Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Czy pomoże ktoś napisać PLIK fixlist.txt? SafeFinder i inne, próba naprawy.

maetwu 04 Maj 2018 16:09 165 2
  • #2 04 Maj 2018 17:01
    krzychupar
    Poziom 41  

    Odinstaluj:
    Smart File Advisor 1.1.8

    Otwórz notatnik systemowy i wklej:

    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
    Task: {11C86949-A71E-4A82-BF4C-844043B83E47} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {1AC5F43F-F9CF-4F1E-ADFA-8C63E66D2904} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {38D1C8E8-6B08-4A3E-A31D-3A3750953C76} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-11-02] (Microleaves) <==== UWAGA
    Task: {5B9DC0F6-1963-4007-B78D-651BCC0D7554} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {7903E344-44BC-4059-89D1-D2323D671969} - System32\Tasks\wbN1MdCsjZRp => wbn1mdcsjzrp.exe <==== UWAGA
    Task: {AC136965-49DD-4BA3-8FCB-CD328C2DA4B7} - System32\Tasks\Online Application V2G5 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {B736A9D9-34A3-4E37-A06F-2A30CC754866} - \ShadowsocksS -> Brak pliku <==== UWAGA
    Task: {BAEF2D49-C5DF-4133-9E3E-D8C1281BCF39} - System32\Tasks\Online Application V2G4 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {BD435AE2-33D9-4C01-BE9E-371AC89968ED} - System32\Tasks\Online Application V2G6 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA
    Task: {F92D7F01-46F6-4EB7-B2F4-65990CDEE14A} - \Browse -> Brak pliku <==== UWAGA
    Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\Online Application V2G4.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\Online Application V2G5.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\Online Application V2G6.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA




    Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== UWAGA
    GroupPolicy: Ograniczenia <==== UWAGA
    Tcpip\..\Interfaces\{1E7A2D46-3B40-4A47-9A4F-A464C0DE5D52}: [NameServer] 82.163.142.8,95.211.158.136
    HKU\S-1-5-21-1930109817-471395313-4007521826-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%6...DZvP9L-ELytqLxEfEW45Yrhi1x5x0WI1UKuKs,&q={searchTerms}
    HKU\S-1-5-21-1930109817-471395313-4007521826-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61...Z9IRg_M7vjdQcGyhhKW5uNJM68SAuQCPnIyrl4I_K5hI,,
    SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
    SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%6...DZvP9L-ELytqLxEfEW45Yrhi1x5x0WI1UKuKs,&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1930109817-471395313-4007521826-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%6...DZvP9L-ELytqLxEfEW45Yrhi1x5x0WI1UKuKs,&q={searchTerms}
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Brak pliku]
    FF Homepage: Mozilla\Firefox\Profiles\fp2ed3jv.default -> C:\\ProgramData\\Quoteexs\\ff.HP
    FF NewTab: Mozilla\Firefox\Profiles\fp2ed3jv.default -> C:\\ProgramData\\Quoteexs\\ff.NT
    CHR DefaultSearchURL: Default -> hxxps://feed.bazzsearch.com/?fext=true&pu...06&publisher=defaultbazz&st=ed&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> Bazz Search
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nie znaleziono>
    S2 Quoteex; C:\ProgramData\\Quoteex\\Quoteex.exe shuz -f "C:\ProgramData\\Quoteex\\Quoteex.dat" -l -a <==== UWAGA
    S2 S2Gvc32; "C:\Program Files (x86)\Speech2Go Voice Package VE\IvonaVoiceService_x86.exe" [X]
    U0 msahci; system32\drivers\msahci.sys [X]
    S2 npf; \??\C:\WINDOWS\system32\drivers\npf.sys [X]
    2018-05-03 22:15 - 2018-05-04 12:21 - 000000000 ____D C:\ProgramData\Quoteex
    2018-05-03 22:15 - 2018-05-04 12:09 - 000000000 ____D C:\ProgramData\Logic Cramble
    2018-05-03 22:15 - 2018-05-03 22:16 - 000929792 _____ C:\Users\Eliza\AppData\Local\sham.db
    2018-05-03 22:15 - 2018-05-03 22:15 - 007607296 _____ C:\Users\Eliza\AppData\Local\agent.dat
    2018-05-03 22:15 - 2018-05-03 22:15 - 002136576 _____ (TODO: <Company name>) C:\Users\Eliza\AppData\Local\Jaydom.exe
    2018-05-03 22:15 - 2018-05-03 22:15 - 002136576 _____ (TODO: <Company name>) C:\Users\Eliza\AppData\Local\DonDubity.exe
    2018-05-03 22:15 - 2018-05-03 22:15 - 001986606 _____ C:\Users\Eliza\AppData\Local\DonDubity.tst
    2018-05-03 22:15 - 2018-05-03 22:15 - 001895382 _____ C:\Users\Eliza\AppData\Local\X--Ex.bin
    2018-05-03 22:15 - 2018-05-03 22:15 - 000278509 _____ C:\Users\Eliza\AppData\Local\Jaydom.tst
    2018-05-03 22:15 - 2018-05-03 22:15 - 000140800 _____ C:\Users\Eliza\AppData\Local\installer.dat
    2018-05-03 22:15 - 2018-05-03 22:15 - 000126464 _____ C:\Users\Eliza\AppData\Local\noah.dat
    2018-05-03 22:15 - 2018-05-03 22:15 - 000070896 _____ C:\Users\Eliza\AppData\Local\Config.xml
    2018-05-03 22:15 - 2018-05-03 22:15 - 000018432 _____ C:\Users\Eliza\AppData\Local\Main.dat
    2018-05-03 22:15 - 2018-05-03 22:15 - 000016416 _____ C:\Users\Eliza\AppData\Local\InstallationConfiguration.xml
    2018-05-03 22:15 - 2018-05-03 22:15 - 000005568 _____ C:\Users\Eliza\AppData\Local\md.xml
    2018-05-03 22:15 - 2018-05-03 22:15 - 000000000 ____D C:\Users\Public\Documents\XMUpdate
    2018-05-03 22:15 - 2018-05-03 22:15 - 000000000 ____D C:\Users\Eliza\AppData\Roaming\Microleaves
    2018-05-03 22:15 - 2018-05-03 22:15 - 000000000 ____D C:\Users\Eliza\AppData\Local\AdvinstAnalytics
    2018-05-02 00:20 - 2018-05-02 00:20 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsignf2c25ff14fe014d6
    2018-05-02 00:20 - 2018-05-02 00:20 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign7d7371ac4b69900b
    2018-05-02 00:20 - 2018-05-02 00:20 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign5f4982953ac9b048
    2018-05-01 20:30 - 2018-05-01 20:30 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign860e6ba75d6eda2c
    2018-05-01 20:29 - 2018-05-01 20:29 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsignbac0359077fe2dfb
    2018-05-01 20:29 - 2018-05-01 20:29 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign3f9faab594e84b96
    2018-04-30 20:23 - 2018-04-30 20:23 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsignaa6985395fe1c5d4
    2018-04-30 20:20 - 2018-04-30 20:20 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsignde3ef80077a235dc
    2018-04-30 20:20 - 2018-04-30 20:20 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign60dee3a052b0cfb0
    2018-04-25 10:46 - 2018-04-25 10:46 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign560e46629937c60d
    2018-04-25 10:46 - 2018-04-25 10:46 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign3e98d1a9b2172b25
    2018-04-24 12:19 - 2018-04-24 12:19 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsignd018321ddec00c95
    2018-04-24 12:19 - 2018-04-24 12:19 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsignc442ca8733a09856
    2018-04-24 12:19 - 2018-04-24 12:19 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign1b4881762a9f1072
    2018-04-24 10:50 - 2018-04-24 10:50 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign72719b2c787f5d5d
    2018-04-24 10:41 - 2018-04-24 10:41 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsigndcd4d8b695522e30
    2018-04-24 10:41 - 2018-04-24 10:41 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign814cc9b151a848f6
    2018-04-22 18:46 - 2018-04-22 18:46 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign75d1d4676d78c75f
    2018-04-22 18:46 - 2018-04-22 18:46 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign41640411e6763588
    2018-04-22 18:46 - 2018-04-22 18:46 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign3c92585b2cbfe426
    2018-04-22 18:25 - 2018-04-22 18:25 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsignf2cf879978b9b53f
    2018-04-22 18:25 - 2018-04-22 18:25 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsigndfdae7f7a119e188
    2018-04-22 18:25 - 2018-04-22 18:25 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsignb5aa7824c0cb769e
    2018-04-22 18:18 - 2018-04-22 18:18 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign1f4876f3e9f2ccc6
    2018-04-22 18:12 - 2018-04-22 18:12 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign53be7e3b953478d8
    2018-04-22 18:12 - 2018-04-22 18:12 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign4704454e3e786773
    2018-04-22 14:11 - 2018-04-22 14:11 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign344bc506e5ce8c30
    2018-04-22 14:10 - 2018-04-22 14:10 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsignb37379b963c29838
    2018-04-22 14:10 - 2018-04-22 14:10 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign39a6b57aeabdcd75
    2018-04-16 10:33 - 2018-04-16 10:33 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsigna3f118010e3bc1b3
    2018-04-16 10:32 - 2018-04-16 10:32 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsignbed4bc63ce8b2ca0
    2018-04-16 10:32 - 2018-04-16 10:32 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign4295c12c408a206a
    2018-04-12 21:38 - 2018-04-12 21:38 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsignd87dc617c56a32b6
    2018-04-12 21:38 - 2018-04-12 21:38 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign10e9a422fa3e1063
    2018-04-12 21:38 - 2018-04-12 21:38 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign09c17349b203ae18
    2018-04-12 18:49 - 2018-04-12 18:49 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsignf9d3bfdd39ea78b3
    2018-04-12 18:49 - 2018-04-12 18:49 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign632cc3ae46c892b9
    2018-04-12 18:49 - 2018-04-12 18:49 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign2cc99a6f1f0722b2
    2018-04-12 18:42 - 2018-04-12 18:42 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsigncbe5dc30ae13e4ae
    2018-04-12 18:41 - 2018-04-12 18:41 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsignac9842b36003b6e1
    2018-04-12 18:41 - 2018-04-12 18:41 - 000000000 ____D C:\Users\Eliza\AppData\Local\Tempzxpsign4f4469d3ca7cda5f
    2017-07-17 21:11 - 2017-07-17 21:13 - 000000033 _____ () C:\Users\Eliza\AppData\Roaming\AdobeWLCMCache.dat
    2016-02-29 21:31 - 2018-05-04 15:39 - 000000093 _____ () C:\Users\Eliza\AppData\Roaming\sp_data.sys
    2018-05-03 22:15 - 2018-05-03 22:15 - 007607296 _____ () C:\Users\Eliza\AppData\Local\agent.dat
    2018-05-03 22:15 - 2018-05-03 22:15 - 000070896 _____ () C:\Users\Eliza\AppData\Local\Config.xml
    2018-05-03 22:15 - 2018-05-03 22:15 - 001986606 _____ () C:\Users\Eliza\AppData\Local\DonDubity.tst
    2018-05-03 22:15 - 2018-05-03 22:15 - 000016416 _____ () C:\Users\Eliza\AppData\Local\InstallationConfiguration.xml
    2018-05-03 22:15 - 2018-05-03 22:15 - 000140800 _____ () C:\Users\Eliza\AppData\Local\installer.dat
    2018-05-03 22:15 - 2018-05-03 22:15 - 000278509 _____ () C:\Users\Eliza\AppData\Local\Jaydom.tst
    2018-05-03 22:15 - 2018-05-03 22:15 - 000018432 _____ () C:\Users\Eliza\AppData\Local\Main.dat
    2018-05-03 22:15 - 2018-05-03 22:15 - 000005568 _____ () C:\Users\Eliza\AppData\Local\md.xml
    2018-05-03 22:15 - 2018-05-03 22:15 - 000126464 _____ () C:\Users\Eliza\AppData\Local\noah.dat
    2018-01-21 15:23 - 2018-01-21 15:23 - 000004966 _____ () C:\Users\Eliza\AppData\Local\recently-used.xbel
    2018-05-03 22:15 - 2018-05-03 22:16 - 000929792 _____ () C:\Users\Eliza\AppData\Local\sham.db
    2018-05-03 22:15 - 2018-05-03 22:15 - 000032038 _____ () C:\Users\Eliza\AppData\Local\uninstall_temp.ico
    2018-05-03 22:15 - 2018-05-03 22:15 - 001895382 _____ () C:\Users\Eliza\AppData\Local\X--Ex.bin
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #3 04 Maj 2018 21:34
    RADU23
    Moderator - Komputery Serwis

