Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Tencent - Wredny adware, jak go usunąć?

deozur99 17 Maj 2016 12:49 777 7
  • #1 17 Maj 2016 12:49
    deozur99
    Poziom 3  

    Dzień dobry

    Ostatnio młodszy brat dużo korzysta z mojego komputera. Sciągnął jakiś chiński programik, który niby jest antywirusem, strasznie zamula on kompa, uruchamia się wraz ze startem systemu i nijak go usunąć nie mogę.

    Proszę o pomoc :(

    Dodano po 2 [minuty]:

    Tencent - Wredny adware, jak go usunąć?

    Tak to wygląda w Panelu sterowania

    0 7
  • #2 17 Maj 2016 12:51
    Kolobos
    Spec od komputerów

    Zamiesc wymagane logi, a nie bezuzyteczny screen!

    0
  • Pomocny post
    #4 17 Maj 2016 14:00
    Kolobos
    Spec od komputerów

    Odinstaluj:
    AnySend
    Kalendarz XP Packages
    WarThunder
    电脑管家11.5

    Uruchom system w trybie awaryjnym.
    Wykonaj Fixlist.txt dla FRST:
    CloseProcesses:
    AV: 电脑管家系统防护 (Disabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
    AS: 电脑管家系统防护 (Disabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
    CustomCLSID: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Violka\AppData\Local\Temp\6ed171b6\setup.exe => Brak pliku
    Task: {074B879C-BF49-4E3D-8C76-A0404C1062A6} - System32\Tasks\{71137BFE-EA87-4C44-B9BA-7790802AD76A} => pcalua.exe -a C:\Users\Violka\Downloads\SkypeSetupFull.exe -d C:\Users\Violka\Downloads
    Task: {0FE2025B-73B0-470C-BFD2-8246AD9A20C8} - System32\Tasks\{DAC86E4C-4C9C-4D8C-B752-813C8D7E30A7} => C:\Program Files\Skype\\Phone\Skype.exe [2015-02-26] (Skype Technologies S.A.)
    Task: {166AB1E0-B3D7-4D5B-B104-A81741B47E41} - System32\Tasks\{BE9385DB-FAFA-49C1-B4DE-6550108CBF50} => pcalua.exe -a c:\users\violka\appdata\local\lollipop\lollipop.bat
    Task: {1EB9FC3E-E6D1-447E-AA85-B3622A5850B5} - System32\Tasks\{8356D8C2-3703-4A4C-8B64-C80161824E4A} => pcalua.exe -a "C:\Users\Violka\AppData\Local\Temp\Temp1_The+Solar+System+Mod+Installer.zip\The Solar System Mod Installer\The Solar System Mod Installer.exe"
    Task: {315E14D6-36AF-41F7-A566-F4A8D244C674} - System32\Tasks\{A94179DC-B4C0-4848-B3AB-CBCF8B8C27BA} => pcalua.exe -a C:\Users\Violka\Downloads\Temple_Run_Setup.exe -d C:\Users\Violka\Downloads
    Task: {4F1BF3C2-CCCB-4DC8-9603-46FADD745CFF} - System32\Tasks\{A852BCC0-5584-422D-86DE-E00A274F152B} => C:\Program Files\Rockstar Games\GTA San Andreas\gta_sa.exe [2005-06-07] ()
    Task: {638A4489-7528-4C38-94F8-3424DB6A43C4} - System32\Tasks\{5355FA85-B100-4EA7-9184-CCC37EA6109E} => c:\program files\opera\launcher.exe [2016-05-09] (Opera Software)
    Task: {686073A2-27D2-49C4-B451-34E9E33D994B} - System32\Tasks\{2D2AC353-435D-4F04-88E6-205D0ACEADAE} => c:\program files\opera\launcher.exe [2016-05-09] (Opera Software)
    Task: {6D86D36C-5A42-4F5F-BA52-FE3EBD04E0AB} - System32\Tasks\{68CF0D68-A679-4EDC-8C17-25CDE9370C24} => pcalua.exe -a "C:\Users\Violka\Downloads\GTA SAN ANDREAS + CRACK + SA-MP\sa-mp-0.2.2-R2.exe" -d "C:\Users\Violka\Downloads\GTA SAN ANDREAS + CRACK + SA-MP"
    Task: {6E0800DA-D8C4-4D72-AD17-FC8EA4D1C5FE} - System32\Tasks\Opera scheduled Autoupdate 1397151098 => C:\Program Files\Opera\launcher.exe [2016-05-09] (Opera Software)
    Task: {759C130A-BC7B-47C1-BB14-181640B99EC6} - System32\Tasks\{E0947BFA-1EEA-49F0-BDBB-35B1A4AF9237} => C:\Program Files\Rockstar Games\GTA San Andreas\gta_sa.exe [2005-06-07] ()
    Task: {797C241A-4D30-4EA1-A45E-E11406EAC387} - System32\Tasks\{4FF5B1BF-057D-4840-9F9F-742F5D2BD8C4} => C:\Program Files\Enterbrain\RPGXP\RPGXP.exe




