Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] PUP.Optional.Legacy i PUP.Optional.WebProtector - jak usunąć te zagrożenia?

Lordo50PL 16 Sie 2018 10:59 423 17
  • #1 16 Sie 2018 10:59
    Lordo50PL
    Poziom 7  

    Cześć, skan z AdwCleaner'a wykazał mi 10 zagrożeń. Po rozwinięciu pokazało, że 9 pochodzi od PUP.Optional.Legacy, a te 1 od PUP.OptionalWebProtector. Czyściłem AdwCleanerem, restartowałem PC, a dalej pokazuje te 10 zagrożeń. Dziękuje z góry za pomoc. Screeny z FRST i AdwCleanera

    0 17
  • #2 16 Sie 2018 11:17
    RADU23
    Moderator - Komputery Serwis

    Otwórz notatnik i wklej zawartość:

    Cytat:
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\Run: [GalaxyClient] => [X]
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: G - G:\setup.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: H - H:\setup.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: I - I:\setup.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: L - L:\setup.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: {2ee2d6f2-8321-11e6-b487-d8cb8a3928f3} - H:\setup.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: {3819b187-46fc-11e7-8091-d8cb8a3928f3} - V:\setup.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: {3df9fc90-4701-11e5-98de-d8cb8a3928f3} - J:\RunGame.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: {508f90eb-01f1-11e5-8953-d8cb8a3928f3} - G:\setup.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: {874bea60-347c-11e5-b6c6-d8cb8a3928f3} - G:\setup.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: {8f93200f-33c1-11e5-bbb3-d8cb8a3928f3} - H:\setup.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: {93b83d9c-0a1e-11e6-9bd0-d8cb8a3928f3} - G:\setup.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: {93b83dae-0a1e-11e6-9bd0-d8cb8a3928f3} - I:\setup.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: {c80d3735-3540-11e5-8d42-d8cb8a3928f3} - I:\Startme.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: {e149127f-0adb-11e6-bc07-d8cb8a3928f3} - G:\setup.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: {ee49597f-d5af-11e6-a62e-d8cb8a3928f3} - J:\setup.exe
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\MountPoints2: {f1d33b67-3428-11e5-a256-d8cb8a3928f3} - G:\setup.exe
    ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (Brak pliku)
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1




