Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Wirus Reimage Repair w Chrom

apfell 21 Cze 2017 06:54 369 2
  • CControls
  • Pomocny post
    #2 21 Cze 2017 07:36
    Kolobos
    Spec od komputerów

    Zgraj zakladki z Chrome. Usun katalog profilu z C:\Users\VAIO\AppData\Local\Google\Chrome\User Data\Default.
    Usun tez dane synchronizacji Chrome z konta google:
    https://support.google.com/chrome/answer/6386691?hl=pl

    Wykonaj Fixlist.txt dla FRST:
    Task: {137842E4-50D4-4142-BC60-E5CB702D6189} - System32\Tasks\{67269CB8-CDAE-4926-A0E7-4EEC211D4CF8} => pcalua.exe -a C:\Users\VAIO\Desktop\chromeinstall-8u51.exe -d C:\Users\VAIO\Desktop
    Task: {18DDB0DD-26D5-459F-9E43-7FF215C4C619} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
    Task: {2A8A5337-5F58-4430-92FA-D45C7D7B9948} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
    Task: {2BFA4621-CCF0-4080-83C7-535C3582C835} - System32\Tasks\{D40084BC-544A-4FE6-A46E-21984BF5A206} => pcalua.exe -a "C:\Users\VAIO\Desktop\Auto Hide IP v5.2.2.6 Full[jazgaż]\AutoHideIP-5.2.2.6.Setup.exe" -d "C:\Users\VAIO\Desktop\Auto Hide IP v5.2.2.6 Full[jazgaż]"
    Task: {69798232-70BB-443F-B13B-7CF1518B4ED0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
    Task: {6D605BF8-C102-463E-852A-B4AD00FCB0F8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
    Task: {97ED7AA1-88C6-46D0-9D61-82B7BE3EED7B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
    Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
    Task: {B1F0C4C2-E990-4383-AA75-FA18DCC44C9E} - System32\Tasks\{78EA9693-0228-4607-9EFD-DDBD55F84B70} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.112/pl/abandoninstall?page=tsProgressBar
    Task: {D1C87609-8A8D-4DBF-91D0-24AAF370B6A6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
    Task: {E7F67703-A5FC-46AD-99E9-187A8A35BDE1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
    Task: {EE6D94F1-FD61-4CF7-A75F-C094F821593A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
    Task: {EF6C67C6-011E-4998-8DF8-0B6AD8186B2D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
    Task: {F21547F0-1DC9-4CA4-BCD4-41521D1B9B4A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
    Task: {F79F0321-AFEA-4367-AC57-E03AF636ECCE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-1179812779-2223437159-1082961693-1001\...\Run: [Windows Remote Service] => C:\Program Files (x86)\Banamalon\Windows Remote Service\WindowsRemoteService.exe [171008 2013-02-12] (Banamalon)




    HKU\S-1-5-21-1179812779-2223437159-1082961693-1001\...\MountPoints2: {128bf4ec-3d70-11e7-9c83-88532e8158a7} - "E:\AutoRun.exe"
    HKU\S-1-5-21-1179812779-2223437159-1082961693-1001\...\MountPoints2: {77e571b8-f2a0-11e5-9bfe-f0bf97dff909} - "E:\AutoRun.exe"
    HKU\S-1-5-21-1179812779-2223437159-1082961693-1001\...\MountPoints2: {77e5734c-f2a0-11e5-9bfe-f0bf97dff909} - "E:\AutoRun.exe"
    HKU\S-1-5-21-1179812779-2223437159-1082961693-1001\...\MountPoints2: {a538e31c-c67c-11e5-9be9-f0bf97dff909} - "F:\autorun.exe"
    HKU\S-1-5-21-1179812779-2223437159-1082961693-1001\...\MountPoints2: {d6476d40-c70d-11e6-9c56-88532e8158a7} - "G:\AutoRun.exe"
    HKU\S-1-5-21-1179812779-2223437159-1082961693-1001\...\MountPoints2: {d64775be-c70d-11e6-9c56-88532e8158a7} - "G:\AutoRun.exe"
    HKU\S-1-5-21-1179812779-2223437159-1082961693-1001\...\MountPoints2: {df4c1e17-864b-11e6-9c3c-f0bf97dff909} - "E:\AutoRun.exe"
    HKU\S-1-5-21-1179812779-2223437159-1082961693-1001\...\MountPoints2: {df4c22e4-864b-11e6-9c3c-f0bf97dff909} - "E:\AutoRun.exe"
    HKU\S-1-5-21-1179812779-2223437159-1082961693-1001\...\MountPoints2: {e915f0bc-4059-11e7-9c86-88532e8158a7} - "E:\AutoRun.exe"
    ProxyServer: [S-1-5-21-1179812779-2223437159-1082961693-1001] => http=;ftp=;https=;
    Tcpip\..\Interfaces\{fa2fde9f-a059-42ed-8f01-55868dabc770}: [NameServer] 0.0.0.0 0.0.0.0
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&...id=TOSHIBAXTHNSNC128GMMJ_61BA40CGK31K40CGK31K
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts...IBAXTHNSNC128GMMJ_61BA40CGK31K40CGK31K&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=143...id=TOSHIBAXTHNSNC128GMMJ_61BA40CGK31K40CGK31K
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts...IBAXTHNSNC128GMMJ_61BA40CGK31K40CGK31K&q={searchTerms}
    HKU\S-1-5-21-1179812779-2223437159-1082961693-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910...amp;GUID=00000000-0000-0000-0000-000000000000
    HKU\S-1-5-21-1179812779-2223437159-1082961693-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=143...id=TOSHIBAXTHNSNC128GMMJ_61BA40CGK31K40CGK31K
    SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1179812779-2223437159-1082961693-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKU\S-1-5-21-1179812779-2223437159-1082961693-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&a...31K&ts=1439059462&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1179812779-2223437159-1082961693-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKU\S-1-5-21-1179812779-2223437159-1082961693-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.istartsurf.com/web/?utm_source=b&a...31K&ts=1439059462&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1179812779-2223437159-1082961693-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?utm_source=b&a...31K&ts=1439059462&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1179812779-2223437159-1082961693-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&a...31K&ts=1439059462&type=default&q={searchTerms}
    BHO: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
    Toolbar: HKU\S-1-5-21-1179812779-2223437159-1082961693-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
    FF user.js: detected! => C:\Users\VAIO\AppData\Roaming\Mozilla\Firefox\Profiles\994kwwd1.default\user.js [2015-08-08]
    FF SelectedSearchEngine: Mozilla\Firefox\Profiles\994kwwd1.default -> istartsurf
    FF Homepage: Mozilla\Firefox\Profiles\994kwwd1.default -> stooq.pl
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
    CHR StartupUrls: Default -> "hxxp://start.mysearchdial.com/
    CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-02-11]
    CHR HKU\S-1-5-21-1179812779-2223437159-1082961693-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-02-11]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [nlnpeeaafijaebcdgkdeojkpnkfkjdnh] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [oiokdoppleiafjmfmggefbkghfblaplo] - C:\Program Files\TrueSuite\x86\tschrome.crx [2010-11-29]

    Usun katalog C:\FRST po wykonaniu.

    0
  • CControls
  • #3 21 Cze 2017 08:24
    apfell
    Poziom 7  

    dzięki za pomoc, wszystko działa poprawnie,

    pozdrawiam:)

    0