S.coldsearch/bing


(Horamite) #1

proszę o pomoc w usunięciu

http://www.wklej.org/id/1873282/

http://www.wklej.org/id/1873283/

http://www.wklej.org/id/1873284/

 


(Atis) #2

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKU\S-1-5-21-1897044860-2300190798-3642829595-1001\...\Run: [AdobeBridge] = [X]
GroupPolicy: Ograniczenia - Chrome ======= UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia ======= UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
SearchScopes: HKLM - DefaultScope - brak wartości
SearchScopes: HKLM-x32 - DefaultScope - brak wartości
SearchScopes: HKU\S-1-5-21-1897044860-2300190798-3642829595-1001 - {5487189B-DECD-4B39-A6C9-1F13B4AA79D2} URL =
CHR HKU\S-1-5-21-1897044860-2300190798-3642829595-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-10] ()
2015-12-10 15:55 - 2015-12-10 16:21 - 00000000 ____ D C:\AdwCleaner
2015-12-10 15:12 - 2015-12-10 15:12 - 00000000 _____ C:\autoexec.bat
2015-12-10 15:10 - 2015-12-10 15:10 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Agata\Downloads\SpyHunter-Installer.exe
2015-12-10 15:10 - 2015-12-10 15:10 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2015-10-02 15:46 - 2015-10-02 16:58 - 0000021 _____ () C:\ProgramData\settings.cfg
Task: {1E566A82-1AB7-4D21-B434-342011A011C7} - System32\Tasks\{E2534DF6-F3D1-46B0-8D52-458F30738456} = pcalua.exe -a F:\setup\Setup.exe -d F:\setup
Task: {363A2EDE-5C4D-4AEE-91DD-FCA2E7E11212} - System32\Tasks\{A5242D0F-C034-4112-9036-A33484383461} = pcalua.exe -a F:\Uruchom.exe -d F:\
Task: {73E78C23-6BFC-4B49-8720-F13DC4B97775} - System32\Tasks\klcp_update = C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-10-16] ()
Task: {87D884DA-6241-4B74-B440-A8399B166712} - \Microsoft\Windows\Setup\gwx\launchtrayprocess - Brak pliku ==== UWAGA
Task: {A6A8A34A-5EFF-4DCC-B47B-31D9A7883B89} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - Brak pliku ==== UWAGA
Task: {A930D340-28A6-4176-BDF1-5B23968210EC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - Brak pliku ==== UWAGA
Task: {ADCCC035-7432-4F95-9A2D-EC3A26B24DB3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent - Brak pliku ==== UWAGA
Task: {D114E6EF-3C8F-4C63-9702-7F253E433481} - System32\Tasks\{D8EF2A16-4A94-4225-82A5-DA8EF9765177} = pcalua.exe -a F:\setup\Setup.exe -d F:\setup
Task: {F3A093B2-92E9-4E94-B861-9BEA00DB75A6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig - Brak pliku ==== UWAGA
EmptyTemp:

Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.

 


(Horamite) #3

http://www.wklej.org/id/1873300/

http://www.wklej.org/id/1873305/

 

dzięki!


(Atis) #4

Skasuj folder C:\FRST