Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

podejrzenie wirusa - FPSY

goldbalon 12 Lip 2016 15:19 513 1
  • Pomocny post
    #2 12 Lip 2016 15:36
    Domino_2
    Pomocny dla użytkowników

    Odinstaluj Java 7 Update 80, Java 8 Update 51, Java 8 Update 72, McAfee Security Scan Plus i Setup.

    Cytat:

    CloseProcesses:
    AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
    AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
    Task: {035A9344-A916-454A-8EF1-B593B6B7F603} - System32\Tasks\DailyPCClean Schedule => C:\Program Files\DailyPCClean\OSPCSchedule.exe <==== UWAGA
    Task: {03C784F3-9908-4D6B-9205-54893DE64CE0} - System32\Tasks\{94769C65-17C9-4744-A788-2846CF8C566E} => pcalua.exe -a "C:\Users\PC\Downloads\Serious Sam - Pierwsze Starcie PL._5fantastic.pl_.exe" -d C:\Users\PC\Downloads
    Task: {06EB2BA3-A1ED-4561-A6CB-D12BF230959B} - System32\Tasks\4f8458e0-b52e-4804-91a0-073d0e40aebf-5 => C:\Program Files\CinemaPlus-3.2cV18.10\4f8458e0-b52e-4804-91a0-073d0e40aebf-5.exe <==== UWAGA
    Task: {10CB7F0F-CCEF-44FC-868F-6FF889ECD65B} - System32\Tasks\Opera scheduled Autoupdate 1460897668 => C:\Program Files\Opera\launcher.exe [2016-07-01] (Opera Software)
    Task: {12D5B0AB-039A-48B5-B0DD-D36081C80949} - System32\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-7 => C:\Program Files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-7.exe <==== UWAGA
    Task: {1B7A329F-194F-42AE-B24B-21C2F361F5D1} - System32\Tasks\{3D609004-69C3-450F-8D77-7D824E152087} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/pl/privacy
    Task: {1EAC1347-9921-4DFB-9AEA-B2AAE5C320A8} - System32\Tasks\4f8458e0-b52e-4804-91a0-073d0e40aebf-1-7 => C:\Program Files\CinemaPlus-3.2cV18.10\4f8458e0-b52e-4804-91a0-073d0e40aebf-1-7.exe <==== UWAGA
    Task: {29CF4704-ACD0-4A0B-82AC-40BC79DD4F11} - System32\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-5 => C:\Program Files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-5.exe <==== UWAGA
    Task: {31522C20-5CC3-4C64-85B0-86D8C2F528AE} - System32\Tasks\{8ED79644-0A55-45AE-BEE7-D2128F7B8024} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.12.0.101/pl/exitsurvey
    Task: {32AEA8BE-4331-4DF6-8AA1-28D106C67C19} - System32\Tasks\chroomiumBrowserUpdateCore => C:\Program Files\chroomium Browser\chroomium\bin\browserServer.exe <==== UWAGA
    Task: {3E53EB43-3144-46DF-9921-B54B7796F5F2} - System32\Tasks\SafeZone scheduled Autoupdate 1465961153 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
    Task: {43D8C072-BE41-49E9-87A3-EE43005603AD} - System32\Tasks\{9CA940B2-B552-47E3-8AA3-E8F7822A44AC} => pcalua.exe -a "C:\Program Files\Electronic Arts\The Sims Historie z bezludnej wyspy\EAUninstall.exe"




