Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Dodawanie rozszerzeń - błąd sieci. Chrome

xforrest 24 Sty 2017 19:57 825 6
  • Pomocny post
    #2 24 Sty 2017 20:10
    Kolobos
    Spec od komputerów

    Pewnie tym, ze zainfekowales system. Do tego napisales w zlym dziale.

    Odinstaluj: McAfee WebAdvisor

    Zamiast AdBlock zainstaluj uBlock Origin.

    Zgraj zakladki z Chrome, skrypt usunie profil. W ustawieniach Chrome zmien profil na Default.

    Usun recznie te wszystkie skroty z cyrylica w nazwie:
    Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Еxplоrеr.lnk -> C:\Users\Dawid\AppData\Roaming\Browsers\exe.erolpxei.bat (Brak pliku) <===== Cyrillic
    Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооgle Сhrоmе.lnk -> C:\Users\Dawid\AppData\Roaming\Browsers\exe.emorhc.bat (Brak pliku) <===== Cyrillic
    Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnet Ехрlоrеr Вrowser.lnk -> C:\Users\Dawid\AppData\Roaming\Browsers\exe.erolpxei.bat (Brak pliku) <===== Cyrillic
    Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WаrThundеr.lnk -> C:\Users\Dawid\AppData\Roaming\Browsers\exe.emorhc.bat (Brak pliku) <===== Cyrillic
    Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gоoglе Chrоme.lnk -> C:\Users\Dawid\AppData\Roaming\Browsers\exe.emorhc.bat (Brak pliku) <===== Cyrillic
    Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооgle Chrоme.lnk -> C:\Users\Dawid\AppData\Roaming\Browsers\exe.emorhc.bat (Brak pliku) <===== Cyrillic
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gоogle Сhrоmе.lnk -> C:\Users\Dawid\AppData\Roaming\Browsers\exe.emorhc.bat (Brak pliku) <===== Cyrillic
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Мozillа Firefoх.lnk -> C:\Users\Dawid\AppData\Roaming\Browsers\exe.xoferif.bat (Brak pliku) <===== Cyrillic
    Shortcut: C:\Users\Public\Desktop\DАЕMОN Тоols Lite.lnk -> C:\Users\Dawid\AppData\Roaming\Browsers\exe.rehcnualtd.bat (Brak pliku) <===== Cyrillic
    Shortcut: C:\Users\Public\Desktop\Gоoglе Chrоme.lnk -> C:\Users\Dawid\AppData\Roaming\Browsers\exe.emorhc.bat (Brak pliku) <===== Cyrillic
    Shortcut: C:\Users\Public\Desktop\Lеague of Lеgеnds.lnk -> C:\Users\Dawid\AppData\Roaming\Browsers\exe.rehcnual.lol.bat (Brak pliku) <===== Cyrillic

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun: http://www.bleepingcomputer.com/download/adwcleaner/

    Uruchom system w trybie awaryjnym i tam wykonaj Fixlist.





