Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

DNS Unlocker - logi z FRST i prośba o analizę.

pedezet1991 29 Sie 2015 23:25 570 1
  • #2 31 Sie 2015 23:08
    Kolobos
    Spec od komputerów

    Fixlist.txt dla FRST:
    Task: {1C198959-9763-4B10-8E70-BEBDB5BD468D} - System32\Tasks\DNSNEWVILLE => dnsnewville.exe
    Task: {325C3B08-C178-4676-B3E9-667AFAA7115B} - System32\Tasks\SmartSpace => c:\programdata\{82ed7039-300f-f8a0-82ed-d7039300c0e4}\3268588128401843434b.exe <==== UWAGA
    Task: {471D6006-F3FC-48F9-81B6-E24DC2C69102} - System32\Tasks\BoodleBuddy => c:\programdata\{4b218a27-3153-cb0e-4b21-18a27315289c}\6856781588206619362b.exe <==== UWAGA
    Task: {54D6FC33-1A75-4418-9994-A4DC74DE7995} - System32\Tasks\InstantFame => c:\programdata\{0883940d-2e1c-f409-0883-3940d2e15034}\ekstraklasae-modv2.0pesnext.pl.exe-1436108642718.exe <==== UWAGA
    Task: {72FBF599-9F03-4CDE-9D33-41C43223B1CE} - System32\Tasks\VeganWiz => c:\programdata\{b2bf6e24-a6cf-4fda-b2bf-f6e24a6cb892}\7879897465623198942b.exe <==== UWAGA
    Task: {A9098040-F2BB-44DE-BCD3-F4F271D0F375} - System32\Tasks\PortEjector => c:\programdata\{5d09b555-f293-a8d4-5d09-9b555f29d557}\555869868396654094b.exe <==== UWAGA
    Task: {B284F45D-FD74-46DC-A624-517CAF292392} - System32\Tasks\SizeFixer => c:\programdata\{d482e3b5-54f9-44ec-d482-2e3b554f8ed5}\9056082381311110478b.exe <==== UWAGA
    Task: {BC915BDB-7338-4FFE-B83F-F99CC7835B62} - System32\Tasks\RunningBro => c:\programdata\{5de2ffd7-954d-0c0c-5de2-2ffd7954ff5e}\537570710224646022b.exe <==== UWAGA
    Task: {C753DDCC-CA66-4DD0-8A66-E28D1C5FF63B} - System32\Tasks\LiveSignal => c:\programdata\{86ce4a3a-5d02-8715-86ce-e4a3a5d028e9}\3396442230072353812b.exe <==== UWAGA
    Task: C:\Windows\Tasks\BoodleBuddy.job => c:\programdata\{4b218a27-3153-cb0e-4b21-18a27315289c}\6856781588206619362b.exe <==== UWAGA
    Task: C:\Windows\Tasks\InstantFame.job => c:\programdata\{0883940d-2e1c-f409-0883-3940d2e15034}\ekstraklasae-modv2.0pesnext.pl.exe-1436108642718.exe <==== UWAGA
    Task: C:\Windows\Tasks\LiveSignal.job => c:\programdata\{86ce4a3a-5d02-8715-86ce-e4a3a5d028e9}\3396442230072353812b.exe <==== UWAGA
    Task: C:\Windows\Tasks\PortEjector.job => c:\programdata\{5d09b555-f293-a8d4-5d09-9b555f29d557}\555869868396654094b.exe <==== UWAGA
    Task: C:\Windows\Tasks\RunningBro.job => c:\programdata\{5de2ffd7-954d-0c0c-5de2-2ffd7954ff5e}\537570710224646022b.exe <==== UWAGA
    Task: C:\Windows\Tasks\SizeFixer.job => c:\programdata\{d482e3b5-54f9-44ec-d482-2e3b554f8ed5}\9056082381311110478b.exe <==== UWAGA
    Task: C:\Windows\Tasks\SmartSpace.job => c:\programdata\{82ed7039-300f-f8a0-82ed-d7039300c0e4}\3268588128401843434b.exe <==== UWAGA
    Task: C:\Windows\Tasks\VeganWiz.job => c:\programdata\{b2bf6e24-a6cf-4fda-b2bf-f6e24a6cb892}\7879897465623198942b.exe <==== UWAGA
    IE trusted site: HKU\S-1-5-21-1852539511-725543616-2630867930-1000\...\mks.com.pl -> hxxp://www.mks.com.pl
    () C:\Program Files\Outrageous Football\Outrageous Football.exe




    ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll Brak pliku
    ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll Brak pliku
    ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll Brak pliku
    GroupPolicy: Zasady grupy Chrome wykryto <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Zasada ograniczeń <======= UWAGA
    CHR HKU\S-1-5-21-1852539511-725543616-2630867930-1000\SOFTWARE\Policies\Google: Zasada ograniczeń <======= UWAGA
    CHR HKU\S-1-5-21-1852539511-725543616-2630867930-1003\SOFTWARE\Policies\Google: Zasada ograniczeń <======= UWAGA
    Tcpip\..\Interfaces\{1E0FE20A-7FD7-4397-B0BC-A732E30E505F}: [NameServer] 82.163.143.169,199.203.131.145
    Tcpip\..\Interfaces\{6C62E58D-3A3A-4544-BB2B-294DB94A5E70}: [NameServer] 82.163.143.169,199.203.131.145
    Tcpip\..\Interfaces\{BCBDE79C-E922-4ADB-A0B8-B0D7849A8B49}: [NameServer] 82.163.143.169,82.163.142.171
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Zasada ograniczeń <======= UWAGA
    HKU\S-1-5-21-1852539511-725543616-2630867930-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Zasada ograniczeń <======= UWAGA
    SearchScopes: HKU\S-1-5-21-1852539511-725543616-2630867930-1000 -> URL hxxp://search.conduit.com/Results.aspx?gd=&am...SP1878D0AF-FADE-418E-9250-F635ACC46425&q={searchTerms}&SSPV=
    CHR Extension: (uTorrentControl_v6) - C:\Users\Walter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp [2015-08-30]
    CHR HKLM\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Walter\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-09-16]
    CHR HKU\S-1-5-21-1852539511-725543616-2630867930-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Walter\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-09-16]
    CHR HKU\S-1-5-21-1852539511-725543616-2630867930-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Users\Walter\AppData\Local\AdTrustMedia\PrivDog\PrivDog_chrome.crx <nie znaleziono>
    R2 Outrageous Football; C:\Program Files\Outrageous Football\Outrageous Football.exe [8016510 2015-07-12] () [Brak podpisu cyfrowego] <==== UWAGA
    S3 MkS_Scan; C:\Program Files\mks_vir_2007\bin\mks_scan.exe [X]
    S2 Privacy Content Firewall; "C:\Program Files\AdTrustMedia\PrivDog\3.0.108.0\PrivDogService.exe" [X]
    S3 catchme; \??\C:\Users\Walter\AppData\Local\Temp\catchme.sys [X]
    S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2015-08-30 13:43 - 2015-08-30 13:47 - 00000000 ____D C:\AdwCleaner
    2015-08-11 23:31 - 2015-08-11 23:31 - 00000000 ____D C:\ProgramData\ahdofmjhenifgnbdcpocgnlgphfhckcb
    2015-08-09 05:16 - 2015-08-31 17:16 - 00000356 _____ C:\Windows\Tasks\VeganWiz.job
    2015-08-08 17:04 - 2015-08-31 17:04 - 00000356 _____ C:\Windows\Tasks\SmartSpace.job
    2015-08-06 23:04 - 2015-08-31 17:04 - 00000354 _____ C:\Windows\Tasks\RunningBro.job
    2015-08-05 23:04 - 2015-08-31 17:04 - 00000356 _____ C:\Windows\Tasks\SizeFixer.job
    2015-08-04 23:04 - 2015-08-31 17:04 - 00000354 _____ C:\Windows\Tasks\PortEjector.job
    2015-08-04 11:04 - 2015-08-31 17:04 - 00000356 _____ C:\Windows\Tasks\BoodleBuddy.job
    2015-08-03 11:04 - 2015-08-31 17:04 - 00000356 _____ C:\Windows\Tasks\LiveSignal.job
    EmptyTemp:

    0