    Task: {61D4A201-C110-4687-A045-776F7D99A747} - System32\Tasks\{F9D82503-4F50-4649-936C-2F17B1908E09} => pcalua.exe -a F:\autorun.exe -d F:\
    Task: {689DB3C9-F722-4BCB-BF7E-B3C4589AEEDE} - System32\Tasks\chroomiumBrowserUpdateUA => C:\Program Files\chroomium Browser\chroomium\bin\browserServer.exe <==== UWAGA
    Task: {6BFD2BDD-BACE-43B1-82AA-836CCD9E8B51} - System32\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-5_user => C:\Program Files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-5.exe <==== UWAGA
    Task: {767FD450-64CA-4790-B31F-57E29D60D114} - \BitGuard -> Brak pliku <==== UWAGA
    Task: {7683E3BB-9373-4ABE-ADAD-FE75CB4C2A29} - System32\Tasks\{0A05BD8B-465A-415C-8BC1-9239AE369808} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -c -runfromtemp -l0x0015 -removeonly
    Task: {7C189923-27CD-4EF2-939F-D5AA5C0D765B} - System32\Tasks\{1CA685E2-D097-4477-9EE9-0E686769C9FB} => pcalua.exe -a "G:\sterowniki\STEROWNIKI DO KOMPUTERA .MS-7255\GT-230\275.33-desktop-winxp-32bit-international-whql.exe" -d "G:\sterowniki\STEROWNIKI DO KOMPUTERA .MS-7255\GT-230"
    Task: {85900D8C-C671-4174-9435-F95DFAF9C452} - System32\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-3 => C:\Program Files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-3.exe <==== UWAGA
    Task: {8DE9ABE3-C800-4A5E-8CF4-FA57114A9DBB} - System32\Tasks\4f8458e0-b52e-4804-91a0-073d0e40aebf-5_user => C:\Program Files\CinemaPlus-3.2cV18.10\4f8458e0-b52e-4804-91a0-073d0e40aebf-5.exe <==== UWAGA
    Task: {94519D9A-3D76-4435-8AE9-2503E2CD28AF} - System32\Tasks\LaunchApp => C:\Program Files\MyPC Backup\MyPC Backup.exe <==== UWAGA
    Task: {ACA4F553-D0B9-411E-8653-BEE7A96E4BEF} - System32\Tasks\PutLockerDownloader V3.0-codedownloader => C:\Program Files\PutLockerDownloader V3.0\PutLockerDownloader V3.0-codedownloader.exe <==== UWAGA
    Task: {B8D65386-2192-4D5F-927C-223E3A7E3EF4} - System32\Tasks\{C8713E9D-9D43-4AAB-8728-40B8FA6F0358} => pcalua.exe -a "C:\Program Files\Serious Sam - Pierwsze Starcie\Uninstal.exe"
    Task: {C68C60A5-FB38-4D3A-A38A-E40948ADFA2E} - System32\Tasks\chroomiumCheckTask => C:\Program Files\chroomium Browser\chroomium\bin\browserServer.exe <==== UWAGA
    Task: {DE0F55EF-D07C-49BA-B71D-3BB0B2C6E6E6} - System32\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-1-7 => C:\Program Files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-1-7.exe <==== UWAGA
    Task: {E3416A2E-18AB-4DA3-8DAA-EA9E63488BBD} - System32\Tasks\{492B9025-A301-4F8F-B3A2-87C1724CABDE} => pcalua.exe -a "C:\Program Files\Serious Sam - Pierwsze Starcie\Uninstal.exe"
    Task: C:\Windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-1-7.job => C:\Program Files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-1-7.exe <==== UWAGA
    Task: C:\Windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-3.job => C:\Program Files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-3.exe <==== UWAGA
    Task: C:\Windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-5.job => C:\Program Files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-5.exe <==== UWAGA
    Task: C:\Windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-5_user.job => C:\Program Files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-5.exe <==== UWAGA
    Task: C:\Windows\Tasks\2ef1708f-c754-4133-bd21-61d2fd7cc161-7.job => C:\Program Files\CinemaPlus-3.2cV17.10\2ef1708f-c754-4133-bd21-61d2fd7cc161-7.exe <==== UWAGA
    Task: C:\Windows\Tasks\4f8458e0-b52e-4804-91a0-073d0e40aebf-1-7.job => C:\Program Files\CinemaPlus-3.2cV18.10\4f8458e0-b52e-4804-91a0-073d0e40aebf-1-7.exe <==== UWAGA
    Task: C:\Windows\Tasks\4f8458e0-b52e-4804-91a0-073d0e40aebf-5.job => C:\Program Files\CinemaPlus-3.2cV18.10\4f8458e0-b52e-4804-91a0-073d0e40aebf-5.exe <==== UWAGA
    Task: C:\Windows\Tasks\4f8458e0-b52e-4804-91a0-073d0e40aebf-5_user.job => C:\Program Files\CinemaPlus-3.2cV18.10\4f8458e0-b52e-4804-91a0-073d0e40aebf-5.exe <==== UWAGA
    Task: C:\Windows\Tasks\PutLockerDownloader V3.0-codedownloader.job => C:\Program Files\PutLockerDownloader V3.0\PutLockerDownloader V3.0-codedownloader.exeƸ/reinstallapp /agentregpath='PutLockerDownloader V3.0' /appid=35580 /srcid='000180' /subid='0' /zdata='0' /bic=17A92338C90A4E78896F218D5A5D5BE8IE /verifier=f7aba43b8e5d33203ab36eaacef3f7da /installerversion=1_27_153 /installerfullversion=1.27.153.8 /installationtime=1379432732 /statsdomain=hxxp:/stats.datasrvstats.com /errorsdomain=hxxp:/errors.datasrvstats.com /codedownloaddomain=hxxp:/cr.install-daddy.com <==== UWAGA