    Task: {7F34AADC-12B5-4C7B-8729-C25F92BAD7C8} - System32\Tasks\{55819A5F-A802-48F8-B6AB-38A230F8145D} => C:\Program Files\Rockstar Games\GTA San Andreas\gta_sa.exe [2005-06-07] ()
    Task: {90FE5AF0-90EF-4531-8A22-924D15E662DF} - System32\Tasks\{025E63B3-0394-4DC3-9D13-4D395D1E4514} => C:\Program Files\Rockstar Games\GTA San Andreas\gta_sa.exe [2005-06-07] ()
    Task: {92DAC414-3D29-4708-AF05-9677C526DDD4} - System32\Tasks\{16791E93-C723-49EB-83C0-338457A2AD77} => C:\Program Files\Enterbrain\RPGXP\RPGXP.exe
    Task: {B48FDE74-ABF5-42A3-93EF-94551EDF0A58} - System32\Tasks\{5F12D56E-F9B1-4450-A775-8770F7601EB2} => C:\Program Files\Rockstar Games\GTA San Andreas\gta_sa.exe [2005-06-07] ()
    Task: {CC59FE2B-1201-49F9-AAD4-59763EA2EB8C} - System32\Tasks\{8481A108-3BC0-4F6D-BAFF-649C3F797907} => pcalua.exe -a "C:\Users\Violka\Downloads\SkypeSetupFull (1).exe" -d C:\Users\Violka\Downloads
    Task: {D574C71B-E5AA-453C-8C50-9A1D60D840ED} - System32\Tasks\{00C4AF72-C3FC-4D81-8721-0A6ECD8F5AFE} => pcalua.exe -a C:\Users\Violka\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor
    Task: {FE7DB1E5-D148-4ED7-8781-582DB65B1D56} - System32\Tasks\{A9F12DD5-CD1D-469B-9192-30BBA1EAAA67} => C:\Program Files\Rockstar Games\GTA San Andreas\gta_sa.exe [2005-06-07] ()
    ShortcutWithArgument: C:\Users\Violka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://mmotraffic.com/catalog/goplay/1000932/...k_id=7e2ce3f5e3633ae350273b36e6ee0cc50a3b2194
    ShortcutWithArgument: C:\Users\Violka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AION\AION.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://boost.games724.com/click/e41614aa08874...AtB0CtDzy2RtBtDtCyCtDtCtAtDtCyEtDtCtBtDzzzytC
    ShortcutWithArgument: C:\Users\Violka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AION.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://boost.games724.com/click/e41614aa08874...AtB0CtDzy2RtBtDtCyCtDtCtAtDtCyEtDtCtBtDzzzytC
    ShortcutWithArgument: C:\Users\Violka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://mmotraffic.com/catalog/goplay/1000932/...k_id=7e2ce3f5e3633ae350273b36e6ee0cc50a3b2194
    2016-04-26 19:27 - 2016-04-26 19:27 - 00115904 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QMAntiInject.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00088416 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\zlib.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00488640 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\sqlite.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00100704 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\tinyxml.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00025280 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QQFileFlt.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00046784 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
    2016-04-26 19:27 - 2016-04-28 13:22 - 00070848 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
    2016-04-26 19:27 - 2016-02-28 00:55 - 00036128 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\oDayProtect.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00128192 _____ () c:\program files\tencent\qqpcmgr\11.5.17490.219\qmrtpcontroller.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00137568 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\libexpatw.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 02156896 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\GF.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00092512 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\xGraphic32.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00342368 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\arkGraphic.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00045408 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\jgImage.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00158048 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\libpng.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00285024 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\libjpegturbo.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00014176 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\jgIOStub.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00194912 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\xImage.