Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Usunięcie wirusa Time to Read

edekrul 21 Gru 2017 13:26 456 7
  • #1 21 Gru 2017 13:26
    edekrul
    Poziom 2  

    Witam. Wyczyściłem AdwCleaner. Usunęło wszystkie ikonki z pulpitu i tak dalej jak mail.ru itp. ale przy odpalaniu komputera włącza się rosyjska strona Time to Read w Internet Explorer i nie wiem co dalej zrobić. Daję załączniki z Addition i FRST.

    0 7
  • #2 21 Gru 2017 13:51
    krzychupar
    Poziom 41  

    Odinstaluj:
    Amazon Assistant (HKLM-x32\...\{EDA2A064-F600-47BA-9EBA-58BE807BF6D2}) (Version: 10.17.0926 - Amazon) <==== UWAGA
    Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.7.2 - Reimage) <==== UWAGA

    Otwórz notatnik systemowy i wklej:
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
    Task: {115C667E-19E9-4659-97A5-49EBCA83A0D3} - System32\Tasks\curl => C:\Users\edekrul\AppData\Roaming\curl\curl_7_54.exe [2017-12-20] (curl, hxxps://curl.haxx.se/) <==== UWAGA
    Task: {2EAA7A56-4242-4069-8F73-611E82D00B88} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2017-09-11] (Reimage®) <==== UWAGA
    Task: {B09FBF8C-E58F-4817-8510-006F25AAD8AD} - System32\Tasks\curls => C:\Users\edekrul\AppData\Roaming\curl\curl.exe [2017-12-21] () <==== UWAGA
    (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
    (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\...\Run: [ccjghhrqol] => explorer "hxxp://granena.ru/?utm_source=uoua03n&utm_content=e739009bccd5f1e6d71a91bff5994529&utm_term=2D9C15E32172643F4579E261F94F5BA1&utm_d=20171220" <==== UWAGA
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\...\MountPoints2: {25419e37-c49b-11e7-9dbe-548ca09a0c42} - "E:\Setup.exe"
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\...\MountPoints2: {e73edc9c-55bb-11e7-9db0-548ca09a0c42} - "F:\HiSuiteDownLoader.exe"
    GroupPolicy: Ograniczenia <==== UWAGA
    GroupPolicy\User: Ograniczenia <==== UWAGA
    Tcpip\..\Interfaces\{3bdb2da4-8ff9-4ede-94a0-474147b3dd2b}: [NameServer] 35.177.46.238,46.101.28.31,82.202.226.203
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006




    SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2064771432-775154366-3883571396-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2064771432-775154366-3883571396-1001 -> {2EA2FFDD-5B00-4BD5-85B7-F545E70C54C2} URL =
    SearchScopes: HKU\S-1-5-21-2064771432-775154366-3883571396-1001 -> {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL = hxxp://go-search.ru/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2064771432-775154366-3883571396-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2064771432-775154366-3883571396-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B89C99DA8-E92A-42B7-AA48-BC93A9BB4270%7D&gp=855565
    BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
    FF Homepage: Mozilla\Firefox\Profiles\vy49xak5.default -> hxxp://granena.ru/?utm_content=31b5cebd524a9a...E32172643F4579E261F94F5BA1&utm_d=20171220
    FF Extension: (Amazon Assistant for Firefox) - C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\abb-acer@amazon.com [2017-01-13] [Przestarzałe]
    FF Extension: (Домашняя страница Mail.Ru) - C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\homepage@mail.ru.xpi [2017-12-20]
    FF Extension: (Polski Language Pack) - C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-01-28] [Przestarzałe]
    FF Extension: (Mozilla Partner Defaults) - C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\partnerdefaults@mozilla.com [2017-01-13] [Przestarzałe]
    FF Extension: (Mail.Ru) - C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\search@mail.ru.xpi [2017-12-20]
    FF Extension: (Пульт) - C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.xpi [2017-12-20]
    FF Extension: (Brak nazwy) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [nie znaleziono]
    CHR HomePage: Default -> inline.go.mail.ru
    CHR Extension: (Amazon Assistant for Chrome) - C:\Users\edekrul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2017-12-21]
    CHR Extension: (Amazon Assistant for Chrome) - C:\Users\edekrul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2017-12-21]
    R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2017-10-04] ()
    S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe" [X]
    S2 SvcHost Service Host; "C:\Windows\Microsoft\svchost.exe" -k LocalService [X]
    2017-12-21 10:29 - 2017-12-21 10:30 - 000000000 ____D C:\ProgramData\Reimage Protector
    2017-12-21 10:29 - 2017-12-21 10:29 - 000004356 _____ C:\WINDOWS\System32\Tasks\ReimageUpdater
    2017-12-21 10:29 - 2017-12-21 10:29 - 000001890 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
    2017-12-21 10:29 - 2017-12-21 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
    2017-12-21 10:29 - 2017-12-21 10:29 - 000000000 ____D C:\Program Files\Reimage
    2017-12-21 10:28 - 2017-12-21 10:31 - 000000000 ____D C:\rei
    2017-12-21 10:28 - 2017-12-21 10:30 - 000000140 _____ C:\WINDOWS\Reimage.ini
    2017-12-21 10:26 - 2017-12-21 10:26 - 000605424 _____ (Reimage) C:\Users\edekrul\Downloads\ReimageRepair.exe
    2017-12-21 09:55 - 2017-12-21 10:05 - 000000000 ____D C:\AdwCleaner

