Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Toshiba satellite Win 7 - Same się instalują programy

akexander_m 24 Lip 2015 22:31 435 2
  • #2 24 Lip 2015 22:50
    Kolobos
    Spec od komputerów

    Zgaduje, ze tym zainfekowales system:
    C:\Users\olo\Downloads\dispositivos+pci+ricoh+rl5c592+memory+stick+bus+host+adapter+drivers_10924_i35319087_il345.exe.zip
    usun ten plik.

    Fixlist.txt dla FRST:
    Task: {5E5016EC-537A-4835-89AA-7A6D18A78737} - System32\Tasks\PFExe => C:\Users\olo\AppData\Local\PriceFountain\pricefountain.exe
    () C:\Program Files\00000000-1437494236-0000-0000-000000000000\knst5022.tmp
    () C:\Program Files\00000000-1437494236-0000-0000-000000000000\jnslC18A.tmp
    HKLM\...\Run: [mbot_pl_014010037] => [X]
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    Tcpip\..\Interfaces\{e29ac6c2-7037-11de-816d-806e6f6e6963}: [NameServer] 52.17.204.69,8.8.8.8
    Tcpip\..\Interfaces\{EB3D70AF-7AB9-4ADA-9089-948193EB7877}: [NameServer] 52.17.204.69,8.8.8.8
    Tcpip\..\Interfaces\{F8F347E6-E3CE-41F9-B604-0BD3498104B7}: [NameServer] 52.17.204.69,8.8.8.8
    R2 hepulehy; C:\Program Files\00000000-1437494236-0000-0000-000000000000\knst5022.tmp [457728 2015-07-23] () [File not signed]
    R2 hyverumu; C:\Program Files\00000000-1437494236-0000-0000-000000000000\jnslC18A.tmp [209920 2015-07-21] () [File not signed]
    S2 Update Coupon Time; "C:\Program Files\Coupon Time\updateCouponTime.exe" [X]
    S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
    S1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]
    2015-07-24 22:15 - 2015-07-24 22:18 - 00000000 ____D C:\AdwCleaner
    2015-07-24 22:05 - 2015-07-24 22:05 - 00613255 _____ (CMI Limited) C:\Users\olo\AppData\Local\nse406D.tmp
    2015-07-24 19:36 - 2015-07-24 19:36 - 00613255 _____ (CMI Limited) C:\Users\olo\AppData\Local\nsiC93B.tmp
    2015-07-24 19:30 - 2015-07-24 22:01 - 00000000 ____D C:\Program Files\FriendlyError
    2015-07-24 18:32 - 2015-07-24 18:32 - 00613255 _____ (CMI Limited) C:\Users\olo\AppData\Local\nsmB183.tmp
    2015-07-24 18:30 - 2015-07-24 22:17 - 00000000 ____D C:\Users\olo\AppData\Local\SmartWeb
    2015-07-21 17:57 - 2015-07-24 21:21 - 00000000 ____D C:\Program Files\00000000-1437494236-0000-0000-000000000000
    EmptyTemp:

    0