Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Wyskakujące reklamy - Logi FRST.

Ibra10 16 Mar 2016 11:53 771 9
  • #2 16 Mar 2016 12:12
    Domino_2
    Pomocny dla użytkowników

    Odinstaluj AVG PC TuneUp.

    Cytat:

    Task: {0480195C-C169-4A56-B839-9F3079F90ED7} - System32\Tasks\{75DC6349-BA4A-4C8E-A2DE-CC6C0B6DC251} => pcalua.exe -a C:\Users\Karol\Desktop\Dutch\Disk1\Setup.exe -d C:\Users\Karol\Desktop\Dutch\Disk1
    Task: {0F4EDCEA-ED85-4051-8CD6-B53A425600F9} - System32\Tasks\{39C8F826-7A83-4D59-9845-76E9545A620B} => C:\Users\Karol\Desktop\downloader_fmr_bda6d8bb8f9950888106e5e43c51ac2a.exe
    Task: {1306865D-B629-45D1-9FF4-6E177DCB8195} - System32\Tasks\{EB59BF38-0D12-4765-901C-FC0390704344} => pcalua.exe -a D:\zzzz\setupreg.exe -d D:\zzzz
    Task: {16969040-292C-429A-BBCD-5D3208AF6E33} - System32\Tasks\{EF116947-C8E0-4602-89F8-4B6429FDDC34} => pcalua.exe -a "C:\Users\Karol\Desktop\Heroes of might and magic 3\heroes 3\H3wUpd.exe" -d "C:\Users\Karol\Desktop\Heroes of might and magic 3\heroes 3"
    Task: {33B3953E-3379-47E1-A732-ACA41ABB159D} - System32\Tasks\{8CCA3485-8E21-4159-AB83-694ACCA54F5C} => pcalua.exe -a "C:\Users\Karol\Desktop\Heroes 3\Install.exe" -d "C:\Users\Karol\Desktop\Heroes 3"
    Task: {38BF95A5-F15E-43CC-A22F-F02B21AA8E3A} - System32\Tasks\{8BB17E9F-D52C-4578-BED3-0886E4BDA2F0} => pcalua.exe -a D:\instalki\lide20lide30n670un676un1240uvst7031a_xpen\SetupSG.exe -d D:\instalki\lide20lide30n670un676un1240uvst7031a_xpen
    Task: {3B59E0F6-4FBC-4245-A12E-F894F200AAE4} - System32\Tasks\{F26504D3-8ED6-4F8F-960B-5796DB7BC448} => pcalua.exe -a C:\TEMP\GTAINSTALLER\SETUP.EXE -d C:\TEMP\GTAINSTALLER
    Task: {4CE7BBFC-1737-40BD-AC93-4A67D2A2F8F0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3635441495-2611402391-3262579826-1000UA => C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-08] (Facebook Inc.)
    Task: {52F518DD-442B-461D-8BB7-D7670862570F} - System32\Tasks\{67C719BF-0B52-490F-AB1E-834FE39501EC} => pcalua.exe -a E:\TotalMedia\TotalMedia\Setup.exe -d E:\TotalMedia\TotalMedia
    Task: {61F931B9-6A10-41F2-A15E-C045FA9E83E1} - System32\Tasks\{90786495-DDA8-4000-AE2D-9E0BC8A1D98F} => pcalua.exe -a C:\Users\Karol\Desktop\LV5TZ_WIN7\LV5TZ_WIN7\Drivers\Setup.exe -d C:\Users\Karol\Desktop\LV5TZ_WIN7\LV5TZ_WIN7\Drivers
    Task: {6B1711A0-6DCF-45F5-8D26-CCDE5A437669} - System32\Tasks\{0DCD5BF0-B655-481C-BBB7-326E59EA400A} => pcalua.exe -a C:\Users\Karol\Downloads\TM_LV5HDX\TM_LV5HDX\TotalMedia35\Setup.exe -d C:\Users\Karol\Downloads\TM_LV5HDX\TM_LV5HDX\TotalMedia35
    Task: {70661B8D-E177-46A4-8097-6D5EB455C356} - System32\Tasks\{9C42ACFA-8AD8-476F-8C9E-A1F79ABCF06E} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
    Task: {7165DA59-9023-4AFA-B258-459879F3C75A} - System32\Tasks\{2A519996-4E75-40CB-A2AE-86EFA54BB459} => pcalua.exe -a "C:\Users\Karol\Desktop\GTA 1\GTAINSTALLER.exe" -d "C:\Users\Karol\Desktop\GTA 1"
    Task: {762DA86C-32B2-4C77-AE65-76810E827BC3} - System32\Tasks\{08B21ACA-A7D3-4A4F-B593-2F493852B768} => pcalua.exe -a "C:\Users\Karol\Desktop\Heroes of might and magic 3\heroes 3\Heat\HEAT131G.EXE" -d "C:\Users\Karol\Desktop\Heroes of might and magic 3\heroes 3\Heat"