    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #3 21 Gru 2017 14:31
    edekrul
    Poziom 2  

    Amazon Assistant nie mogę usunąć :/ To jest laptop z Acera. Już to było od włączenia komputera i nie można usunąć, ponieważ jest zablokowane Usunięcie wirusa Time to Read

    0
  • #4 21 Gru 2017 14:37
    Kolobos
    Spec od komputerów

    Pomin i wykonaj reszte.

    0
  • #5 21 Gru 2017 15:56
    edekrul
    Poziom 2  

    Dzieki wielkie time to read zniknal ale zostaly mi jakies badziewia jeszcze :/ jak wlaczam przegladarke i potem w okol okienka na yt jakies ruskie reklamy :/ Usunięcie wirusa Time to ReadUsunięcie wirusa Time to Read

    0
  • #6 21 Gru 2017 17:47
    Kolobos
    Spec od komputerów

    Zamiesc nowe logi z FRST ze skanowania i nie wklejaj tych zbednych screenow.

    0
  • #7 21 Gru 2017 20:17
    edekrul
    Poziom 2  

    Spoiler:
    ==============================================

    fixlist - zawartość:
    *****************
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
    Task: {115C667E-19E9-4659-97A5-49EBCA83A0D3} - System32\Tasks\curl => C:\Users\edekrul\AppData\Roaming\curl\curl_7_54.exe [2017-12-20] (curl, hxxps://curl.haxx.se/) <==== UWAGA
    Task: {2EAA7A56-4242-4069-8F73-611E82D00B88} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2017-09-11] (Reimage�) <==== UWAGA
    Task: {B09FBF8C-E58F-4817-8510-006F25AAD8AD} - System32\Tasks\curls => C:\Users\edekrul\AppData\Roaming\curl\curl.exe [2017-12-21] () <==== UWAGA
    (Reimage�) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
    (Reimage�) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\...\Run: [ccjghhrqol] => explorer "hxxp://granena.ru/?utm_source=uoua03n&utm_content=e739009bccd5f1e6d71a91bff5994529&utm_term=2D9C15E32172643F4579E261F94F5BA1&utm_d=20171220" <==== UWAGA
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\...\MountPoints2: {25419e37-c49b-11e7-9dbe-548ca09a0c42} - "E:\Setup.exe"
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\...\MountPoints2: {e73edc9c-55bb-11e7-9db0-548ca09a0c42} - "F:\HiSuiteDownLoader.exe"
    GroupPolicy: Ograniczenia <==== UWAGA
    GroupPolicy\User: Ograniczenia <==== UWAGA
    Tcpip\..\Interfaces\{3bdb2da4-8ff9-4ede-94a0-474147b3dd2b}: [NameServer] 35.177.46.238,46.101.28.31,82.202.226.203
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
    SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2064771432-775154366-3883571396-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2064771432-775154366-3883571396-1001 -> {2EA2FFDD-5B00-4BD5-85B7-F545E70C54C2} URL =
