Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Windows 10 - plusnetwork.com.. - plusnetwork, i inne malware, zaburzone działani

Szajbonio 11 Lut 2017 19:07 300 2
  • #2 11 Lut 2017 19:31
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:
    Task: {5CAB225C-A08B-4F6D-ACA3-E2F797AE6D24} - System32\Tasks\Opera scheduled Autoupdate 1486834083 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-06] (Opera Software)
    Task: {8CDD79F6-C051-493A-9F74-147EC18BBDCC} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe [2017-01-25] (ESET)
    Task: {9A825B26-F89C-464A-AF4E-13A3F838AA03} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-01] (AVAST Software)
    ShortcutWithArgument: C:\Users\Mateusz\Desktop\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
    ShortcutWithArgument: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
    Hosts:
    HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (dane wartości zawierają 36 znaków więcej).
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    GroupPolicy: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-3086559287-1667134938-3166530573-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => Brak pliku
    FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => nie znaleziono
    FF Plugin HKU\S-1-5-21-3086559287-1667134938-3166530573-1001: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll [Brak pliku]
    CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx <nie znaleziono>
    S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]
    U0 aswVmm; Brak ImagePath
    S1 epp; \??\C:\PROGRAM FILES (X86)\EMISOFT\BIN64\epp.sys [X]
    S3 NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.7.1.32\Definitions\SDSDefs\20170210.001\ENG64.SYS [X]
    S3 NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.7.1.32\Definitions\SDSDefs\20170210.001\EX64.SYS [X]
    2017-02-11 17:22 - 2017-02-11 17:23 - 00000000 ____D C:\Users\Mateusz\Downloads\SpyHunter 4.1.11.0 + Crack
    2017-02-11 17:22 - 2017-02-11 17:22 - 00000000 ____D C:\Users\Mateusz\AppData\LocalLow\uTorrent
    2017-02-10 14:10 - 2017-02-11 19:00 - 00000000 ____D C:\AdwCleaner
    2017-02-01 20:46 - 2017-02-11 18:22 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
    2017-02-01 20:45 - 2017-02-10 15:59 - 00000000 ____D C:\ProgramData\AVAST Software
    C:\Windows\System32\BDSandBoxUISkin32.dll
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0