Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Usunięcie MPC Cleaner - Usunięcie z windows 8

agasta2 10 Maj 2016 09:22 807 5
  • #1 10 Maj 2016 09:22
    agasta2
    Poziom 2  

    Proszę o pomoc w wyczyszczeniu systemu
    Logi w załączniku.
    Dziś mi się to pojawiło, chociaż niczego z niezaufanych źródeł nie ściągałam. Jakieś dziwne rzeczy mi się poinstalowały...

    Dzięki z góry!

    0 5
  • #2 10 Maj 2016 09:33
    Kolobos
    Spec od komputerów

    Uruchom z prawami administratora C:\Program Files (x86)\MPC Cleaner\uninstall.exe i odinstaluj program.

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    CloseProcesses:
    (TODO: ) C:\ProgramData\Windows Update\svrupg.exe
    (DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
    () C:\Users\Agnieszka\AppData\Roaming\Gyokcafwi\Gyokcafwi.exe
    () C:\Users\Agnieszka\AppData\Roaming\Gyokcafwi\Mygzu.exe
    () C:\Users\Agnieszka\AppData\Roaming\Gyokcafwi\Xhazhsoc.exe
    (DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
    (DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
    (Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe
    (Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe
    (WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
    () C:\Program Files (x86)\Lorckphsary\lrcReportsService.exe
    ask: {0044BBA7-1E54-4BFF-8894-91F7533DC873} - System32\Tasks\update => c:\Windows\update.exe
    Task: {4794B107-E66B-4A2A-A4EC-27327CC0148C} - System32\Tasks\Pritc => C:\Users\Agnieszka\AppData\Local\Temp\00026362\casrss.exe [2016-05-10] (VLOME) <==== UWAGA
    Task: {4BE57E1D-77AF-4385-B878-316937C4491D} - System32\Tasks\Opera scheduled Autoupdate 1458554865 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-28] (Opera Software)
    Task: {4DF0BEEF-6BFF-4E3D-9C59-315E179F672D} - System32\Tasks\Microsoft\Windows\Software\UpdaterSrv => C:\ProgramData\UpdaterSrv\UpdaterSrv.exe [2015-11-27] () <==== UWAGA
    Task: {85381AAC-7346-4513-B433-B4754ADE1B58} - \APSnotifierPP2 -> Brak pliku <==== UWAGA
    Task: {8DB739F4-9AE4-4C81-9303-CDD2004A5DD9} - System32\Tasks\{C4190490-FAC7-4F45-909D-1D6F261AAA59} => pcalua.exe -a G:\STARTUP.EXE -d G:\
    Task: {A92E3614-294F-4BAF-981D-586EFDEA8BB7} - \APSnotifierPP1 -> Brak pliku <==== UWAGA
    Task: {C0580F43-F41D-44EB-AEFD-9D9E6E7928A6} - System32\Tasks\{3914DFE2-1ED5-40FE-8492-1EC090B23DD9} => pcalua.exe -a E:\autorun.exe -d E:\
    Task: {D6B07DD7-48D1-4237-9329-169741A6DAF6} - System32\Tasks\Lorckphsary Reports => C:\Program Files (x86)\Lorckphsary\lrcReportsTask.exe [2016-05-06] ()
    Task: {DE643B86-66B1-432F-99DC-845DAC5457B3} - \APSnotifierPP3 -> Brak pliku <==== UWAGA
    Task: {E40F7A4A-832B-4313-9004-342A27D6EFD9} - System32\Tasks\svchost => C:\Windows\Temp\592C.tmp
    ShortcutWithArgument: C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/
    ShortcutWithArgument: C:\Users\Agnieszka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://navigation.iwatchavi.com/




