Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] frst prosze o sprawdzenie logow

starzaczek1 25 Cze 2018 11:57 135 2
  • Pomocny post
    #2 25 Cze 2018 12:29
    dt1
    Moderator - Komputery Serwis

    Witaj. Odinstaluj przez panel sterowania zbędne oprogramowanie:

    Advanced SystemCare 11 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 11.1.0 - IObit)
    Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.1.0 - IObit)
    IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.3.0.13 - IObit)

    Również odinstalowałbym CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform) - jako program w zasadzie niepotrzebny.

    Poniżej podaną listę wklej w notatniku i zapisz jako fixlist.txt w tym samym katalogu, w którym masz FRST. Gdy plik będzie już zapisany uruchom FRST i naciśnij napraw.

    Code:
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2018-02-12] (Realtek Semiconductor)
    
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
    HKU\S-1-5-21-1536279072-3103901907-3996841418-1001\...\Run: [Advanced SystemCare 11] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3598624 2017-12-11] (IObit)
    HKU\S-1-5-21-1536279072-3103901907-3996841418-1001\...\Run: [IEService] => C:\Users\Patryk\AppData\Local\Microsoft Windows\taskhost.exe [282112 2017-07-03] (Microsoft Corporation) <==== UWAGA
    HKU\S-1-5-21-1536279072-3103901907-3996841418-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
    HKU\S-1-5-21-1536279072-3103901907-3996841418-1001\...\Run: [Patryk] => explorer.exe hxxp://exinariuminix.info <==== UWAGA
    HKU\S-1-5-21-1536279072-3103901907-3996841418-1001\...\Run: [uTorrent] => C:\Users\Patryk\AppData\Roaming\uTorrent\uTorrent.exe [1984184 2018-06-24] (BitTorrent Inc.)
    HKU\S-1-5-21-1536279072-3103901907-3996841418-1001\...\MountPoints2: {09521d27-250b-11e8-ab68-d8d3858020a6} - F:\setup.exe
    HKU\S-1-5-21-1536279072-3103901907-3996841418-1001\...\MountPoints2: {149a4dbe-229b-11e8-b475-d8d3858020a6} - G:\AutoRun.exe
    HKU\S-1-5-21-1536279072-3103901907-3996841418-1001\...\MountPoints2: {149a4dc3-229b-11e8-b475-d8d3858020a6} - H:\AutoRun.exe
    BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit)
    FF user.js: detected! => C:\Users\Patryk\AppData\Roaming\Mozilla\Firefox\Profiles\0dl2v4gc.default\user.js [2018-05-18]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
    CHR StartupUrls: Default -> "hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp","hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp","hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp","hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp","hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp","hxxp://www.delta-homes.com/?type=hp&ts=1432906877&z=f6de87e49100bb7b57dc254g8z2c6o5tfedq2b8m9c&from=wpm052932&uid=WDCXWD2500AAJS-60Z0A0_WD-WCAV2P34661846618","hxxp://www.sweet-page.com/?type=hp&ts=1437640730&z=5ecff9265d14d51f8927a7dgez1c4m6q0z7e0m2o8c&from=cornl&uid=WDCXWD2500AAJS-60Z0A0_WD-WCAV2P34661846618","hxxp://www.omniboxes.com/?type=hp&ts=1448444080&z=32bb5c5c4f214670564becbg6z9z0b2z1z4z2edb3e&from=ient07021&uid=WDCXWD2500AAJS-60Z0A0_WD-WCAV2P34661846618"




    CHR Extension: (Colorize this link) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihdegignhmojeldmkkincfhjipakfiik [2017-09-17]
    CHR Extension: (AVG SafePrice) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-06-21]
    CHR Extension: (Into The Mist) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2017-09-17]
    CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
    R2 AdvancedSystemCareService11; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1058080 2017-12-11] (IObit)
    S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit)
    R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
    R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys [14680 2016-12-21] (IObit)
    R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-06] (IObit.com)
    R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [22416 2018-01-11] (IObit.com)
    S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
    2018-06-07 14:06 - 2018-06-07 14:06 - 000050688 ____H C:\Users\Patryk\Downloads\~WRL2915.tmp
    C:\Users\Patryk\AppData\Local\Microsoft Windows\taskhost.exe
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
    ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
    ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
    ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
    ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
    ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
    ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
    Task: {021A176F-ADF4-4753-B98C-DA73D52B4B9F} - System32\Tasks\HPCustParticipation HP DeskJet 3700 series => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe [2016-09-14] (HP Inc.)
    Task: {5B0EF3F4-17F9-4307-B6DD-94A64FE86FD3} - System32\Tasks\ASC11_SkipUac_Patryk => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2017-12-26] (IObit)
    Task: {6C307455-14B5-4ECB-88FD-DAA36BAE6363} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\Scheduler.exe [2017-10-24] (IObit)
    Task: {6F847762-2994-44A6-8778-08A34EB6FEF3} - System32\Tasks\ASC11_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2017-12-26] (IObit)
    Task: {9B76C543-0AE8-4AC4-9785-B0E10FAC9A03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
    Task: {DC6DF9F9-F98E-467C-8B26-B0C762CD420B} - System32\Tasks\Patryk => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Patryk /t REG_SZ /d "explorer.exe hxxp://exinariuminix.info" <==== UWAGA
    Task: {EC9E2DF7-A8AE-469E-837F-3B0BCC6CB131} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
    Task: {FF78E35E-9E22-47CB-99EA-581009446A3E} - System32\Tasks\Driver Booster SkipUAC (Patryk) => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe [2017-11-16] (IObit)
    AlternateDataStreams: C:\Users\Public\AppData:CSM [468]
    FirewallRules: [{BE2FF4AD-8D74-41C4-8B89-F4E0CE6B7ACC}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe
    FirewallRules: [{A8DF3C69-A340-44DF-A1AA-D38957AA19EB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe
    FirewallRules: [{327FE733-6D0D-4296-89A4-EFC22A0B2F53}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DBDownloader.exe
    FirewallRules: [{F628C6A7-4BA4-4452-ABEA-7A6807734283}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DBDownloader.exe
    FirewallRules: [{142BD607-7AF8-4F80-8E6E-62A4E1DD5F04}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\AutoUpdate.exe
    FirewallRules: [{DCE77F6B-E3ED-44FB-8941-E8259D152430}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\AutoUpdate.exe
    FirewallRules: [{23CCF94A-D237-4449-8DF1-E7914BA8ADEC}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe
    FirewallRules: [{0285455C-5F0E-40D4-A579-119275EE14E0}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe
    EmptyTemp:

    1