    Shortcut: C:\Users\PC\AppData\Local\Microsoft\Windows\GameExplorer\{F666BFE6-4C2C-48B7-BF02-94B1A1BF1110}\SupportTasks\0\Pomoc techniczna.lnk -> hxxp://support.microsoft.com/games/ (Brak pliku)
    Shortcut: C:\Users\PC\AppData\Local\Microsoft\Windows\GameExplorer\{EB9A0AB1-D9DC-43E8-8A4B-A8D89DD3ECB5}\SupportTasks\1\Pomoc techniczna.lnk -> hxxp://www.runningwithscissors.com/ (Brak pliku)
    Shortcut: C:\Users\PC\AppData\Local\Microsoft\Windows\GameExplorer\{EB9A0AB1-D9DC-43E8-8A4B-A8D89DD3ECB5}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.gopostal.com/postal2/index.php/ (Brak pliku)
    Shortcut: C:\Users\PC\AppData\Local\Microsoft\Windows\GameExplorer\{DFDBC910-C8DF-4E0D-ABEA-957F432175DC}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.painkillergame.com/ (Brak pliku)
    Shortcut: C:\Users\PC\AppData\Local\Microsoft\Windows\GameExplorer\{A33F0907-0553-4CD3-9E39-666BA97EF0F3}\SupportTasks\0\Pomoc techniczna.lnk -> hxxp://support.microsoft.com/games/ (Brak pliku)
    Shortcut: C:\Users\PC\AppData\Local\Microsoft\Windows\GameExplorer\{8018356C-CA56-43DE-AC07-C43BE7CE0FA0}\SupportTasks\0\Pomoc techniczna.lnk -> hxxp://support.microsoft.com/games/ (Brak pliku)
    Shortcut: C:\Users\PC\AppData\Local\Microsoft\Windows\GameExplorer\{6534E461-313C-4D63-B48F-2E11D26D45AF}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.rockstargames.com/sanandreas/ (Brak pliku)
    Shortcut: C:\Users\PC\AppData\Local\Microsoft\Windows\GameExplorer\{076C44E6-12D4-4EDF-8E8C-57E9F373D264}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.rockstargames.com/sanandreas/ (Brak pliku)
    ShortcutWithArgument: C:\Users\PC\GG dysk\Search.lnk -> C:\ProgramData\DSearchLink\DSearchLink.exe () -> -url hxxp://www2.delta-search.com/?babsrc=DT_ss&am...affID=119357&tt=160913_nocpn&tsp=5012 -wbr 2
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe
    HKLM\...\Run: [mbot_pl_194] => [X]
    HKLM\...\Run: [gmsd_pl_005010117] => [X]
    HKU\S-1-5-21-2722954426-194740101-3366692675-1000\...\MountPoints2: {69026f3c-21ef-11e4-b2f7-bc5ff490626a} - G:\setup.exe
    ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-07-03]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe (McAfee, Inc.)
    BootExecute: autocheck autochk * aswBoot.exe /M:17b01769 /dir:"C:\Program Files\AVAST Software\Avast"
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    CHR HKU\S-1-5-21-2722954426-194740101-3366692675-1000\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    ProxyServer: [S-1-5-21-2722954426-194740101-3366692675-1000] => http=127.0.0.1:8080;https=127.0.0.1:8080
    SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://yoursites123.com/web?type=ds&ts=14...7173&uid=395049983_266162_882FEECE&q={searchTerms}
    SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://pl.yhs4.search.yahoo.com/yhs/search?hs...vast&hsimp=yhs-001&type=odc414&p={searchTerms}
    SearchScopes: HKLM -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchsunmy.info/?l=1&q={searchTerms}&pid=34&r=2014/01/11&hid=471887835629331750&lg=EN&cc=PL&unqvl=45
    SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
    SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKU\S-1-5-21-2722954426-194740101-3366692675-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2722954426-194740101-3366692675-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    SearchScopes: HKU\S-1-5-21-2722954426-194740101-3366692675-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    SearchScopes: HKU\S-1-5-21-2722954426-194740101-3366692675-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.golsearch.com/?q={searchTerms}&babsrc=SP_ss_Btisdt6&mntrId=882FBC5FF490626A&affID=119357&tt=160913_nocpn&tsp=5012