    Obok frst.exe utworz plik Fixlist.txt z awartoscia:
    CloseProcesses:
    Task: {044ECEB1-FE01-4689-B4EC-5D95BA69DE7B} - System32\Tasks\{61140C8E-CFAC-49CE-9F99-A7B686582914} => pcalua.exe -a E:\FIFA00\RegSetup.exe -d E:\FIFA00
    Task: {047635B5-AC4D-4DD1-BB63-60B0F0574541} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Brak pliku <==== UWAGA
    Task: {0C4837C0-DB48-4717-80B5-EAE1754C6CCA} - System32\Tasks\Nero TuneItUp PRO (Tray) => C:\Program Files (x86)\Nero\Nero TuneItUp\ServiceProvider.exe
    Task: {194796C9-3772-4527-B553-999715EFB252} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {3194C44C-8603-4CF7-ABDF-2B177E1A35AD} - System32\Tasks\Driver Booster SkipUAC (Dawid) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
    Task: {31BD8FDF-5060-4193-AA10-55E28C30AF72} - \Microsoft\Windows\Setup\gwx\rundetector -> Brak pliku <==== UWAGA
    Task: {31F74289-D38E-4621-88D3-74EC6015F18C} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-03-01] (Nero AG)
    Task: {35740A1F-6CFE-43A6-85F4-A7A0AF8B5CF8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {3C2159D5-7ABB-4A7F-8C42-0231D2A1AD17} - System32\Tasks\{70C9D164-ACC3-445F-BFAB-CB2F7308E73A} => pcalua.exe -a E:\FIFA00\3DSetup\3DSetup.exe -d E:\FIFA00\3DSetup
    Task: {4104CBBD-1F02-423C-8A6A-45F6AE6864E9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {4FA4DFE8-44E2-44DB-A34C-9E1330CDD9C7} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe [2017-01-24] (UC Web Inc.) <==== UWAGA
    Task: {5C052CE1-8315-4DEA-AC74-77D6CD78476A} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Brak pliku <==== UWAGA
    Task: {61B8F3B7-1AE0-451D-86D7-9DF93068D2E3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {76F6FB0C-121C-4D60-A693-E664C526B0D3} - System32\Tasks\Aneptprermerpy => /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel....1SB10C_Z9A07Z8RXXXXZ9A07Z8R&amp;v=2017124 /q
    Task: {835EA467-4AF6-46A4-A3A2-3C03F149AA1E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {941A0827-BCD4-4808-9CA4-6B4D1D7208B0} - \WinTaske -> Brak pliku <==== UWAGA
    Task: {9E5D467C-063E-4AB6-A051-3DE0EE1CB74A} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2017-01-18] (UCWeb Inc) <==== UWAGA
    Task: {9E600A3C-753B-4375-A9ED-6CFDB3D7A9C7} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA
    Task: {A8BD69D6-4749-4ACF-BE34-7802A4A4AF62} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {ACFEC47D-51DF-4695-B355-C309B58C7FE3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {B774939A-E4BE-4E06-8AAA-415626356B56} - System32\Tasks\Cnsythuker Collector => C:\Program Files (x86)\Meqaculthalek\simerty.exe [2017-01-24] (Glarysoft Ltd)
    Task: {BE139F30-5EE0-4B3D-A49D-72B4A6A60383} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {C3D3304E-6694-46D4-941D-682A2C00A56B} - System32\Tasks\Nero TuneItUp PRO => C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
    Task: {CD0E5C0A-DA64-4C8A-978A-419F60B186DE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA
    Task: {D38C980A-AFA4-406E-9140-97E00CEC82E9} - \cFos\Registration Tasks\Open Browser -> Brak pliku <==== UWAGA
    Task: {DAF4715C-8722-477F-807C-4AA9F9D9FC51} - \Microsoft\Windows\Setup\EOONotify -> Brak pliku <==== UWAGA
    Task: {E170E578-EA84-4E7C-A147-C916EADC9FC9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {E1906384-15DA-425A-BBE1-18A8610B9138} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: C:\WINDOWS\Tasks\Nero TuneItUp PRO (Tray).job => C:\Program Files (x86)\Nero\Nero TuneItUp\ServiceProvider.exe
    Task: C:\WINDOWS\Tasks\Nero TuneItUp PRO.job => C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
    Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA
    C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооgle Сhrоmе.lnk
    C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnet Ехрlоrеr Вrowser.lnk
    C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WаrThundеr.lnk
    C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gоoglе Chrоme.lnk
    C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооgle Chrоme.lnk
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gоogle Сhrоmе.lnk
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Мozillа Firefoх.lnk
    C:\Users\Public\Desktop\DАЕMОN Тоols Lite.lnk
    C:\Users\Public\Desktop\Gоoglе Chrоme.lnk
    C:\Users\Public\Desktop\Lеague of Lеgеnds.lnk
    2017-01-24 15:15 - 2017-01-24 15:15 - 00380416 _____ () C:\Program Files\79560V9YBC\KYBL8UFZA.exe
    2017-01-24 15:15 - 2017-01-24 15:16 - 00380416 _____ () C:\Program Files\0XIJUKD9YE\0XIJUKD9Y.exe
    2017-01-24 15:19 - 2017-01-24 15:19 - 00380416 _____ () C:\Program Files\NCQN9RMHNP\NCQN9RMHN.exe
    2017-01-24 15:25 - 2017-01-24 15:25 - 00225792 ____H () C:\Program Files (x86)\McAfee\McAfeeMcAfee.dll
