Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Nusearch - Proszę o sprawdzenie logów

bonzaj110 22 Paź 2016 18:20 489 4
  • CControls
  • Pomocny post
    #2 22 Paź 2016 18:40
    Kolobos
    Spec od komputerów

    Sam utworzyles ten katalog? Jezeli nie, to co w nim jest?
    C:\Program Files (x86)\avwz1o71

    Odinstaluj:
    amuleC
    aMuleCustom
    McAfee Security Scan Plus
    WinZip

    Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
    Task: {520C8F59-BB44-4E1E-A578-87B548E66C6B} - \WinTaske -> Brak pliku <==== UWAGA
    Task: {8606F8B5-DB59-4224-ADA5-DCC99C808023} - System32\Tasks\HipbearUpdateTaskMachineUA => C:\Program Files (x86)\Hipbear\Update\HipbearUpdate.exe <==== UWAGA
    Task: {BF6A08DC-95FE-4CD5-91D5-3A3E90E8CAAF} - System32\Tasks\HipbearUpdateTaskMachineCore => C:\Program Files (x86)\Hipbear\Update\HipbearUpdate.exe <==== UWAGA
    Shortcut: C:\Users\Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Jarhair\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Jarhair\Application\chrome.exe (Google Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Jarhair\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Jarhair\Application\chrome.exe (Google Inc.)
    2016-10-20 22:56 - 2016-10-12 07:43 - 01819240 _____ () C:\Program Files (x86)\Jarhair\Application\libglesv2.dll
    2016-10-20 22:56 - 2016-10-12 07:43 - 00093288 _____ () C:\Program Files (x86)\Jarhair\Application\libegl.dll
    2016-10-20 23:08 - 2016-09-30 10:51 - 17769664 _____ () C:\Users\Paula\AppData\Local\Jarhair\User Data\PepperFlash\23.0.0.185\pepflashplayer.dll
    (© 2015 Microsoft Corporation) C:\Users\Paula\AppData\Local\Microsoft\BingSvc\BingSvc.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.376\McUICnt.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe
    HKU\S-1-5-21-2889958155-2832895398-1323614220-1001\...\Run: [BingSvc] => C:\Users\Paula\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-2889958155-2832895398-1323614220-1001\...\MountPoints2: {3c51381f-79ad-11e6-8263-48d224001811} - "G:\autorun.exe"
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-21]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    FF SearchPlugin: C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\ur75rksr.default\searchplugins\attirerpage.xml [2016-06-17]
    FF SearchPlugin: C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\ur75rksr.default\searchplugins\bing-.xml [2015-11-14]
    FF Homepage: Firefox\Firefox\Profiles\4m5ri9az.default -> hxxp://www.searchinme.com/?type=hp&ts=147...id=HGSTXHTS545050A7E380_130609TE8513493A29WRX




    FF Extension: (SimilarWeb) - C:\Users\Paula\AppData\Roaming\Firefox\Firefox\Profiles\4m5ri9az.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2016-06-29] [Brak podpisu cyfrowego]
    FF Extension: (FF Adr) - C:\Users\Paula\AppData\Roaming\Firefox\Firefox\Profiles\4m5ri9az.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2016-08-12] [Brak podpisu cyfrowego]
    FF SearchPlugin: C:\Users\Paula\AppData\Roaming\Firefox\Firefox\Profiles\4m5ri9az.default\searchplugins\searchinme.xml [2016-07-29]
    CHR DefaultSearchURL: Default -> hxxp://www.nuesearch.com/search/?type=ds&...XHTS545050A7E380_130609TE8513493A29WRX&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> nuesearch
    R2 ed2kidle; C:\Program Files (x86)\walalala co\aMuleCustom\ed2k.exe [236544 2016-09-12] (hxxp://www.amule.org/) [Brak podpisu cyfrowego]
    R3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
    S2 HipbearU; "C:\Program Files (x86)\Hipbear\Update\HipbearUpdate.exe" [X]
    2016-10-20 23:47 - 2016-10-21 00:29 - 00000000 ____D C:\AdwCleaner
    2016-10-20 22:56 - 2016-10-20 22:56 - 00000003 _____ C:\Windows\SysWOW64\xaabbbbbbb
    2016-10-20 22:56 - 2016-10-20 22:56 - 00000000 ____D C:\Users\Paula\AppData\Local\Jarhair
    2016-10-20 22:56 - 2016-10-20 22:56 - 00000000 ____D C:\Program Files (x86)\Jarhair
    2016-10-20 21:32 - 2016-10-20 21:32 - 00000000 ____D C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
    2016-10-20 21:32 - 2016-10-20 21:32 - 00000000 ____D C:\Program Files (x86)\amuleC
    2016-10-20 23:44 - 2016-08-11 23:29 - 00000000 ____D C:\Users\Paula\AppData\Roaming\setup1
    2016-10-20 23:44 - 2016-06-27 22:04 - 00000000 ____D C:\Windows\SysWOW64\_TSpm
    EmptyTemp:

    W FRST wybierz napraw.

    Utworz nowe skorty do Chrome.

    0
  • CControls
  • Pomocny post
    #3 22 Paź 2016 18:41
    Acorus 20
    Spec od komputerów

    Odinstaluj McAfee Security Scan Plus, WinZip. Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {520C8F59-BB44-4E1E-A578-87B548E66C6B} - \WinTaske -> Brak pliku <==== UWAGA
    Task: {8606F8B5-DB59-4224-ADA5-DCC99C808023} - System32\Tasks\HipbearUpdateTaskMachineUA => C:\Program Files (x86)\Hipbear\Update\HipbearUpdate.exe <==== UWAGA
    Task: {BF6A08DC-95FE-4CD5-91D5-3A3E90E8CAAF} - System32\Tasks\HipbearUpdateTaskMachineCore => C:\Program Files (x86)\Hipbear\Update\HipbearUpdate.exe <==== UWAGA
    Shortcut: C:\Users\Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Jarhair\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\Paula\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Jarhair\Application\chrome.exe (Google Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Jarhair\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Jarhair\Application\chrome.exe (Google Inc.)
    HKU\S-1-5-21-2889958155-2832895398-1323614220-1001\...\MountPoints2: {3c51381f-79ad-11e6-8263-48d224001811} - "G:\autorun.exe"
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-21]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-2889958155-2832895398-1323614220-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
    CHR DefaultSearchURL: Default -> hxxp://www.nuesearch.com/search/?type=ds&...XHTS545050A7E380_130609TE8513493A29WRX&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> nuesearch
    S2 HipbearU; "C:\Program Files (x86)\Hipbear\Update\HipbearUpdate.exe" [X]
    2016-10-20 23:47 - 2016-10-21 00:29 - 00000000 ____D C:\AdwCleaner
    2016-10-20 23:27 - 2016-10-20 23:44 - 00000000 ____D C:\Users\Paula\Doctor Web
    2016-10-20 22:56 - 2016-10-20 22:56 - 00000003 _____ C:\Windows\SysWOW64\xaabbbbbbb
    2016-10-20 22:56 - 2016-10-20 22:56 - 00000000 ____D C:\Users\Paula\AppData\Local\Jarhair
    2016-10-20 22:56 - 2016-10-20 22:56 - 00000000 ____D C:\Program Files (x86)\Jarhair
    2016-10-20 21:32 - 2016-10-20 21:32 - 00000000 ____D C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
    2016-10-20 21:32 - 2016-10-20 21:32 - 00000000 ____D C:\Program Files (x86)\amuleC
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.

    1
  • #4 22 Paź 2016 19:24
    bonzaj110
    Poziom 7  

    Ten katalog o który pytałeś jest pusty. Nie ja go utworzyłem. Mam go usunąć?
    Po wykonaniu waszych zaleceń problem narazie znikł i znowu pojawia się google.
    Dziękuje za pomoc.

    0