Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Proszę o sprawdzenie logów FRST - dużo wirusów!

magnos92 29 Kwi 2016 19:57 564 8
  • Pomocny post
    #2 29 Kwi 2016 20:24
    Acorus 20
    Spec od komputerów

    Odinstaluj Adobe Reader 9.5.5 - Polish, mobilepcstarterkit version 1.1, Reimage Repair, shopperz, thirteen degrees, YellowSend, yessearches - Uninstall. Otwórz notatnik systemowy i wklej:

    Cytat:
    CloseProcesses:
    Task: {066D8028-56C0-4C79-8F91-1B9BD3CB75D8} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2016-01-25] (Reimage ltd.) <==== UWAGA
    Task: {324805FC-F21F-46C7-BF2E-43468A3388FE} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe
    Task: {4E177E8B-1250-46AF-A1A2-FB21836C4A6E} - \Nimeckreelule Log -> Brak pliku <==== UWAGA
    Task: {6D646D4D-B4FB-48D5-9D8B-D33A45575BA2} - System32\Tasks\UCBrowserUpdater => C:\Program Files\UCBrowser\Application\update_task.exe [2016-04-13] (UCWeb Inc)
    Task: {F51D3FF4-D92E-4B80-A6EA-93234CDBFCF4} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe <==== UWAGA
    Task: C:\Windows\Tasks\UCBrowserUpdater.job => C:\Program Files\UCBrowser\Application\update_task.exe
    WMI_ActiveScriptEventConsumer_ASEC: <===== UWAGA (yeabests)
    ShortcutWithArgument: C:\Users\ludwik\Desktop\Google Chrome.lnk -> C:\Users\ludwik\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
    ShortcutWithArgument: C:\Users\ludwik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Users\ludwik\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
    ShortcutWithArgument: C:\Users\ludwik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://yeabests.cc
    ShortcutWithArgument: C:\Users\ludwik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Users\ludwik\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
    ShortcutWithArgument: C:\Users\ludwik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://yeabests.cc
    ShortcutWithArgument: C:\Users\ludwik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc




    ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
    Hosts:
    HKLM\...\Run: [ic-0.698d167ec2accc] => C:\Users\ludwik\AppData\Local\Temp\755394031\ic-0.698d167ec2accc <===== UWAGA
    HKLM\...\Run: [ QQPCTray] => C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe [356464 2016-04-29] (Tencent)
    HKLM\...\RunOnce: [Wizzwifihotspot] => "C:\Windows\system32\EasyHotspot.exe" /minimized /regrun
    HKLM\...\Winlogon: [Userinit] wscript C:\Windows\run.vbs,
    HKU\S-1-5-21-4089286522-3978207672-1882576609-1000\...\Run: [BingSvc] => C:\Users\ludwik\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-24] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-4089286522-3978207672-1882576609-1000\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe /AUTORUN
    AppInit_DLLs: C:\ProgramData\Quotenamron\Warmremtax.dll => Brak pliku
    ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMGCShellExt.dll [2016-04-29] (Tencent)
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-4089286522-3978207672-1882576609-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.2345.com/?34838
    HKU\S-1-5-21-4089286522-3978207672-1882576609-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...IEIXSoOC1nnatlwtH-7ubCws6ZDw6YxNqOnLaL&q={searchTerms}
    HKU\S-1-5-21-4089286522-3978207672-1882576609-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.2345.com/?34838
    HKU\S-1-5-21-4089286522-3978207672-1882576609-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...IEIXSoOC1nnatlwtH-7ubCws6ZDw6YxNqOnLaL&q={searchTerms}
    HKU\S-1-5-21-4089286522-3978207672-1882576609-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...IEIXSoOC1nnatlwtH-7ubCws6ZDw6YxNqOnLaL&q={searchTerms}
    SearchScopes: HKLM -> DefaultScope {ielnksrch} URL =
    SearchScopes: HKLM -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...IEIXSoOC1nnatlwtH-7ubCws6ZDw6YxNqOnLaL&q={searchTerms}
    SearchScopes: HKU\S-1-5-19 -> URL hxxp://findgala.com/?&uid=241&q={searchTerms}
    SearchScopes: HKU\S-1-5-20 -> URL hxxp://findgala.com/?&uid=241&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-4089286522-3978207672-1882576609-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-4089286522-3978207672-1882576609-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-4089286522-3978207672-1882576609-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...IEIXSoOC1nnatlwtH-7ubCws6ZDw6YxNqOnLaL&q={searchTerms}
    BHO: Femtigmasake -> {860AFDF4-0024-4DF8-8BD6-CEC32255BF0D} -> C:\Program Files\Femtigmasake\Uyefur.dll [2016-04-29] ()
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.
    Pokaż cały nowy log z FRST bez Addition i Shortcut.