    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
    Toolbar: HKU\S-1-5-21-3455255253-503408873-1182082362-1000 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Brak pliku
    Toolbar: HKU\S-1-5-21-3455255253-503408873-1182082362-1000 -> Brak nazwy - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - Brak pliku
    FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Brak pliku]
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Brak pliku]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [Brak pliku]
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [Brak pliku]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nie znaleziono>
    S3 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
    S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
    S3 IDriverT; "C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe" [X]
    S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; "C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe" [X]
    S3 ISCTAgent; "C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe" [X]
    S3 jhi_service; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" [X]
    S3 LMS; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" [X]
    S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.717\McCHSvc.exe" [X]
    S3 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [X]
    S3 MSI_Trigger_Service; "C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe" [X]
    S3 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [X]
    U3 a2o9sgas; Brak ImagePath
    S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [X]
    S3 MSICDSetup; \??\F:\CDriver64.sys [X]
    S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [X]
    S3 NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys [X]
    S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    U3 mbr; \??\C:\Users\KuBa\AppData\Local\Temp\mbr.sys [X] <==== UWAGA
    2018-08-15 10:36 - 2018-08-15 10:36 - 000000000 ____D C:\AdwCleaner
    AlphaGo (HKLM-x32\...\{B20B3A3C-91E3-4326-8A0F-B3C012574F8C}) (Version: 1.1.2 - Default Company Name) <==== UWAGA
    BikaQ Rss (HKLM-x32\...\{3678D164-84DB-4F73-AFD6-916342E10764}) (Version: 3.0.17 - BikaQ) <==== UWAGA
    ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\KuBa\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\KuBa\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\KuBa\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\KuBa\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\KuBa\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\KuBa\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll -> Brak pliku
    ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\KuBa\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll -> Brak pliku
    ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\KuBa\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\KuBa\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll -> Brak pliku
    ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll -> Brak pliku
    ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\KuBa\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll -> Brak pliku
    Task: {0998749E-DAE1-4241-9C50-539BF6405A49} - System32\Tasks\Update\NoMansSky => C:\Users\KuBa\AppData\Roaming\nomanssky.exe <==== UWAGA
    Task: {0A74C433-3B8D-406D-8449-A2D08DBA21E0} - System32\Tasks\{DCCA64EC-6905-4D0F-B672-C92D5F7F9164} => C:\Windows\system32\pcalua.exe -a "E:\Need For Speed\Need For Speed Carbon\PLIKI\setup.exe" -d "E:\Need For Speed\Need For Speed Carbon\PLIKI"
    Task: {1AC8D168-1057-40E1-94CD-7270355229F7} - System32\Tasks\{4FECA074-9EC3-41AD-9134-717B0089CB11} => C:\Windows\system32\pcalua.exe -a "C:\Games\No Man's Sky\GRA\No Man's Sky\LanguageSetup.exe" -d "C:\Games\No Man's Sky\GRA\No Man's Sky"
    Task: {1FAD3036-4810-4D27-BC7F-9B5C56386B61} - \SmartStats Service -> Brak pliku <==== UWAGA
    Task: {269EE254-E55F-411E-BEAE-4B7B04DFF350} - System32\Tasks\{249D7559-07B0-4458-BF18-A1E771542069} => C:\Windows\system32\pcalua.exe -a "I:\Support\SimCity 4 Deluxe_uninst.exe" -d I:\Support
    Task: {33B11D07-94C4-40A4-B781-B796BD6B77A7} - System32\Tasks\{883A3A88-5101-4D01-854A-E762F87E2AF9} => C:\Windows\system32\pcalua.exe -a G:\Redist\DirectX\dxsetup.exe -d G:\Redist\DirectX
    Task: {41CFCA97-CE2A-40B0-A701-6D4CF33B86C6} - System32\Tasks\{51F574E0-53EB-476F-BD5B-0A7547594912} => C:\Windows\system32\pcalua.exe -a "C:\Games\No Man's Sky (gra)\No Man's Sky\LanguageSetup.exe" -d "C:\Games\No Man's Sky (gra)\No Man's Sky"
    Task: {521DB5D4-C85B-4CCA-9B86-50DAC39866BD} - System32\Tasks\{B7BC4E3D-1E0B-4349-B383-C8682075982D} => C:\Windows\system32\pcalua.exe -a F:\Sims3Setup.exe -d F:\
    Task: {56F0AE2C-55EA-4E2A-A3BC-C412AC1C2EBA} - System32\Tasks\{7A792ACB-8587-4BE8-9E2E-4A0B5294DA0E} => C:\Windows\system32\pcalua.exe -a "E:\L.A Noire\L.A.Noire\DLCinstall.exe" -d "E:\L.A Noire\L.A.Noire"
    Task: {6769A4D4-BAB3-4913-9899-8191EE2868AE} - System32\Tasks\{29F80B67-A402-4277-9CE0-B3F31332AEDE} => C:\Windows\system32\pcalua.exe -a "E:\fifa 16\FIFA 16 Super Deluxe Edition -SKIDROWCRACK\Launcher.exe" -d "E:\fifa 16\FIFA 16 Super Deluxe Edition -SKIDROWCRACK"
    Task: {8340868E-9B83-46D4-9992-99D7DA597D08} - System32\Tasks\{2F4DD942-587D-4A07-9ADE-33ED238E865A} => C:\Windows\system32\pcalua.exe -a "E:\Need For Speed SHIFT 2\Need For Speed Shift 2 - Unleashed\PLIKI\EASetup.exe" -d "E:\Need For Speed SHIFT 2\Need For Speed Shift 2 - Unleashed\PLIKI"
    Task: {964386A0-0C00-4206-A607-1BFC38C010EC} - System32\Tasks\{87530B60-D4FD-4A7F-AECA-BA840816E2BB} => C:\Windows\system32\pcalua.exe -a C:\Users\KuBa\Downloads\setup_SoundInjector.exe -d C:\Users\KuBa\Downloads
    Task: {D97D437E-1305-47F2-AEFE-BE2A5E24E81E} - System32\Tasks\{1A6EF079-4253-49F8-BE4A-D98982D9C11B} => C:\Windows\system32\pcalua.exe -a I:\SC4_uninst.exe -d I:\
    Task: {ED4633DC-22FF-4B05-B652-FA284027B462} - \DC5F45B0-5A8B-D27B-5091-505158DFD905 -> Brak pliku <==== UWAGA
    Task: {F8B5D8C6-103E-4434-BCB1-85DC6A2C22AE} - System32\Tasks\{F31DF80E-2EFD-4FFB-9BA6-32615CB96763} => C:\Windows\system32\pcalua.exe -a "E:\fifa 16\FIFA 16 Super Deluxe Edition -SKIDROWCRACK\Origin.Games.Reg.Tools.v2.0-3DM.exe" -d "E:\fifa 16\FIFA 16 Super Deluxe Edition -SKIDROWCRACK"
    AlternateDataStreams: C:\Users\KuBa:Heroes & Generals [38]
    AlternateDataStreams: C:\Users\Public\AppData:CSM [468]
    AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]


    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #4 16 Sie 2018 11:39
    RADU23
    Moderator - Komputery Serwis

    Zamieść ponownie logi z FRST.

