Chiński program. Nie mogę go odinstalować

frasu23 · 3 Grudzień 2015 21:42

Witam. Na mój komputer przez przypadek został ściągnięty jakiś chiński wirus którego w żaden sposób nie można usunąć z Windowsa XP.

Używałem już programu adwcleaner i Malwarebytes Anti-Malware lecz to nie pomaga.

Załączam logi:

FRST.txt

Addition.txt

Rkill.txt

Atis · 4 Grudzień 2015 14:35

Zapisując Fixlist kodowanie ustaw na UTF-8

CloseProcesses:
HKLM\...\Run: [KernelFaultCheck] = %systemroot%\system32\dumprep 0 -k
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=90820167_hao_pg
HKU\S-1-5-21-1957994488-764733703-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=90820167_hao_pg
URLSearchHook: [S-1-5-21-1957994488-764733703-839522115-1006] UWAGA = Brak domyślnego URLSearchHook
R2 QQPCRTP; C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCRTP.exe [301728 2015-11-23] (Tencent)
S3 AntiRk; C:\WINDOWS\System32\Drivers\AntiRk.sys [35768 2014-09-17] (Tencent)
R1 QMIEProtect; C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QMIEProtect.sys [50360 2015-11-20] ()
R1 QMUdisk; C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QMUdisk.sys [78776 2015-11-16] (Tencent)
R2 QQSysMon; C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQSysMon.sys [108984 2015-11-23] (电脑管家)
R3 softaal; C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\softaal.sys [36280 2015-11-23] (Tencent)
R2 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator.sys [115944 2015-11-23] (Tencent)
R2 TAOKernelDriver; C:\WINDOWS\system32\Drivers\TAOKernelXP.sys [138552 2015-11-23] (Tencent Technology(Shenzhen) Company Limited)
R1 TFsFlt; C:\WINDOWS\System32\Drivers\TFsFlt.sys [150072 2015-11-23] (电脑管家)
R3 TS888; C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\TS888.sys [30392 2015-12-03] (Tencent)
R1 TSDefenseBt; C:\WINDOWS\System32\DRIVERS\TSDefenseBt.sys [14008 2015-11-23] (Tencent)
R0 TsFltMgr; C:\WINDOWS\System32\drivers\TsFltMgr.sys [126776 2015-10-30] (电脑管家)
R1 TSKSP; C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\TSKsp.sys [210072 2015-11-23] (电脑管家)
R1 TSSysKit; C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\TSSysKit.sys [101560 2015-11-23] (电脑管家)
S3 dump_wmimmc; \??\D:\Program Files\GameforgeLive\Games\POL_pol\Metin2\GameGuard\dump_wmimmc.sys [X]
S4 IntelIde; Brak ImagePath
2015-12-03 20:34 - 2015-12-03 00:02 - 00030392 _____ (Tencent) C:\WINDOWS\system32\Drivers\TS888.sys
2015-12-03 20:34 - 2015-11-23 14:46 - 00115944 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator.sys
2015-12-03 20:34 - 2015-11-23 07:13 - 00138552 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelXP.sys
2015-12-03 20:33 - 2015-12-03 20:33 - 00000000 ____ D C:\Program Files\Common Files\Tencent
2015-12-03 20:33 - 2015-12-03 00:01 - 00000000 ____ D C:\Documents and Settings\Konrad\Dane aplikacji\Tencent
2015-11-24 06:36 - 2015-12-03 20:36 - 00000000 ____ D C:\AdwCleaner
2015-11-24 06:28 - 2014-09-17 15:44 - 00035768 _____ (Tencent) C:\WINDOWS\system32\Drivers\AntiRk.sys
2015-11-24 06:14 - 2015-11-24 06:14 - 00000000 ____ D C:\QMDownload
2015-11-24 02:06 - 2015-11-24 02:07 - 00000000 ____ D C:\Program Files\MTV20151125
2015-11-24 01:20 - 2015-11-24 01:20 - 00000000 ____ D C:\Documents and Settings\Tata\Dane aplikacji\dissect
2015-11-23 14:56 - 2015-11-23 14:56 - 00000000 ____ D C:\Documents and Settings\All Users\tencent
2015-11-23 13:32 - 2015-11-23 13:32 - 00000000 ____ D C:\Documents and Settings\Konrad\Dane aplikacji\ADSafe3
2015-11-23 09:31 - 2015-11-23 09:31 - 00000000 ____ D C:\Documents and Settings\Konrad\Dane aplikacji\dissect
2015-11-23 09:31 - 2015-11-23 09:31 - 00000000 ____ D C:\Documents and Settings\Konrad\.android
2015-11-23 09:30 - 2015-11-24 06:43 - 00000000 ____ D C:\Program Files\ADSafe
2015-11-23 09:30 - 2015-11-23 13:32 - 00001504 _____ C:\Documents and Settings\Konrad\Menu Start\Programy\.lnk
2015-11-23 07:14 - 2015-11-23 07:13 - 00014008 ____ N (Tencent) C:\WINDOWS\system32\Drivers\TSDefenseBt.sys
2015-11-23 07:13 - 2015-11-23 07:13 - 00150072 ____ N (电脑管家) C:\WINDOWS\system32\Drivers\TFsFlt.sys
2015-11-23 07:13 - 2015-11-23 07:13 - 00000839 _____ C:\Documents and Settings\All Users\Menu Start\强力卸载电脑上的软件 .lnk
2015-11-23 07:13 - 2015-10-30 18:18 - 00126776 ____ N (电脑管家) C:\WINDOWS\system32\Drivers\TsFltMgr.sys
2015-11-22 07:11 - 2015-11-22 07:11 - 00000000 ____ D C:\WINDOWS\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2015-11-22 05:44 - 2015-11-23 07:13 - 00067896 ____ N (电脑管家) C:\WINDOWS\system32\TSSK.sys
2015-11-22 05:44 - 2015-11-22 05:44 - 00005120 _____ C:\Documents and Settings\Konrad\Dane aplikacji\GiftBag.db
2015-11-22 05:43 - 2015-12-03 00:01 - 00000000 ____ D C:\Documents and Settings\All Users\Dane aplikacji\Tencent
2015-11-22 05:43 - 2015-11-22 05:43 - 00000000 ____ D C:\Documents and Settings\LocalService\Dane aplikacji\Tencent
2015-11-22 05:43 - 2015-11-22 05:43 - 00000000 ____ D C:\Documents and Settings\All Users\TXQMPC
2015-11-22 05:41 - 2015-11-24 06:38 - 00000000 ____ D C:\Program Files\Tencent
Task: C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job = C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job = C:\WINDOWS\system32\xp_eos.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16908.217\QMAccountProtection.exe] = Enabled:????-???
