Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Proszę o sprawdzenie logów w celu usunięcia niechcianych reklam oraz samo otwier

Asztinho 28 Kwi 2016 16:29 489 1
  • #2 28 Kwi 2016 16:53
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {458496AC-692A-4F1F-BC64-E539592BE2A0} - System32\Tasks\Price Fountain => C:\Users\Gosia\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== UWAGA
    Task: {6771597B-8504-4171-A2CB-E2291EDC69BE} - System32\Tasks\{55ADA368-F74C-525A-42BD-F51488805F3A} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\61db859b\351920fa.dll" <==== UWAGA
    Task: {F211D3EF-106A-4972-A703-08380EB46882} - System32\Tasks\GosiaWintersCrazedV2 => Rundll32.exe ZipperScouter.dll,main 7 1 <==== UWAGA
    Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\Gosia\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== UWAGA
    HKU\S-1-5-21-134157786-2955337700-309454529-1001\...\Run: [vlikhae] => rundll32.exe "C:\Users\Gosia\AppData\Local\vlikhae.dll",vlikhae <===== UWAGA
    HKU\S-1-5-21-134157786-2955337700-309454529-1001\...\MountPoints2: F - F:\Autorun.exe
    HKU\S-1-5-21-134157786-2955337700-309454529-1001\...\MountPoints2: {ba49d52e-c1f1-11e5-b747-0024541e2f99} - G:\Autorun.exe
    HKU\S-1-5-21-134157786-2955337700-309454529-1001\...\MountPoints2: {ba49d674-c1f1-11e5-b747-0024541e2f99} - H:\Autorun.exe
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{04DB79BB-4885-4E2D-9D08-B325878819D4}: [NameServer] 82.163.142.7 95.211.158.134
    Tcpip\..\Interfaces\{B7CC190F-C76D-4BCC-9739-B40BDB3DCDCF}: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{B7CC190F-C76D-4BCC-9739-B40BDB3DCDCF}: [DhcpNameServer] 82.163.143.171
    Tcpip\..\Interfaces\{FE23B513-59D5-4648-9F21-B60F6F1DC619}: [NameServer] 82.163.143.171 82.163.142.173
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.search.yahoo.com/yhs/web?hspart=ir...%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.search.yahoo.com/yhs/web?hspart=ir...%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate




    HKU\S-1-5-21-134157786-2955337700-309454529-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.search.yahoo.com/yhs/web?hspart=ir...%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart...er%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart...er%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
    SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart...er%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-134157786-2955337700-309454529-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart...er%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-134157786-2955337700-309454529-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart...er%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-134157786-2955337700-309454529-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart...er%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
    CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
    CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
    CHR HKU\S-1-5-21-134157786-2955337700-309454529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
    2016-04-26 19:38 - 2016-04-26 19:38 - 00000000 ____D C:\ProgramData\14f5bd43-70a3-0
    2016-04-26 19:38 - 2016-04-26 19:38 - 00000000 ____D C:\ProgramData\14f5bd43-3ee3-1
    2016-04-26 11:10 - 2016-04-26 11:10 - 00000000 ____D C:\ProgramData\14f5bd43-57f1-1
    2016-04-26 11:10 - 2016-04-26 11:10 - 00000000 ____D C:\ProgramData\14f5bd43-3da1-0
    2016-04-25 23:26 - 2016-04-25 23:27 - 00000000 ____D C:\ProgramData\14f5bd43-4c47-0
    2016-04-25 23:26 - 2016-04-25 23:27 - 00000000 ____D C:\ProgramData\14f5bd43-3733-1
    2016-04-25 17:10 - 2016-04-25 17:10 - 00000000 ____D C:\ProgramData\14f5bd43-6dc1-1
    2016-04-25 17:10 - 2016-04-25 17:10 - 00000000 ____D C:\ProgramData\14f5bd43-0b73-0
    2016-04-24 22:43 - 2016-04-24 22:43 - 00020480 _____ C:\Users\Gosia\AppData\Local\vlikhae.dll
    2016-04-24 22:35 - 2016-04-24 22:35 - 00003274 _____ C:\Windows\System32\Tasks\{792971A9-39BD-4C0B-9687-9FD8CDA01D91}
    2016-04-24 17:12 - 2016-04-24 17:12 - 00000000 ____D C:\ProgramData\14f5bd43-68a5-1
    2016-04-24 17:12 - 2016-04-24 17:12 - 00000000 ____D C:\ProgramData\14f5bd43-09f7-0
    2016-04-23 17:30 - 2016-04-23 17:31 - 00000000 ____D C:\ProgramData\14f5bd43-43e1-1
    2016-04-23 11:10 - 2016-04-23 11:10 - 00000000 ____D C:\ProgramData\14f5bd43-0ea7-1
    2016-04-23 11:10 - 2016-04-23 11:10 - 00000000 ____D C:\ProgramData\14f5bd43-00f5-0
    2016-04-22 23:10 - 2016-04-22 23:10 - 00000000 ____D C:\ProgramData\14f5bd43-6ae3-1
    2016-04-22 23:10 - 2016-04-22 23:10 - 00000000 ____D C:\ProgramData\14f5bd43-02b5-0
    2016-04-22 05:10 - 2016-04-22 05:10 - 00000000 ____D C:\ProgramData\14f5bd43-6f05-0
    2016-04-22 05:10 - 2016-04-22 05:10 - 00000000 ____D C:\ProgramData\14f5bd43-6885-1
    2016-04-21 11:10 - 2016-04-21 11:10 - 00000000 ____D C:\ProgramData\14f5bd43-7337-0
    2016-04-21 11:10 - 2016-04-21 11:10 - 00000000 ____D C:\ProgramData\14f5bd43-03b1-1
    2016-04-20 00:01 - 2016-04-20 00:01 - 00000000 ____D C:\ProgramData\14f5bd43-2925-1
    2016-04-20 00:01 - 2016-04-20 00:01 - 00000000 ____D C:\ProgramData\14f5bd43-12d7-0
    2016-04-19 11:10 - 2016-04-19 11:10 - 00000000 ____D C:\ProgramData\14f5bd43-7805-0
    2016-04-19 11:10 - 2016-04-19 11:10 - 00000000 ____D C:\ProgramData\14f5bd43-1221-1
    2016-04-19 00:13 - 2016-04-19 00:14 - 00000000 ____D C:\ProgramData\14f5bd43-6e11-0
    2016-04-19 00:13 - 2016-04-19 00:14 - 00000000 ____D C:\ProgramData\14f5bd43-2283-1
    2016-04-17 23:10 - 2016-04-17 23:10 - 00000000 ____D C:\ProgramData\14f5bd43-5123-0
    2016-04-17 23:10 - 2016-04-17 23:10 - 00000000 ____D C:\ProgramData\14f5bd43-0113-1
    2016-04-17 17:10 - 2016-04-17 17:10 - 00000000 ____D C:\ProgramData\14f5bd43-7c15-1
    2016-04-17 17:10 - 2016-04-17 17:10 - 00000000 ____D C:\ProgramData\14f5bd43-37f7-0
    2016-04-17 05:10 - 2016-04-17 05:10 - 00000000 ____D C:\ProgramData\14f5bd43-6e75-1
    2016-04-17 05:10 - 2016-04-17 05:10 - 00000000 ____D C:\ProgramData\14f5bd43-4967-0
    2016-04-16 18:00 - 2016-04-16 18:00 - 00000000 ____D C:\ProgramData\14f5bd43-6163-0
    2016-04-16 18:00 - 2016-04-16 18:00 - 00000000 ____D C:\ProgramData\14f5bd43-23c1-1
    2016-04-10 11:10 - 2016-04-15 11:42 - 00000000 ____D C:\ProgramData\14f5bd43-3a35-0
    2016-04-10 11:05 - 2016-04-15 11:42 - 00000000 ____D C:\ProgramData\14f5bd43-6955-0
    2016-04-10 11:05 - 2016-04-10 11:05 - 00003728 _____ C:\Windows\System32\Tasks\{55ADA368-F74C-525A-42BD-F51488805F3A}
    2016-04-10 11:05 - 2016-04-10 11:05 - 00000000 ____D C:\ProgramData\61db859b
    2016-04-10 11:04 - 2016-04-10 11:04 - 00000000 ____D C:\ProgramData\{37e1fa7f-312c-0}
    2016-04-10 11:04 - 2016-04-10 11:04 - 00000000 ____D C:\ProgramData\{1848f6e4-012c-1}
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.

    0