    Task: {7DC9F45B-282E-459F-84B0-4C571AE29133} - System32\Tasks\{F04DC969-B6F6-4486-85F1-48A80B13A060} => pcalua.exe -a "D:\instalki\skaner canon\SETUPSG.EXE" -d "D:\instalki\skaner canon"
    Task: {8B2C74F8-38B3-49F1-ADFF-D2EADFC7C968} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-02-15] (AVG Technologies CZ, s.r.o.)
    Task: {90B88615-E1DD-4C6F-95A0-B71A334C4B6D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3635441495-2611402391-3262579826-1000Core => C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-08] (Facebook Inc.)
    Task: {9B0CB7DA-9FD1-43CD-A66C-5C420B62811F} - System32\Tasks\{2FDA2A46-C7FC-4726-992C-00A5252ED392} => pcalua.exe -a E:\TotalMedia\setup.exe -d E:\TotalMedia
    Task: {ABB6EA94-7934-4341-AEC3-8E00510CE684} - System32\Tasks\{8C6B7F79-E786-4F7B-BA70-01ADA3E6B642} => pcalua.exe -a C:\Users\Karol\Desktop\SetupSG.exe -d C:\Users\Karol\Desktop
    Task: {ABFFB6EE-D974-4EF5-8506-E2B71DA12985} - System32\Tasks\Opera scheduled Autoupdate 1418610832 => C:\Program Files (x86)\Opera\launcher.exe [2016-03-14] (Opera Software)
    Task: {B110599F-102F-48B6-8445-E834CB082BB5} - System32\Tasks\{A3F8EEA1-8D93-427A-A7C7-42CD0224927F} => pcalua.exe -a C:\Users\Karol\Desktop\Disk1\Setup.exe -d C:\Users\Karol\Desktop\Disk1
    Task: {B36524FF-5B95-436F-A584-47B6ABBFB3BA} - System32\Tasks\Opera scheduled Autoupdate 1452063133 => C:\Program Files (x86)\Opera\launcher.exe [2016-03-14] (Opera Software)
    Task: {BC82C06D-5BC5-43D7-A19F-256B4A299B61} - System32\Tasks\{BDABE599-5904-4894-A2A8-399CF5909BCA} => pcalua.exe -a C:\Users\Karol\Desktop\installer_driver_canon_canoscan_lide_20.exe -d C:\Users\Karol\Desktop
    Task: {CABD54E1-3B5F-4D11-8343-2915A1B32A46} - System32\Tasks\{402ED3F4-49FE-488A-970D-DABDFA906DAE} => pcalua.exe -a C:\Users\Karol\Desktop\TotalMediaPatch\TotalMedia_3.5.28.217_3.5.28.239.exe -d C:\Users\Karol\Desktop\TotalMediaPatch
    Task: {CD1C3BE0-4D8E-4405-B36F-CF0CA31136D6} - System32\Tasks\{CCA578E2-2B15-4807-8B02-E1D6A7024598} => pcalua.exe -a "D:\instalki\skaner canon\s3a01nlx\Dutch\Disk1\Setup.exe" -d "D:\instalki\skaner canon\s3a01nlx\Dutch\Disk1"
    Task: {CF95A9EC-823E-416F-91BE-B5AF3CC1310B} - System32\Tasks\Installer_cr => C:\Users\Karol\AppData\Local\Installer\Installcr_9466\DCytdieamodc_amodc_setup.exe <==== UWAGA
    Task: {DDEC4C85-6A07-476E-82FB-5CBDCFA46935} - System32\Tasks\{5E2AAA13-2C3E-4805-A5E9-C6838EA17685} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\NAPI-PROJEKT\napisy.exe"
    Task: {DF7FDD8A-A638-4427-B537-30CBFC593F3B} - System32\Tasks\{89ECA0D3-6A18-489B-99CC-95A4A2DE6FBB} => pcalua.exe -a D:\instalki\jpegcrops_0.7.5_beta_pl.exe -d D:\instalki
    Task: {E213D7C6-4A4D-435B-A195-4488EC5AE829} - System32\Tasks\{7ACEB24E-9F92-4AAE-A7A0-63533CC3E5BF} => C:\Users\Karol\Desktop\downloader_fmr_bda6d8bb8f9950888106e5e43c51ac2a.exe
    Task: {E553BEAE-0F20-433B-8931-0AF067FD85B7} - System32\Tasks\{A8FEE5EE-32AC-4A18-A787-1F2C71E00F79} => pcalua.exe -a "J:\PeSBoX Anatolia 2013 v0.7 Installer\PeSBoX Anatolia 2013 v0.7 Installer.exe" -d "J:\PeSBoX Anatolia 2013 v0.7 Installer"
    Task: {E8E2BC7F-35DC-4F35-951B-4B5EA6C3C330} - System32\Tasks\{82AEB58A-14F3-480D-A44E-E1BD2273E4FB} => pcalua.exe -a "K:\Pro.Evolution.Soccer.2014-RELOADED\PESEdit.com 2014 Patch 0.1\Installer.exe" -d "K:\Pro.Evolution.Soccer.2014-RELOADED\PESEdit.com 2014 Patch 0.1"
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3635441495-2611402391-3262579826-1000Core.job => C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3635441495-2611402391-3262579826-1000UA.job => C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
    HKU\S-1-5-21-3635441495-2611402391-3262579826-1000\...\Winlogon: [Shell] explorer.exe, <==== UWAGA
    IFEO\dw20.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\proflwiz.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\Winword.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    AutoConfigURL: [S-1-5-21-3635441495-2611402391-3262579826-1000] => hxxp://un-stop.net/wpad.dat?508659f41d5b12d301ee7cc5bcd37ac77628956