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCmgrInstallGuide.exe] = Enabled:????-????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCTray.exe] = Enabled:????-????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCMgr.exe] = Enabled:????-???
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCRTP.exe] = Enabled:????-??????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QMDL.exe] = Enabled:????-????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\bugreport.exe] = Enabled:????-crash??
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCFileOpen.exe] = Enabled:????-??????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCLeakScan.exe] = Enabled:????-????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPConfig.exe] = Enabled:????-????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCSoftMgr.exe] = Enabled:????-????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\plugins\QMNetMon\QQPCNetFlow.exe] = Enabled:????-??????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCBTU.exe] = Enabled:????-????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCClinic.exe] = Enabled:????-????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCLaunch.exe] = Enabled:????-QQPCLaunch
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QMUpdate\QQPCMgrUpdate.exe] = Enabled:????-?????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCSoftGame.exe] = Enabled:????-QQPCSoftGame
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCSysOptimize.exe] = Enabled:????-????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCUpdateAVLib.exe] = Enabled:????-?????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQRepair.exe] = Enabled:????-???
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\Uninst.exe] = Enabled:????-????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCPatch.exe] = Enabled:????-QQPCPatch
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\TpkUpdate.exe] = Enabled:????-?????????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QMRouterMgr.exe] = Enabled:????-?????
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QMAccountProtection.exe] = Enabled:????-???
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QMAdBlock.exe] = Enabled:????-????
DomainProfile\AuthorizedApplications: [c:\program files\common files\tencent\qqdownload\130\tencentdl.exe] = Enabled:腾讯产品下载组件
DomainProfile\AuthorizedApplications: [c:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe] = Enabled:腾讯产品下载组件Crash上报
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQRepair.exe] = Disabled:????-???
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCMgr.exe] = Disabled:????-???
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QMAccountProtection.exe] = Disabled:????-???
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16908.217\QMAccountProtection.exe] = Disabled:????-???
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\Uninst.exe] = Disabled:????-????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCTray.exe] = Disabled:????-????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCSysOptimize.exe] = Disabled:????-????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCSoftMgr.exe] = Disabled:????-????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPConfig.exe] = Disabled:????-????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCmgrInstallGuide.exe] = Disabled:????-????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCLeakScan.exe] = Disabled:????-????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCClinic.exe] = Disabled:????-????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCBTU.exe] = Disabled:????-????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QMDL.exe] = Disabled:????-????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QMAdBlock.exe] = Disabled:????-????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCUpdateAVLib.exe] = Disabled:????-?????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QMUpdate\QQPCMgrUpdate.exe] = Disabled:????-?????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QMRouterMgr.exe] = Disabled:????-?????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCRTP.exe] = Disabled:????-??????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCFileOpen.exe] = Disabled:????-??????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\plugins\QMNetMon\QQPCNetFlow.exe] = Disabled:????-??????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\TpkUpdate.exe] = Disabled:????-?????????
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\bugreport.exe] = Disabled:????-crash??
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCLaunch.exe] = Disabled:????-QQPCLaunch
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCPatch.exe] = Disabled:????-QQPCPatch
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.1.16924.223\QQPCSoftGame.exe] = Disabled:????-QQPCSoftGame
StandardProfile\AuthorizedApplications: [c:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe] = Disabled:腾讯产品下载组件Crash上报
File: C:\WINDOWS\system32\Drivers\tcpip.sys
EmptyTemp:

Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.