Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Reklamy - Searchscope (logifrst)

terrages 15 Mar 2016 10:45 513 1
  • CControls
  • #2 15 Mar 2016 11:06
    Kolobos
    Spec od komputerów

    Fixlist.txt podany przez @Killlu nie jest poprawny, nie wykonuj go.

    Odinstaluj:
    qksee
    YAC(Yet Another Cleaner!)

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    CloseProcesses:
    Task: {1E60EE65-3384-44BB-9B50-2C6E59C8BF43} - System32\Tasks\{C443AB22-4739-40A3-9A69-72547F9EF40E} => pcalua.exe -a "E:\Praca\PROGRAMY INZYNIERSKIE\ABC PŁYTA 2010.03.02\InstalujAbc.exe" -d "E:\Praca\PROGRAMY INZYNIERSKIE\ABC PŁYTA 2010.03.02"
    Task: {38CB87F5-5121-45E3-BDF9-A997B2A2DAB2} - System32\Tasks\{ECD38851-F024-43D1-B99C-8BBEDF2834A9} => pcalua.exe -a E:\Instalki\irfanview_lang_polski.exe -d E:\Instalki
    Task: {5464D76E-FEC1-40B0-89F2-395D3C6722E5} - System32\Tasks\{4C7270C0-11BB-44A0-BEE5-AEBE40DA2408} => D:\Start.exe
    Task: {7FA9B39F-4255-4916-B177-C49EE30430EC} - System32\Tasks\{5A2413D9-EAC5-4FD4-B081-0827C12D7500} => pcalua.exe -a G:\INSTALKI\Instalki\irfanview_lang_polski.exe -d G:\INSTALKI\Instalki
    Task: {95EB2153-3AA7-4ED1-8488-6166DF940340} - System32\Tasks\{4C98730A-17BE-4C19-95C7-8CE88CF3B3BC} => pcalua.exe -a C:\DICAD.etc\D2.exe -d C:\DICAD.etc
    Task: {D778035D-31BF-4030-BC71-3C3FB52633AC} - System32\Tasks\{C5D290BC-97E6-4785-BDAD-652B6BD93DFE} => pcalua.exe -a "G:\INSTALKI INŻYNIERSKIE\ABC PŁYTA 2010.03.02\InstalujAbc.exe" -d "G:\INSTALKI INŻYNIERSKIE\ABC PŁYTA 2010.03.02"
    2015-11-18 09:07 - 2015-08-19 07:59 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
    2015-11-18 09:07 - 2015-06-30 03:50 - 00176976 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unrar.dll
    2015-11-18 09:07 - 2015-06-30 03:50 - 00087744 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unacev2.dll
    2016-03-14 09:26 - 2016-02-15 03:21 - 00582144 _____ () C:\Program Files (x86)\qksee\curlpp.dll
    2016-03-14 09:26 - 2016-02-15 03:21 - 00065752 _____ () C:\Program Files (x86)\qksee\zlib1.dll
    2015-11-18 09:07 - 2015-08-19 07:59 - 00179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
    (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
    (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
    (Qksee Pvt Ltd.) C:\Program Files (x86)\qksee\qkseeSvc.exe
    (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
    HKU\S-1-5-21-2104657585-1371390912-4140370265-1001\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
    HKU\S-1-5-21-2104657585-1371390912-4140370265-1001\...\MountPoints2: {196fd54b-8521-11e1-8475-806e6f6e6963} - D:\SecSWMgrGuide.exe
    HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\Policies\Explorer: []
    HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\MountPoints2: {d88eeeab-77d5-11e3-bee2-84edfcb5d14d} - H:\AutoRun.exe
    HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\MountPoints2: {d88eeebe-77d5-11e3-bee2-84edfcb5d14d} - G:\AutoRun.exe