    ManualProxies: 0hxxp://un-stop.net/wpad.dat?508659f41d5b12d301ee7cc5bcd37ac77628956
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-3635441495-2611402391-3262579826-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM -> {9C3EDD0D-1027-4043-9B3D-FFDAB6E5EC90} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3635441495-2611402391-3262579826-1000 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3635441495-2611402391-3262579826-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3635441495-2611402391-3262579826-1000 -> {34AC9D41-0C60-44D8-A8BE-73F3ECFAE317} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3635441495-2611402391-3262579826-1000 -> {B3D83326-EF13-4DF0-9F7C-70AE851762C7} URL =
    Toolbar: HKU\S-1-5-21-3635441495-2611402391-3262579826-1000 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Brak pliku
    FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll [Brak pliku]
    FF Plugin HKU\S-1-5-21-3635441495-2611402391-3262579826-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Karol\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [Brak pliku]
    FF Extension: Brak nazwy - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2013-06-10] [Brak podpisu cyfrowego]
    FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt => nie znaleziono
    CHR Extension: (Brak nazwy) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-28]
    OPR Extension: (Adblock Fast) - C:\Users\Karol\AppData\Roaming\Opera Software\Opera Stable\Extensions\klhobddcbiabdfjmomildokiglpmdicc [2016-03-16]
    OPR Extension: (Adblock Plus) - C:\Users\Karol\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-03-09]
    R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4364200 2016-02-15] (AVG Technologies CZ, s.r.o.)
    R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
    U3 a3cgsouj; Brak ImagePath
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
    S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
    S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
    S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
    S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
    S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
    S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
    S3 ipswuio; System32\DRIVERS\ipswuio.sys [X]
    U3 tmlwf; Brak ImagePath
    U3 tmwfp; Brak ImagePath
    S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
    2016-03-12 10:31 - 2016-03-13 03:38 - 00002122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
    2016-03-12 10:31 - 2016-03-13 03:38 - 00002110 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
    2016-03-12 10:31 - 2016-03-12 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
    2016-03-11 12:35 - 2016-03-16 11:37 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
    2016-03-16 10:36 - 2013-06-18 20:11 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3635441495-2611402391-3262579826-1000UA.job
    2016-03-12 13:12 - 2015-10-16 09:11 - 00000000 ____D C:\ComboFix
    2013-08-22 18:48 - 2013-08-22 18:48 - 0000000 _____ () C:\ProgramData\6zfovcowi.dat
    2011-10-30 20:44 - 2011-10-30 20:53 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
    2011-10-30 10:00 - 2011-10-30 10:00 - 0020000 ____H () C:\ProgramData\T09F8
    2011-10-30 09:47 - 2011-10-30 09:49 - 0020000 ____H () C:\ProgramData\V36QQ
    2013-08-22 17:11 - 2013-08-22 17:11 - 0000070 _____ () C:\ProgramData\wtdesmfyqxlgfxnqohm.bat
    2013-08-22 17:11 - 2013-08-22 17:11 - 0000179 _____ () C:\ProgramData\wtdesmfyqxlgfxnqohm.reg
    C:\ProgramData\6zfovcowi.dat
    C:\ProgramData\wtdesmfyqxlgfxnqohm.bat
    C:\ProgramData\wtdesmfyqxlgfxnqohm.reg
    C:\Users\Karol\AppData\Roaming\skype.ini
    EmptyTemp:


