Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Zoobam, sprawdzenie logow

wolok 04 Lut 2016 13:02 471 1
  • Pomocny post
    #2 04 Lut 2016 13:31
    Acorus 20
    Spec od komputerów

    Odinstaluj SpyHunter 4. Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {0D691D6E-5CE3-44CA-84A0-FF67AFCA0EC4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {1B64E3AC-EB35-491A-83CE-E7F7BBCC2E87} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {1DEBC543-B43F-444A-93EC-E8B838731A9E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {8787E686-4E59-4F82-8E17-FBCBC6A43FC6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {A11CA10A-57D0-4231-9960-0F8AEF11DF4D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {A2696F2B-1EE3-4C8B-A057-B4370EDEE1C0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {B0105A9C-8DCF-48AE-B801-CEC506E1A36A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {BC9832B9-1517-461B-897F-D77CF7EC2980} - System32\Tasks\King of Hunter2 => Rundll32.exe "C:\Users\Dobidek\AppData\Local\King of Hunter\{5FE21009-6049-02C0-9C44-A1373208DC53}\dwzrrt.dll",#1 <==== UWAGA
    Task: {DFD59F87-BD67-447A-AB82-3F99EEEADB3C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {E0208C9F-0E1E-4971-88CE-446DF9426B3D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {EB1004CD-0F82-4C92-8393-7C8F6565FB73} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {FAAAFE55-F05A-4944-9156-4BD2C712B69E} - System32\Tasks\King of Hunter => Rundll32.exe "C:\Users\Dobidek\AppData\Local\King of Hunter\{5FE21009-6049-02C0-9C44-A1373208DC53}\KingofHunter.dll",#1 <==== UWAGA
    Task: {FC8B400E-AB1E-40ED-9483-9E67D5DD4ED5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    HKU\S-1-5-21-1069645945-2823276009-2828997211-1000\...\MountPoints2: {4cf0e298-1cb7-11e5-ae3a-50e549417596} - "H:\setup.exe"
    ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Brak pliku
    ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Brak pliku
    ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Brak pliku
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\FDDAD891C8BDD99A6F66701AD516B54DFDDA [2016-01-02] <==== UWAGA
    CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F...CzJCwKAT-yieF7NEfwgI3uKmoknCJmrUyHIB5xErp1qQ,,




    CHR StartupUrls: Default -> "search.mpc.am"
    CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...x4ABBNgIl0buKUVy5fBvjUxZ1mHILHO3JHzno,&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
    CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
    CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
    CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
    CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
    CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
    U3 idsvc; Brak ImagePath
    S1 MPCKpt; system32\DRIVERS\MPCKpt.sys [X]
    U4 wpcsvc; Brak ImagePath
    2016-02-04 12:42 - 2016-02-04 12:42 - 00000000 _____ C:\autoexec.bat
    2016-02-04 12:37 - 2016-02-04 12:45 - 00000000 ____D C:\Users\Dobidek\AppData\Roaming\Enigma Software Group
    2016-02-04 12:37 - 2016-02-04 12:37 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
    2016-02-01 23:55 - 2015-09-17 21:09 - 00000000 ____D C:\AdwCleaner
    2015-09-24 01:54 - 2015-09-24 01:54 - 1861120 _____ () C:\ProgramData\XdjsbA
    2015-09-24 01:54 - 2015-09-24 01:54 - 0034384 _____ () C:\ProgramData\XdjsbA.au3
    2015-09-24 01:54 - 2015-09-24 01:54 - 0936960 _____ (AutoIt Team) C:\ProgramData\XdjsbA.exe
    2015-09-24 18:04 - 2015-09-24 18:08 - 0000046 _____ () C:\ProgramData\XdjsbA.folder
    2015-09-24 18:04 - 2015-09-24 18:08 - 0000066 _____ () C:\ProgramData\XdjsbA.path
    2015-09-24 18:05 - 2015-09-24 18:08 - 0000000 _____ () C:\ProgramData\YbxlwqtR
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.

    0