    0
  • #6 16 Sie 2018 11:47
    RADU23
    Moderator - Komputery Serwis

    Ponownie logi zamieść. FRST + Addition.

    0
  • Pomocny post
    #8 16 Sie 2018 12:08
    RADU23
    Moderator - Komputery Serwis

    Fixlist do wykonania (procedura jak powyżej)

    Cytat:
    ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (Brak pliku)
    U3 a33747rd; Brak ImagePath
    AlphaGo (HKLM-x32\...\{B20B3A3C-91E3-4326-8A0F-B3C012574F8C}) (Version: 1.1.2 - Default Company Name) <==== UWAGA
    BikaQ Rss (HKLM-x32\...\{3678D164-84DB-4F73-AFD6-916342E10764}) (Version: 3.0.17 - BikaQ) <==== UWAGA


    Więcej nic nie widać w logach.

    0
  • Pomocny post
    #12 16 Sie 2018 16:01
    krzychupar
    Poziom 40  

    Odinstaluj:

    AlphaGo
    BikaQ Rss
    McAfee Security Scan Plus
    McAfee True Key
    McAfee WebAdvisor

    Otwórz notatnik systemowy i wklej:

    CloseProcesses:
    Task: {0AD91B18-00F1-46B8-96A1-DDE43333188A} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe
    Task: {A9954469-EEC4-4752-AEFE-CC4414BCBA28} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
    Hosts:
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
    (McAfee, LLC.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
    (McAfee, LLC.) C:\Program Files\TrueKey\McTkSchedulerService.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
    ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (Brak pliku)
    BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\program files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\program files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
    FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-15]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
    CHR HomePage: Default -> hxxp://www.yessearches.com/?mode=nnnb&ptid=da...582A2B398477E1&v=20160421&ts=AHEqAH8oAnQoAE....
    CHR StartupUrls: Default -> "hxxp://www.yessearches.com/?mode=nnnb&ptid=dam&uid=0FC95CCA7F089DEF10582A2B398477E1&v=20160421&ts=AHEqAH8oAnQoAE.."
    CHR DefaultSearchURL: Default -> hxxp://www.nicesearches.com/search.php?type=d...7647ba4ae4769ebef88806eg0z0m0gbc4ceo2m0cbg&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> nice
    R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-07-17] (McAfee, Inc.)
    R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1000824 2018-05-14] (McAfee, LLC.)
    R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-05-14] (McAfee, LLC.)
    S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-05-14] (McAfee, Inc.)
    R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
    U3 a33747rd; Brak ImagePath
    2017-03-06 15:43 - 2017-03-21 14:09 - 000008164 _____ () C:\Program Files (x86)\metadata
    2015-07-31 10:08 - 2015-08-21 09:48 - 000000024 _____ () C:\Users\KuBa\AppData\Roaming\appdataFr25.bin
    2015-12-31 14:33 - 2015-12-31 14:33 - 000000000 _____ () C:\Users\KuBa\AppData\Roaming\mediaconverter.io.lock
    2016-01-02 18:26 - 2016-01-02 18:26 - 000000000 _____ () C:\Users\KuBa\AppData\Roaming\mediaload.io.lock
    2015-10-23 14:34 - 2015-10-23 14:34 - 000000600 _____ () C:\Users\KuBa\AppData\Roaming\winscp.rnd
    2018-03-28 11:56 - 2018-03-28 11:56 - 000140800 _____ () C:\Users\KuBa\AppData\Local\installer.dat
    2016-01-10 14:09 - 2016-01-10 14:09 - 000000000 ___SH () C:\Users\KuBa\AppData\Local\LumaEmu
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    Dodano po 1 [minuty]:

    Jak problem ustąpił to usuń C:\FRST i zamknij temat.

    0
  • Pomocny post
    #14 16 Sie 2018 16:27
    Kolobos
    Spec od komputerów

    Usun recznie te wyszukiwarki w Chrome oraz Firefox i zmien na google.