    Wklej to do notatnika i zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się plik FRST.exe/FRST64.exe, odpal go i kliknij Fix/Napraw.

    1
  • Pomocny post
    #3 16 Mar 2016 12:24
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {4CE7BBFC-1737-40BD-AC93-4A67D2A2F8F0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3635441495-2611402391-3262579826-1000UA => C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-08] (Facebook Inc.)
    Task: {90B88615-E1DD-4C6F-95A0-B71A334C4B6D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3635441495-2611402391-3262579826-1000Core => C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-08] (Facebook Inc.)
    Task: {CF95A9EC-823E-416F-91BE-B5AF3CC1310B} - System32\Tasks\Installer_cr => C:\Users\Karol\AppData\Local\Installer\Installcr_9466\DCytdieamodc_amodc_setup.exe <==== UWAGA
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3635441495-2611402391-3262579826-1000Core.job => C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3635441495-2611402391-3262579826-1000UA.job => C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe
    HKU\S-1-5-21-3635441495-2611402391-3262579826-1000\...\Policies\Explorer: []
    HKU\S-1-5-21-3635441495-2611402391-3262579826-1000\...\Winlogon: [Shell] explorer.exe, <==== UWAGA
    IFEO\dw20.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\proflwiz.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\Winword.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    AutoConfigURL: [S-1-5-21-3635441495-2611402391-3262579826-1000] => hxxp://un-stop.net/wpad.dat?508659f41d5b12d301ee7cc5bcd37ac77628956
    ManualProxies: 0hxxp://un-stop.net/wpad.dat?508659f41d5b12d301ee7cc5bcd37ac77628956
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-3635441495-2611402391-3262579826-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    SearchScopes: HKU\S-1-5-21-3635441495-2611402391-3262579826-1000 -> {34AC9D41-0C60-44D8-A8BE-73F3ECFAE317} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3635441495-2611402391-3262579826-1000 -> {B3D83326-EF13-4DF0-9F7C-70AE851762C7} URL =
    Toolbar: HKU\S-1-5-21-3635441495-2611402391-3262579826-1000 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Brak pliku
    CHR Extension: (Brak nazwy) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-28]
    U3 a3cgsouj; Brak ImagePath
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
    S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
    S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
    S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
    S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
    S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
    S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
    S3 ipswuio; System32\DRIVERS\ipswuio.sys [X]
    U3 tmlwf; Brak ImagePath
    U3 tmwfp; Brak ImagePath
    S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
    C:\ProgramData\6zfovcowi.dat
    C:\ProgramData\wtdesmfyqxlgfxnqohm.bat
    C:\ProgramData\wtdesmfyqxlgfxnqohm.reg
    C:\Users\Karol\AppData\Roaming\skype.ini
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.

    1
  • Pomocny post
    #5 29 Mar 2016 13:33
    Domino_2
    Pomocny dla użytkowników

    Cytat:

    HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
    HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
    AutoConfigURL: [S-1-5-21-3635441495-2611402391-3262579826-1000] => hxxp://un-stop.net/wpad.dat?508659f41d5b12d301ee7cc5bcd37ac77628956
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-3635441495-2611402391-3262579826-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    CHR Extension: (Adblock Plus) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-26]
    OPR Extension: (Adblock Plus) - C:\Users\Karol\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-03-19]
    U3 ax1p52j9; Brak ImagePath
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    2016-03-26 19:59 - 2016-03-26 20:13 - 00000000 ____D C:\ComboFix
    2016-03-26 19:56 - 2016-03-26 19:57 - 05658151 ____R (Swearware) C:\Users\Karol\Downloads\ComboFix.exe
    2016-03-26 19:54 - 2016-03-26 19:54 - 00602112 _____ (OldTimer Tools) C:\Users\Karol\Downloads\OTL_www.INSTALKI.pl.exe
    2016-03-26 19:51 - 2016-03-26 19:51 - 00120274 _____ C:\Users\Karol\Downloads\OTL.Txt
    2016-03-24 13:08 - 2016-03-26 22:36 - 00000000 ____D C:\Program Files (x86)\AdwCleaner


    Wklej to do notatnika i zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się plik FRST.exe/FRST64.exe, odpal go i kliknij Fix/Napraw.