    0
  • Pomocny post
    #4 02 Maj 2016 11:13
    Acorus 20
    Spec od komputerów

    Wykonaj w trybie awaryjnym. Otwórz notatnik systemowy i wklej:

    Cytat:
    CloseProcesses:
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [ QQPCTray] => C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCTRAY.EXE [356464 2016-04-29] (Tencent)
    AppInit_DLLs: C:\ProgramData\Quotenamron\Warmremtax.dll => Brak pliku
    ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMGCShellExt.dll [2016-04-29] (Tencent)
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=o400493_1&s=o400493_1
    SearchScopes: HKU\S-1-5-21-4089286522-3978207672-1882576609-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Ó¦Óñ¦Ň»Ľü°˛×°˛ĺĽţ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
    FF NewTab: C:\\ProgramData\\Quotenamrons\\ff.NT
    FF SearchEngineOrder.3: Bing
    FF Keyword.URL: undefined://undefined/
    CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pl-pl
    CHR StartupUrls: Default -> "hxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=0216D2FC18E9E6C3F248468C3788CA05&v=20160425&ts=AHEqAHYnCHYoBE.."
    CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searchTerms}&ts=AHEqAHYnCHYoBE..&v=20160425&uid=0216D2FC18E9E6C3F248468C3788CA05&ptid=wak&mode=nnnb
    CHR DefaultSearchKeyword: Default -> yessearches
    CHR Extension: (SafeFinder New Tab) - C:\Users\ludwik\AppData\Local\Google\Chrome\User Data\Default\Extensions\knnaihaddpogmkclkahpcnhppgapinpe [2016-04-29]
    CHR Extension: (电脑管家上网防护) - C:\Users\ludwik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-04-29]
    CHR HKLM\...\Chrome\Extension: [jidkebcigjgheaahopdnlfaohgnocfai] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [knnaihaddpogmkclkahpcnhppgapinpe] - hxxps://clients2.google.com/service/update2/crx
    R2 QQPCRTP; C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCRTP.exe [301656 2016-04-29] (Tencent)
    U2 QQRepair1694; C:\Program Files\Tencent\QQPCMGR\Plugins\QQRepair1694 [140608 2016-05-01] ()
    S2 QQRepairFixSVC; C:\Program Files\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [140608 2016-05-01] ()
    S2 GoogleChromeUpService; Brak ImagePath
    S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe /s GoogleChromeUpSvc /uid:51490 /local:br [X]
    S2 QQRepair1061; "C:\Program Files\Tencent\QQPCMGR\Plugins\QQRepair1061" [X]
    S2 Quotenamron; C:\ProgramData\\Quotenamron\\Quotenamron.exe shuz -f "C:\ProgramData\\Quotenamron\\Quotenamron.dat" -l -a
    R2 yksvc; RUNDLL32.EXE ykx32coinst,serviceStartProc [X]
    R1 QMIEProtect; C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMIEProtect.sys [50488 2016-01-12] ()
    R1 QMUdisk; C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QMUdisk.sys [104152 2016-02-28] (Tencent)
    R2 QQSysMon; C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQSysMon.sys [108920 2016-04-29] (电脑管家)
    R1 softaal; C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\softaal.sys [36216 2016-04-29] (Tencent)
    R3 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator.sys [128608 2016-04-29] (Tencent)
    R1 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernel.sys [100088 2016-04-29] (Tencent Technology(Shenzhen) Company Limited)
    R3 TcHardWare; C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\QQPCHW.sys [35544 2016-04-29] (Tencent)
    R1 TFsFlt; C:\Windows\System32\Drivers\TFsFlt.sys [150008 2016-04-29] (电脑管家)
    R3 TS888; C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\TS888.sys [39928 2016-05-01] (Tencent)
    R1 TSDefenseBt; C:\Windows\System32\DRIVERS\TSDefenseBt.sys [14008 2016-04-29] (Tencent)
    R0 TsFltMgr; C:\Windows\System32\drivers\TsFltMgr.sys [128216 2016-04-29] (电脑管家)
    R1 TSKSP; C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\TSKsp.sys [210616 2016-04-29] (电脑管家)
    R1 TSSysKit; C:\Program Files\Tencent\QQPCMgr\11.4.17339.217\TSSysKit.sys [102136 2016-04-29] (电脑管家)
    R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [71040 2016-04-13] (Huorong Borui (Beijing) Technology Co., Ltd.)
    S3 catchme; \??\C:\Users\ludwik\AppData\Local\Temp\catchme.sys [X]
    S3 cpuz134; \??\C:\Users\ludwik\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
    S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
    S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
    S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
    S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
    S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
    S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
    S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
    S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
    R1 SRepairDrv; \??\C:\Program Files\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
    2016-04-30 22:56 - 2016-04-30 22:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