    0
  • Pomocny post
    #16 25 Sie 2018 01:52
    RADU23
    Moderator - Komputery Serwis

    Zamieść ponownie logi z FRST.

    0
  • Pomocny post
    #17 25 Sie 2018 11:04
    Kolobos
    Spec od komputerów

    Odinstaluj AVG PC TuneUp 2015

    Usuwam profil Chrome skoro i tak go nie masz.

    W Firefox zmien AdBlock na uBlock Origin.

    Wykonaj Fixlist.txt dla FRST:
    CloseProcesses:
    Task: {0AD91B18-00F1-46B8-96A1-DDE43333188A} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe
    Task: {102A2A0E-8F49-476C-B20F-38B311E35F77} - System32\Tasks\{AA1C0489-7441-4B8B-96EF-AD74FB558435} => E:\The Sims\The Sims 4\Game\Bin\TS4.exe
    Task: {102A7D8B-6CC0-4FFC-A266-1A3FA34E8C03} - System32\Tasks\{CDC83F4B-13F8-4FE1-9C2A-537AC0C93A25} => C:\Users\KuBa\Desktop\FOLDER DO MUZYK (1)\Sound_Injector.exe
    Task: {13FA5A02-5B38-4C7F-A314-435A2B179E3C} - System32\Tasks\InstallShield Update Service => C:\Users\KuBa\AppData\Roaming\Macromedia\ISSCH\issch.exe
    Task: {185518FC-9C8C-40F6-8AD4-C5427E4F4D73} - System32\Tasks\{F243C99D-FFAA-45C0-A347-A5850E1D0497} => C:\Games\Rise of the Tomb Raider\PLIKI\Rise of the Tomb Raider\ROTTR.exe
    Task: {1A32595F-3905-40C3-ADEA-5F8F5C99451C} - System32\Tasks\{A3AE7A1A-A95B-4EFF-8E09-C595E6E7EF2C} => C:\Users\KuBa\Desktop\TronReplacer.exe
    Task: {3FBCEA49-948F-41FC-B91C-4358727F2BA9} - System32\Tasks\Java Update Schedule => C:\Users\KuBa\AppData\Roaming\RHEng\Java\jusched.exe
    Task: {41EB0D48-613D-4C39-A402-BCE7932812C9} - System32\Tasks\{4A8773EF-1990-4A22-BF69-5FDFC5BF9E09} => E:\Fallout\Fallout 4\Fallout4Launcher.exe
    Task: {53C46840-0EE5-4B28-B07C-5499078AC157} - System32\Tasks\{DB55CC46-30C4-4636-9EFE-3D4C3E321223} => E:\The Sims\The Sims 4\Game\Bin\TS4.exe
    Task: {53C62ECB-F563-4989-B9FA-F9486C209B7E} - System32\Tasks\{DDD8B494-DE11-4DC6-891B-334ABC5AE643} => E:\MK 10\MK10\Binaries\Retail\MK10.exe
    Task: {6525E7F1-72B2-4579-B8C0-FB7B3C8435BE} - System32\Tasks\{12060637-942A-424F-854B-48D670AEF71F} => E:\L.A Noire\L.A\LANLauncher.exe
    Task: {667ECC1A-C494-42B6-837E-D1D5FB8748DB} - System32\Tasks\{B281F935-AE51-4BB9-ADC7-A9580EBE32F8} => E:\MK 10\MK10\Binaries\Retail\MK10.exe
    Task: {6D739BFF-6F88-4672-ABD7-EEB9EE7348D9} - System32\Tasks\{B9127F75-6138-4AD4-ABDA-BAD724C5B966} => D:\Dodatktowe Gry\Skyrim\The Elder Scrolls V Skyrim - Legendary Edition\SkyrimLauncher.exe
    Task: {762A6AB2-391A-49F6-94B3-6F1317DE19E1} - System32\Tasks\{62434376-6060-46F7-AD2E-1AD7E27E6086} => E:\sim city\Apps\SimCity 4.exe
    Task: {7961DE7C-0A46-4523-B0A4-2484ABD09B4E} - System32\Tasks\{DD1B8D58-B7E0-40A2-A41C-29043E6E751A} => E:\MK 10\MK10\Binaries\Retail\MK10.exe
    Task: {7E0DF934-430F-48BD-B4C3-B4DCF2E36794} - System32\Tasks\{0ECDD56F-2056-4D5C-B994-B7BBA973F179} => E:\fallout\Fallout 4\Fallout4Launcher.exe
    Task: {8153EE37-118C-4261-AE4D-6E1F632B2365} - System32\Tasks\{C91AFCF6-1D24-46FC-B690-DC9D332E5AC6} => C:\Users\KuBa\Desktop\TronReplacer.exe
    Task: {84E12D77-D2AF-438C-89AA-14882F5F2092} - System32\Tasks\{79CADB6D-EED5-43B0-B84B-B19E109E702B} => C:\Users\KuBa\AppData\Roaming\uTorrent\uTorrent.exe [2018-08-02] (BitTorrent Inc.)
    Task: {9180532F-37EE-4CD3-8DFB-44EA00C89D1C} - System32\Tasks\{0AA44E7B-0AA0-4407-8814-C4DF73915298} => E:\The Sims 4\The Sims 4\Game\Bin\TS4.exe
