Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

easydialsearch.com- usunięcie z Chrome

Irenty 01 Wrz 2016 10:53 510 4
  • #2 01 Wrz 2016 11:07
    Kolobos
    Spec od komputerów

    Uzyj Adwc: http://www.bleepingcomputer.com/download/adwcleaner/ opcja Szukaj i Usun.

    Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
    Task: {1B7EA659-2E20-4FB1-9C5B-8035F20579D3} - System32\Tasks\SPBIW_UpdateTask_Time_333330333936313533372d7837235a576c4a3241345041 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== UWAGA
    Task: {3341C265-7D72-41D5-BE3E-DD9A7F2B1931} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {37FC2C43-EFDD-4537-BDCC-10C5749BBC93} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {3EA33176-B6ED-4499-9226-E0D6A6B95015} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {6AD8EE7A-24DE-4D61-ADF9-414172AF4830} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {6D57BD50-E9AD-4768-9909-1DF89DE53B5E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {76847679-4ACA-4910-A59D-F0A3D790E0FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {78081491-ED6B-4C86-96D1-2D0179C08698} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {C4EB7982-0F2C-4B34-86C8-837C4E7DB9FF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {CB1F2391-AE00-4F49-9766-E1A49983464B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {CFF36C1C-0D5E-4C34-9545-10E39DB1AC77} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {D2ACB6D4-6677-4847-9952-D43F44CE2C7A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Hosts:
    HKLM-x32\...\Run: [mbot_pl_014010152] => [X]
    HKLM-x32\...\Run: [CompeGPSDev] => [X]
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Brak pliku
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    SearchScopes: HKLM -> DefaultScope - brak wartości
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości




    FF NewTab: hxxps://www.amazon.com/gp/bit/amazonserp/ref=...nnel-17_2cfabaee_1201_1403_20160502_PL_ff_nt_
    FF SearchEngineOrder.1: Amazon
    FF Homepage: hxxp://google.pl/
    FF user.js: detected! => C:\Users\Irek\AppData\Roaming\Mozilla\Firefox\Profiles\8j7hmu2x.default-1460401975805\user.js [2016-08-20]
    FF Extension: (Brak nazwy) - C:\Users\Irek\AppData\Roaming\Mozilla\Firefox\Profiles\8j7hmu2x.default-1460401975805\Extensions\jid1-MVBjD3PCN9WVIR@jetpack.xpi [2016-08-17]
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!2E2AF71884D4C23C8637655628D21D762E2A.js [2015-11-20] <==== UWAGA
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\2E2AF71884D4C23C8637655628D21D762E2A [2015-11-20] <==== UWAGA
    CHR StartupUrls: Default -> "hxxp://www.google.pl/","hxxps://isearch.avg.com/?cid={CA446985-9DA9-4292-8ECE-B5F970C1026D}&mid=0c87368405f647d0ab85591a68090a9d-3e1dba0f002d6d3123a895ac11acb882e864f550&lang=pl&ds=xn011&pr=sa&d=2012-10-11 23:37:33&v=13.0.0.7&sap=hp","hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=941cdaef00000000000088532eede36b","hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=941C88532EEDE36B&affID=123641&tsp=4985","hxxp://www.gazeta.pl/0,0.html?p=180&d=20140605","hxxp://www.sweet-page.com/?type=hp&ts=1403019373&from=sof&uid=SamsungXSSDX840XSeries_S14GNEACB80582T","hxxp://www.google.com","hxxp://www.default-search.net?sid=476&aid=132&itype=a&ver=12692&tm=317&src=hmp","hxxp://www.istartsurf.com/?type=hp&ts=1447532583&z=e4fc83b2e8e7720b4b12550g7z6z9maw1c5o6w3b0c&from=obw&uid=samsungxssdx840xseries_s14gneacb80582t","hxxp://www.yoursites123.com/?type=hp&ts=1450865183&z=a9cac906ad973be7226e5b1gbz7w0e8b4qfw6g6b9c&from=wpm07173&uid=SamsungXSSDX840XSeries_S14GNEACB80582T"
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-26] ()
    S3 esgiguard; \??\C:\Users\Irek\AppData\Local\Temp\RarSFX1\esgiguard.sys [X]
    U3 idsvc; Brak ImagePath
    2016-08-23 13:50 - 2016-08-23 13:50 - 00001132 _____ C:\spyhunter.fix
    2016-08-23 13:50 - 2015-04-17 03:11 - 00021888 _____ C:\WINDOWS\SysWOW64\sh4native.exe
    2016-02-29 16:57 - 2016-02-29 16:57 - 0000016 _____ () C:\ProgramData\mntemp
    2016-02-29 16:57 - 2016-02-29 16:57 - 0004107 _____ () C:\ProgramData\rxsmznjf.zcp
    EmptyTemp:

    W FRST wybierz Napraw.

    Po wykonaniu zamiesc nowe log z FRST, ze skanowania.

    0
  • Pomocny post
    #4 01 Wrz 2016 14:00
    Kolobos
    Spec od komputerów

    W ustawieniach Chrome usun przywracanie szkodliwego zestawu stron po starcie przegladarki.

    Usun katalog C:\FRST i to wszystko.

    0
  • #5 01 Wrz 2016 14:06
    Irenty
    Poziom 11  

    OK jeszcze raz dzięki...

    0