Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Proxy samo ustawia się na 127.0.0.1:1080

zib7905 17 Paź 2018 12:29 87 2
  • #2 17 Paź 2018 21:30
    RADU23
    Moderator - Komputery Serwis

    Otwórz notatnik i wklej zawartość:

    Cytat:
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-2911970028-3146201854-3250218271-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.wp.pl/
    SearchScopes: HKU\S-1-5-21-2911970028-3146201854-3250218271-1001 -> {94DF2C10-9A12-4564-A270-EA9D21F20B7E} URL =
    BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> Brak pliku
    BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> Brak pliku
    U5 REALPLAYERUPDATESVC; Brak ImagePath
    S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
    2018-10-17 10:13 - 2018-10-17 10:15 - 000000000 ____D C:\AdwCleaner
    GPU Monitor (HKLM-x32\...\VLC Player GPU+11.041.44) (Version: 11.041.44 - GPU Usage) <==== UWAGA
    Update for PriceFountain (HKU\S-1-5-21-2911970028-3146201854-3250218271-1001\...\{29F4FA80-F5ED-458E-A3B4-180EA806F640}) (Version: - Update for PriceFountain) <==== UWAGA
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
    Task: {2445DBEB-7F8C-46B8-9D9F-E0B90BFE865D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA
    Task: {29EF082B-2E06-418E-8D67-56BDD1534C65} - \WPD\SqmUpload_S-1-5-21-2911970028-3146201854-3250218271-1001 -> Brak pliku <==== UWAGA
    Task: {2B8C9A49-B4A0-4BE6-876D-2E71201AE5A4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {33A2506A-3047-470E-A9C2-7C071524A843} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {4CBD723F-5FBF-451F-9A8F-A05D9178845C} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
    Task: {60FE40EF-C810-4AFB-88AD-521C35D49D76} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {668FC951-A6F5-45E7-AC97-B465B84D96AE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {66D941A9-59DD-440C-A77E-67160F13C535} - System32\Tasks\{69836E52-C3BE-43D6-B877-3AD5CAF53978} => C:\Windows\system32\pcalua.exe -a D:\Polski\Driver\Setup.exe -d D:\Polski\Driver
    Task: {6BA7D214-1906-4D45-9626-6044BC4E77F8} - \CCleanerSkipUAC -> Brak pliku <==== UWAGA
    Task: {6DCEE8A4-E62F-47B4-8195-FE0277A7C758} - System32\Tasks\{B9374B75-95A0-46E1-9A44-2EA07B3FE110} => C:\Windows\system32\pcalua.exe -a D:\Setup.exe -d D:\
    Task: {8458385D-FECD-4859-9452-13952DCFD4AA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {9D5D4512-2C3B-47EC-B05E-5F4C79550954} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA
    Task: {A9115B5B-88DD-48DF-9CF2-4B7415E002BE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Brak pliku <==== UWAGA
    Task: {AA8A4E51-DBFC-4D95-A2E2-4C8099461392} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {AE1E4B88-CBC3-4CBC-9311-ACC563250140} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {BDD3B4EE-9132-488E-913B-0384B91A4A10} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {DD871168-949A-4538-BA3F-8AB360224D1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {E402F0C9-8433-44D3-805D-47DA057414A2} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Brak pliku <==== UWAGA
    Task: {F3C698FA-7D59-4EDB-A782-4CDAE494F579} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [294]
    HKU\S-1-5-21-2911970028-3146201854-3250218271-1001\Software\Classes\exefile: <==== UWAGA
    HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Brak pliku)


    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #3 18 Paź 2018 08:36
    Kolobos
    Spec od komputerów

    Poprawny Fixlist.txt:
    CloseProcesses:
    2018-10-11 00:53 - 2018-10-11 00:53 - 002559504 ___RH () C:\ProgramData\EC3881DB\EC388164.dll
    2018-10-11 00:53 - 2018-10-11 00:53 - 001600016 ___RH () C:\ProgramData\EC3881DB\EC388132.dll
    HKU\S-1-5-21-2911970028-3146201854-3250218271-1001\Software\Classes\exefile: <==== UWAGA
    HKU\S-1-5-21-2911970028-3146201854-3250218271-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3884720 2017-10-04] (ALLPlayer.org)
    HKU\S-1-5-21-2911970028-3146201854-3250218271-1001\...\Run: [Napisy24Update] => C:\Program Files (x86)\Napisy24\Napisy24Update.exe [3990528 2017-10-04] (Napisy24.pl)
    HKU\S-1-5-21-2911970028-3146201854-3250218271-1001\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe [6168768 2016-09-15] (ALLPlayer Group Ltd.)
    Startup: C:\Users\ZBIGNIEW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iexplorer.lnk [2018-10-10]
    ShortcutTarget: iexplorer.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Hosts:
    BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> Brak pliku
    CHR HKLM-x32\...\Chrome\Extension: [heloeniedaijefpgpikdfhdjpojnndbn] - C:\Program Files (x86)\IDA\ida_chrome.crx [2014-01-14]
    CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
    R2 EC3881DB; C:\ProgramData\EC3881DB\EC388164.dll [2559504 2018-10-11] () [Brak podpisu cyfrowego]
    U5 REALPLAYERUPDATESVC; Brak ImagePath
    S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
    2018-10-17 10:13 - 2018-10-17 10:15 - 000000000 ____D C:\AdwCleaner
    2018-10-16 19:16 - 2018-10-16 19:16 - 000302080 _____ C:\Users\ZBIGNIEW\AppData\Roaming\mqJbWEGXBu.dll
    2018-10-15 12:21 - 2018-10-15 12:21 - 000309760 _____ C:\Users\ZBIGNIEW\AppData\Roaming\oqtySBfEkz.dll
    2018-10-14 08:40 - 2018-10-14 08:40 - 000315392 _____ C:\Users\ZBIGNIEW\AppData\Roaming\RI.dll
    2018-10-11 00:52 - 2018-10-17 11:26 - 000000000 ____D C:\ProgramData\EC3881DB
    RemoveProxy:

    0