    0
  • #6 30 Mar 2016 14:20
    Ibra10
    Poziom 2  

    niestety cały czas reklamy wyskakują

    0
  • #7 30 Mar 2016 14:25
    Kolobos
    Spec od komputerów

    Wykonaj taki Fixlist.txt:
    Task: {10A99BF0-4A6B-48B7-9A94-8D651CA85AFC} - System32\Tasks\{7123396C-E22B-4AB3-B0A1-C361C1E3250D} => C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2014\settings.exe
    Task: {354E0C95-BB11-453A-AD21-5F9BE403B38A} - System32\Tasks\{906DB143-0884-44CA-AA1E-E31BB97423C1} => C:\Users\Karol\Desktop\Heroes of might and magic 3\heroes 3\h3wog.exe
    Task: {3D731024-C3A3-4869-A924-47A3CE3E8455} - System32\Tasks\{E3BA10ED-08BE-4340-9886-8C13B166BBA3} => C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\PeSBoX Anatolia 2013 Selector.exe
    Task: {7AA35926-9EAE-4137-93AA-E3799EB377EC} - System32\Tasks\{B5F27CCF-66D7-495F-AB77-D0D2F3AC52A0} => D:\zzzz\Heroes3.exe
    Task: {BE496CF8-FBAE-419F-BFA9-86896A677F9F} - System32\Tasks\Opera scheduled Autoupdate 1458084274 => C:\Program Files (x86)\Opera\launcher.exe [2016-03-14] (Opera Software)
    Task: {C85DB195-5C64-4958-8ADE-B7CD3E790116} - System32\Tasks\{D948DB23-B33D-41CC-9902-A7499D90DD0A} => C:\Users\Karol\Desktop\Heroes of might and magic 3\heroes 3\backup\h3wog.exe
    AutoConfigURL: [S-1-5-21-3635441495-2611402391-3262579826-1000] => hxxp://un-stop.net/wpad.dat?508659f41d5b12d301ee7cc5bcd37ac77628956
    ManualProxies:
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-3635441495-2611402391-3262579826-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    U3 ax1p52j9; Brak ImagePath
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    2016-03-26 19:59 - 2016-03-26 20:13 - 00000000 ____D C:\ComboFix
    2016-03-26 19:56 - 2016-03-26 19:57 - 05658151 ____R (Swearware) C:\Users\Karol\Downloads\ComboFix.exe
    2016-03-26 19:54 - 2016-03-26 19:54 - 00602112 _____ (OldTimer Tools) C:\Users\Karol\Downloads\OTL_www.INSTALKI.pl.exe
    2016-03-26 19:51 - 2016-03-26 19:51 - 00120274 _____ C:\Users\Karol\Downloads\OTL.Txt
    2016-03-24 13:08 - 2016-03-26 22:36 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
    2016-03-16 11:24 - 2016-03-16 11:24 - 00003890 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1458084274
    2016-03-12 17:41 - 2016-03-12 17:41 - 00000351 _____ C:\prefs.js
    2016-03-12 10:52 - 2013-08-29 23:59 - 00000000 ____D C:\found.000

    Usun tez wszystko co wykryje mbam.

    Ktorej przegladarki dotyczy ten problem?

    0
  • #8 30 Mar 2016 14:26
    Domino_2
    Pomocny dla użytkowników

    Odinstaluj przeglądarkę wraz ze wszystkimi katalogami (możesz wcześniej wyeksportować sobie zakłaki) i zainstaluj ponownie.

    0
  • #9 30 Mar 2016 15:19
    Ibra10
    Poziom 2  

    Wcześniej dotyczyło to Opery od tygodnia korzystam z Chroma

    0
  • #10 30 Mar 2016 15:27
    Kolobos
    Spec od komputerów

    Odinstaluj Chrome, usun katalog profilu z %LOCALAPPDATA%\Google\Chrome\User Data\ i zainstaluj przegladarke ponownie. Wczesniej zgraj zakladki.

    0