Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Ads by Albireo - nie wiem jak usunąć :(

komoroek11 19 Cze 2016 20:48 486 1
  • #2 19 Cze 2016 20:55
    Kolobos
    Spec od komputerów

    Zainstaluj: https://support.microsoft.com/pl-pl/kb/2545227

    Fixlist.txt dla FRST:
    Task: {2FB90B57-16AC-49EB-B3A2-E9123BDCB7CE} - \e-pity2012_styczen -> Brak pliku <==== UWAGA
    Task: {51EBF639-A10E-466F-A5C0-6EBDAA508B1E} - System32\Tasks\{19280F25-0AD4-40BC-8C91-0EB866D2CDC4} => C:\Users\USER\Desktop\cmospwd-5.0\windows\cmospwd_win.exe
    Task: {77FA0DDB-9071-4B14-A2BA-1451E066E331} - \e-pity2013_styczen -> Brak pliku <==== UWAGA
    Task: {9BF66164-F1BC-4449-81EF-4094A429CA7C} - \e-pity2013_kwiecien -> Brak pliku <==== UWAGA
    Task: {AD9142AC-FA22-4C04-BDB5-D4873A40257A} - \e-pity2012_kwiecien -> Brak pliku <==== UWAGA
    Task: {FF4CC6C2-7601-47A6-AA95-1AD25C0CF3E9} - System32\Tasks\{53F7B123-8955-4FE3-915B-CB5C08CA21C4} => C:\Users\USER\Desktop\cmospwd-5.0\windows\cmospwd_win.exe
    Task: C:\Windows\Tasks\PPTAssistantNotifyTask_USER.job => C:\Users\USER\AppData\Local\PPTAssist\notify.exe <==== UWAGA
    Task: C:\Windows\Tasks\PPTAssistantUpdateTask_USER.job => C:\Users\USER\AppData\Local\PPTAssist\assistupdate.exe <==== UWAGA
    ShortcutWithArgument: C:\Users\USER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program
    Hosts:
    HKU\S-1-5-21-2997815449-802713736-166870607-1000\...\MountPoints2: {27b48522-4e78-11e2-864a-0021cc64d51d} - F:\Setup.exe
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
    BootExecute: PDBoot.exeautocheck autochk * sdnclean.exe
    SearchScopes: HKLM -> DefaultScope - brak wartości
    FF NewTab:
    FF SearchEngineOrder.3: Bing
    FF Homepage:
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=U270DF&PC=U270&q=
    FF user.js: detected! => C:\Users\USER\AppData\Roaming\Profiles\ohykhz4m.default\user.js [2016-06-12]
    FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\7gc5rdwn.default\searchplugins\bing-.xml [2016-03-03]
    FF SearchPlugin: C:\Users\USER\AppData\Roaming\Profiles\ohykhz4m.default\searchplugins\6vftl5d3.xml [2016-06-12]
    FF SearchPlugin: C:\Users\USER\AppData\Roaming\Profiles\ohykhz4m.default\searchplugins\bing-.xml [2016-03-03]
    FF Extension: Brak nazwy - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\7gc5rdwn.default\extensions\deskCutv2@gmail.com [nie znaleziono]
    FF Extension: Brak nazwy - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\7gc5rdwn.default\extensions\yahooprotected@gmail.com [nie znaleziono]
    FF Extension: Brak nazwy - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\7gc5rdwn.default\extensions\default_newtabff@gmail.com [nie znaleziono]
    FF Extension: Bing Search - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\7gc5rdwn.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-03-03]