    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-02-21]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://v9.com/?type=hp&ts=1450257082&...;z=9658bbaaca00343cd8d3df4g4z5w9eeo9w0mdeeb2q
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com/?type=hp&ts=1450257082&...;z=9658bbaaca00343cd8d3df4g4z5w9eeo9w0mdeeb2q
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910...amp;GUID=00000000-0000-0000-0000-000000000000
    HKU\S-1-5-21-2104657585-1371390912-4140370265-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://v9.com/?type=hp&ts=1450257082&...;z=9658bbaaca00343cd8d3df4g4z5w9eeo9w0mdeeb2q
    HKU\S-1-5-21-2104657585-1371390912-4140370265-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com/?type=hp&ts=1450257082&...;z=9658bbaaca00343cd8d3df4g4z5w9eeo9w0mdeeb2q
    SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
    SearchScopes: HKLM -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450257082&a...bbaaca00343cd8d3df4g4z5w9eeo9w0mdeeb2q&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2104657585-1371390912-4140370265-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2104657585-1371390912-4140370265-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://yoursites123.com/web?type=ds&ts=14...XHTS547575A9E384_J2140059DGPKKADGPKKAX&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2104657585-1371390912-4140370265-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450257082&a...bbaaca00343cd8d3df4g4z5w9eeo9w0mdeeb2q&q={searchTerms}
    CHR HomePage: Default -> hxxp://v9.com?type=hp&ts=1450257082&f...;z=9658bbaaca00343cd8d3df4g4z5w9eeo9w0mdeeb2q
    CHR StartupUrls: Default -> "hxxp://v9.com?type=hp&ts=1450257082&from=mych123&uid=hitachixhts547575a9e384_j2140059dgpkkadgpkkax&z=9658bbaaca00343cd8d3df4g4z5w9eeo9w0mdeeb2q"
    CHR DefaultSearchURL: Default -> hxxp://yoursites123.com/web?type=ds&ts=14...XHTS547575A9E384_J2140059DGPKKADGPKKAX&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> yoursites123
    R2 gprotect; C:\ProgramData\Google\update\GoogleUpdate.exe [315008 2016-01-28] ()
    R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-08-19] (Elex do Brasil Participações Ltda)
    R2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [699952 2016-03-08] (Qksee Pvt Ltd.)
    R2 WMModules; C:\ProgramData\Google\update\GoogleUpdate.exe [315008 2016-01-28] ()
    R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-05-14] (Elex do Brasil Participações Ltda)
    R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2015-08-19] (Elex do Brasil Participações Ltda)
    R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2015-08-19] (Elex do Brasil Participações Ltda)
    R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2015-08-19] (Elex do Brasil Participações Ltda)
    R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-06-30] (Elex do Brasil Participações Ltda)
    S3 clwvd; system32\DRIVERS\clwvd.sys [X]
    S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
    S1 {06b330c2-0607-4547-8f68-86805edbaa23}w64; system32\drivers\{06b330c2-0607-4547-8f68-86805edbaa23}w64.sys [X]
    S1 {237a87b5-881c-4fd8-b80a-c3b471ff75d7}w64; system32\drivers\{237a87b5-881c-4fd8-b80a-c3b471ff75d7}w64.sys [X]
    S1 {2f1ed632-8cc1-4969-916a-211c6b0412c1}w64; system32\drivers\{2f1ed632-8cc1-4969-916a-211c6b0412c1}w64.sys [X]
    S1 {3d9ed61e-1af3-4214-b666-0d144fe3c40a}w64; system32\drivers\{3d9ed61e-1af3-4214-b666-0d144fe3c40a}w64.sys [X]
