Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Jak usunąć Safe Finder? Logi z FRST

zeyk 01 Kwi 2016 21:16 564 4
  • CControls
  • CControls
  • #3 02 Kwi 2016 01:12
    zeyk
    Poziom 2  

    Pomogło.

    Wielkie dzięki. Temat do zamknięcia.

    0
  • #4 02 Kwi 2016 06:20
    krzychupar
    Poziom 40  

    Wykonaj jeszcze to.
    Otwórz notatnik systemowy i wklej:

    Task: {02B7B0B4-E1F9-47D1-B712-7CF60D4E101C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {0CF43450-EB4F-4E29-9625-FC496D8C5DE5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {146BC96F-E354-42D7-A5C6-E6487F63A4E2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {1A38ED41-6791-4296-96DA-B9574CFC6AE1} - System32\Tasks\{4A554986-6A31-4A48-BE44-7479E621EDEE} => pcalua.exe -a "C:\Program Files (x86)\ChrisTV Lite\unins000.exe"
    Task: {310F4973-7C43-4BDA-A8EE-BD71B4E775E1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {3AEB8D67-C7CE-45F6-B1F1-9B65FDDE1666} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {3CB7E010-FB8A-4886-9D64-7C5B51C0193C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {47212863-4DCE-46EC-9ED3-85965167C26B} - System32\Tasks\{D546DC80-2E45-4043-8871-87B73134BD91} => pcalua.exe -a "C:\Program Files (x86)\MKJogo\MKLOL\MKuInst.exe"
    Task: {4E852034-E0C4-4927-A4FB-6F93C17D9A0D} - System32\Tasks\{9293A81B-7795-4A1C-9B4C-8727E5380858} => pcalua.exe -a C:\Users\Marian\AppData\Local\AudioSwitch\unins000.exe
    Task: {71DBAD00-A6A4-47C9-86BB-B05C09920FBA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {78A2836E-0655-4B13-B44F-92BC9B44E439} - System32\Tasks\MdmUpdateTaskMachineCore => C:\Users\Marian\AppData\Roaming\openvr\Caches\mdm [2015-06-13] ( ) <==== UWAGA
    Task: {7B633F3D-E330-47D6-9FED-CF76DB3FB647} - System32\Tasks\{47F07DB5-DDA0-4508-9911-E88937336376} => pcalua.exe -a "C:\Program Files (x86)\Actual Multiple Monitors\unins000.exe"
    Task: {9607F94B-5DBB-495F-A881-B1A82AE539C3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {C32F17C9-8AAD-471A-921F-DF0C6441BBA0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {C45B3214-EE13-41D1-9981-FC3E5B2A3DAE} - System32\Tasks\{A9C12262-3A36-4750-9735-D8150A9BC971} => pcalua.exe -a "C:\Program Files (x86)\ChrisTV PVR\unins000.exe"
    Task: {CB08DA0C-D877-4ADB-86CA-CB4AA198A7F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    ShortcutWithArgument: C:\Users\Marian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
    ShortcutWithArgument: C:\Users\Marian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
    ShortcutWithArgument: C:\Users\Marian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%




    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
    HKLM-x32\...\Run: [] => [X]
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-1329554716-4185241078-2566208259-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...DIsiJRL5f1fWxASSGW1cPSIzhNqS4mxpQgnuYe&q={searchTerms}
    HKU\S-1-5-21-1329554716-4185241078-2566208259-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://services.freshy.com/general/newhometab.php?hometab=home&partner=11443&guid={96C9AE2A-CCA7-44F4-AF3C-0611B4207B24}&i=
    HKU\S-1-5-21-1329554716-4185241078-2566208259-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...DIsiJRL5f1fWxASSGW1cPSIzhNqS4mxpQgnuYe&q={searchTerms}
    HKU\S-1-5-21-1329554716-4185241078-2566208259-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...DIsiJRL5f1fWxASSGW1cPSIzhNqS4mxpQgnuYe&q={searchTerms}
    HKU\S-1-5-21-1329554716-4185241078-2566208259-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...DIsiJRL5f1fWxASSGW1cPSIzhNqS4mxpQgnuYe&q={searchTerms}
    HKU\S-1-5-21-1329554716-4185241078-2566208259-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.onet.pl/
    HKU\S-1-5-21-1329554716-4185241078-2566208259-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://services.freshy.com/general/newhometab.php?hometab=home&partner=11443&guid={96C9AE2A-CCA7-44F4-AF3C-0611B4207B24}&i=
    HKU\S-1-5-21-1329554716-4185241078-2566208259-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...DIsiJRL5f1fWxASSGW1cPSIzhNqS4mxpQgnuYe&q={searchTerms}
    HKU\S-1-5-21-1329554716-4185241078-2566208259-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...DIsiJRL5f1fWxASSGW1cPSIzhNqS4mxpQgnuYe&q={searchTerms}
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.qone8.com/web/?type=ds&ts=13...;uid=ST31000524AS_9VPG7D9WXXXX9VPG7D9W&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.qone8.com/web/?type=ds&ts=13...;uid=ST31000524AS_9VPG7D9WXXXX9VPG7D9W&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
    SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...DIsiJRL5f1fWxASSGW1cPSIzhNqS4mxpQgnuYe&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1329554716-4185241078-2566208259-1001 -> DefaultScope {914B2059-C8D8-4FDB-B411-BEE8F0A48863} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1329554716-4185241078-2566208259-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1329554716-4185241078-2566208259-1001 -> {914B2059-C8D8-4FDB-B411-BEE8F0A48863} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1329554716-4185241078-2566208259-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {914B2059-C8D8-4FDB-B411-BEE8F0A48863} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1329554716-4185241078-2566208259-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1329554716-4185241078-2566208259-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {914B2059-C8D8-4FDB-B411-BEE8F0A48863} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms}
    BHO-x32: Dragon Branch -> {d640ce67-58e4-43c2-9adc-6bb959d7c606} -> Brak pliku
    Toolbar: HKU\S-1-5-21-1329554716-4185241078-2566208259-1001 -> Brak nazwy - {18084879-B25F-4B6F-BA68-4671768970C1} - Brak pliku
    Toolbar: HKU\S-1-5-21-1329554716-4185241078-2566208259-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Brak nazwy - {18084879-B25F-4B6F-BA68-4671768970C1} - Brak pliku
    CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pl-pl
    CHR HKU\S-1-5-21-1329554716-4185241078-2566208259-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-1329554716-4185241078-2566208259-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [cekcjpgehmohobmdiikfnopibipmgnml] - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ <nie znaleziono>
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze C:\Users\Marian\Downloads\
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #5 03 Kwi 2016 19:22
    RADU23
    Moderator - Komputery Serwis

    Po wykonaniu tego co napisał @krzychupar , usuń folder C:\FRST i to wszystko.

    zeyk napisał:
    Temat do zamknięcia.

    Jak usunąć Safe Finder? Logi z FRST

    0