    ShortcutWithArgument: C:\Users\Agnieszka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://navigation.iwatchavi.com/
    ShortcutWithArgument: C:\Users\Agnieszka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://navigation.iwatchavi.com/
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://navigation.iwatchavi.com/
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://navigation.iwatchavi.com/
    HKLM\...\Run: [WINCOMF7Y] => "C:\Program Files (x86)\mobilepcstarterkit\wincom_F7Y.exe"
    HKLM\...\Run: [IDSCCOMO6J] => "C:\Program Files (x86)\EasyHotspot\idsccom_O6J.exe"
    HKLM-x32\...\Run: [gmsd_pl_005010068] => [X]
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [tasklist] => c:\users\agnieszka\appdata\roaming\tasklist
    HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\Run: [msiql] => c:\programdata\msiql.exe [1920000 2016-05-09] ()
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\Run: [Pritc] => C:\Users\Agnieszka\AppData\Local\Temp\00026362\casrss.exe [2958848 2016-05-10] (VLOME) <===== UWAGA
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\Run: [GoogleChromeAutoLaunch_9051C13F2C3A7BF2DEABFA88CAEA4FA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304 2016-04-28] (Google Inc.)
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {0e202f42-9e18-11e4-bed1-240a64a38620} - "J:\AutoRun.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {141c9cc1-46ff-11e4-beac-240a64a38620} - "H:\AutoRun.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {141c9d45-46ff-11e4-beac-240a64a38620} - "H:\AutoRun.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {1553ce3c-1396-11e5-bf12-240a64a38620} - "J:\AutoRun.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {1553ce84-1396-11e5-bf12-240a64a38620} - "I:\AutoRun.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {1553db72-1396-11e5-bf12-240a64a38620} - "J:\AutoRun.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {49f2f0b2-ef1d-11e4-befc-240a64a38620} - "I:\AutoRun.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {4d0ebfc1-85c0-11e4-bebc-240a64a38620} - "H:\LG_PC_Programs.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {5919a91f-e463-11e5-bf69-240a64a38620} - "D:\AutoRun.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {5919aafc-e463-11e5-bf69-240a64a38620} - "D:\AutoRun.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {91df58a1-efd3-11e4-befd-240a64a38620} - "I:\AutoRun.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {9f7abc39-fb14-11e4-beff-240a64a38620} - "J:\AutoRun.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {c68798be-0829-11e5-bf0a-240a64a38620} - "I:\LG_PC_Programs.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {d9149db5-1b16-11e4-be9a-240a64a38620} - "G:\Autorun.exe"
    HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\...\MountPoints2: {e5383f21-c24b-11e4-bee4-240a64a38620} - "I:\AutoRun.exe"
    ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMGCShellExt64.dll Brak pliku
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-02-10]
    ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-02-10]
    ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-02-10]
    ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
    AutoConfigURL: [S-1-5-21-1801166587-3395838834-2221593730-1002] => 114.243.242.69
    ManualProxies: 0114.243.242.69
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat => Brak pliku
    Toolbar: HKU\S-1-5-21-1801166587-3395838834-2221593730-1002 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Brak pliku
    FF Plugin HKU\S-1-5-21-1801166587-3395838834-2221593730-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Agnieszka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [Brak pliku]
    FF user.js: detected! => C:\Users\Agnieszka\AppData\Roaming\Mozilla\Firefox\Profiles\iptozvtd.default\user.js [2016-05-10]
    CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nie znaleziono>
    CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nie znaleziono>
    CHR HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\AGNIES~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-11-24]
    CHR HKU\S-1-5-21-1801166587-3395838834-2221593730-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
    S2 GoogleChromeUpService; C:\ProgramData\service.exe [1755136 2016-04-27] () [Brak podpisu cyfrowego]
    R2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2783744 2016-05-10] (TODO: ) [Brak podpisu cyfrowego]
    R2 lrcReportsService; C:\Program Files (x86)\Lorckphsary\lrcReportsService.exe [1005736 2016-05-06] ()
    R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-05-10] (DotC United Inc)
    R2 Nimcui; C:\Users\Agnieszka\AppData\Roaming\Gyokcafwi\Gyokcafwi.exe [174952 2016-05-10] ()
    S2 Niwobo; "C:\Users\Agnieszka\AppData\Roaming\TauusuNuim\Huuhvigd.exe" -cms [X]
    S3 WsDrvInst; "H:\MobileGo for Android\DriverInstall.exe" [X]
    R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-05-10] (DotC United Inc)
    S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
    2016-05-10 08:41 - 2016-05-10 08:41 - 00000000 ____D C:\Program Files (x86)\hohobnd
    2016-05-10 08:00 - 2016-05-10 08:00 - 00000000 ____D C:\Users\Agnieszka\AppData\Roaming\MCorp
    2016-05-10 07:59 - 2016-05-10 07:59 - 00000000 ____D C:\Users\Agnieszka\AppData\Local\AvgSetupLog
    2016-05-10 07:37 - 2016-05-10 07:37 - 00000000 ____D C:\Windows\system32\camb
    2016-05-10 07:21 - 2016-05-10 07:20 - 00143992 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernelEx64.sys
    2016-05-10 07:18 - 2016-05-10 07:23 - 00000000 ____D C:\Users\Agnieszka\AppData\Local\app