    2016-04-30 22:52 - 2016-04-30 22:52 - 00000000 ____D C:\Users\ludwik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
    2016-04-29 22:42 - 2016-05-01 19:25 - 00000066 _____ C:\Windows\QMNetworkMgr.ini
    2016-04-29 20:55 - 2016-05-01 19:20 - 00039928 _____ (Tencent) C:\Windows\system32\Drivers\TS888.sys
    2016-04-29 20:55 - 2016-04-30 22:52 - 00000000 ____D C:\Program Files\Common Files\Tencent
    2016-04-29 20:55 - 2016-04-30 20:33 - 00000000 ____D C:\Users\ludwik\AppData\Roaming\Tencent
    2016-04-29 20:55 - 2016-04-29 19:21 - 00128608 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator.sys
    2016-04-29 20:55 - 2016-04-29 19:11 - 00100088 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel.sys
    2016-04-29 20:53 - 2016-05-01 19:07 - 00000000 ____D C:\ProgramData\TXQMPC
    2016-04-29 20:12 - 2016-04-29 20:51 - 00000000 ____D C:\AdwCleaner
    2016-04-29 19:12 - 2016-04-29 19:12 - 00005120 _____ C:\Users\ludwik\AppData\Roaming\GiftBag.db
    2016-04-29 19:12 - 2016-04-29 19:11 - 00014008 ____N (Tencent) C:\Windows\system32\Drivers\TSDefenseBt.sys
    2016-04-29 19:11 - 2016-04-29 19:11 - 00150008 ____N (电脑管家) C:\Windows\system32\Drivers\TFsFlt.sys
    2016-04-29 19:11 - 2016-04-29 19:11 - 00128216 ____N (电脑管家) C:\Windows\system32\Drivers\TsFltMgr.sys
    2016-04-29 18:58 - 2016-04-26 11:27 - 01916928 _____ C:\ProgramData\msiql.exe
    2016-04-29 17:50 - 2016-04-29 18:46 - 00000000 ____D C:\Users\ludwik\Doctor Web
    2016-04-29 17:13 - 2016-04-29 19:06 - 00001218 _____ C:\Users\ludwik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
    2016-04-29 17:13 - 2016-04-29 19:06 - 00000000 ____D C:\Users\ludwik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
    2016-04-29 17:08 - 2016-04-13 18:37 - 00071040 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\Windows\system32\Drivers\ucguard.sys
    2016-04-29 17:07 - 2016-04-29 19:00 - 00413439 _____ C:\ProgramData\xdo.zip
    2016-04-29 17:07 - 2016-04-26 17:07 - 01253376 _____ (eee) C:\ProgramData\apptj.exe
    2016-04-29 17:06 - 2016-04-19 12:39 - 00114176 _____ C:\ProgramData\hp.exe
    2016-04-29 17:03 - 2016-04-29 17:04 - 00000000 ____D C:\Users\ludwik\AppData\Roaming\UPUpdata
    2016-04-29 17:03 - 2016-04-29 17:03 - 00000000 ____D C:\Users\ludwik\AppData\LocalLow\Company
    2016-04-29 17:03 - 2016-04-29 17:03 - 00000000 ____D C:\uninst
    2016-04-29 17:02 - 2016-04-29 18:48 - 00000000 ____D C:\Users\ludwik\AppData\Roaming\NurbaDofmesh
    2016-04-29 17:02 - 2016-04-29 18:48 - 00000000 ____D C:\Users\ludwik\AppData\Roaming\Abyiwki
    2016-04-29 17:02 - 2016-04-29 18:48 - 00000000 ____D C:\Program Files\badu
    2016-04-29 17:02 - 2016-04-29 17:02 - 00000000 ____D C:\Users\ludwik\AppData\Local\tuto_monetize_120160429
    2016-04-29 17:02 - 2016-04-29 17:02 - 00000000 ____D C:\Users\ludwik\AppData\Local\Tempfolder
    2016-04-29 16:32 - 2016-04-29 16:32 - 00000000 ____D C:\Program Files\Tencent
    2016-04-29 16:31 - 2016-04-29 20:58 - 00000000 ____D C:\ProgramData\Tencent
    2016-04-29 16:26 - 2016-04-29 18:48 - 00000000 ____D C:\Program Files\Nimeckreelule
    2016-04-15 12:27 - 2016-04-15 12:27 - 6494208 _____ () C:\Users\ludwik\AppData\Roaming\agent.dat
    2016-04-15 12:27 - 2016-04-15 12:27 - 0065856 _____ () C:\Users\ludwik\AppData\Roaming\Config.xml
    2016-04-15 12:27 - 2016-04-15 12:26 - 1229312 _____ () C:\Users\ludwik\AppData\Roaming\FinEx.exe
    2016-04-15 12:27 - 2016-04-15 12:27 - 1626904 _____ () C:\Users\ludwik\AppData\Roaming\FinEx.tst
    2016-04-29 19:12 - 2016-04-29 19:12 - 0005120 _____ () C:\Users\ludwik\AppData\Roaming\GiftBag.db
    2016-04-15 12:26 - 2016-04-15 12:26 - 0287968 _____ () C:\Users\ludwik\AppData\Roaming\inst.lat
    2016-04-15 12:26 - 2016-04-15 12:26 - 0014448 _____ () C:\Users\ludwik\AppData\Roaming\InstallationConfiguration.xml
    2016-04-15 12:26 - 2016-04-15 12:26 - 0127488 _____ () C:\Users\ludwik\AppData\Roaming\Installer.dat
    2016-04-15 12:27 - 2016-04-15 12:27 - 0018432 _____ () C:\Users\ludwik\AppData\Roaming\Main.dat
    2016-04-15 12:27 - 2016-04-15 12:27 - 0005568 _____ () C:\Users\ludwik\AppData\Roaming\md.xml
    2016-04-15 12:27 - 2016-04-15 12:27 - 0126464 _____ () C:\Users\ludwik\AppData\Roaming\noah.dat
    2013-09-26 21:15 - 2013-09-27 14:32 - 0000004 _____ () C:\Users\ludwik\AppData\Roaming\settings.ini
    2016-04-15 12:27 - 2016-04-15 12:27 - 1932216 _____ () C:\Users\ludwik\AppData\Roaming\Toughsing.bin
    2016-04-15 12:27 - 2016-04-15 12:27 - 0032038 _____ () C:\Users\ludwik\AppData\Roaming\uninstall_temp.ico
    2009-07-01 12:39 - 2016-04-10 11:36 - 0005034 _____ () C:\Users\ludwik\AppData\Roaming\wklnhst.dat
    C:\ProgramData\a.bat
    C:\ProgramData\adb.exe
    C:\ProgramData\apptj.exe
    C:\ProgramData\fastboot.exe
    C:\ProgramData\hp.exe
    C:\ProgramData\msiql.exe

