Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Yeadesctopbr nie mogę usunąć

THEMON1 28 Cze 2017 18:03 288 1
  • #2 28 Cze 2017 18:19
    Kolobos
    Spec od komputerów

    Wykonaj Fixlist.txt dla FRST:
    Task: {2F2540B3-BDE9-43AA-B33B-D2647476B878} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
    Task: {38ECC520-FBD1-46B9-BC3F-520F2058E771} - System32\Tasks\Marketing Suite => Rundll32.exe "C:\Program Files\Marketing Suite\Marketing Suite.dll",wkKQiLyeZz <==== ATTENTION
    Task: {56552899-A932-45D6-A062-C5532392E16C} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
    Task: {694293E7-FCCE-4345-9419-C47D1AC1E81B} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
    Task: {7331850D-0544-48D6-B16C-360ACE18D8BA} - no filepath
    Task: {8AD5311F-1AB0-4046-9018-F4FEBB6DF2D8} - no filepath
    WMI_ActiveScriptEventConsumer_ASEC: <==== ATTENTION
    ShortcutWithArgument: C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeadesktopbr.com/
    ShortcutWithArgument: C:\Users\aaa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeadesktopbr.com/
    ShortcutWithArgument: C:\Users\aaa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeadesktopbr.com/
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeadesktopbr.com/
    ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeadesktopbr.com/
    HKU\S-1-5-21-3364786083-1891966562-3011676229-1000\...\MountPoints2: {3f232db8-971b-11e3-879f-001641b6c922} - E:\LGAutoRun.exe
    SearchScopes: HKU\S-1-5-21-3364786083-1891966562-3011676229-1000 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
    SearchScopes: HKU\S-1-5-21-3364786083-1891966562-3011676229-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2017-06-28 17:52 - 2017-06-28 17:52 - 00000000 ____D C:\Users\aaa\Downloads\FRST-OlderVersion
    2017-06-23 23:55 - 2017-06-28 17:44 - 00000000 ____D C:\AdwCleaner
    2017-06-23 16:33 - 2017-06-23 16:33 - 00000000 ____D C:\Program Files\A0GNBeayUsjc
    2017-06-23 16:29 - 2017-06-23 16:29 - 00018432 _____ C:\Users\aaa\AppData\Local\Main.dat
    2017-06-23 16:29 - 2017-06-23 16:28 - 02465280 _____ (TODO: <Company name>) C:\Users\aaa\AppData\Local\Zoolight.exe
    2017-06-23 16:29 - 2017-06-23 16:28 - 02465280 _____ (TODO: <Company name>) C:\Users\aaa\AppData\Local\Alphatouch.exe
    2017-06-23 16:28 - 2017-06-23 18:22 - 01705984 _____ C:\Users\aaa\AppData\Local\po.db
    2017-06-23 16:28 - 2017-06-23 16:28 - 00140800 _____ C:\Users\aaa\AppData\Local\installer.dat
    2017-06-20 08:39 - 2017-06-20 08:39 - 00179240 _____ C:\Windows\system32\Drivers\cfidsk.sys
    R1 cfidsk; C:\Windows\System32\drivers\cfidsk.sys [179240 2017-06-20] ()

    0