    Otwórz notatnik i wklej zawartość:

    Cytat:
    HKU\S-1-5-21-1930109817-471395313-4007521826-1001\...\MountPoints2: {16f5b79f-df35-11e5-8260-18cf5ef93594} - "G:\SETUP.EXE"
    GroupPolicy: Ograniczenia <==== UWAGA
    HKU\S-1-5-21-1930109817-471395313-4007521826-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%6...DZvP9L-ELytqLxEfEW45Yrhi1x5x0WI1UKuKs,&q={searchTerms}
    HKU\S-1-5-21-1930109817-471395313-4007521826-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61...Z9IRg_M7vjdQcGyhhKW5uNJM68SAuQCPnIyrl4I_K5hI,,
    HKU\S-1-5-21-1930109817-471395313-4007521826-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
    SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
    SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%6...DZvP9L-ELytqLxEfEW45Yrhi1x5x0WI1UKuKs,&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1930109817-471395313-4007521826-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%6...DZvP9L-ELytqLxEfEW45Yrhi1x5x0WI1UKuKs,&q={searchTerms}
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Brak pliku]
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nie znaleziono>
    S2 Quoteex; C:\ProgramData\\Quoteex\\Quoteex.exe shuz -f "C:\ProgramData\\Quoteex\\Quoteex.dat" -l -a <==== UWAGA
    S2 S2Gvc32; "C:\Program Files (x86)\Speech2Go Voice Package VE\IvonaVoiceService_x86.exe" [X]
    U0 msahci; system32\drivers\msahci.sys [X]
    S2 npf; \??\C:\WINDOWS\system32\drivers\npf.sys [X]


    Zapisz jako fixlist.txt obok FRST.exe i w FRST kliknij "FIX" "Napraw".

    0