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00083136 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\MemDefrag.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00337088 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QMTrayPlugin\QMAutoTaskPlugin\SubPlugins\OperationFileCloudMgr.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00088416 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\plugins\QMNetMon\zlib.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00137568 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\plugins\QMNetMon\libexpatw.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00100704 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\plugins\QMNetMon\tinyxml.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 02156896 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\plugins\QMNetMon\GF.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00092512 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\plugins\QMNetMon\xGraphic32.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00342368 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\plugins\QMNetMon\arkGraphic.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00045408 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\plugins\QMNetMon\jgImage.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00158048 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\plugins\QMNetMon\libpng.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00285024 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\plugins\QMNetMon\libjpegturbo.dll
    2016-04-26 19:27 - 2016-04-26 19:27 - 00014176 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\plugins\QMNetMon\jgIOStub.dll
    AlternateDataStreams: C:\ProgramData:NT [40]
    AlternateDataStreams: C:\ProgramData:NT2 [322]
    AlternateDataStreams: C:\Users\All Users:NT [40]
    AlternateDataStreams: C:\Users\All Users:NT2 [322]
    AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
    AlternateDataStreams: C:\ProgramData\Application Data:NT2 [322]
    AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT [40]
    AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2 [322]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [322]
    AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
    AlternateDataStreams: C:\Users\Violka\Dane aplikacji:NT [40]
    AlternateDataStreams: C:\Users\Violka\Dane aplikacji:NT2 [322]
    AlternateDataStreams: C:\Users\Violka\AppData\Roaming:NT [40]
    AlternateDataStreams: C:\Users\Violka\AppData\Roaming:NT2 [322]
    Hosts:
    (Tencent) C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe
    (Tencent) C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe
    (Tencent) C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\plugins\QMNetMon\QQPCNetFlow.exe
    (Tencent) C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QQPCRealTimeSpeedup.exe
    (Tencent) C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QMUsbGuard.exe
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [ QQPCTray] => C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe [362304 2016-04-26] (Tencent)
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\...\Run: [C] => C:\Windows\system32\GroupPolicy\Machine\Registry.pol [802 2016-03-25] ()
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\...\MountPoints2: {6ad9e70c-4726-11e4-900b-f46d0407894a} - G:\LGAutoRun.exe
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\...\MountPoints2: {75b7cecb-efd2-11e4-81e4-f46d0407894a} - G:\AutoRun.exe
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-04-12] (Microsoft Corporation)
    IFEO\volaro: [Debugger] tasklist.exe
    IFEO\vonteera: [Debugger] tasklist.exe
    ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QMGCShellExt.dll [2016-04-26] (Tencent)
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=90098758_hao_pg
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=90098758_hao_pg
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://smartsputnik.ru/?ri=1&uid=3dec004f872c833508344b0c3674bb5a&q={searchTerms}
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://smartsputnik.ru/?ri=1&uid=3dec004f872c833508344b0c3674bb5a&q={searchTerms}
    URLSearchHook: [S-1-5-21-2199753682-2160900625-3662594704-1000] UWAGA => Brak domyślnego URLSearchHook
    URLSearchHook: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000 - (Brak nazwy) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - Brak pliku
