Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Virus - Reimage Reapir - Nie mogę usunąć Reimage

TeTs 20 Lut 2017 20:25 705 2
  • #2 20 Lut 2017 22:57
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:
    Task: {0386CA67-2031-4F56-B129-D828B968786F} - System32\Tasks\{690C5C32-B587-497B-ABA4-613A294528A8} => pcalua.exe -a C:\Users\1\Desktop\forge-1.7.10-10.13.4.1614-1.7.10-installer-win.exe -d C:\Users\1\Desktop
    Task: {10D689BA-8F20-4033-966D-C628815A2CC8} - System32\Tasks\{E2DDE085-E36C-4BF4-8F1B-F68918B55D31} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Santom\uninstall.exe" -c shuz -f "C:\Program Files (x86)\Common Files\Santom\uninstall.dat" -a uninstallme A66128F7-C93B-4736-AB90-724FA3EF1FFF DeviceId=64c129ea-61eb-800e-3a99-564792bdabcd BarcodeId=51162100 ChannelId=100 DistributerName=APSFIscFFIE
    Task: {19BB6E8A-3AF1-4D48-9735-CC390447358F} - System32\Tasks\GNOK => C:\Users\1\AppData\Roaming\GNOK.exe <==== UWAGA
    Task: {1B413EC0-5CF6-465B-9854-1BEDCF7B2585} - System32\Tasks\BYAIAMUF => C:\Users\1\AppData\Roaming\BYAIAMUF.exe <==== UWAGA
    Task: {1C84E211-D18F-4658-81C9-D0C19FB3B5CF} - System32\Tasks\{97B0B3A3-489C-41E9-A3D1-2ABD04D7B501} => pcalua.exe -a C:\Windows\unvise32qt.exe -c C:\Windows\system32\QuickTime\Uninstall.log
    Task: {1CB1C93F-061E-4543-9CAE-A713A4BBD9B1} - System32\Tasks\{BA2EB6C4-4F76-4C6D-8783-4864BD0C1839} => pcalua.exe -a C:\Users\1\Downloads\tibia854.exe -d C:\Users\1\Downloads
    Task: {1CB41B38-C104-4614-9E03-2E8E4563B69D} - System32\Tasks\{FB6EFBE3-3D4A-4818-A400-31A2BDB67E9C} => pcalua.exe -a E:\setup.exe -d E:\
    Task: {232DF818-94C4-477E-B012-78CDB05AAADF} - System32\Tasks\{FD8BBC18-1599-409B-A4E7-593D525986BB} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
    Task: {2B720CE2-81D9-4548-BF00-DB64B23976A5} - System32\Tasks\{B10E38DE-5EE2-41EF-B71D-07552FFCF9E4} => pcalua.exe -a C:\Users\1\Downloads\tibia861.exe -d C:\Users\1\Downloads
    Task: {3507D94A-415C-4731-B8C1-5C4CE7D4F826} - System32\Tasks\{4120C2A8-F6DB-4C8E-910F-C711DF11A3C5} => pcalua.exe -a "D:\gry\cs 1.6\CS1.6_v32_by_Lukasz\CS1.6_v32 - by -=Lukasz=-.exe" -d "D:\gry\cs 1.6\CS1.6_v32_by_Lukasz"
    Task: {42FA0026-7DEB-42A7-AB94-F754A8D90420} - System32\Tasks\{A7AEA106-AC07-4DA3-92BA-F78CFA3DA0B1} => pcalua.exe -a C:\Users\1\Downloads\dotnetfx35setup(2).exe -d C:\Users\1\Downloads
    Task: {484549E4-67C8-44EA-82E0-FDB538E36CCF} - System32\Tasks\{9F67BE2A-6365-4965-8268-3ED019F5B724} => pcalua.exe -a "C:\Users\1\Desktop\PSP-Type-B-USB-Driver-Install\PSP Type B USB Driver Install\PSP Type B Driver install - Multi Language.EXE" -d "C:\Users\1\Desktop\PSP-Type-B-USB-Driver-Install\PSP Type B USB Driver Install"
    Task: {55FB0320-FA76-45EB-BAB4-E63417CD49A4} - System32\Tasks\{4AE7EE73-2163-4395-A2E5-5143BCA6D9DF} => pcalua.exe -a C:\Users\1\Downloads\tibia860(1).exe -d C:\Users\1\Downloads
    Task: {574282A0-D3C9-4B8F-B0BD-852FAC7D8235} - System32\Tasks\{F450E0DE-7FE3-4919-8193-6867450E8CCA} => pcalua.exe -a D:\gry\Steam\steam.exe -c steam://uninstall/202170




