Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Google Chrome - Google Custom Search

maxdrill83 04 Lut 2017 16:48 273 2
  • #2 04 Lut 2017 16:56
    Kolobos
    Spec od komputerów

    Nie podczepiaj sie pod inne watki.

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun: http://www.bleepingcomputer.com/download/adwcleaner/

    Fixlist wykonaj w trybie awaryjnym.

    Fixlist.txt dla FRST:
    CloseProcesses:
    Task: {00256F3D-925A-47F7-A559-FBA646A33E83} - \WPD\SqmUpload_S-1-5-21-534780905-1825913498-2290836511-1001 -> Brak pliku <==== UWAGA
    Task: {04800C8C-DDB9-4E98-878F-673559A0B0AF} - \Minecraft Installation Validation -> Brak pliku <==== UWAGA
    Task: {0C7D60DB-16F8-4EC2-848F-FB0F3C279DF8} - System32\Tasks\PFExe => C:\Users\KACPER\AppData\Local\PriceFountain\pricefountain.exe <==== UWAGA
    Task: {15FF60C4-0B63-446B-9C50-E071743A3359} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
    Task: {173F78F0-4295-4983-8E97-4FFC9DEB9DA9} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\QQBrowser\Update\841D10F10BB67CB9A997AA9D20A5DB95\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== UWAGA
    Task: {2CB4D539-6EF4-44DA-AA02-ABA3CAD6BE00} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {2D7D2AE1-B952-4680-A1D8-AAD36C8157AF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {3ACB43F4-07B5-43C0-9FF4-8861166957FF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {5C156233-05B2-4CB1-9BB9-2A0BE205ECF1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {65F91B53-F244-49B5-9C63-71E25D744652} - System32\Tasks\Nimeckreelule Log => C:\Program Files (x86)\Nimeckreelule\Nmclogtask.exe <==== UWAGA
    Task: {7708F660-3BC6-47E1-8B18-001A5B38F881} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {7E84F85F-5932-419F-AAA0-EE861EA22EA9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {8DDDAC2A-2B41-4F6D-B1F4-62A152346407} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {92A16E91-13DC-4BAA-A403-350FC2011FE4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {A3A0D72A-96DF-47D8-9D2E-72EBC793B568} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {AB93100C-BB61-4B42-96E3-70DE17F0CDD5} - System32\Tasks\{1F623429-E8F2-42A8-A2EC-F694A747E97D} => pcalua.exe -a E:\start.exe -d E:\
    Task: {C368EB22-4641-4A8E-8CE8-9781A15AEA91} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {D3AE75CA-D960-46CB-BC90-170CDA6F2CA2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA




    Task: {E39109C3-9679-49A6-AF77-2579A270A702} - System32\Tasks\{E5C9DFFD-F0C9-46D1-BB75-DE028058A4F9} => Iexplore.exe hxxps://ui.skype.com/ui/0/7.29.80.102/pl/abandoninstall?page=tsMain
    Task: {EB6CE019-0AEC-47F4-9A2C-66FD91533A0C} - System32\Tasks\DNSTRAWICK => dnstrawick.exe <==== UWAGA
    Hosts:
    AppInit_DLLs: C:\ProgramData\Quotenamron\Warmfix.dll => Brak pliku
    ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Brak pliku
    ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Brak pliku
    ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Brak pliku
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Brak pliku
    GroupPolicy: Ograniczenia <======= UWAGA
    GroupPolicy\User: Ograniczenia - Chrome <======= UWAGA
    Tcpip\..\Interfaces\{0f19ca2d-1474-4dab-acac-0c049c2854c9}: [DhcpNameServer] 150.204.1.3
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
    HKU\S-1-5-21-534780905-1825913498-2290836511-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...sdogl-ZqjYC5aJZhV42TF0DFujSZtPzjjc0Q3k&q={searchTerms}
    HKU\S-1-5-21-534780905-1825913498-2290836511-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://yourtv.link
    HKU\S-1-5-21-534780905-1825913498-2290836511-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
    HKU\S-1-5-21-534780905-1825913498-2290836511-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
    SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
    SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...sdogl-ZqjYC5aJZhV42TF0DFujSZtPzjjc0Q3k&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-534780905-1825913498-2290836511-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...sdogl-ZqjYC5aJZhV42TF0DFujSZtPzjjc0Q3k&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-534780905-1825913498-2290836511-1001 -> {82EF6F35-08A6-4AF7-A4AF-B92109B00FFF} URL =
    SearchScopes: HKU\S-1-5-21-534780905-1825913498-2290836511-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...sdogl-ZqjYC5aJZhV42TF0DFujSZtPzjjc0Q3k&q={searchTerms}
    FF user.js: detected! => C:\Users\KACPER\AppData\Roaming\Mozilla\Firefox\Profiles\362p6olg.default\user.js [2016-07-14]
    FF SearchPlugin: C:\Users\KACPER\AppData\Roaming\Mozilla\Firefox\Profiles\362p6olg.default\searchplugins\Google .xml [2016-12-07]
    CHR DefaultSearchURL: Default -> hxxp://feed.safefinder.biz/?fext=true&pub...publisher=extensiondefaultap&st=ed&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> SafeFinder
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [jidkebcigjgheaahopdnlfaohgnocfai] - hxxps://clients2.google.com/service/update2/crx
    R1 UCGuard; C:\WINDOWS\System32\DRIVERS\ucguard.sys [81792 2016-07-04] (Huorong Borui (Beijing) Technology Co., Ltd.) <==== UWAGA
    U0 aswVmm; Brak ImagePath
    S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]
    2017-01-29 10:36 - 2017-01-29 10:36 - 01280960 _____ (Rusahebac ) C:\Users\KACPER\Downloads\CCleaner-13061-dp.exe
    2017-01-29 10:10 - 2016-11-21 21:33 - 00000000 __SHD C:\ProgramData\xgmjlb
    2016-04-08 20:16 - 2016-04-08 20:16 - 6504960 _____ () C:\Users\KACPER\AppData\Roaming\agent.dat
    2015-07-20 11:50 - 2015-09-04 16:44 - 0000024 _____ () C:\Users\KACPER\AppData\Roaming\appdataFr25.bin
    2016-08-28 20:23 - 2016-08-28 20:23 - 0000103 _____ () C:\Users\KACPER\AppData\Roaming\cdstart.log
    2016-04-08 20:16 - 2016-04-08 20:16 - 1932216 _____ () C:\Users\KACPER\AppData\Roaming\Coffix.bin
    2016-04-08 20:16 - 2016-04-08 20:16 - 0065232 _____ () C:\Users\KACPER\AppData\Roaming\Config.xml
    2016-04-08 20:15 - 2016-04-08 20:15 - 0015195 _____ () C:\Users\KACPER\AppData\Roaming\inst.lat
    2016-04-08 20:15 - 2016-04-08 20:16 - 0014208 _____ () C:\Users\KACPER\AppData\Roaming\InstallationConfiguration.xml
    2016-04-08 20:15 - 2016-04-08 20:15 - 0127488 _____ () C:\Users\KACPER\AppData\Roaming\Installer.dat
    2016-03-19 17:04 - 2016-03-22 19:08 - 0000097 _____ () C:\Users\KACPER\AppData\Roaming\LauncherSettings_live.cfg
    2016-04-08 20:16 - 2016-04-08 20:16 - 0018432 _____ () C:\Users\KACPER\AppData\Roaming\Main.dat
    2016-04-08 20:16 - 2016-04-08 20:16 - 0005568 _____ () C:\Users\KACPER\AppData\Roaming\md.xml
    2016-04-08 20:16 - 2016-04-08 20:16 - 0126464 _____ () C:\Users\KACPER\AppData\Roaming\noah.dat
    2016-08-28 20:23 - 2016-08-28 20:23 - 0000000 _____ () C:\Users\KACPER\AppData\Roaming\tmp.log
    2016-04-08 20:16 - 2016-04-08 20:16 - 0032038 _____ () C:\Users\KACPER\AppData\Roaming\uninstall_temp.ico
    2016-04-08 20:16 - 2016-04-08 20:15 - 0948736 _____ () C:\Users\KACPER\AppData\Roaming\VivaSantop.exe
    2016-04-08 20:16 - 2016-04-08 20:16 - 1626339 _____ () C:\Users\KACPER\AppData\Roaming\VivaSantop.tst
    2016-07-06 10:19 - 2016-07-06 10:19 - 0000016 _____ () C:\ProgramData\mntemp
    EmptyTemp:

    0
  • #3 04 Lut 2017 19:21
    maxdrill83
    Poziom 2  

    ok nie wiedziałem że tak nie można sorry - dzięki za pomoc :)

    0