Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Podłączenie do sality - sprawdzenie logów

kcilah 22 Gru 2015 13:58 537 1
  • #1 22 Gru 2015 13:58
    kcilah
    Poziom 1  

    Witam, Cybertarcza Orange zablokowała mi Internet, ponoć byłem podłączony do sality. Odblokowałem neta i sprawdziłem kompa, zalecanym przez nich ESET Online scannner wykrył mi parę "szkodliwych" aplikacji, ale były to instalki programów, więc to chyba nie to :). Dodatkowo przeskanowany avastem(czysty), malwarebytes anti-malware(36 szkodliwych - usunięte), kaspersky sality killer(czysty) oraz FRST, logi w załączniku - proszę o sprawdzenie :)

    0 1
  • CControls
  • #2 22 Gru 2015 14:03
    Kolobos
    Spec od komputerów

    Nic ciekawego tutaj nie ma.

    Fixlist.txt dla FRST:
    Task: {5F2C1894-4B7F-4047-BF5D-BE8826A57229} - System32\Tasks\{D5815889-3863-4D7B-A5FF-41C268A44DAD} => pcalua.exe -a E:\start.exe -d E:\
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001\...\MountPoints2: {16efc6bb-6a7e-11e4-8250-001a4d52112a} - "F:\setup.exe"
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001\...\MountPoints2: {3f535dd2-98ca-11e4-825f-001a4d52112a} - "L:\Install.exe"
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001\...\MountPoints2: {5f3925d1-fff0-11e4-8288-001a4d52112a} - "I:\LG_PC_Programs.exe"
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001\...\MountPoints2: {ab6256d9-391e-11e5-828e-001a4d52112a} - "I:\start.exe"
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001\...\MountPoints2: {ff9084a1-7c86-11e4-825b-001a4d52112a} - "G:\Startme.exe"
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {16efc6bb-6a7e-11e4-8250-001a4d52112a} - "F:\setup.exe"
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3f535dd2-98ca-11e4-825f-001a4d52112a} - "L:\Install.exe"
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5f3925d1-fff0-11e4-8288-001a4d52112a} - "I:\LG_PC_Programs.exe"
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ab6256d9-391e-11e5-828e-001a4d52112a} - "I:\start.exe"
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ff9084a1-7c86-11e4-825b-001a4d52112a} - "G:\Startme.exe"
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&...XHDT725032VLA360_VFD200R2CUPZ8LCUPZ8LX&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&...XHDT725032VLA360_VFD200R2CUPZ8LCUPZ8LX&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&...XHDT725032VLA360_VFD200R2CUPZ8LCUPZ8LX&q={searchTerms}




    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&...XHDT725032VLA360_VFD200R2CUPZ8LCUPZ8LX&q={searchTerms}
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=ds&am...XHDT725032VLA360_VFD200R2CUPZ8LCUPZ8LX&q={searchTerms}
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&am...XHDT725032VLA360_VFD200R2CUPZ8LCUPZ8LX&q={searchTerms}
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=ds&am...XHDT725032VLA360_VFD200R2CUPZ8LCUPZ8LX&q={searchTerms}
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-1593402948-1525311972-227039554-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&am...XHDT725032VLA360_VFD200R2CUPZ8LCUPZ8LX&q={searchTerms}
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=...HitachiXHDT725032VLA360_VFD200R2CUPZ8LCUPZ8LX
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml [2014-12-18]
    CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
    CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
    EmptyTemp:

    1