    Task: {7F5E9FEA-AA30-47C4-81E3-8C357DCB2739} - System32\Tasks\{F31321D2-BB5E-4438-9DFF-9B91DA54BBC2} => pcalua.exe -a "C:\Program Files (x86)\MKJogo\MKLOL\MKuInst.exe"
    Task: {81F33EA4-6882-4631-925B-ED4F79C47E7D} - System32\Tasks\{8D08342D-422F-4A11-9AE4-94FFBD959FC6} => pcalua.exe -a C:\Users\1\Downloads\SpyHunter-Installer.exe -d C:\Users\1\Downloads
    Task: {887F761D-A009-48B2-9505-B2433AFF407F} - System32\Tasks\{26091FEB-C70B-4B4A-AED2-D2ABA62A051F} => pcalua.exe -a D:\programy\ts33\package_inst.exe -d C:\Users\1\AppData\Local\Temp -c "C:\Users\1\AppData\Local\Temp\Extended_Client_Info.3.0.13.ts3_style" <==== UWAGA
    Task: {9D0A7D27-5B97-4AC4-AB57-A914B93DB9B5} - System32\Tasks\{C2F21CD1-25DE-485B-9CEB-ED4C175C17B1} => pcalua.exe -a C:\Windows\unvise32.exe -c d:\uninstal.log
    Task: {A513633B-B0B9-4327-99FA-5EDC995672BE} - System32\Tasks\{9B3D3A71-A905-4730-9D54-57AB1D59BB38} => pcalua.exe -a C:\Users\1\Downloads\dotNetFx35setup(1).exe -d C:\Users\1\Downloads
    Task: {B02102C1-E6E2-4EBC-A464-E075EE8612A4} - System32\Tasks\{D6904D0C-267C-4C25-85A8-CC48B87F033A} => pcalua.exe -a C:\Users\1\Downloads\Ravia_GameClient_2014-08-19(2).exe -d C:\Users\1\Downloads
    Task: {BC7DF438-807B-4727-AAF3-A3C1DB69E27A} - System32\Tasks\{D3315652-2A5F-429D-AC8D-E1F639280479} => pcalua.exe -a C:\Users\1\Downloads\Tiberia_install(1).exe -d C:\Users\1\Downloads
    Task: {C2FC7EB3-D975-406C-B52D-40635BC481C1} - System32\Tasks\{6BFE3532-67E1-4F7E-9843-D7E38B388E90} => pcalua.exe -a D:\gry\MyDestiny\MyDestiny.pl\MyDestiny.pl.exe -d D:\gry\MyDestiny\MyDestiny.pl
    Task: {CA0C6C9E-D538-452E-B4EF-39B68CE38FC8} - System32\Tasks\{F915D21C-9177-489B-B5D5-4DFBD3A9C480} => pcalua.exe -a C:\Users\1\Downloads\jxpiinstall(1).exe -d C:\Users\1\Downloads
    Task: {D81E03A3-B920-4DFF-97B7-CBC0096A9BE2} - System32\Tasks\{052E108B-BB43-4020-88B8-1E6EEE2F315B} => pcalua.exe -a "C:\Users\1\Downloads\Tibia 8.60.exe" -d C:\Users\1\Downloads
    Task: {F12226EB-29BC-428C-A8AC-E2711B602914} - System32\Tasks\{F989DFD0-17A7-4567-AE5B-EE87FA456F4E} => pcalua.exe -a E:\setup.exe -d E:\
    Task: {F204DA0F-55FE-4A11-8923-7B123934B7AC} - System32\Tasks\{0B94D920-6F1F-4561-BBFF-D67F55930855} => pcalua.exe -a D:\gry\Fire\launcher.exe -d D:\gry\Fire
    Task: {F4807617-4BC1-4943-9E52-A9D52E21982E} - System32\Tasks\{B1BF31F1-A838-434B-AAAC-2ADB8A4100AA} => pcalua.exe -a "D:\programy\call of duty 2\call 2\Launch.exe" -d "D:\programy\call of duty 2\call 2"
    Task: C:\Windows\Tasks\BYAIAMUF.job => C:\Users\1\AppData\Roaming\BYAIAMUF.exe <==== UWAGA
    Task: C:\Windows\Tasks\GNOK.job => C:\Users\1\AppData\Roaming\GNOK.exe <==== UWAGA
    Shortcut: C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XAMPP for Windows\XAMPP Setup.lnk -> G:\ots\xampp\xampp_setup.bat (Brak pliku)
    Shortcut: C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XAMPP for Windows\XAMPP Shell.lnk -> G:\ots\xampp\xampp_shell.bat ()
    Shortcut: C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XAMPP for Windows\XAMPP Uninstall.lnk -> G:\ots\xampp\uninstall_xampp.bat ()
    Hosts:
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => -> Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => -> Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => -> Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => -> Brak pliku
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-3520396667-1087932586-1768972530-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKU\S-1-5-21-3520396667-1087932586-1768972530-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3520396667-1087932586-1768972530-1000 -> ŰźĆîZ§’2ąŢpv¨IÍá*X(Ž2s(ŰÎŔJşÔÓµť± vË°!×—(äĽ48иpatm6ęo^Mp`Ëő÷_iŁw˜ľ!„Áű†x˘8€ŮjŔ˙ţ ´Ń;áa´[¦†8 ş~ŹRŮxśňÜ8'Ł-)x­ä­ URL =
    Toolbar: HKU\S-1-5-21-3520396667-1087932586-1768972530-1000 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Brak pliku
    FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll [Brak pliku]
    FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll [Brak pliku]
    FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [Brak pliku]
    FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [Brak pliku]
    FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Brak pliku]
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Brak pliku]
    FF Plugin HKU\S-1-5-21-3520396667-1087932586-1768972530-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Brak pliku]
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-05-08] <==== UWAGA
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 cpuz134; \??\C:\Users\1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== UWAGA
    S3 HidNt; system32\DRIVERS\HIDNt.sys [X]
    R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
    S3 Mac606; system32\DRIVERS\Mac606.sys [X]
    S3 taphss6; system32\DRIVERS\taphss6.sys [X]
    S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
    2017-02-20 19:59 - 2015-04-07 12:29 - 00000000 ____D C:\AdwCleaner
    2015-03-09 22:30 - 2015-03-09 22:30 - 0005487 _____ () C:\Users\1\AppData\Roaming\BYAIAMUF
    2014-04-28 19:10 - 2014-04-28 19:32 - 0000063 _____ () C:\Users\1\AppData\Roaming\die.bat
    2016-03-24 20:52 - 2016-03-24 20:52 - 0107245 _____ () C:\Users\1\AppData\Roaming\inst.lat
    2016-03-24 20:53 - 2016-03-24 20:53 - 1621131 _____ () C:\Users\1\AppData\Roaming\Treslam.tst
    2016-03-24 20:53 - 2016-03-24 20:53 - 0001150 _____ () C:\Users\1\AppData\Roaming\uninstall_temp.ico
    2015-04-01 14:06 - 2015-07-06 17:09 - 1065984 _____ () C:\Users\1\AppData\Local\file__0.localstorage
    2015-06-01 19:22 - 2015-06-01 19:22 - 0000036 _____ () C:\Users\1\AppData\Local\housecall.guid.cache
    2015-06-27 21:42 - 2015-08-22 16:56 - 0000600 _____ () C:\Users\1\AppData\Local\PUTTY.RND
    2012-05-25 17:16 - 2012-05-25 17:16 - 0000879 _____ () C:\Users\1\AppData\Local\recently-used.xbel
    2013-11-30 22:18 - 2017-02-13 17:55 - 0007599 _____ () C:\Users\1\AppData\Local\Resmon.ResmonCfg
    2015-03-30 15:02 - 2015-03-30 15:02 - 0000000 _____ () C:\Users\1\AppData\Local\{734D40C9-B91F-4833-9915-3E1A99CDE34E}
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #3 20 Lut 2017 23:16
    Kolobos
    Spec od komputerów

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    0