Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Safe Finder (logi z FRST).

MajkSz 13 Lis 2015 21:36 723 1
  • #1 13 Lis 2015 21:36
    MajkSz
    Poziom 1  

    witam , mam problem z SAFE Finder, nie jest ustawiona jako pierwsza strona lecz kiedy wyszukuje w przegladarce Firefox to wyszukuje mi własnie na tym portalu
    w załącznikach logi z FRST

    0 1
  • #2 14 Lis 2015 00:16
    Kolobos
    Spec od komputerów

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    Task: {09BA9333-A887-4A24-A000-BA6A79483B1C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {0DA64E1D-1741-48AB-B802-32E25C721F74} - System32\Tasks\psv_SilCanair => cmd.exe /c regedit.exe /s "C:\ProgramData\Driptax\Touchtouch.reg" &amp; del "C:\ProgramData\Driptax\Touchtouch.reg" &amp; SCHTASKS /Delete /TN "psv_SilCanair" /F <==== UWAGA
    Task: {1884BE42-D46C-4315-9C4C-23D579E79EEF} - System32\Tasks\psv_Dom-Kix => cmd.exe /c regedit.exe /s "C:\ProgramData\Driptax\Sanflex.reg" &amp; del "C:\ProgramData\Driptax\Sanflex.reg" &amp; SCHTASKS /Delete /TN "psv_Dom-Kix" /F <==== UWAGA
    Task: {3B8053F2-0E38-4783-B0DF-30DBFFDD5C2E} - System32\Tasks\psv_Doublecof => cmd.exe /c regedit.exe /s "C:\ProgramData\Driptax\Reair.reg" &amp; del "C:\ProgramData\Driptax\Reair.reg" &amp; SCHTASKS /Delete /TN "psv_Doublecof" /F <==== UWAGA
    Task: {40A05C7D-0D1E-4EA1-88EB-196BB5DDB6AC} - System32\Tasks\psv_Sumrontrax => cmd.exe /c regedit.exe /s "C:\ProgramData\Driptax\Whitegokix.reg" &amp; del "C:\ProgramData\Driptax\Whitegokix.reg" &amp; SCHTASKS /Delete /TN "psv_Sumrontrax" /F <==== UWAGA
    Task: {458D5F87-52D5-41D9-812E-626E860F9368} - System32\Tasks\psv_Duo-Cof => cmd.exe /c regedit.exe /s "C:\ProgramData\Driptax\ToughSanlab.reg" &amp; del "C:\ProgramData\Driptax\ToughSanlab.reg" &amp; SCHTASKS /Delete /TN "psv_Duo-Cof" /F <==== UWAGA
    Task: {50E29DA1-7036-45D6-8803-2D190572D1A2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {59C0656E-4408-46C6-A492-EE7016282F90} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {68F269B2-13B3-4DD5-A5C7-AF3680D2AA5F} - System32\Tasks\psv_Bioex => cmd.exe /c regedit.exe /s "C:\ProgramData\Driptax\Softjob.reg" &amp; del "C:\ProgramData\Driptax\Softjob.reg" &amp; SCHTASKS /Delete /TN "psv_Bioex" /F <==== UWAGA
    Task: {74053BD9-6FE7-4007-8C68-B6B4C9FCC846} - System32\Tasks\psv_Toptech => cmd.exe /c regedit.exe /s "C:\ProgramData\Driptax\Vaiazuntough.reg" &amp; del "C:\ProgramData\Driptax\Vaiazuntough.reg" &amp; SCHTASKS /Delete /TN "psv_Toptech" /F <==== UWAGA
    Task: {7D8FFEDD-5D62-4973-9232-F604A3D5CE63} - System32\Tasks\psv_Stimstrong => cmd.exe /c regedit.exe /s "C:\ProgramData\Driptax\Blackjoynix.reg" &amp; del "C:\ProgramData\Driptax\Blackjoynix.reg" &amp; SCHTASKS /Delete /TN "psv_Stimstrong" /F <==== UWAGA
    Task: {A285A664-4B4A-4C10-B463-B9C4CE728B39} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {BD700162-3226-4CE8-BD2C-76F14640A770} - System32\Tasks\psv_Treelab => cmd.exe /c regedit.exe /s "C:\ProgramData\Driptax\Trisdox.reg" &amp; del "C:\ProgramData\Driptax\Trisdox.reg" &amp; SCHTASKS /Delete /TN "psv_Treelab" /F <==== UWAGA
    Task: {CCAF2EE4-A63E-4961-AB88-F388D63E0197} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA




    Task: {E8C8AD7D-87D0-4C55-9C2E-C87B035F2EC2} - System32\Tasks\psv_Zenfan => cmd.exe /c regedit.exe /s "C:\ProgramData\Driptax\Geofix.reg" &amp; del "C:\ProgramData\Driptax\Geofix.reg" &amp; SCHTASKS /Delete /TN "psv_Zenfan" /F <==== UWAGA
    () C:\ProgramData\Driptax\Driptax.exe
    AppInit_DLLs: C:\ProgramData\Driptax\Vialab.dll => C:\ProgramData\Driptax\Vialab.dll [883200 2015-10-01] ()
    AppInit_DLLs-x32: C:\ProgramData\Driptax\Hotflex.dll => C:\ProgramData\Driptax\Hotflex.dll [738816 2015-10-01] ()
    SearchScopes: HKLM -> {32E7C344-4C1F-4324-B047-A5BE844D6737} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?i...k%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
    SearchScopes: HKLM-x32 -> {32E7C344-4C1F-4324-B047-A5BE844D6737} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?i...k%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-3459045479-2110953306-3891903486-1001 -> {32E7C344-4C1F-4324-B047-A5BE844D6737} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?i...k%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-3459045479-2110953306-3891903486-1001 -> {ielnksrch} URL = hxxp://www.bing.com/search?q={searchTerms}
    BHO-x32: Brak nazwy -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Brak pliku
    CHR HKU\S-1-5-21-3459045479-2110953306-3891903486-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
    R2 Driptax; C:\ProgramData\\Driptax\\Driptax.exe [441856 2015-09-20] () [Brak podpisu cyfrowego]
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
    2015-11-13 20:20 - 2015-11-13 20:20 - 00003318 _____ C:\WINDOWS\System32\Tasks\psv_Treelab
    2015-11-13 20:01 - 2015-11-13 20:01 - 00003318 _____ C:\WINDOWS\System32\Tasks\psv_Doublecof
    2015-11-13 18:37 - 2015-11-13 18:37 - 00003342 _____ C:\WINDOWS\System32\Tasks\psv_Sumrontrax
    2015-11-12 19:05 - 2015-11-12 19:05 - 00000000 ____D C:\ProgramData\Driptaxs
    2015-10-18 14:13 - 2015-09-26 11:19 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
    EmptyTemp:

    W FRST wybierz Napraw.

    0