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    0
  • Pomocny post
    #6 04 Maj 2016 12:10
    Kolobos
    Spec od komputerów

    Zainstaluj aktualizacje z https://support.microsoft.com/en-us/kb/2545227

    Wykonaj Fixlist.txt:
    FF SearchPlugin: C:\Users\ludwik\AppData\Roaming\Mozilla\Firefox\Profiles\sjpzx4qf.default\searchplugins\bing-.xml [2016-03-28]
    FF SearchPlugin: C:\Users\ludwik\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\bing-.xml [2016-03-28]
    FF Extension: Brak nazwy - C:\Users\ludwik\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\_dbMembers_@free.getformsonline.com [nie znaleziono]
    FF Extension: Bing Search - C:\Users\ludwik\AppData\Roaming\Mozilla\Firefox\Profiles\sjpzx4qf.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-03-24]
    FF Extension: Bing Search - C:\Users\ludwik\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\bingsearch.full@microsoft.com.xpi [2016-03-24]
    CHR HKLM\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-4089286522-3978207672-1882576609-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
    2016-05-04 10:55 - 2016-05-04 10:55 - 00000000 ____D C:\AdwCleaner
    2016-04-29 17:01 - 2016-04-29 17:01 - 00000000 _____ C:\Windows\system32\Number of results
    EmptyTemp:

    Usun katalog C:\FRST i to wszystko.

    0
  • #7 04 Maj 2016 12:50
    magnos92
    Poziom 4  

    Fixlist wykonany. Aktualizację którą wysłałeś jest do Win 7, a na komputerze jest Win Vista

    0
  • #9 04 Maj 2016 13:13
    magnos92
    Poziom 4  

    Temat do zamknięcia :)
    Proszę o sprawdzenie logów FRST - dużo wirusów!

    0