    SearchScopes: HKU\S-1-5-21-2722954426-194740101-3366692675-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://yoursites123.com/web?type=ds&ts=14...7173&uid=395049983_266162_882FEECE&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2722954426-194740101-3366692675-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    SearchScopes: HKU\S-1-5-21-2722954426-194740101-3366692675-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://pl.yhs4.search.yahoo.com/yhs/search?hs...vast&hsimp=yhs-001&type=odc414&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2722954426-194740101-3366692675-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchsunmy.info/?l=1&q={searchTerms}&pid=34&r=2014/01/11&hid=471887835629331750&lg=EN&cc=PL&unqvl=45
    SearchScopes: HKU\S-1-5-21-2722954426-194740101-3366692675-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Brak pliku
    StartMenuInternet: IEXPLORE.EXE - "c:\program files\internet explorer\iexplore.exe" hxxp://www.yoursites123.com/?type=sc&ts=1...m=ient07021&uid=395049983_266162_882FEECE
    FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Brak pliku]
    FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Brak pliku]
    FF Plugin: @qq.com/npAndroidAssistant -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
    FF user.js: detected! => C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ern1ab70.default\user.js [2015-05-15]
    FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ryb4kogq.default\extensions\quick_start@gmail.com => nie znaleziono
    FF HKU\S-1-5-21-2722954426-194740101-3366692675-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [Brak podpisu cyfrowego]
    CHR HomePage: Default -> www.aqovd.com?oem=sunadplv3&uid=Z2A2WTC9_ST3500413AS&tm=1445089170
    CHR StartupUrls: Default -> "hxxp://www.yoursites123.com/?type=hp&ts=1450952512&z=99ebf13f5cf3be866c668b9gez8wfeft0w2o1w1gdb&from=wpm07173&uid=395049983_266162_882FEECE"
    CHR Extension: (电脑管家上网防护) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-06-02]
    CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [faklkmlkcleeoibffcbligohmkciloif] - C:\Program Files\PutLockerDownloader\PutLockerDownloader10.crx <nie znaleziono>
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.334\McCHSvc.exe [239880 2016-05-31] (McAfee, Inc.)
    S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
    S2 dijojyvi; C:\Program Files\03000200-1445073457-0500-0006-000700080009\hnsy96F3.tmp [X]
    S2 foqegyhe; C:\Program Files\03000200-1445073457-0500-0006-000700080009\knsx8A02.tmp [X]
    S2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [X]
    S2 myqityze; C:\Program Files\03000200-1445073457-0500-0006-000700080009\jnsp735C.tmp [X]
    S3 Origin Client Service; "C:\Program Files\Origin\OriginClientService.exe" [X]
    S2 WinNetSvc; Brak ImagePath
    S2 WSModules; C:\Program Files\chroomium Browser\chroomium\bin\browserServer.exe [X]
    U3 Winsock; Brak ImagePath
    S3 cpuz134; \??\C:\Users\PC\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
    S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
    S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
    S1 iSafeKrnl; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [X]
    S1 iSafeKrnlKit; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [X]
    S1 iSafeKrnlMon; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [X]
    S1 iSafeNetFilter; system32\DRIVERS\iSafeNetFilter.sys [X]
    S1 lxctqbqy; \??\C:\Windows\system32\drivers\lxctqbqy.sys [X]
    S1 QMUdisk; \??\C:\Program Files\Tencent\QQPCMgr\11.6.17645.227\QMUdisk.sys [X]
    S3 softaal; \??\C:\Program Files\Tencent\QQPCMgr\11.6.17645.227\softaal.sys [X]
    S2 tsnethlp; \??\C:\Program Files\Tencent\QQPCMgr\11.6.17645.227\TsNetHlp.sys [X]
    S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
    S1 wwfd_vt_1_10_0_24; system32\drivers\wwfd_vt_1_10_0_24.sys [X]
    S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
    2016-07-03 17:09 - 2016-07-03 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    2016-07-03 17:09 - 2016-03-25 23:14 - 00002005 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    2016-07-03 17:09 - 2016-03-25 23:14 - 00000000 ____D C:\Program Files\McAfee Security Scan
    C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    C:\Users\PC\DSETUP.dll
    C:\Users\PC\dsetup32.dll
    C:\Users\PC\DXSETUP.exe
    EmptyTemp:


    Wklej to do notatnika i zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się plik FRST.exe/FRST64.exe, odpal go i kliknij Fix/Napraw.

    Następnie przeskanuj komputer programami ADWCleaner i MBAM, usuń to co wykryją i na koniec załącz nowe logi z FRST.

    0