:41
    Kolobos
    Spec od komputerów

    @arekklu Wykonaj jeszcze taki Fixlist.txt:
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\MountPoints2: {32304197-a8f1-11e5-8752-d05099079f8c} - H:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\MountPoints2: {32c5276a-f3cf-11e3-89ea-d05099079f8c} - G:\Startme.exe
    HKU\S-1-5-21-736538395-1922486114-1142266780-1000\...\MountPoints2: {aa366dec-e45b-11e4-b2bf-d05099079f8c} - G:\HTC_Sync_Manager_PC.exe
    AppInit_DLLs-x32:  => Brak pliku
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    FF Plugin HKU\S-1-5-21-736538395-1922486114-1142266780-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Brak pliku]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2016-03-01 10:25 - 2016-03-01 10:25 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Arek\Downloads\sh-remover.exe
    2016-02-23 19:34 - 2016-02-23 19:34 - 00003438 _____ C:\Windows\System32\Tasks\ArekAdheresBohemianV2
    2016-02-23 19:34 - 2016-02-23 19:34 - 00000000 ____D C:\Users\Arek\AppData\Local\AdheresBohemian
    2016-03-01 12:58 - 2014-06-09 11:39 - 00000000 ____D C:\AdwCleaner
    2015-01-05 14:43 - 2015-01-05 14:43 - 1069094 _____ () C:\Users\Arek\AppData\Roaming\tFXMMb5It9wEeD7TAkV6o6nMoVvEi7DzSw7iwlr7VXBUT2BuHXlULuGtCzKAFzw4XDHHHhGWhmaZr9b1lKwFAHvRV.w3eaO
    2015-01-08 19:19 - 2015-01-08 19:19 - 7188536 _____ (Microsoft Corporation) C:\Users\Arek\AppData\Local\Tempvcredist_x64.exe

    0
  • #6 12 Mar 2016 10:41
    arekklu
    Poziom 2  

    Dzieki panowie! pomogliscie!

    0