Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Avast url:mal wscript + logi FRST

denor12 20 Maj 2016 01:59 507 2
  • Pomocny post
    #2 20 Maj 2016 08:40
    Domino_2
    Pomocny dla użytkowników

    Cytat:

    CloseProcesses:
    Task: {1DF3BFA7-78E1-45A2-8AE3-9FE04288C614} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-132808117-4188919328-2083618679-1002UA => C:\Users\denor\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-09] (Facebook Inc.)
    Task: {3100BF46-F826-45E8-B817-147527DBA00E} - System32\Tasks\{7F6FEC46-823D-4C6A-A259-500BB7E9468C} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.60.102/pl/abandoninstall?page=tsProgressBar
    Task: {42A1B02C-6987-4830-AC4F-ED4858A85755} - System32\Tasks\Opera scheduled Autoupdate 1462301894 => C:\Program Files (x86)\Opera\launcher.exe [2016-05-09] (Opera Software)
    Task: {55475940-3A94-41A5-ADCC-7E79128E4D29} - System32\Tasks\Smlupd => C:\Users\denor\AppData\Roaming\Smlupd\smlupd.exe [2015-02-13] (Geo Builder) <==== UWAGA
    Task: {59D35CC2-76CD-4108-9A71-40617BAC3231} - System32\Tasks\{7BF6272C-8C57-4592-8582-8B9FF50874EE} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.60.102/pl/abandoninstall?page=tsProgressBar
    Task: {95D0C6FB-E55D-48A9-82C6-77FE8701AC0E} - System32\Tasks\{EBF3702B-3610-4A5F-B0D0-3F59CE882401} => Chrome.exe hxxp://ui.skype.com/ui/0/6.22.0.107/pl/go/help.faq.installer?LastError=1618
    Task: {C6971D47-6CF2-4C38-8C90-439B81165961} - System32\Tasks\{53E58E6D-8155-4BE7-AAFD-7E88B5F23034} => pcalua.exe -a C:\windows\SetupX32.EXE -c /@SetupExt\Tablet
    Task: {DD4A4517-00A6-49DB-809C-835A60480560} - System32\Tasks\{B1719788-CC0F-4892-B74C-3CFF8F47767A} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}\SETUP.EXE" -c -runfromtemp -l0x0409 UNINST -removeonly
    Task: {FB9F520B-B414-4024-8536-2EFC34B0207E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-132808117-4188919328-2083618679-1002Core => C:\Users\denor\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-09] (Facebook Inc.)
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-132808117-4188919328-2083618679-1002Core.job => C:\Users\denor\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-132808117-4188919328-2083618679-1002UA.job => C:\Users\denor\AppData\Local\Facebook\Update\FacebookUpdate.exe
    HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\Run: [Epson Stylus SX235(Sie**)<*>] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\denor\AppData\Local\Temp\E_SD172.tmp" /EF "HKCU" <===== UWAGA (Nazwa wartości zawiera nieprawidłowe znaki)
    HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\Run: [home] => wscript.exe //B "C:\Users\denor\AppData\Roaming\home.vbe"




    Startup: C:\Users\denor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\home.vbe [2015-09-08] ()
    SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
    SearchScopes: HKU\S-1-5-21-132808117-4188919328-2083618679-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
    SearchScopes: HKU\S-1-5-21-132808117-4188919328-2083618679-1002 -> {6AEA25D7-E884-4031-AD97-7E653DDE8427} URL =
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Brak pliku
    FF Homepage: user_pref("browser.startup.homepage", );
    FF Keyword.URL: user_pref("keyword.URL","");
    FF NewTab: user_pref("browser.newtab.url","");
    FF Plugin HKU\S-1-5-21-132808117-4188919328-2083618679-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Brak pliku]
    CHR HomePage: Default -> hxxp://www.sweet-page.com/?type=hp&ts=143...HitachiXHTS547575A9E384_J2190020DX12TDDX12TDX
    CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1430131778&from=cor&uid=HitachiXHTS547575A9E384_J2190020DX12TDDX12TDX"
    CHR HKU\S-1-5-21-132808117-4188919328-2083618679-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
    S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
    S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
    S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
    2016-01-10 20:39 - 2015-09-08 22:04 - 0092629 ___SH () C:\Users\denor\AppData\Roaming\home.vbe
    EmptyTemp:


    Wklej to do notatnika i zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się plik FRST.exe/FRST64.exe, odpal go i kliknij Fix/Napraw.

    0
  • #3 20 Maj 2016 12:04
    denor12
    Poziom 2  

    dzieki, pomogło ^^

    0