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://smartsputnik.ru/?ri=1&uid=3dec004f872c833508344b0c3674bb5a&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://smartsputnik.ru/?ri=1&uid=3dec004f872c833508344b0c3674bb5a&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3D} URL = hxxp://smartsputnik.ru/?ri=1&uid=3dec004f872c833508344b0c3674bb5a&q=
    SearchScopes: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000 -> {7723D625-C023-466B-8A40-6A41E1D6E055} URL = hxxps://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000 -> {F4F110EF-D690-490E-AD30-2699691741F5} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000 -> {szukaj.gazeta.pl} URL = hxxp://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms}
    BHO: Ó¦Óñ¦Ň»Ľü°˛×°˛ĺĽţ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
    DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com/activex/RACtrl.cab?rnd=3200528138
    FF Plugin: @qq.com/npAndroidAssistant -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
    FF Plugin: @qq.com/QQPCMgr -> C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\npQMExtensionsMozilla.dll [2016-04-26] (Tencent Technology (Shenzhen) Company Limited)
    FF SearchPlugin: C:\Users\Violka\AppData\Roaming\Mozilla\Firefox\Profiles\qqb24e8g.default\searchplugins\google-avast.xml [2015-06-19]
    FF Extension: Brak nazwy - C:\Users\Violka\AppData\Roaming\Mozilla\Firefox\Profiles\qqb24e8g.default\extensions\defsearchp@gmail.com [nie znaleziono]
    FF Extension: Brak nazwy - C:\Users\Violka\AppData\Roaming\Mozilla\Firefox\Profiles\qqb24e8g.default\extensions\deskCutv2@gmail.com [nie znaleziono]
    FF Extension: Bing Extension - C:\Users\Violka\AppData\Roaming\Mozilla\Firefox\Profiles\qqb24e8g.default\Extensions\bingsearch.full@microsoft.com [2015-02-27] [Brak podpisu cyfrowego]
    OPR Extension: (Filter Results) - C:\Users\Violka\AppData\Roaming\Opera Software\Opera Stable\Extensions\onblafoeogkjbohjnpigkcmdcgkgkcfp [2015-06-14]
    R2 QQPCRTP; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe [313936 2016-04-26] (Tencent)
    U2 QQRepair54c; C:\Program Files\Tencent\QQPCMGR\Plugins\QQRepair54c [140608 2016-05-17] ()
    S2 QQRepairFixSVC; C:\Program Files\Tencent\QQPCMGR\QQRepairFixSVC [140608 2016-05-17] ()
    S2 QQRepair176; "C:\Program Files\Tencent\QQPCMGR\Plugins\QQRepair176" [X]
    S2 QQRepair20ec; "C:\Program Files\Tencent\QQPCMGR\Plugins\QQRepair20ec" [X]
    S2 Update Solution Real; "C:\Program Files\Solution Real\updateSolutionReal.exe" [X]
    S2 Update SunriseBrowse; "C:\Program Files\SunriseBrowse\updateSunriseBrowse.exe" [X]
    R1 QMIEProtect; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QMIEProtect.sys [50488 2016-01-12] ()
    R1 QMUdisk; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QMUdisk.sys [104152 2016-02-28] (Tencent)
    R2 QQSysMon; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QQSysMon.sys [120952 2016-04-26] (电脑管家)
    R3 softaal; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\softaal.sys [45816 2016-04-26] (Tencent)
    R3 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator.sys [126008 2016-04-26] (Tencent)
    R1 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernel.sys [109688 2016-04-26] (Tencent Technology(Shenzhen) Company Limited)
    R1 TFsFlt; C:\Windows\System32\Drivers\TFsFlt.sys [159608 2016-04-26] (电脑管家)
    R3 TS888; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\TS888.sys [39928 2016-05-17] (Tencent)
    R1 TSDefenseBt; C:\Windows\System32\DRIVERS\TSDefenseBt.sys [14008 2016-04-26] (Tencent)
    R0 TsFltMgr; C:\Windows\System32\drivers\TsFltMgr.sys [137816 2016-04-26] (电脑管家)
    R1 TSKSP; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\TSKsp.sys [220984 2016-04-26] (电脑管家)
    R2 tsnethlp; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\TsNetHlp.sys [53368 2016-04-26] ()
    S3 TSSK; C:\Windows\System32\tssk.sys [83576 2016-04-26] (电脑管家)
    R1 TSSysKit; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\TSSysKit.sys [111736 2016-04-26] (电脑管家)
    U3 a33k87nn; C:\Windows\system32\Drivers\a33k87nn.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
    U3 alvlkl5j; C:\Windows\system32\Drivers\alvlkl5j.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
    S3 h647906; system32\drivers\h647906.sys [X]
    S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
