Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Safe Finder - jak usunac safe finder

fli09 10 Sie 2016 23:34 774 8
  • CControls
  • CControls
  • Pomocny post
    #3 11 Sie 2016 05:37
    krzychupar
    Poziom 41  

    Odinstaluj:
    SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.23.2.4686 - Enigma Software Group, LLC)

    Otwórz notatnik i wklej:
    Task: {130297E6-75C1-4851-842B-D577B1FE1DB1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {1D8E343B-ADE6-4D4D-925F-6289C2932E6B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {461F6B17-3303-4488-90D8-8D00AD20BB17} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {50E91D43-6492-4D8F-8FAE-A075839EA8F7} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2016-06-20] (Byte Technologies LLC) <==== UWAGA
    Task: {5169EF21-575F-4DA3-9C33-5538B4BA5872} - System32\Tasks\{01907B47-4346-0397-6B0E-5B1DA715F4D6} => C:\Users\PC\AppData\Roaming\PRICEF~1\SyncTask.exe <==== UWAGA
    Task: {68577A3E-DEE5-4F1A-B503-DDABE33594CA} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2016-06-20] (Byte Technologies LLC) <==== UWAGA
    Task: {7623B425-2BB0-4611-8B95-D4CEE47F68E4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {7F8313D0-2FA1-4F0D-8184-3B060297541B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {8FAD9548-D58A-4B13-83BA-AFDD046B1FA1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {A67D0B18-0928-44D2-83B1-C37D9E6D3774} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {A83D8616-907C-4550-983B-D3A431E1852B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {C765A2F2-0C93-41D6-945C-C1E32712B0EB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {DAB61A88-699D-4DB1-A7EC-E05E518D877C} - System32\Tasks\PCHypnotismKnobbedV2 => Rundll32.exe BacksSpecifics.dll,main 7 1 <==== UWAGA
    Task: {DD7AFAF4-CB11-4ECB-9A62-FC58FD2F334B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {F711EDED-AC49-4137-A242-A6EC2CDFE76A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: C:\WINDOWS\Tasks\{01907B47-4346-0397-6B0E-5B1DA715F4D6}.job => C:\Users\PC\AppData\Roaming\PRICEF~1\SyncTask.exe <==== UWAGA
    Hosts:
    HKLM\...\Run: [] => [X]
    AppInit_DLLs: C:\ProgramData\AppnormanetouQ\ZoomDox.dll => C:\ProgramData\AppnormanetouQ\ZoomDox.dll [358912 2016-08-07] ()
    AppInit_DLLs-x32: C:\ProgramData\AppnormanetouQ\Vaiatontip.dll => C:\ProgramData\AppnormanetouQ\Vaiatontip.dll [248320 2016-08-07] ()
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts...T1000DM003-1ER162_Z4Y6CGCMXXXXZ4Y6CGCM&q={searchTerms}