    2017-01-24 15:18 - 2017-01-18 18:51 - 02164624 _____ () C:\Program Files (x86)\UCBrowser\Application\6.0.1471.813\UCAgent.exe
    AlternateDataStreams: C:\WINDOWS\system32\drivers:ucdrv-x64.sys [23652]
    AlternateDataStreams: C:\WINDOWS\system32\drivers:x64 [1479458]
    AlternateDataStreams: C:\WINDOWS\system32\drivers:x86 [1205026]
    Hosts:
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
    () C:\Program Files (x86)\UCBrowser\Application\UCService.exe
    () C:\Program Files\79560V9YBC\KYBL8UFZA.exe
    () C:\Program Files\0XIJUKD9YE\0XIJUKD9Y.exe
    () C:\Program Files\NCQN9RMHNP\NCQN9RMHN.exe
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-674884986-367895647-1268622677-1000\...\Run: [UQYSMJLX8L] => C:\Program Files\79560V9YBC\KYBL8UFZA.exe [380416 2017-01-24] ()
    HKU\S-1-5-21-674884986-367895647-1268622677-1000\...\Run: [KGVXPMI03V] => C:\Program Files\0XIJUKD9YE\0XIJUKD9Y.exe [380416 2017-01-24] ()
    HKU\S-1-5-21-674884986-367895647-1268622677-1000\...\Run: [RMF062GZIF] => C:\Program Files\NCQN9RMHNP\NCQN9RMHN.exe [380416 2017-01-24] ()
    HKU\S-1-5-21-674884986-367895647-1268622677-1000\...\MountPoints2: {678ae9b3-5f63-11e6-9e59-d8cb8abedbc0} - "J:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-674884986-367895647-1268622677-1000\...\MountPoints2: {8785d30b-c24f-11e6-9e6c-d8cb8abedbc0} - "H:\autorun.exe"
    HKU\S-1-5-21-674884986-367895647-1268622677-1000\...\MountPoints2: {bc217051-ba46-11e6-9e69-d8cb8abedbc0} - "J:\HiSuiteDownLoader.exe"
    HKLM\...\Providers\gkag881u: C:\Program Files (x86)\Cnsythuker Collector\local64spl.dll
    ShellExecuteHooks: Brak nazwy - {17FEF462-DE3D-11E6-96EE-64006A5CFC23} - -> Brak pliku
    ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> Brak pliku
    GroupPolicy: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-674884986-367895647-1268622677-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
    HKU\S-1-5-21-674884986-367895647-1268622677-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910...amp;GUID=7E0D2326-0C3B-44E3-8B36-2B6B6115464E
    SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
    SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-01-09] (McAfee, Inc.)
    BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-01-09] (McAfee, Inc.)
    Toolbar: HKU\S-1-5-21-674884986-367895647-1268622677-1000 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Brak pliku
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-01-09] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-01-09] (McAfee, Inc.)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-01-09] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-01-09] (McAfee, Inc.)
    FF NewTab: Mozilla\Firefox\Profiles\ar3geig6.default -> hxxp://www.youndoo.com/?z=22be0f011cf4872a8f6...DM003-1SB10C_Z9A07Z8RXXXXZ9A07Z8R&type=hp
    FF DefaultSearchEngine: Mozilla\Firefox\Profiles\ar3geig6.default -> youndoo
    FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ar3geig6.default -> youndoo
    FF Homepage: Mozilla\Firefox\Profiles\ar3geig6.default -> hxxp://www.youndoo.com/?z=22be0f011cf4872a8f6...DM003-1SB10C_Z9A07Z8RXXXXZ9A07Z8R&type=hp
    FF Extension: (Adblock Plus) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ar3geig6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-17]
    FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-01-24]
    FF SearchPlugin: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ar3geig6.default\searchplugins\findit.xml [2016-04-05]
    FF SearchPlugin: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ar3geig6.default\searchplugins\gkag881u.xml [2017-01-24]
    FF Homepage: Mozilla\Firefox\Profiles\w1iu5u4a.default-1476882471588 -> user_pref("browser.startup.homepage","hxxp://ic.loadblanks.ru/c/02037a282dd7fbaf?");
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\PremierOpinion\firefox => nie znaleziono
    CHR Profile: C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-01-24] <==== UWAGA
    C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\ChromeDefaultData
    CHR Extension: (Fast search) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-24]
    C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-674884986-367895647-1268622677-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    R2 Grerzuied; C:\Program Files (x86)\Meqaculthalek\BoforyMng.dll [147968 2017-01-24] () [Brak podpisu cyfrowego]
    R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-01-09] (McAfee, Inc.)
    R2 McAfeeMcAfee; C:\Program Files (x86)\McAfee\McAfeeMcAfee.dll [225792 2017-01-24] () [Brak podpisu cyfrowego]
    R2 UCBrowserSvc; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [930704 2017-01-18] ()
    R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
    R1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [23652 ] (UC Web Inc.) <==== UWAGA