    S2 protectiondrvr; \??\C:\Users\Violka\AppData\Local\Temp\nsr9FCB.tmp.sys [X]
    R1 SRepairDrv; \??\C:\Program Files\Tencent\QQPCMGR\SRepairDrv [X]
    S1 {1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw; system32\drivers\{1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw.sys [X]
    S1 {31c21995-b861-4864-ab50-4a53fbca73d4}Gw; system32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw.sys [X]
    S1 {371bcf01-e691-44bf-9345-60788e5d16a5}Gw; system32\drivers\{371bcf01-e691-44bf-9345-60788e5d16a5}Gw.sys [X]
    S1 {4cff408a-d9e7-47c3-a711-95133fcf7f45}Gw; system32\drivers\{4cff408a-d9e7-47c3-a711-95133fcf7f45}Gw.sys [X]
    S1 {55dce8ba-9dec-4013-937e-adbf9317d990}Gw; system32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw.sys [X]
    S1 {5c281c6e-0132-4ac6-ad9d-d1d95d218412}Gw; system32\drivers\{5c281c6e-0132-4ac6-ad9d-d1d95d218412}Gw.sys [X]
    S1 {693a0a5b-aa08-4a3c-b7e8-398a93e02cf2}Gw; system32\drivers\{693a0a5b-aa08-4a3c-b7e8-398a93e02cf2}Gw.sys [X]
    S1 {6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw; system32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw.sys [X]
    S1 {76eaa25f-d535-414d-8a8b-4bce0a94d247}Gw; system32\drivers\{76eaa25f-d535-414d-8a8b-4bce0a94d247}Gw.sys [X]
    S1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw; system32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw.sys [X]
    S1 {b99c8534-7800-48fa-bd71-519a46cdc7e1}w; system32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w.sys [X]
    S1 {df8eec40-f909-439c-9ffe-3fee212f71b9}Gw; system32\drivers\{df8eec40-f909-439c-9ffe-3fee212f71b9}Gw.sys [X]
    S1 {fef7f75c-f985-4250-96f9-8183cd04238b}Gw; system32\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw.sys [X]
    2016-04-28 15:44 - 2016-04-28 15:47 - 00002308 _____ C:\Users\Violka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
    2016-04-28 13:24 - 2016-04-26 19:27 - 00109688 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel.sys
    2016-04-26 19:28 - 2016-04-26 19:27 - 00159608 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFlt.sys
    2016-04-26 19:28 - 2016-04-26 19:27 - 00137816 _____ (电脑管家) C:\Windows\system32\Drivers\TsFltMgr.sys
    2016-04-26 19:28 - 2016-04-26 19:27 - 00126008 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator.sys
    2016-04-26 19:28 - 2016-04-26 19:27 - 00014008 _____ (Tencent) C:\Windows\system32\Drivers\TSDefenseBt.sys
    2016-04-21 18:38 - 2016-04-21 18:38 - 00005120 _____ C:\Users\Gość\AppData\Roaming\GiftBag.db
    2016-04-21 18:37 - 2016-04-21 18:37 - 00000000 ____D C:\Users\Gość\AppData\Roaming\Tencent
    2016-05-17 12:27 - 2016-03-26 14:38 - 00000000 ____D C:\ProgramData\TXQMPC
    2016-05-17 12:25 - 2016-03-27 17:24 - 00039928 _____ (Tencent) C:\Windows\system32\Drivers\TS888.sys
    2016-04-28 15:44 - 2016-01-30 15:01 - 00000000 ____D C:\Users\Violka\AppData\Roaming\WarThunder
    2016-04-28 15:08 - 2016-03-26 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
    2016-04-26 19:28 - 2016-03-26 14:37 - 00000000 ____D C:\Users\Violka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
    2016-04-26 19:28 - 2016-03-26 14:32 - 00000000 ____D C:\ProgramData\Tencent
    2016-04-26 19:27 - 2016-03-26 14:38 - 00083576 _____ (电脑管家) C:\Windows\system32\TSSK.sys
    2016-04-25 17:28 - 2009-07-14 06:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2015-09-06 14:42 - 2015-09-06 14:42 - 0613255 _____ (CMI Limited) C:\Users\Violka\AppData\Local\nsc5056.tmp
    2015-08-31 13:50 - 2015-08-31 13:50 - 0613255 _____ (CMI Limited) C:\Users\Violka\AppData\Local\nsf9F06.tmp
    2015-08-31 16:45 - 2015-08-31 16:45 - 0613255 _____ (CMI Limited) C:\Users\Violka\AppData\Local\nsg6F04.tmp
    2015-09-13 17:02 - 2015-09-13 17:02 - 0613255 _____ (CMI Limited) C:\Users\Violka\AppData\Local\nsh4E15.tmp
    2015-09-13 13:38 - 2015-09-13 13:38 - 0613255 _____ (CMI Limited) C:\Users\Violka\AppData\Local\nsh7247.tmp
    2015-09-01 10:50 - 2015-09-01 10:50 - 0613255 _____ (CMI Limited) C:\Users\Violka\AppData\Local\nsl77D0.tmp
    2015-09-02 18:25 - 2015-09-02 18:25 - 0613255 _____ (CMI Limited) C:\Users\Violka\AppData\Local\nsm36AE.tmp
    2015-09-13 15:29 - 2015-09-13 15:28 - 0613255 _____ (CMI Limited) C:\Users\Violka\AppData\Local\nsx546B.tmp
    2015-08-31 13:50 - 2015-09-13 17:02 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    EmptyTemp:

    W FRST wybierz Napraw.

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    0
  • Pomocny post
    #5 17 Maj 2016 14:13
    Acorus 20
    Spec od komputerów

    Odinstaluj AnySend, Kalendarz XP Packages, WarThunder, 电脑管家11.5. Wykonaj w trybie awaryjnym. Otwórz notatnik systemowy i wklej:

    Cytat:
    CloseProcesses:
    Task: {166AB1E0-B3D7-4D5B-B104-A81741B47E41} - System32\Tasks\{BE9385DB-FAFA-49C1-B4DE-6550108CBF50} => pcalua.exe -a c:\users\violka\appdata\local\lollipop\lollipop.bat
    Task: {D574C71B-E5AA-453C-8C50-9A1D60D840ED} - System32\Tasks\{00C4AF72-C3FC-4D81-8721-0A6ECD8F5AFE} => pcalua.exe -a C:\Users\Violka\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor
    ShortcutWithArgument: C:\Users\Violka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://mmotraffic.com/catalog/goplay/1000932/...k_id=7e2ce3f5e3633ae350273b36e6ee0cc50a3b2194
    ShortcutWithArgument: C:\Users\Violka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AION\AION.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://boost.games724.com/click/e41614aa08874...AtB0CtDzy2RtBtDtCyCtDtCtAtDtCyEtDtCtBtDzzzytC
    ShortcutWithArgument: C:\Users\Violka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AION.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://boost.games724.com/click/e41614aa08874...AtB0CtDzy2RtBtDtCyCtDtCtAtDtCyEtDtCtBtDzzzytC
    ShortcutWithArgument: C:\Users\Violka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://mmotraffic.com/catalog/goplay/1000932/...k_id=7e2ce3f5e3633ae350273b36e6ee0cc50a3b2194
    AlternateDataStreams: C:\ProgramData:NT [40]
    AlternateDataStreams: C:\ProgramData:NT2 [322]
    AlternateDataStreams: C:\Users\All Users:NT [40]
    AlternateDataStreams: C:\Users\All Users:NT2 [322]
    AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
    AlternateDataStreams: C:\ProgramData\Application Data:NT2 [322]
    AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT [40]
    AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2 [322]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [322]
    AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
    AlternateDataStreams: C:\Users\Violka\Dane aplikacji:NT [40]
    AlternateDataStreams: C:\Users\Violka\Dane aplikacji:NT2 [322]
    AlternateDataStreams: C:\Users\Violka\AppData\Roaming:NT [40]
    AlternateDataStreams: C:\Users\Violka\AppData\Roaming:NT2 [322]
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
    Hosts:
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [ QQPCTray] => C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe [362304 2016-04-26] (Tencent)
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\...\Run: [C] => C:\Windows\system32\GroupPolicy\Machine\Registry.pol [802 2016-03-25] ()
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\...\MountPoints2: {6ad9e70c-4726-11e4-900b-f46d0407894a} - G:\LGAutoRun.exe
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\...\MountPoints2: {75b7cecb-efd2-11e4-81e4-f46d0407894a} - G:\AutoRun.exe
    IFEO\volaro: [Debugger] tasklist.exe
    IFEO\vonteera: [Debugger] tasklist.exe
    ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QMGCShellExt.dll [2016-04-26] (Tencent)
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=90098758_hao_pg
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=90098758_hao_pg
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://smartsputnik.ru/?ri=1&uid=3dec004f872c833508344b0c3674bb5a&q={searchTerms}
    HKU\S-1-5-21-2199753682-2160900625-3662594704-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://smartsputnik.ru/?ri=1&uid=3dec004f872c833508344b0c3674bb5a&q={searchTerms}