    FF Extension: Wooden Seal 1.0.1 - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\7gc5rdwn.default\Extensions\{9ea97561-14d1-416f-8eaf-ce73a13a8574}.xpi [2015-12-10] [Brak podpisu cyfrowego]
    FF Extension: Bing Search - C:\Users\USER\AppData\Roaming\Profiles\ohykhz4m.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-03-03]
    FF Extension: Wooden Seal 1.0.1 - C:\Users\USER\AppData\Roaming\Profiles\ohykhz4m.default\Extensions\{9ea97561-14d1-416f-8eaf-ce73a13a8574}.xpi [2015-12-10] [Brak podpisu cyfrowego]
    CHR DefaultSearchURL: Profile 2 -> hxxp://feed.safefinder.biz/?fext=true&pub...publisher=extensiondefaultap&st=ed&q={searchTerms}
    CHR DefaultSearchKeyword: Profile 2 -> SafeFinder
    CHR Extension: (SafeFinder Search) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jidkebcigjgheaahopdnlfaohgnocfai [2016-06-19]
    CHR HKLM\...\Chrome\Extension: [jidkebcigjgheaahopdnlfaohgnocfai] - hxxps://clients2.google.com/service/update2/crx
    S2 QqrCloudsrv; "C:\Program Files\Qiqerylugase\QqrCloudsrv.html5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]
    S3 blNetFilter; \??\C:\Windows\system32\drivers\blNetFilter.sys [X]
    S3 BRDriver_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys [X]
    S3 BT; system32\DRIVERS\btnetdrv.sys [X]
    S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
    S0 CGNEITTHPJ; System32\Drivers\askProtect.sys [X]
    S3 cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [X]
    S3 IvtComBusSrv; System32\Drivers\btcombus.sys [X]
    2016-06-19 19:12 - 2016-06-19 19:12 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\USER\Downloads\SpyHunter-Installer.exe
    2016-06-19 17:32 - 2016-06-19 17:32 - 06871040 _____ C:\Program Files\GUTCFEC.tmp
    2016-06-19 17:32 - 2016-06-19 17:32 - 00000000 ____D C:\Program Files\GUMCFEB.tmp
    2016-06-16 20:20 - 2016-06-16 20:20 - 03703360 _____ C:\Users\USER\Downloads\adwcleaner_5.200.exe
    2016-06-16 20:04 - 2016-06-16 20:04 - 00984704 _____ ( ) C:\Users\USER\Downloads\HDVideoPlayer_3493339972.exe
    2016-06-13 16:41 - 2016-06-13 16:41 - 06867968 _____ C:\Users\USER\AppData\Roaming\agent.dat
    2016-06-13 16:41 - 2016-06-13 16:41 - 01759964 _____ C:\Users\USER\AppData\Roaming\Flextex.tst
    2016-06-13 16:41 - 2016-06-13 16:41 - 00128512 _____ C:\Users\USER\AppData\Roaming\Installer.dat
    2016-06-13 16:41 - 2016-06-13 16:41 - 00126464 _____ C:\Users\USER\AppData\Roaming\noah.dat
    2016-06-13 16:41 - 2016-06-13 16:41 - 00067968 _____ C:\Users\USER\AppData\Roaming\Config.xml
    2016-06-13 16:41 - 2016-06-13 16:41 - 00018432 _____ C:\Users\USER\AppData\Roaming\Main.dat
    2016-06-13 16:41 - 2016-06-13 16:41 - 00014448 _____ C:\Users\USER\AppData\Roaming\InstallationConfiguration.xml
    2016-06-13 16:41 - 2016-06-13 16:41 - 00005568 _____ C:\Users\USER\AppData\Roaming\md.xml
    2016-06-12 19:39 - 2016-06-13 16:12 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
    2016-06-12 19:39 - 2016-06-12 20:11 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2016-06-12 19:39 - 2016-06-12 19:39 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\USER\Downloads\spybot-2.4.exe
    2016-06-12 18:51 - 2016-02-18 10:10 - 05267952 _____ () C:\Users\USER\AppData\Roaming\ziptool_wc-9015_setup.exe
    2016-06-12 18:43 - 2016-06-12 20:14 - 00250912 _____ C:\Windows\system32\kz.exe
    2016-06-12 18:16 - 2016-06-19 18:04 - 00000000 ____D C:\AdwCleaner
    2016-06-12 18:14 - 2016-06-12 19:07 - 00000000 ____D C:\Users\USER\AppData\Roaming\Kuaizip
    2016-06-12 18:14 - 2016-06-12 18:14 - 00000000 ____D C:\Users\USER\AppData\Roaming\Softlink
    2016-06-12 18:13 - 2016-06-12 18:13 - 00000596 _____ C:\Windows\Tasks\PPTAssistantUpdateTask_USER.job
    2016-06-12 18:13 - 2016-06-12 18:13 - 00000326 _____ C:\Windows\Tasks\PPTAssistantNotifyTask_USER.job
    2016-06-12 18:13 - 2016-05-04 10:44 - 04232400 _____ (Kingsoft Corp. Ltd.) C:\Users\USER\AppData\Roaming\OfficeAssist.0172.80.1384.exe
    2016-06-12 18:06 - 2016-06-12 18:06 - 00000000 ____D C:\Windows\system32\hanr
    2016-06-12 17:35 - 2016-06-12 18:13 - 00000000 ____D C:\ProgramData\kingsoft
    2016-06-12 17:24 - 2016-06-12 17:24 - 00000000 ____D C:\Users\USER\AppData\LocalLow\Company
    2016-06-12 17:24 - 2016-06-12 17:24 - 00000000 ____D C:\Users\USER\AppData\Local\Tempfolder
    2016-06-12 17:24 - 2016-05-27 11:28 - 51990120 _____ C:\Users\USER\AppData\Roaming\qqpcmgr_v11.5.17490.219_90136_Silence.exe
    2016-06-12 17:23 - 2016-04-22 12:35 - 51987648 _____ C:\Users\USER\AppData\Roaming\qqpcmgr_v11.5.17490.219_72564_Silence.exe
    2016-06-12 17:18 - 2016-06-12 17:22 - 00000000 ____D C:\Program Files\Atatuch
    2016-06-12 17:18 - 2016-06-12 17:21 - 00000000 ____D C:\Program Files\Libasaraming
    2016-05-31 11:24 - 2016-06-12 19:25 - 47941296 _____ (Maxthon International ltd.) C:\Users\USER\AppData\Roaming\mx_4bz2016_en.exe
    EmptyTemp:

    W FRST wybierz Napraw.

    Usun katalog C:\FRST.

    Zrob pelny skan przy pomocy Mbam i usun to co wykryje:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

    Avast przeinstaluj.

    0
  Szukaj w 5mln produktów