    S1 {4059f7a9-d023-4137-a1c8-01f0f6fe6110}w64; system32\drivers\{4059f7a9-d023-4137-a1c8-01f0f6fe6110}w64.sys [X]
    S1 {4cc550cb-ad95-48a3-ae71-6ab7c8433971}w64; system32\drivers\{4cc550cb-ad95-48a3-ae71-6ab7c8433971}w64.sys [X]
    S1 {5eeb83d0-96ea-4249-942c-beead6847053}Gw64; system32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys [X]
    S1 {5eeb83d0-96ea-4249-942c-beead6847053}w64; system32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}w64.sys [X]
    S1 {632916e0-3570-41b8-afb5-b10d86ad94c7}w64; system32\drivers\{632916e0-3570-41b8-afb5-b10d86ad94c7}w64.sys [X]
    S1 {651e31c1-db10-434b-a173-a9b0e6a15ce0}w64; system32\drivers\{651e31c1-db10-434b-a173-a9b0e6a15ce0}w64.sys [X]
    S1 {71d5e150-c72b-4e5b-a773-e49420251642}w64; system32\drivers\{71d5e150-c72b-4e5b-a773-e49420251642}w64.sys [X]
    S1 {807699ff-a8ae-4ba9-8010-fe7f44646ff9}w64; system32\drivers\{807699ff-a8ae-4ba9-8010-fe7f44646ff9}w64.sys [X]
    S1 {8f5b8fd1-2f96-4fbf-974b-7f28fa0f93d7}w64; system32\drivers\{8f5b8fd1-2f96-4fbf-974b-7f28fa0f93d7}w64.sys [X]
    S1 {98a55059-ac5d-40d9-81ae-6bff294c9b89}w64; system32\drivers\{98a55059-ac5d-40d9-81ae-6bff294c9b89}w64.sys [X]
    S1 {b52a596e-357b-4007-9a88-5592a17b1be9}w64; system32\drivers\{b52a596e-357b-4007-9a88-5592a17b1be9}w64.sys [X]
    S1 {bf167862-9559-4b38-94c6-2e5edae3632c}w64; system32\drivers\{bf167862-9559-4b38-94c6-2e5edae3632c}w64.sys [X]
    S1 {c60870f2-8f6e-46c4-b1de-a1d328298cb8}w64; system32\drivers\{c60870f2-8f6e-46c4-b1de-a1d328298cb8}w64.sys [X]
    S1 {c9a465a5-420c-4acc-b1be-3ac71ae80fda}w64; system32\drivers\{c9a465a5-420c-4acc-b1be-3ac71ae80fda}w64.sys [X]
    S1 {e168bb47-74a7-440b-bf7d-d17153007d6b}w64; system32\drivers\{e168bb47-74a7-440b-bf7d-d17153007d6b}w64.sys [X]
    S1 {efa349b9-003c-4506-9e55-957c1cff853c}w64; system32\drivers\{efa349b9-003c-4506-9e55-957c1cff853c}w64.sys [X]
    S1 {f0140d89-3c88-497e-896f-f889e74b42b2}w64; system32\drivers\{f0140d89-3c88-497e-896f-f889e74b42b2}w64.sys [X]
    S1 {f06ee1ad-d0c2-4bf7-ada2-fa0fb563c169}w64; system32\drivers\{f06ee1ad-d0c2-4bf7-ada2-fa0fb563c169}w64.sys [X]
    S1 {f9bbdf14-a48a-481e-985e-27942062422c}w64; system32\drivers\{f9bbdf14-a48a-481e-985e-27942062422c}w64.sys [X]
    S1 {fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}w64; system32\drivers\{fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}w64.sys [X]
    S1 {fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}w64; system32\drivers\{fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}w64.sys [X]
    S1 {fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}w64; system32\drivers\{fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}w64.sys [X]
    2016-03-15 10:10 - 2015-06-30 03:50 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\windows\system32\Drivers\iSafeNetFilter.sys
    2016-03-15 10:09 - 2016-03-15 10:09 - 00000000 ____D C:\Users\Gośka\AppData\Roaming\Elex-tech
    2016-03-15 09:46 - 2016-03-15 10:06 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
    2016-03-14 09:26 - 2016-03-15 10:13 - 00000000 ____D C:\Program Files (x86)\qksee
    2016-03-14 09:26 - 2016-03-14 09:26 - 00000000 ____D C:\Users\Gośka\AppData\Roaming\qksee
    2016-03-14 09:26 - 2016-03-14 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
    EmptyTemp:

    W FRST wybierz Napraw.

    Zainstaluj aktualizacje z https://support.microsoft.com/en-us/kb/2545227

    W ustawieniach Chrome wylacz przywracanie zestawu stron po starcie przegladarki.

    Usun katalog C:\FRST i to wszystko.

    0