    URLSearchHook: [S-1-5-21-2199753682-2160900625-3662594704-1000] UWAGA => Brak domyślnego URLSearchHook
    URLSearchHook: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000 - (Brak nazwy) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - Brak pliku
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://smartsputnik.ru/?ri=1&uid=3dec004f872c833508344b0c3674bb5a&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://smartsputnik.ru/?ri=1&uid=3dec004f872c833508344b0c3674bb5a&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3D} URL = hxxp://smartsputnik.ru/?ri=1&uid=3dec004f872c833508344b0c3674bb5a&q=
    SearchScopes: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000 -> {F4F110EF-D690-490E-AD30-2699691741F5} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-2199753682-2160900625-3662594704-1000 -> {szukaj.gazeta.pl} URL = hxxp://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms}
    BHO: Ó¦Óñ¦Ň»Ľü°˛×°˛ĺĽţ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
    FF Plugin: @qq.com/npAndroidAssistant -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
    FF Plugin: @qq.com/QQPCMgr -> C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\npQMExtensionsMozilla.dll [2016-04-26] (Tencent Technology (Shenzhen) Company Limited)
    OPR Extension: (Filter Results) - C:\Users\Violka\AppData\Roaming\Opera Software\Opera Stable\Extensions\onblafoeogkjbohjnpigkcmdcgkgkcfp [2015-06-14]
    U2 QQRepair54c; C:\Program Files\Tencent\QQPCMGR\Plugins\QQRepair54c [140608 2016-05-17] ()
    S2 QQRepairFixSVC; C:\Program Files\Tencent\QQPCMGR\QQRepairFixSVC [140608 2016-05-17] ()
    S2 QQRepair176; "C:\Program Files\Tencent\QQPCMGR\Plugins\QQRepair176" [X]
    S2 QQRepair20ec; "C:\Program Files\Tencent\QQPCMGR\Plugins\QQRepair20ec" [X]
    S2 Update Solution Real; "C:\Program Files\Solution Real\updateSolutionReal.exe" [X]
    S2 Update SunriseBrowse; "C:\Program Files\SunriseBrowse\updateSunriseBrowse.exe" [X]
    R1 QMUdisk; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QMUdisk.sys [104152 2016-02-28] (Tencent)
    R2 QQSysMon; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\QQSysMon.sys [120952 2016-04-26] (电脑管家)
    R3 softaal; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\softaal.sys [45816 2016-04-26] (Tencent)
    R3 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator.sys [126008 2016-04-26] (Tencent)
    R1 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernel.sys [109688 2016-04-26] (Tencent Technology(Shenzhen) Company Limited)
    R1 TFsFlt; C:\Windows\System32\Drivers\TFsFlt.sys [159608 2016-04-26] (电脑管家)
    R3 TS888; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\TS888.sys [39928 2016-05-17] (Tencent)
    R1 TSDefenseBt; C:\Windows\System32\DRIVERS\TSDefenseBt.sys [14008 2016-04-26] (Tencent)
    R0 TsFltMgr; C:\Windows\System32\drivers\TsFltMgr.sys [137816 2016-04-26] (电脑管家)
    R1 TSKSP; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\TSKsp.sys [220984 2016-04-26] (电脑管家)
    R2 tsnethlp; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\TsNetHlp.sys [53368 2016-04-26] ()
    S3 TSSK; C:\Windows\System32\tssk.sys [83576 2016-04-26] (电脑管家)
    R1 TSSysKit; C:\Program Files\Tencent\QQPCMgr\11.5.17490.219\TSSysKit.sys [111736 2016-04-26] (电脑管家)
    U3 a33k87nn; C:\Windows\system32\Drivers\a33k87nn.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
    U3 alvlkl5j; C:\Windows\system32\Drivers\alvlkl5j.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
    S3 h647906; system32\drivers\h647906.sys [X]
    S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
