Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

fix do frst - brak możliwości zmiany wyszukiwarki Google

Faker196 03 Gru 2015 16:55 462 4
  • #2 03 Gru 2015 16:59
    Acorus 20
    Spec od komputerów

    Brak loga Addition.txt

    0
  • #4 03 Gru 2015 18:01
    Acorus 20
    Spec od komputerów

    Odinstaluj Spybot - Search & Destroy. Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {04F9E8C6-0560-433F-8C29-5A0B84B39646} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {7164BDB6-CA40-4EB2-804D-D64BD3FFA886} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {BE719759-A272-4AED-866E-E8D6948369CD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {BFB4CCD7-94CD-4C91-AF6E-02D33AAEA71F} - System32\Tasks\ExpertDJ => c:\programdata\{e28461ce-c374-3e14-e284-461cec37873b}\plants_vs_zombies_2_full_setup.exe.exe <==== UWAGA
    Task: C:\Windows\Tasks\ExpertDJ.job => c:\programdata\{e28461ce-c374-3e14-e284-461cec37873b}\plants_vs_zombies_2_full_setup.exe.exe <==== UWAGA
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-1013569868-2627820459-2949584685-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-21-1013569868-2627820459-2949584685-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
    BootExecute: autocheck autochk * sdnclean64.exe
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    GroupPolicyScripts: Ograniczenia <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    AutoConfigURL: [S-1-5-21-1013569868-2627820459-2949584685-1000] => hxxp://unstopp.me/wpad.dat?efb492686cefbf22fd5a6e0dfd3082562127833
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    URLSearchHook: HKU\S-1-5-21-1013569868-2627820459-2949584685-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll Brak pliku
    URLSearchHook: HKU\S-1-5-21-1013569868-2627820459-2949584685-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll Brak pliku
    SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL =
    SearchScopes: HKU\S-1-5-21-1013569868-2627820459-2949584685-1000 -> {E551D74B-007A-45a9-9F47-6169CE975BF9} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
    SearchScopes: HKU\S-1-5-21-1013569868-2627820459-2949584685-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL =
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    S3 TBPanel; Brak ImagePath
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 VIAHdAudAddService; system32\drivers\viahduaa.sys [X]
    2015-12-03 16:48 - 2015-12-03 16:50 - 00000000 ____D C:\AdwCleaner
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Masz zainfekowany router-wykonaj https://www.elektroda.pl/rtvforum/topic2874173.html#13841246

    0
  • #5 03 Gru 2015 18:31
    Faker196
    Poziom 2  

    Dziękuję za pomoc! W weekend ogarnę router.

    0