Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

FRST - Win 10, Zodiac-game.info na starcie

maniek01061999 15 Sty 2017 18:04 306 4
  • #2 15 Sty 2017 18:18
    Kolobos
    Spec od komputerów

    Odinstaluj: SpyHunter 4

    Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
    Task: {1296724C-C329-4E8D-AC34-8EC9127164C9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {1DE16EDF-9B85-4CDA-AB1A-3B8408CCF87D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
    Task: {3CB99536-4C6A-4B72-A5DC-8AD699A6D2C0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {5B15788C-E110-4144-9C49-464071B1C7A9} - System32\Tasks\{078477CE-C607-44C9-8065-C897B8437B54} => pcalua.exe -a "I:\Interfejs Multi 15w1 USB\Sterownik_windows_10.exe"
    Task: {5B47E842-60B1-4021-9B71-16F82687DB2E} - System32\Tasks\Maniek => /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Maniek /t REG_SZ /d "explorer.exe hxxp://kb-ribaki.org" <==== UWAGA
    Task: {5BCE4F06-527E-4041-B21E-24B4DCDA9EF5} - System32\Tasks\{AD570BD9-F6B1-45AB-BAF6-FB1DDA0056E2} => pcalua.exe -a "C:\Users\Maniek\Desktop\Diagnoza\Interfejs Multi 15w1 USB\Sterownik_windows_10.exe"
    Task: {5DBFDCC2-4871-457E-82CD-E8A389D53BCB} - System32\Tasks\{F4193AE1-07DC-47E4-BFE1-FA3F6FC91E69} => pcalua.exe -a I:\Disk1\DirectX\DXSETUP.EXE -d I:\Disk1\DirectX
    Task: {6AF77877-4FEB-4091-A8A2-8C8C4903C45A} - System32\Tasks\{72192D6F-45BD-4960-BF08-4B2549D5A147} => pcalua.exe -a "I:\Interfejs STN1110 ELM327 USB v2\Sterownik_windows_10.exe"
    Task: {7A5789C2-962E-4930-904A-A29417236564} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {81958FF4-5CA7-4467-8051-428ACA166169} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {85AE0072-934B-40D4-A689-232A3D8910C6} - System32\Tasks\{80085DA7-C9E6-4DC3-B7A7-4E1834CF1A05} => pcalua.exe -a I:\setup.exe -d I:\
    Task: {865C9558-AFD3-4A8B-98C3-DA15A2783E04} - System32\Tasks\Opera scheduled Autoupdate 1439976114 => C:\Program Files (x86)\Opera\launcher.exe [2016-12-19] (Opera Software)
    Task: {8FA58582-1643-4514-83AA-BBF164559822} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => D:\Programy\AVG Pc TuneUp\AVG PC TuneUp\tuscanx.exe
    Task: {956B2223-3CA8-4D8B-9F2D-BB915446F2E2} - System32\Tasks\{338803B5-1DF6-4FA6-A8C9-7E41226E2331} => pcalua.exe -a "I:\Interfejs Multi 15w1 USB\Sterowniki USB\WIN98\FTDIUNIN.exe"
    Task: {9775E3F7-E37D-43DA-B270-B54112B2D586} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {9942745E-09F0-43A1-85BE-D20843989665} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {A6D8CDD5-FD38-4AE6-938D-9B1CFF573288} - \WPD\SqmUpload_S-1-5-21-1402303034-2098991869-3200791319-1001 -> Brak pliku <==== UWAGA




    Task: {B0FD1EC0-05BC-4458-9AFB-A6223CCAD933} - System32\Tasks\{3BB588D7-316C-4EA9-88A2-708A5449C50E} => pcalua.exe -a "D:\Gry\The Crew\The Crew (Russian)\Support\InsHelper.exe" -c CallUplayProtocol Uninstall 507
    Task: {CE1CC63A-AB81-4568-B0FB-25586E041103} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {D22022CF-EE38-4D2F-91D9-D98DB791F164} - \WPD\SqmUpload_S-1-5-21-1402303034-2098991869-3200791319-1005 -> Brak pliku <==== UWAGA
    Task: {D8A70E15-425D-4471-9A1A-746A0C41A855} - System32\Tasks\{18669A1B-E1A5-42CF-A1F6-F47EAEA37312} => pcalua.exe -a "C:\Users\Maniek\Desktop\Diagnoza\Interfejs VAG KKL USB\Sterownik_windows_10.exe" -d "C:\Users\Maniek\Desktop\Diagnoza\Interfejs VAG KKL USB"
    Task: {EBA79833-BD2C-4AE4-A00B-82B274EBE143} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {ED791531-6F07-40CA-A5D2-4FCA82E3B3AC} - System32\Tasks\{556B3E12-6DA6-4FE4-B68F-FE2F39C27E82} => pcalua.exe -a "I:\Interfejs VAG KKL USB\Sterownik_windows_10.exe" -d "I:\Interfejs VAG KKL USB"
    Task: {F004DB73-E6D4-4D5F-95E3-676CB5AAEF8B} - System32\Tasks\{73D0A848-A285-4D0C-92D6-2A2B9D8368D2} => pcalua.exe -a "I:\Interfejs STN1170 ELM327 USB v3\Sterownik_windows_10.exe"
    Task: {F3BC1AAE-F7FF-4610-B35B-371443E7F26C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {F91C7CA8-6028-4E8E-ADA4-0CAE9C449B7B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
    HKU\S-1-5-21-1402303034-2098991869-3200791319-1005\Software\Classes\regfile: regedit.exe "%1" <===== UWAGA
    (© 2015 Microsoft Corporation) C:\Users\Natalia\AppData\Local\Microsoft\BingSvc\BingSvc.exe
    HKU\S-1-5-21-1402303034-2098991869-3200791319-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Natalia\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-1402303034-2098991869-3200791319-1001\...\Run: [BingSvc] => C:\Users\Natalia\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-27] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-1402303034-2098991869-3200791319-1005\...\Run: [Akamai NetSession Interface] => C:\Users\Maniek\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-1402303034-2098991869-3200791319-1005\...\Run: [Maniek] => explorer.exe hxxp://kb-ribaki.org <===== UWAGA
    FF user.js: detected! => C:\Users\Maniek\AppData\Roaming\Mozilla\Firefox\Profiles\pmpere4f.default\user.js [2016-12-22]
    CHR HKU\S-1-5-21-1402303034-2098991869-3200791319-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Programy\Avast\WebRep\Chrome\aswWebRepChrome.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
    2017-01-15 12:19 - 2017-01-15 17:44 - 00000000 ____D C:\Users\Maniek\AppData\Roaming\Enigma Software Group
    2017-01-15 12:19 - 2017-01-15 12:19 - 00000000 _____ C:\autoexec.bat
    2017-01-15 12:04 - 2015-01-30 03:45 - 00000000 ____D C:\AdwCleaner
    2015-08-28 16:55 - 2015-08-28 16:55 - 0000016 _____ () C:\ProgramData\mntemp
    EmptyTemp:

    W FRST wybierz Napraw.

    Usun katalog C:\FRST i to wszystko.

    0
  • Pomocny post
    #4 15 Sty 2017 19:07
    Kolobos
    Spec od komputerów

    Nowy Fixlist.txt:
    CloseProcesses:
    HKU\S-1-5-21-1402303034-2098991869-3200791319-1005\...\Run: [Maniek] => explorer.exe hxxp://kb-ribaki.org <===== UWAGA

    0
  • #5 15 Sty 2017 19:23
    maniek01061999
    Poziom 6  

    Dzięki wielkie. Wszystko działa więc zamykam.

    0