Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o sprawdzenie logów - F - Niechciane reklamy

91and1 09 Lis 2015 18:27 840 1
  • CControls
  • Pomocny post
    #2 09 Lis 2015 18:53
    Kolobos
    Spec od komputerów

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    Task: {1015DC0C-8D46-4A23-ADB9-3BB2DEA7A9E4} - System32\Tasks\IT Viewer Schedualer => C:\Program Files (x86)\IT Viewer\astask.exe [2015-11-09] (West CH Soft) <==== UWAGA
    Task: {224E4EDF-3F02-4B91-B922-B162AE834A9E} - System32\Tasks\Security Menager => C:\Users\Lukasz\AppData\Roaming\Security Menager\Security Menager.exe [2015-11-09] ()
    () C:\Program Files (x86)\RayDld\ihpmServer.exe
    (The Privoxy team - www.privoxy.org) C:\Program Files (x86)\IT Viewer\privoxy.exe
    HKU\S-1-5-21-1201073500-2726374835-3480241561-1000\...\MountPoints2: {3ec97884-86bd-11e5-b5cd-00262d875c3d} - G:\SETUP.EXE
    HKU\S-1-5-21-1201073500-2726374835-3480241561-1000\...\MountPoints2: {3ec97e06-86bd-11e5-b5cd-00262d875c3d} - H:\win32\_wizard_.exe
    Startup: C:\Users\Lukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HDDlife.lnk [2015-11-09]
    ShortcutTarget: HDDlife.lnk -> C:\Program Files (x86)\BinarySense\HDDlife 4\HDDlifePro.exe (Brak pliku)
    ProxyEnable: [S-1-5-21-1201073500-2726374835-3480241561-1000] => Proxy [funkcja włączona]
    ProxyServer: [S-1-5-21-1201073500-2726374835-3480241561-1000] => 127.0.0.1:8118
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1447...xhts721075a9e630_jr13006r01zujf01zujfx&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1447...xhts721075a9e630_jr13006r01zujf01zujfx&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1447...xhts721075a9e630_jr13006r01zujf01zujfx&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1447...xhts721075a9e630_jr13006r01zujf01zujfx&q={searchTerms}
    SearchScopes: HKLM -> DefaultScope - brak wartości
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Lukasz\AppData\Roaming\Mozilla\Firefox\Profiles\zydi87d8.default\extensions\deskCutv2@gmail.com => nie znaleziono
    R2 ihpmServer; C:\Program Files (x86)\RayDld\ihpmServer.exe [271592 2015-11-03] ()
    R2 PrivoxyService; C:\Program Files (x86)\IT Viewer\privoxy.exe [371200 2015-11-09] (The Privoxy team - www.privoxy.org) [Brak podpisu cyfrowego] <==== UWAGA
    2015-11-09 13:46 - 2015-11-09 13:46 - 00003252 _____ C:\Windows\System32\Tasks\IT Viewer Schedualer
    2015-11-09 13:39 - 2015-11-09 13:39 - 00003304 _____ C:\Windows\System32\Tasks\Security Menager
    2015-11-09 13:39 - 2015-11-09 13:39 - 00000000 ____D C:\Users\Lukasz\AppData\Roaming\Security Menager
    2015-11-09 13:39 - 2015-11-09 13:39 - 00000000 ____D C:\Program Files (x86)\IT Viewer
    C:\Program Files (x86)\RayDld\
    EmptyTemp:

    W FRST wybierz Napraw.

    0