    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1...p;uid=ST1000DM003-1ER162_Z4Y6CGCMXXXXZ4Y6CGCM
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts...T1000DM003-1ER162_Z4Y6CGCMXXXXZ4Y6CGCM&q={searchTerms}
    HKU\S-1-5-21-3186184997-1522798990-869680950-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=dspp&...T1000DM003-1ER162_Z4Y6CGCMXXXXZ4Y6CGCM&q={searchTerms}
    SearchScopes: HKLM -> DefaultScope - brak wartości
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...gLCeqAWCl0sI57Y5JUF5xwa9u8z03G4JOvz8uz&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
    CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
    CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbidppmgmdmjgfenjdafcalmciolcehp] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [bbidppmgmdmjgfenjdafcalmciolcehp] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [jidkebcigjgheaahopdnlfaohgnocfai] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [knnaihaddpogmkclkahpcnhppgapinpe] - hxxps://clients2.google.com/service/update2/crx
    S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1072296 2016-08-10] (Enigma Software Group USA, LLC.)
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-08-10] ()
    U3 idsvc; Brak ImagePath
    2016-08-10 10:00 - 2016-08-10 10:00 - 00001139 _____ C:\Users\PC\Desktop\SpyHunter.lnk
    2016-08-10 10:00 - 2016-08-10 10:00 - 00000000 ____D C:\Users\PC\AppData\Roaming\Enigma Software Group
    2016-08-10 10:00 - 2016-08-10 10:00 - 00000000 ____D C:\sh4ldr
    2016-08-10 09:59 - 2016-08-10 09:59 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\PC\Downloads\sh-remover.exe
    2016-08-10 09:59 - 2016-08-10 09:59 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
    2016-08-10 09:59 - 2016-08-10 09:59 - 00000000 ____D C:\Program Files\Enigma Software Group
    2016-08-08 21:33 - 2016-08-08 21:33 - 00000000 ____D C:\ProgramData\ByteFence
    2016-08-08 21:22 - 2016-08-10 09:54 - 00000000 ____D C:\Program Files\ByteFence
    2016-08-08 21:22 - 2016-08-08 23:28 - 00003540 _____ C:\WINDOWS\System32\Tasks\ByteFence Scan
    2016-08-08 21:22 - 2016-08-08 23:26 - 00000000 ____D C:\AdwCleaner
    2016-08-08 21:22 - 2016-08-08 21:22 - 00003426 _____ C:\WINDOWS\System32\Tasks\ByteFence
    2016-08-08 21:22 - 2016-08-08 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
    2016-08-08 18:54 - 2016-08-08 18:54 - 00000000 _____ C:\autoexec.bat
    2016-08-08 18:53 - 2016-08-08 18:53 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\PC\Downloads\SpyHunter-Installer.exe
    2016-08-05 10:54 - 2016-08-10 23:19 - 00000000 ____D C:\ProgramData\AppnormanetouQ
    2016-08-05 10:54 - 2016-08-05 10:54 - 00000000 ____D C:\ProgramData\AppnormanetouQs
    2016-04-02 12:58 - 2016-04-02 12:58 - 6504960 _____ () C:\Users\PC\AppData\Roaming\agent.dat
    2016-04-02 12:58 - 2016-04-02 12:58 - 0065856 _____ () C:\Users\PC\AppData\Roaming\Config.xml
    2016-04-02 12:58 - 2016-04-02 12:58 - 0066663 _____ () C:\Users\PC\AppData\Roaming\inst.lat
    2016-04-02 12:58 - 2016-04-02 12:58 - 0014448 _____ () C:\Users\PC\AppData\Roaming\InstallationConfiguration.xml
    2016-04-02 12:58 - 2016-04-02 12:58 - 0127488 _____ () C:\Users\PC\AppData\Roaming\Installer.dat
    2016-04-02 12:58 - 2016-04-02 12:58 - 0018432 _____ () C:\Users\PC\AppData\Roaming\Main.dat
    2016-04-02 12:58 - 2016-04-02 12:58 - 0005568 _____ () C:\Users\PC\AppData\Roaming\md.xml
    2016-04-02 12:58 - 2016-04-02 12:58 - 0126464 _____ () C:\Users\PC\AppData\Roaming\noah.dat
    2016-04-02 12:58 - 2016-04-02 12:58 - 0402905 _____ () C:\Users\PC\AppData\Roaming\Runlax.bin
    2016-04-02 12:58 - 2016-04-02 12:58 - 0032038 _____ () C:\Users\PC\AppData\Roaming\uninstall_temp.ico
    2016-04-02 12:58 - 2016-04-02 12:58 - 1626591 _____ () C:\Users\PC\AppData\Roaming\Warmlux.tst
    2015-04-30 11:35 - 2015-04-30 11:36 - 1065984 _____ () C:\Users\PC\AppData\Local\file__0.localstorage
    2015-05-29 18:23 - 2015-05-29 18:23 - 0000980 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
    C:\ProgramData\fontcacheev1.dat
    C:\Windows\Tasks\{01907B47-4346-0397-6B0E-5B1DA715F4D6}.job
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się FRST.exe
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #4 11 Sie 2016 09:38
    Kolobos
    Spec od komputerów

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    0
  • #6 11 Sie 2016 23:19
    Kolobos
    Spec od komputerów

    To nie sa nowe logi ze skanowania, tylko fixlog.

    0
  • #9 11 Sie 2016 23:45
    fli09
    Poziom 2  

    Zgadza się, to wszystko. Chłopaki, dzięki Wam bardzo za pomoc, pozdrawiam :)
    Safe Finder - jak usunac safe finder

    0