    Task: {92E547C9-6E6B-471A-942E-05B0E4502AC7} - System32\Tasks\{AC5294C8-58F9-49F7-80E8-156646E2D074} => C:\Users\KuBa\Desktop\TronReplacer.exe
    Task: {9B8CA9F3-D9E5-4DED-B526-AB70ABDD88C1} - System32\Tasks\{5CEEA823-4D6A-46C9-8A2F-E99DAF0F4E16} => C:\Program Files (x86)\Steam\Steam.exe
    Task: {A9954469-EEC4-4752-AEFE-CC4414BCBA28} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
    Task: {AA0984C6-4487-4509-B19B-A73682EB9E72} - System32\Tasks\{64906ABC-3B73-496E-9F08-02E0BF0AFAFB} => C:\Users\KuBa\Desktop\TronReplacer.exe
    Task: {C4095B55-317D-4DC0-99A7-7F8CE9CBB5FA} - System32\Tasks\{47DB1C44-A36C-4EDF-9610-D27EC2BF5853} => E:\fifa 16\FIFA 16 Super Deluxe Edition -SKIDROWCRACK\Launcher.exe
    Task: {CED252B7-4C9F-4EF9-9DE3-B4729D7624F8} - System32\Tasks\{E3E16EE6-52E6-4906-B62C-5F7C7BDBC6CF} => C:\Users\KuBa\Desktop\Tube Tycoon\TubeTycoon.exe
    Task: {DA304D14-EAF9-4D68-A965-4EF1412D8A0A} - System32\Tasks\{DA37DF07-9B65-4DEA-971E-8F8A92B0A1EC} => E:\Formuła\F1 2015\F1_2015.exe
    Task: {DB2E1FCD-DDD0-44E0-80C5-77FADF5CEBDB} - System32\Tasks\{CA38E7E1-ED6C-43CC-8089-F44DA8B2B45A} => C:\Users\KuBa\AppData\Roaming\uTorrent\uTorrent.exe [2018-08-02] (BitTorrent Inc.)
    Task: {DB799162-F35B-4F64-8B00-5D5592E8B0C4} - System32\Tasks\{9F66C28B-FC7A-4FA3-831B-70063BA4756F} => E:\MK 10\MK10\Binaries\Retail\MK10.exe
    Task: {DC399B06-E959-402A-8845-902178E16CC8} - System32\Tasks\{5A1C6ADE-EA0E-4AE1-B185-D9E45F71D544} => E:\assasins\Assasin's Creed Syndicate\Assassins Creed Syndicate\ACS.exe
    Task: {E6837737-CDA0-4AF1-A94D-2687F309C9E4} - System32\Tasks\{AE51C5B5-791B-4BFE-93E7-E7F3DB06C1AA} => E:\assasins\Assassin's Creed Unity\ACU.exe
    Task: {EEC7601F-8A49-48CB-AED2-547EB79C11CD} - System32\Tasks\{F0446FC6-5B79-4CE1-AA2E-1B2DD3D03416} => E:\The Sims 4\The Sims 4\Game\Bin\TS4.exe
    Task: {FDF23FFD-FB5E-4EE1-8F57-264F5CCC6A0F} - System32\Tasks\{4C48A979-9A09-47DE-B579-A166F46CEA71} => D:\Deamon\DAEMON Tools Lite\DTLauncher.exe
    Hosts:
    HKLM-x32\...\Run: [Smart File Advisor] => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
    HKLM-x32\...\Run: [SFAUpdater] => "C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe"
    HKU\S-1-5-21-3455255253-503408873-1182082362-1000\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
    Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
    URLSearchHook: HKLM-x32 -> Domyślne = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
    BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\program files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\program files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
    FF user.js: detected! => C:\Users\KuBa\AppData\Roaming\Mozilla\Firefox\Profiles\049qzy6p.default\user.js [2017-06-30]
    C:\Users\KuBa\AppData\Roaming\Mozilla\Firefox\Profiles\049qzy6p.default\Extensions\{44543b60-e1c1-4173-be0b-81c96bac3d41}.xpi
    FF Extension: (Wooden Seal 1.0.1) - C:\Users\KuBa\AppData\Roaming\Mozilla\Firefox\Profiles\049qzy6p.default\Extensions\{44543b60-e1c1-4173-be0b-81c96bac3d41}.xpi [2016-03-24] [Przestarzałe] [Brak podpisu cyfrowego]
    FF SearchPlugin: C:\Users\KuBa\AppData\Roaming\Mozilla\Firefox\Profiles\049qzy6p.default\searchplugins\avast-search.xml [2016-03-27]
    C:\Users\KuBa\AppData\Roaming\Mozilla\Firefox\Profiles\129oag1q.Domyślny kuuubba-1505998550367\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi
    FF Extension: (AdBlock) - C:\Users\KuBa\AppData\Roaming\Mozilla\Firefox\Profiles\129oag1q.Domyślny kuuubba-1505998550367\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2018-07-26]
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
    C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
    FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-15]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
    CHR DefaultProfile: Default
    CHR HomePage: Default -> hxxp://www.yessearches.com/?mode=nnnb&ptid=da...582A2B398477E1&v=20160421&ts=AHEqAH8oAnQoAE....
    CHR StartupUrls: Default -> "hxxp://www.yessearches.com/?mode=nnnb&ptid=dam&uid=0FC95CCA7F089DEF10582A2B398477E1&v=20160421&ts=AHEqAH8oAnQoAE.."
    CHR DefaultSearchURL: Default -> hxxp://www.nicesearches.com/search.php?type=d...7647ba4ae4769ebef88806eg0z0m0gbc4ceo2m0cbg&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> nice
    CHR Profile: C:\Users\KuBa\AppData\Local\Google\Chrome\User Data\Default [2018-03-28]
    C:\Users\KuBa\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Adblock Plus) - C:\Users\KuBa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-03]
    CHR Extension: (Brak nazwy) - C:\Users\KuBa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-02-01]
    CHR Extension: (Brak nazwy) - C:\Users\KuBa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbpabmjecillbmlhmkbibekmbnidhopk [2016-08-01]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\KuBa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-10]
    R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-07-17] (McAfee, Inc.)
    R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1000824 2018-05-14] (McAfee, LLC.)
    R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-05-14] (McAfee, LLC.)
    S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-05-14] (McAfee, Inc.)
    S3 DHCPArbSvc; "C:\Program Files\Common Files\System\svc\dllhost.exe"
    R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
    U3 a33747rd; Brak ImagePath
    2018-07-20 10:19 - 2016-12-16 16:07 - 000000000 ____D C:\Program Files (x86)\McAfee
    2017-03-06 15:43 - 2017-03-21 14:09 - 000008164 _____ () C:\Program Files (x86)\metadata
    2015-07-31 10:08 - 2015-08-21 09:48 - 000000024 _____ () C:\Users\KuBa\AppData\Roaming\appdataFr25.bin
    2015-12-31 14:33 - 2015-12-31 14:33 - 000000000 _____ () C:\Users\KuBa\AppData\Roaming\mediaconverter.io.lock
    2016-01-02 18:26 - 2016-01-02 18:26 - 000000000 _____ () C:\Users\KuBa\AppData\Roaming\mediaload.io.lock
    2018-03-28 11:56 - 2018-03-28 11:56 - 000140800 _____ () C:\Users\KuBa\AppData\Local\installer.dat

    Jezeli po wykonaniu adwc nadal bedzie wykrywal wyszukiwarke w FF to zgraj zakladki z Firefox'a i usun katalog profilu przegladarki.

    0
  • #18 31 Sie 2018 13:01
    Lordo50PL
    Poziom 7  

    Problem naprawiony pomogła mi inna osoba, która się bardziej na tym zna i pomogła mi rozwiązać ten problem. Powiedziała mi, że na komputerze jest tak dużo wirusów, że nie opłaca się czyścić tylko zrobić format. Po formacie wszystko śmiga szybciej i nie napotkałem na razie żadnego problemu :D Dziękuję wszystkim za pomoc ;)

    Dodano po 33 [sekundy]:

    Format komputera

    0
  Szukaj w 5mln produktów