Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o sprawdzenie pliku FRST.

Yaxley 27 Kwi 2016 18:41 408 1
  • #2 27 Kwi 2016 18:48
    Kolobos
    Spec od komputerów

    Nie pobieraj programow z dobrychprogramow przy pomocy ich menadzera pobierania, menadzer ten instaluje szkodliwe oprogramowanie.

    Fixlist.txt dla FRST:
    Task: {318B7DE1-F770-4372-9638-9D5E3B7D7ED4} - System32\Tasks\DNSWALTERS => dnswalters.exe <==== UWAGA
    Task: {E700AA3F-3355-4E9D-A8DF-AEE050852474} - System32\Tasks\OluśWashingVexinglyV2 => Rundll32.exe TrifleGrumped.dll,main 7 1 <==== UWAGA
    Task: {F5A86DE5-72CB-4E19-B291-C0A085245FD4} - \WinTaske -> Brak pliku <==== UWAGA
    C:\WINDOWS\Tasks\{4ADF1328-C310-3856-68AF-22472C9F7EC3}.job
    Task: {318B7DE1-F770-4372-9638-9D5E3B7D7ED4} - System32\Tasks\DNSWALTERS => dnswalters.exe <==== UWAGA
    Task: {E700AA3F-3355-4E9D-A8DF-AEE050852474} - System32\Tasks\OluśWashingVexinglyV2 => Rundll32.exe TrifleGrumped.dll,main 7 1 <==== UWAGA
    Task: {F5A86DE5-72CB-4E19-B291-C0A085245FD4} - \WinTaske -> Brak pliku <==== UWAGA
    C:\WINDOWS\Tasks\{4ADF1328-C310-3856-68AF-22472C9F7EC3}.job
    HKU\S-1-5-21-1558354824-360976171-889370798-1000\...\MountPoints2: {c08288d8-f730-11e5-a39b-95d9f07816cb} - "E:\SETUP.EXE"
    Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{989b315b-55ae-47db-92cc-f806f7cd16bf}: [NameServer] 82.163.143.171 82.163.142.173
    CHR HomePage: Default -> hxxp://www.yessearches.com/?mode=nnnb&pti...3E65DF&v=20160329&ts=AHEpCHIkAnIkBE....
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
    2016-04-22 17:53 - 2016-04-22 17:53 - 00022220 _____ C:\WINDOWS\System32\Tasks\DNSWALTERS
    2016-04-22 17:52 - 2016-04-22 17:53 - 00000000 ____D C:\ProgramData\53ab66c9
    2016-04-22 17:52 - 2016-04-22 17:52 - 00000000 ____D C:\ProgramData\{298ba4ad-512c-0}
    2016-04-22 17:52 - 2016-04-22 17:52 - 00000000 ____D C:\ProgramData\{0c75f834-212c-1}
    2016-04-01 11:39 - 2016-04-01 11:40 - 00000000 ____D C:\Users\Oluś\AppData\Local\F727A298-4DB4-456A-AC54-A93EA5F8554D
    2016-04-01 11:38 - 2016-04-05 16:48 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
    2016-04-01 11:38 - 2016-04-01 11:38 - 00000000 ____D C:\Program Files (x86)\WinTaske
    2016-04-01 11:38 - 2016-04-01 11:38 - 00000000 ____D C:\Program Files (x86)\Winsere
    2016-04-01 11:35 - 2016-04-01 11:35 - 01023280 _____ (Hesudemo ) C:\Users\Oluś\Downloads\DAEMON-Tools-Lite-12708-dp.exe
    2016-04-01 11:17 - 2016-04-24 20:07 - 00000000 ____D C:\Users\Oluś\AppData\Local\WashingVexingly
    2016-04-01 11:17 - 2016-04-24 16:45 - 00000000 ____D C:\Users\Oluś\AppData\Roaming\PriceFountainUpdateVer
    2016-04-01 11:17 - 2016-04-22 22:17 - 00000298 _____ C:\WINDOWS\Tasks\{4ADF1328-C310-3856-68AF-22472C9F7EC3}.job
    2016-04-01 11:17 - 2016-04-22 17:53 - 00000000 ____D C:\ProgramData\ed6f8477-0773-0
    2016-04-01 11:17 - 2016-04-22 17:52 - 00000000 ____D C:\ProgramData\ed6f8477-76a3-1
    2016-04-01 11:17 - 2016-04-01 11:17 - 00003506 _____ C:\WINDOWS\System32\Tasks\OluśWashingVexinglyV2
    2016-04-01 11:17 - 2016-04-01 11:17 - 00000295 _____ C:\Users\Oluś\Desktop\allegro.pl.URL
    2016-04-01 11:16 - 2016-04-01 11:16 - 02162896 _____ C:\Users\Oluś\Downloads\winrar-x64-531pl.exe
    2016-04-01 11:07 - 2016-04-24 16:40 - 00000000 ____D C:\Users\Oluś\AppData\Local\CulledCert
    2016-04-01 10:46 - 2016-04-24 16:43 - 00000000 ____D C:\Users\Oluś\AppData\Local\PenpointsTableland
    C:\Windows\Tasks\{4ADF1328-C310-3856-68AF-22472C9F7EC3}.job
    EmptyTemp:

    Po wykonaniu usun katalog C:\FRST.

    0