    U3 idsvc; Brak ImagePath
    2017-01-24 19:26 - 2017-01-24 19:46 - 00000000 ____D C:\AdwCleaner
    2017-01-24 15:19 - 2017-01-24 15:19 - 00000000 ____D C:\Program Files\NCQN9RMHNP
    2017-01-24 15:18 - 2017-01-24 15:26 - 00000486 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
    2017-01-24 15:18 - 2017-01-24 15:18 - 00003504 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater
    2017-01-24 15:18 - 2017-01-24 15:18 - 00000000 ____D C:\Users\Dawid\AppData\Local\UCBrowser
    2017-01-24 15:18 - 2017-01-24 15:18 - 00000000 ____D C:\Program Files (x86)\UCBrowser
    2017-01-24 15:17 - 2017-01-24 15:17 - 00003788 _____ C:\WINDOWS\System32\Tasks\Aneptprermerpy
    2017-01-24 15:17 - 2017-01-24 15:17 - 00000000 ____D C:\Users\Public\Thunder Network
    2017-01-24 15:17 - 2017-01-24 15:17 - 00000000 ____D C:\ProgramData\Thunder Network
    2017-01-24 15:17 - 2017-01-24 15:17 - 00000000 ____D C:\ProgramData\Avira
    2017-01-24 15:17 - 2017-01-24 15:17 - 00000000 ____D C:\ProgramData\Avg
    2017-01-24 15:17 - 2017-01-24 15:17 - 00000000 ____D C:\ProgramData\AVAST Software
    2017-01-24 15:17 - 2017-01-24 15:17 - 00000000 ____D C:\Program Files\żěŃą
    2017-01-24 15:16 - 2017-01-24 19:30 - 00000000 ____D C:\Program Files (x86)\Cnsythuker Collector
    2017-01-24 15:16 - 2017-01-24 15:26 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Vaterentphoser
    2017-01-24 15:16 - 2017-01-24 15:25 - 00000000 ____D C:\Program Files (x86)\Meqaculthalek
    2017-01-24 15:16 - 2017-01-24 15:17 - 00000000 ____D C:\Users\Dawid\AppData\Local\Gepecultfawidom
    2017-01-24 15:16 - 2017-01-24 15:17 - 00000000 ____D C:\ProgramData\ProductData
    2017-01-24 15:16 - 2017-01-24 15:16 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
    2017-01-24 15:16 - 2017-01-24 15:16 - 00006108 _____ C:\WINDOWS\System32\Tasks\Cnsythuker Collector
    2017-01-24 15:16 - 2017-01-24 15:16 - 00003036 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Dawid)
    2017-01-24 15:16 - 2017-01-24 15:16 - 00000000 ____D C:\WINDOWS\IObit
    2017-01-24 15:16 - 2017-01-24 15:16 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\IObit
    2017-01-24 15:16 - 2017-01-24 15:16 - 00000000 ____D C:\Users\Dawid\AppData\LocalLow\IObit
    2017-01-24 15:16 - 2017-01-24 15:16 - 00000000 ____D C:\ProgramData\IObit
    2017-01-24 15:15 - 2017-01-24 15:16 - 00000000 ____D C:\Program Files\0XIJUKD9YE
    2017-01-24 15:15 - 2017-01-24 15:15 - 00001332 ___RS C:\Users\Public\Desktop\Lеague of Lеgеnds.lnk
    2017-01-24 15:15 - 2017-01-24 15:15 - 00001322 ___RS C:\Users\Public\Desktop\DАЕMОN Тоols Lite.lnk
    2017-01-24 15:15 - 2017-01-24 15:15 - 00001320 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gоogle Сhrоmе.lnk
    2017-01-24 15:15 - 2017-01-24 15:15 - 00001290 ___RS C:\Users\Public\Desktop\Gоoglе Chrоme.lnk
    2017-01-24 15:15 - 2017-01-24 15:15 - 00001279 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Мozillа Firefoх.lnk
    2017-01-24 15:15 - 2017-01-24 15:15 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\SPI
    2017-01-24 15:15 - 2017-01-24 15:15 - 00000000 ____D C:\Program Files\79560V9YBC
    2017-01-24 15:09 - 2017-01-24 15:09 - 00003258 _____ C:\WINDOWS\System32\Tasks\{70C9D164-ACC3-445F-BFAB-CB2F7308E73A}
    2017-01-24 15:04 - 2017-01-24 15:04 - 00003228 _____ C:\WINDOWS\System32\Tasks\{61140C8E-CFAC-49CE-9F99-A7B686582914}
    2017-01-24 15:25 - 2016-10-03 11:56 - 00000000 ____D C:\Program Files (x86)\McAfee
    2016-04-05 07:00 - 2016-04-05 07:00 - 6504960 _____ () C:\Users\Dawid\AppData\Roaming\agent.dat
    2016-04-05 07:00 - 2016-04-05 07:00 - 0065856 _____ () C:\Users\Dawid\AppData\Roaming\Config.xml
    2016-04-05 07:01 - 2016-04-05 07:01 - 0402905 _____ () C:\Users\Dawid\AppData\Roaming\Greensonlux.bin
    2016-04-05 07:00 - 2016-04-05 07:00 - 0001606 _____ () C:\Users\Dawid\AppData\Roaming\inst.lat
    2016-04-05 07:00 - 2016-04-05 07:00 - 0014448 _____ () C:\Users\Dawid\AppData\Roaming\InstallationConfiguration.xml
    2016-04-05 07:00 - 2016-04-05 07:00 - 0127488 _____ () C:\Users\Dawid\AppData\Roaming\Installer.dat
    2016-04-05 07:00 - 2016-04-05 07:00 - 0018432 _____ () C:\Users\Dawid\AppData\Roaming\Main.dat
    2016-04-05 07:00 - 2016-04-05 07:00 - 0005568 _____ () C:\Users\Dawid\AppData\Roaming\md.xml
    2016-04-05 07:00 - 2016-04-05 07:00 - 0126464 _____ () C:\Users\Dawid\AppData\Roaming\noah.dat
    2016-04-05 07:01 - 2016-04-05 07:01 - 0032038 _____ () C:\Users\Dawid\AppData\Roaming\uninstall_temp.ico
    2016-02-16 22:25 - 2016-02-17 09:25 - 0000069 _____ () C:\Users\Dawid\AppData\Roaming\WB.CFG
    2016-04-05 07:00 - 2016-04-05 07:00 - 0900608 _____ () C:\Users\Dawid\AppData\Roaming\Yearlax.exe
    2016-04-05 07:00 - 2016-04-05 07:00 - 1626591 _____ () C:\Users\Dawid\AppData\Roaming\Yearlax.tst
    EmptyTemp:

    W FRST wybierz Napraw.

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    0
  • #4 24 Sty 2017 21:35
    Kolobos
    Spec od komputerów

    Usun jeszcze:
    C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Еxplоrеr.lnk

    Nowy Fixlist.txt dla FRST:
    Task: {D54C2CB6-E1DD-450B-89D6-E41B501BDCBF} - \UCBrowserSecureUpdater -> Brak pliku <==== UWAGA
    Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Еxplоrеr.lnk -> C:\Users\Dawid\AppData\Roaming\Browsers\exe.erolpxei.bat (Brak pliku) <===== Cyrillic
    C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Еxplоrеr.lnk
    FF Extension: (Brak nazwy) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [nie znaleziono]
    S1 HWiNFO32; \??\C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [X]
    2017-01-24 20:45 - 2016-10-03 11:56 - 00000000 ____D C:\ProgramData\McAfee

    Po wykonaniu usun katalog C:\FRST i to wszystko.

    0
  • #5 24 Sty 2017 21:36
    xforrest
    Poziom 4  

    Nowy fixlist również w trybie awaryjnym czy mogę już normalnie?

    0
  • Pomocny post
    #6 24 Sty 2017 21:55
    Kolobos
    Spec od komputerów

    W normalnym.

    0
  • #7 24 Sty 2017 22:05
    xforrest
    Poziom 4  

    Zrobione. Dziękuję

    0