Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Search so-v.com - logi z FRST.

sandra4 16 Mar 2016 16:49 438 5
  • Pomocny post
    #2 16 Mar 2016 17:14
    krzychupar
    Poziom 40  

    Odinstaluj:
    SpyHunter 4

    Otwórz notatnik systemowy i wklej:
    Task: {06BD87C4-D95D-4F81-8AC5-57FD5FD4B767} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {098900C6-B2E2-48F3-A931-6B8DD65385D1} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
    Task: {2B89D2C2-E519-4302-8A50-38F872FBCCC4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {39990CEC-2DA4-4810-BF3F-141A60E2DC99} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {5014E447-C4C6-4C9F-914D-22AC113CF188} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {62985DC5-289B-4A69-8D29-5700C7B5B6E2} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-03-16] (Enigma Software Group USA, LLC.)
    Task: {719C3255-B8BA-49DF-A04D-458DE08CA365} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {73919013-9CB3-4E5B-974F-D944E037CCD9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {86E19F52-02AD-4A1F-8743-9F5E0EFEA953} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {98F92771-6B3D-4209-AA3D-C337A6C46D81} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {C4C1C1A5-A65C-45E3-B4C6-6BDA33984BE5} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {E8153F4B-6738-4AB7-8791-D3ABF8A3DF95} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {F5356377-EB69-43BF-83BB-481F84D6DBE5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Hosts:
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Winlogon: [Userinit] [X]
    HKU\S-1-5-21-2138911517-1398414609-2423325887-1001\...\MountPoints2: {5ded582a-b53f-11e5-8269-1cb72c1ab887} - "F:\AutoRun.exe"
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-02-22]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-2138911517-1398414609-2423325887-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-2138911517-1398414609-2423325887-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB




    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.so-v.com/?type=ll&uid=38325a2a-299e-4d8b-a413-b4147defa080
    CHR StartupUrls: Default -> "hxxps://www.google.pl/","hxxp://www.istartpageing.com/?type=hp&ts=1451155508&z=b4ceee3193582de21b918f3g7zewdgdg9w3w4wbeab&from=cor&uid=hgstxhts541010a9e680_jd1009ch1ggwyh1ggwyhx"
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.)
    S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-03-16] (Enigma Software Group USA, LLC.)
    2016-03-16 15:15 - 2016-03-16 15:15 - 00000000 _____ C:\autoexec.bat
    2016-03-16 15:14 - 2016-03-16 15:14 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
    2016-03-16 15:14 - 2016-03-16 15:14 - 00003410 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
    2016-03-16 15:14 - 2016-03-16 15:14 - 00001134 _____ C:\Users\Skorek\Desktop\SpyHunter.lnk
    2016-03-16 15:14 - 2016-03-16 15:14 - 00000000 ____D C:\Users\Skorek\AppData\Roaming\Enigma Software Group
    2016-03-16 15:14 - 2016-03-16 15:14 - 00000000 ____D C:\sh4ldr
    2016-03-16 15:14 - 2016-03-16 15:14 - 00000000 ____D C:\Program Files\Enigma Software Group
    2016-03-16 14:32 - 2016-03-16 14:42 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
    2016-03-12 11:53 - 2016-03-12 11:53 - 00000266 __RSH C:\ProgramData\ntuser.pol
    2016-02-22 08:26 - 2016-02-22 08:26 - 00002011 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    2016-02-22 08:26 - 2016-02-22 08:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    2016-02-21 09:39 - 2016-02-21 09:39 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
    2016-03-16 14:15 - 2015-12-07 16:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
    2016-02-22 08:26 - 2016-01-25 07:59 - 00000000 ____D C:\Program Files\McAfee Security Scan
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • Pomocny post
    #3 16 Mar 2016 17:22
    Acorus 20
    Spec od komputerów

    Odinstaluj McAfee Security Scan Plus, SpyHunter 4, WebStorage. Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {06BD87C4-D95D-4F81-8AC5-57FD5FD4B767} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {2B89D2C2-E519-4302-8A50-38F872FBCCC4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {39990CEC-2DA4-4810-BF3F-141A60E2DC99} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {5014E447-C4C6-4C9F-914D-22AC113CF188} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {62985DC5-289B-4A69-8D29-5700C7B5B6E2} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-03-16] (Enigma Software Group USA, LLC.)
    Task: {719C3255-B8BA-49DF-A04D-458DE08CA365} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {73919013-9CB3-4E5B-974F-D944E037CCD9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {86E19F52-02AD-4A1F-8743-9F5E0EFEA953} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {98F92771-6B3D-4209-AA3D-C337A6C46D81} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {C4C1C1A5-A65C-45E3-B4C6-6BDA33984BE5} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {E8153F4B-6738-4AB7-8791-D3ABF8A3DF95} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {F5356377-EB69-43BF-83BB-481F84D6DBE5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
    HKLM-x32\...\Winlogon: [Userinit] [X]
    HKU\S-1-5-21-2138911517-1398414609-2423325887-1001\...\Run: [BingSvc] => C:\Users\Skorek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-13] (© 2015 Microsoft Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-02-22]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    Hosts:
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-2138911517-1398414609-2423325887-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.so-v.com/?type=ll&uid=38325a2a-299e-4d8b-a413-b4147defa080
    CHR StartupUrls: Default -> "hxxps://www.google.pl/","hxxp://www.istartpageing.com/?type=hp&ts=1451155508&z=b4ceee3193582de21b918f3g7zewdgdg9w3w4wbeab&from=cor&uid=hgstxhts541010a9e680_jd1009ch1ggwyh1ggwyhx"
    S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-03-16] (Enigma Software Group USA, LLC.)
    2016-03-16 15:15 - 2016-03-16 15:15 - 00000000 _____ C:\autoexec.bat
    2016-03-16 15:14 - 2016-03-16 15:14 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
    2016-03-16 15:14 - 2016-03-16 15:14 - 00003410 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
    2016-03-16 15:14 - 2016-03-16 15:14 - 00001134 _____ C:\Users\Skorek\Desktop\SpyHunter.lnk
    2016-03-16 15:14 - 2016-03-16 15:14 - 00000000 ____D C:\Users\Skorek\AppData\Roaming\Enigma Software Group
    2016-03-16 15:14 - 2016-03-16 15:14 - 00000000 ____D C:\sh4ldr
    2016-03-16 15:14 - 2016-03-16 15:14 - 00000000 ____D C:\Program Files\Enigma Software Group
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    0
  • #4 16 Mar 2016 20:51
    sandra4
    Poziom 2  

    Pomogło, dzięki wielkie !

    0
  • #6 17 Mar 2016 09:17
    RADU23
    Moderator - Komputery Serwis

    sandra4 napisał:
    Pomogło, dzięki wielkie !

    Usuń katalog C:\FRST.

    0