    S2 protectiondrvr; \??\C:\Users\Violka\AppData\Local\Temp\nsr9FCB.tmp.sys [X]
    R1 SRepairDrv; \??\C:\Program Files\Tencent\QQPCMGR\SRepairDrv [X]
    S1 {1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw; system32\drivers\{1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw.sys [X]
    S1 {31c21995-b861-4864-ab50-4a53fbca73d4}Gw; system32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw.sys [X]
    S1 {371bcf01-e691-44bf-9345-60788e5d16a5}Gw; system32\drivers\{371bcf01-e691-44bf-9345-60788e5d16a5}Gw.sys [X]
    S1 {4cff408a-d9e7-47c3-a711-95133fcf7f45}Gw; system32\drivers\{4cff408a-d9e7-47c3-a711-95133fcf7f45}Gw.sys [X]
    S1 {55dce8ba-9dec-4013-937e-adbf9317d990}Gw; system32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw.sys [X]
    S1 {5c281c6e-0132-4ac6-ad9d-d1d95d218412}Gw; system32\drivers\{5c281c6e-0132-4ac6-ad9d-d1d95d218412}Gw.sys [X]
    S1 {693a0a5b-aa08-4a3c-b7e8-398a93e02cf2}Gw; system32\drivers\{693a0a5b-aa08-4a3c-b7e8-398a93e02cf2}Gw.sys [X]
    S1 {6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw; system32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw.sys [X]
    S1 {76eaa25f-d535-414d-8a8b-4bce0a94d247}Gw; system32\drivers\{76eaa25f-d535-414d-8a8b-4bce0a94d247}Gw.sys [X]
    S1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw; system32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw.sys [X]
    S1 {b99c8534-7800-48fa-bd71-519a46cdc7e1}w; system32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w.sys [X]
    S1 {df8eec40-f909-439c-9ffe-3fee212f71b9}Gw; system32\drivers\{df8eec40-f909-439c-9ffe-3fee212f71b9}Gw.sys [X]
    S1 {fef7f75c-f985-4250-96f9-8183cd04238b}Gw; system32\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}Gw.sys [X]
    2016-04-28 15:44 - 2016-04-28 15:47 - 00002308 _____ C:\Users\Violka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
    2016-04-28 13:24 - 2016-04-26 19:27 - 00109688 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel.sys
    2016-04-26 19:28 - 2016-04-26 19:27 - 00159608 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFlt.sys
    2016-04-26 19:28 - 2016-04-26 19:27 - 00137816 _____ (电脑管家) C:\Windows\system32\Drivers\TsFltMgr.sys
    2016-04-26 19:28 - 2016-04-26 19:27 - 00126008 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator.sys
    2016-04-26 19:28 - 2016-04-26 19:27 - 00014008 _____ (Tencent) C:\Windows\system32\Drivers\TSDefenseBt.sys
    2016-04-21 18:38 - 2016-04-21 18:38 - 00005120 _____ C:\Users\Gość\AppData\Roaming\GiftBag.db
    2016-04-21 18:37 - 2016-04-21 18:37 - 00000000 ____D C:\Users\Gość\AppData\Roaming\Tencent
    2016-05-17 12:25 - 2016-03-27 17:24 - 00039928 _____ (Tencent) C:\Windows\system32\Drivers\TS888.sys
    2016-04-28 15:44 - 2016-01-30 15:01 - 00000000 ____D C:\Users\Violka\AppData\Roaming\WarThunder
    2016-04-28 15:08 - 2016-03-26 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
    2016-04-26 19:28 - 2016-03-26 14:37 - 00000000 ____D C:\Users\Violka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
    2016-04-26 19:28 - 2016-03-26 14:32 - 00000000 ____D C:\ProgramData\Tencent
    2016-04-26 19:27 - 2016-03-26 14:38 - 00083576 _____ (电脑管家) C:\Windows\system32\TSSK.sys
    C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    0
  • #6 17 Maj 2016 14:17
    deozur99
    Poziom 3  

    Tencent - Wredny adware, jak go usunąć?

    Podczas próby deinstalacji Tencent pojawia mi się to, totalnie nie wiem co mam tu klinąć

    0
  • #8 17 Maj 2016 14:40
    deozur99
    Poziom 3  

    Dzięki wielkie, udało się :D
    Tencent - Wredny adware, jak go usunąć?

    0