Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Włączają się reklamy - Logi FRST.

kiproonex 18 Sty 2016 21:20 543 1
  • CControls
  • Pomocny post
    #2 18 Sty 2016 21:56
    krzychupar
    Poziom 40  

    Odinstaluj
    sweet-page
    uTorrent Packages
    Otwórz notatnik systemowy i wklej:
    Task: {052D2363-2F9C-4E02-BC3E-B4EE54EEE110} - System32\Tasks\PhotocopiedUnifyingV2 => Rundll32.exe HuntressesMandamus.dll,main 7 1 <==== UWAGA
    Task: {4034E8AE-E15B-43C5-B777-740B57DE4226} - System32\Tasks\Price Fountain => C:\Users\Agata\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== UWAGA
    Task: {74740619-2D9B-456D-9365-633CABA80119} - \Adobe Flash box Files Update Ver 2015928 -> Brak pliku <==== UWAGA
    TTask: C:\Windows\Tasks\Price Fountain.job => C:\Users\Agata\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== UWAGA
    HKU\S-1-5-21-1137720757-3332890643-2744402656-1000\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-1137720757-3332890643-2744402656-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
    HKU\S-1-5-21-1137720757-3332890643-2744402656-1000\...\MountPoints2: G - G:\setup.exe
    HKU\S-1-5-21-1137720757-3332890643-2744402656-1000\...\MountPoints2: {4e82f4f5-69cf-11e5-bc64-e03f4985b2c8} - H:\.\Driver\DriverInstaller.exe -eject
    HKU\S-1-5-21-1137720757-3332890643-2744402656-1000\...\MountPoints2: {527d116c-2ef7-11e5-a084-e03f4985b2c8} - H:\.\Driver\DriverInstaller.exe -eject
    HKU\S-1-5-21-1137720757-3332890643-2744402656-1000\...\MountPoints2: {8126723a-2c22-11e4-b6c1-e03f4985b2c8} - G:\setup.exe
    HKU\S-1-5-21-1137720757-3332890643-2744402656-1000\...\MountPoints2: {9a46688a-b47b-11e4-ab7a-e03f4985b2c8} - G:\Autorun.exe
    HKU\S-1-5-21-1137720757-3332890643-2744402656-1000\...\MountPoints2: {f42f636a-64b2-11e4-819c-e03f4985b2c8} - G:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
    SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}




    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1137720757-3332890643-2744402656-1000 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1137720757-3332890643-2744402656-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    FF NewTab: hxxp://www.sweet-page.com/newtab/?type=nt&...p;uid=st2000dm001-1ch164_z1e6tmq6xxxxz1e6tmq6
    FF DefaultSearchEngine: sweet-page
    FF SearchEngineOrder.1: Google
    FF SelectedSearchEngine: Google
    FF SearchPlugin: C:\Users\Agata\AppData\Roaming\Mozilla\Firefox\Profiles\gyyzabjm.default-1443466777617\searchplugins\sweet-page.xml [2015-12-29]
    CHR HomePage: Default -> hxxp://www.sweet-page.com/?type=hp&ts=145...p;uid=st2000dm001-1ch164_z1e6tmq6xxxxz1e6tmq6
    CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1451392179&z=e30c9379326d88dc0904a24gcz5wagecctdo9g8mct&from=cor&uid=st2000dm001-1ch164_z1e6tmq6xxxxz1e6tmq6"
    CHR DefaultSearchURL: Default -> hxxp://sweet-page.com/web/?type=ds&ts=145...t2000dm001-1ch164_z1e6tmq6xxxxz1e6tmq6&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> sweet-page
    S2 appstoreService; C:\Program Files (x86)\iSafe\appstore\appstoreSvc.exe [X]
    U3 assiv1x9; C:\Windows\System32\Drivers\assiv1x9.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
    2015-12-29 13:29 - 2015-12-29 13:30 - 00000000 ____D C:\Users\Agata\AppData\Roaming\sweet-page
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    0