    SearchScopes: HKU\S-1-5-21-2064771432-775154366-3883571396-1001 -> {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL = hxxp://go-search.ru/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2064771432-775154366-3883571396-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2064771432-775154366-3883571396-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B89C99DA8-E92A-42B7-AA48-BC93A9BB4270%7D&gp=855565
    BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
    FF Homepage: Mozilla\Firefox\Profiles\vy49xak5.default -> hxxp://granena.ru/?utm_content=31b5cebd524a9a...E32172643F4579E261F94F5BA1&utm_d=20171220
    FF Extension: (Amazon Assistant for Firefox) - C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\abb-acer@amazon.com [2017-01-13] [Przestarza�e]
    FF Extension: (???????? ???????? Mail.Ru) - C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\homepage@mail.ru.xpi [2017-12-20]
    FF Extension: (Polski Language Pack) - C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-01-28] [Przestarza�e]
    FF Extension: (Mozilla Partner Defaults) - C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\partnerdefaults@mozilla.com [2017-01-13] [Przestarza�e]
    FF Extension: (Mail.Ru) - C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\search@mail.ru.xpi [2017-12-20]
    FF Extension: (?????) - C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.xpi [2017-12-20]
    FF Extension: (Brak nazwy) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [nie znaleziono]
    CHR HomePage: Default -> inline.go.mail.ru
    CHR Extension: (Amazon Assistant for Chrome) - C:\Users\edekrul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2017-12-21]
    CHR Extension: (Amazon Assistant for Chrome) - C:\Users\edekrul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2017-12-21]
    R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2017-10-04] ()
    S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe" [X]
    S2 SvcHost Service Host; "C:\Windows\Microsoft\svchost.exe" -k LocalService [X]
    2017-12-21 10:29 - 2017-12-21 10:30 - 000000000 ____D C:\ProgramData\Reimage Protector
    2017-12-21 10:29 - 2017-12-21 10:29 - 000004356 _____ C:\WINDOWS\System32\Tasks\ReimageUpdater
    2017-12-21 10:29 - 2017-12-21 10:29 - 000001890 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
    2017-12-21 10:29 - 2017-12-21 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
    2017-12-21 10:29 - 2017-12-21 10:29 - 000000000 ____D C:\Program Files\Reimage
    2017-12-21 10:28 - 2017-12-21 10:31 - 000000000 ____D C:\rei
    2017-12-21 10:28 - 2017-12-21 10:30 - 000000140 _____ C:\WINDOWS\Reimage.ini
    2017-12-21 10:26 - 2017-12-21 10:26 - 000605424 _____ (Reimage) C:\Users\edekrul\Downloads\ReimageRepair.exe
    2017-12-21 09:55 - 2017-12-21 10:05 - 000000000 ____D C:\AdwCleaner