    2016-05-10 07:18 - 2016-05-10 07:18 - 00413439 _____ C:\ProgramData\xdo.zip
    2016-05-10 07:18 - 2016-05-10 07:18 - 00002968 _____ C:\Windows\System32\Tasks\Pritc
    2016-05-10 07:18 - 2016-05-06 05:04 - 01607168 _____ C:\ProgramData\conhost51500.exe
    2016-05-10 07:18 - 2016-05-05 09:36 - 01612800 _____ C:\ProgramData\360dlr.exe
    2016-05-10 07:17 - 2016-05-10 07:17 - 00001111 _____ C:\Users\Agnieszka\Desktop\AutoTime.lnk
    2016-05-10 07:17 - 2016-04-26 23:03 - 01253376 _____ (eee) C:\ProgramData\apptj.exe
    2016-05-10 07:16 - 2016-05-10 07:16 - 02783744 _____ (TODO: ) C:\Users\Agnieszka\AppData\Roaming\svrupg.exe
    2016-05-10 07:16 - 2016-05-10 07:16 - 00002303 _____ C:\ProgramData\webad.xml
    2016-05-10 07:16 - 2016-05-10 07:16 - 00000000 ____D C:\Users\Agnieszka\AppData\Roaming\Gyokcafwi
    2016-05-10 07:16 - 2016-05-10 07:16 - 00000000 ____D C:\Users\Agnieszka\AppData\LocalLow\Company
    2016-05-10 07:16 - 2016-05-10 07:16 - 00000000 ____D C:\Users\Agnieszka\AppData\Local\Tempfolder
    2016-05-10 07:16 - 2016-05-10 07:16 - 00000000 ____D C:\uninst
    2016-05-10 07:16 - 2016-05-10 07:16 - 00000000 ____D C:\ProgramData\Windows Update
    2016-05-10 07:16 - 2016-05-10 07:15 - 02066432 _____ (TODO: <公司名>) C:\Users\Agnieszka\AppData\Roaming\tasklist.exe
    2016-05-10 07:16 - 2016-05-03 10:40 - 01443152 _____ ( ) C:\Users\Agnieszka\AppData\Roaming\AutoTime_51477.exe
    2016-05-10 07:16 - 2016-04-25 16:46 - 00114176 _____ C:\ProgramData\hp.exe
    2016-05-10 07:15 - 2016-05-10 07:40 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
    2016-05-10 07:15 - 2016-05-10 07:15 - 00000000 ____D C:\Users\Public\Thunder Network
    2016-05-10 07:15 - 2016-05-10 07:15 - 00000000 ____D C:\Users\Agnieszka\AppData\Roaming\UPUpdata
    2016-05-10 07:15 - 2016-05-10 07:15 - 00000000 ____D C:\Users\Agnieszka\AppData\Roaming\gplyra
    2016-05-10 07:15 - 2016-05-10 07:15 - 00000000 ____D C:\Users\Agnieszka\AppData\Local\tuto_monetize_120160509
    2016-05-10 07:15 - 2016-05-10 07:15 - 00000000 ____D C:\ProgramData\Thunder Network
    2016-05-10 07:15 - 2016-05-09 08:45 - 01920000 _____ C:\ProgramData\msiql.exe
    2016-05-10 07:15 - 2016-04-27 14:46 - 01755136 _____ C:\Users\Agnieszka\AppData\Roaming\service.exe
    2016-05-10 07:15 - 2016-04-27 14:46 - 01755136 _____ C:\ProgramData\service.exe
    2016-05-10 07:14 - 2016-05-10 07:14 - 00002980 _____ C:\Windows\System32\Tasks\svchost
    2016-05-10 07:14 - 2016-05-10 07:14 - 00000000 ____D C:\Program Files (x86)\badu
    2016-05-10 07:08 - 2016-05-10 07:08 - 00008866 _____ C:\Windows\System32\Tasks\Lorckphsary Reports
    2016-05-10 07:06 - 2016-05-10 07:08 - 00000000 ____D C:\Users\Public\Documents\dmp
    2016-05-10 07:06 - 2016-05-10 07:08 - 00000000 ____D C:\Program Files (x86)\Lorckphsary
    2016-05-10 07:04 - 2016-05-10 07:04 - 00000000 ____D C:\Users\Agnieszka\AppData\Local\PingTool
    2016-04-26 14:24 - 2016-04-26 14:24 - 00000009 _____ C:\ProgramData\a.bat
    2016-04-23 17:19 - 2016-04-23 17:21 - 00000000 ____D C:\Users\Agnieszka\AppData\Roaming\download
    2016-04-23 17:19 - 2014-07-25 04:39 - 00293320 ____N (深圳市迅雷网络技术有限公司) C:\Users\Agnieszka\AppData\Roaming\xldl.dll
    2016-05-10 08:36 - 2014-09-15 08:59 - 00000000 ____D C:\AdwCleaner
    2016-05-10 07:16 - 2016-05-03 10:40 - 1443152 _____ ( ) C:\Users\Agnieszka\AppData\Roaming\AutoTime_51477.exe
    2016-05-10 07:15 - 2016-04-27 14:46 - 1755136 _____ () C:\Users\Agnieszka\AppData\Roaming\service.exe
    2016-05-10 07:16 - 2016-05-10 07:16 - 2783744 _____ (TODO: ) C:\Users\Agnieszka\AppData\Roaming\svrupg.exe
    2016-05-10 07:16 - 2016-05-10 07:15 - 2066432 _____ (TODO: <公司名>) C:\Users\Agnieszka\AppData\Roaming\tasklist.exe
    2016-04-23 17:19 - 2014-07-25 04:39 - 0293320 ____N (深圳市迅雷网络技术有限公司) C:\Users\Agnieszka\AppData\Roaming\xldl.dll
    2015-08-22 23:11 - 2015-08-22 23:11 - 0613255 _____ (CMI Limited) C:\Users\Agnieszka\AppData\Local\nsi3209.tmp
    2015-08-22 21:29 - 2015-08-22 21:29 - 0613255 _____ (CMI Limited) C:\Users\Agnieszka\AppData\Local\nsiBB08.tmp
    2015-06-11 12:48 - 2015-06-11 12:48 - 0000032 RSHOT () C:\Users\Agnieszka\AppData\Local\t70rc.dat
    2015-04-14 06:27 - 2015-04-14 06:27 - 0000000 _____ () C:\Users\Agnieszka\AppData\Local\{28653B43-6341-450A-8DED-4DC6FA9C22C2}
    2016-05-10 07:18 - 2016-05-05 09:36 - 1612800 _____ () C:\ProgramData\360dlr.exe
    2016-04-26 14:24 - 2016-04-26 14:24 - 0000009 _____ () C:\ProgramData\a.bat
    2010-08-28 22:43 - 2010-08-28 22:43 - 0577335 _____ () C:\ProgramData\adb.exe
    2016-05-10 07:17 - 2016-04-26 23:03 - 1253376 _____ (eee) C:\ProgramData\apptj.exe
    2016-05-10 07:18 - 2016-05-06 05:04 - 1607168 _____ () C:\ProgramData\conhost51500.exe
    2010-08-28 22:43 - 2010-08-28 22:43 - 0356009 _____ () C:\ProgramData\fastboot.exe
    2016-05-10 07:16 - 2016-04-25 16:46 - 0114176 _____ () C:\ProgramData\hp.exe
    2015-10-13 08:00 - 2015-10-13 08:09 - 0000840 _____ () C:\ProgramData\hpzinstall.log
    2016-05-10 07:15 - 2016-05-09 08:45 - 1920000 _____ () C:\ProgramData\msiql.exe
    2016-05-10 07:15 - 2016-04-27 14:46 - 1755136 _____ () C:\ProgramData\service.exe
    2013-05-01 13:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
    2016-05-10 07:16 - 2016-05-10 07:16 - 0002303 _____ () C:\ProgramData\webad.xml
    2016-05-10 07:18 - 2016-05-10 07:18 - 0413439 _____ () C:\ProgramData\xdo.zip
    C:\ProgramData\360dlr.exe
    C:\ProgramData\a.bat
    C:\ProgramData\adb.exe
    C:\ProgramData\apptj.exe
    C:\ProgramData\conhost51500.exe
    C:\ProgramData\fastboot.exe
    C:\ProgramData\hp.exe
    C:\ProgramData\msiql.exe
    C:\ProgramData\service.exe
    EmptyTemp:

    W FRST wybierz Napraw.

    Jezeli infekcja nie zostanie usunieta to wykonaj jeszcze raz ten fixlist.txt tylko tym razem w trybie awaryjnym.

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    0
  • #3 10 Maj 2016 09:41
    agasta2
    Poziom 2  

    Program niby był już odinstalowany przeze mnie wcześniej, więc nie mogłam go usunąć teraz...
    Robię te logi już. :) Zaraz dam znać.

    0
  • #4 10 Maj 2016 09:47
    Kolobos
    Spec od komputerów

    Co to znaczy "niby"? Uruchom uninstall z podanego katalogu z prawami administratora, inaczej nie usuniesz pod windows mpc cleanera, bedzie trzeba uzyc WinRE. Po wyknaniu skryptu uzycie uninstall nie bedzie juz mozliwe.

    0
  • #6 10 Maj 2016 10:11
    Kolobos
    Spec od komputerów

    Nowy Fixlist.txt dla FRST:
    Task: {0044BBA7-1E54-4BFF-8894-91F7533DC873} - System32\Tasks\update => c:\Windows\update.exe
    CHR StartupUrls: Profile 2 -> "search.mpc.am"
    CHR DefaultSearchURL: Profile 2 -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...ZPeS-eMIdDvvHYVYv_TFLPdZnGwVwSEdfzAKFIEQ,,&q={searchTerms}
    CHR DefaultSearchKeyword: Profile 2 -> feed.sonic-search.com
    CHR DefaultSuggestURL: Profile 2 -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}


    Zrob pelny skan przy pomocy http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ i usun to co wykryje.

    Co sie dokladnie dzieje podczas proby polaczenia?

    0
  Szukaj w 5mln produktów