    EmptyTemp:
    *****************

    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => klucz nie znaleziono
    HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => klucz nie znaleziono
    HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => klucz nie znaleziono
    HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => klucz nie znaleziono
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{115C667E-19E9-4659-97A5-49EBCA83A0D3} => klucz nie znaleziono
    C:\WINDOWS\System32\Tasks\curl => nie znaleziono.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\curl => klucz nie znaleziono
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EAA7A56-4242-4069-8F73-611E82D00B88} => klucz nie znaleziono
    C:\WINDOWS\System32\Tasks\ReimageUpdater => nie znaleziono.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater => klucz nie znaleziono
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B09FBF8C-E58F-4817-8510-006F25AAD8AD} => klucz nie znaleziono
    C:\WINDOWS\System32\Tasks\curls => nie znaleziono.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\curls => klucz nie znaleziono
    C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe => Nie odnaleziono uruchomionego procesu
    C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe => Nie odnaleziono uruchomionego procesu
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA => pomyślnie przywrócono
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ccjghhrqol => Wartość nie znaleziono.
    "HKU\S-1-5-21-2064771432-775154366-3883571396-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25419e37-c49b-11e7-9dbe-548ca09a0c42}" => pomyślnie usunięto
    HKLM\Software\Classes\CLSID\{25419e37-c49b-11e7-9dbe-548ca09a0c42} => klucz nie znaleziono
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e73edc9c-55bb-11e7-9db0-548ca09a0c42} => klucz nie znaleziono
    HKLM\Software\Classes\CLSID\{e73edc9c-55bb-11e7-9db0-548ca09a0c42} => klucz nie znaleziono
    "C:\WINDOWS\system32\GroupPolicy\Machine" => nie znaleziono.
    "C:\WINDOWS\system32\GroupPolicy\User" => nie znaleziono.
    HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3bdb2da4-8ff9-4ede-94a0-474147b3dd2b}\\NameServer => Wartość nie znaleziono.
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => klucz nie znaleziono
    HKLM\Software\Wow6432Node\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => klucz nie znaleziono
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość nie znaleziono.
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2EA2FFDD-5B00-4BD5-85B7-F545E70C54C2} => klucz nie znaleziono
    HKLM\Software\Classes\CLSID\{2EA2FFDD-5B00-4BD5-85B7-F545E70C54C2} => klucz nie znaleziono
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A06ED961-D98F-4CF9-A89B-80AB11DB149C} => klucz nie znaleziono
    HKLM\Software\Classes\CLSID\{A06ED961-D98F-4CF9-A89B-80AB11DB149C} => klucz nie znaleziono
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => klucz nie znaleziono
    HKLM\Software\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => klucz nie znaleziono
    HKU\S-1-5-21-2064771432-775154366-3883571396-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => klucz nie znaleziono
    HKLM\Software\Classes\CLSID\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => klucz nie znaleziono
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} => klucz nie znaleziono
    HKLM\Software\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} => klucz nie znaleziono
    FF Homepage: Mozilla\Firefox\Profiles\vy49xak5.default -> hxxp://granena.ru/?utm_content=31b5cebd524a9a...E32172643F4579E261F94F5BA1&utm_d=20171220 => nie znaleziono
    C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\abb-acer@amazon.com => nie znaleziono.
    C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\homepage@mail.ru.xpi => nie znaleziono.
    C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\langpack-pl@firefox.mozilla.org.xpi => nie znaleziono.
    C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\partnerdefaults@mozilla.com => nie znaleziono.
    C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\search@mail.ru.xpi => nie znaleziono.
    C:\Users\edekrul\AppData\Roaming\Mozilla\Firefox\Profiles\vy49xak5.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.xpi => nie znaleziono.
    C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => nie znaleziono.
    "Chrome HomePage" => pomyślnie usunięto
    CHR Extension: (Amazon Assistant for Chrome) - C:\Users\edekrul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2017-12-21] => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia.
    CHR Extension: (Amazon Assistant for Chrome) - C:\Users\edekrul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2017-12-21] => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia.
    Amazon Assistant Service => serwis nie znaleziono.
    mccspsvc => serwis nie znaleziono.
    SvcHost Service Host => serwis nie znaleziono.
    "C:\ProgramData\Reimage Protector" => nie znaleziono.
    "C:\WINDOWS\System32\Tasks\ReimageUpdater" => nie znaleziono.
    "C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk" => nie znaleziono.
    "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair" => nie znaleziono.
    "C:\Program Files\Reimage" => nie znaleziono.
    "C:\rei" => nie znaleziono.
    "C:\WINDOWS\Reimage.ini" => nie znaleziono.
    "C:\Users\edekrul\Downloads\ReimageRepair.exe" => nie znaleziono.
    "C:\AdwCleaner" => nie znaleziono.

    =========== EmptyTemp: ==========

    BITS transfer queue => 9199616 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8492845 B
    Java, Flash, Steam htmlcache => 131113 B
    Windows/system/drivers => -9162 B
    Edge => 0 B
    Chrome => 167957906 B
    Firefox => 0 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 0 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 0 B
    systemprofile32 => 0 B
    LocalService => 0 B
    NetworkService => 3150 B
    edekrul => 77047 B

    RecycleBin => 6412 B
    EmptyTemp: => 177.2 MB danych tymczasowych Usunięto.

    ================================


    System wymagał restartu.

    ==== Koniec Fixlog 15:30:50 ====

    0
  • #8 21 Gru 2017 20:30
    Kolobos
    Spec od komputerów

    Po co to wklejasz? Miales zamiescic NOWE logi ze skanowania z FRST, a nie Fixlist!

    0