Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Startparimatch. Przeglądarka chrome, logi FRST

f1sheer 13 Mar 2017 08:56 222 1
  • Pomocny post
    #2 13 Mar 2017 09:25
    krzychupar
    Poziom 40  

    Odinstaluj:
    McAfee Security Scan Plus

    Otwórz notatnik systemowy i wklej:
    Task: {293FC229-A398-415B-B499-CCCFC832607C} - System32\Tasks\httpbubskiv2rufreemanm => Chrome.exe hxxp://bubskiv2.ru/freemanm <==== UWAGA
    Task: {2ED77BA9-37F9-4D48-80A1-601178F53AF1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {43956BFA-0732-4358-BA26-AD70E16430AA} - \WPD\SqmUpload_S-1-5-21-502776278-3225769316-1208340296-1001 -> Brak pliku <==== UWAGA
    Task: {56354CA2-DFED-4F7B-B536-59DF1A1DBA9E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {69B4382B-CE62-4D3B-B960-8A6A54BCE95A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {C01D2FEC-F349-471E-802E-77DA0F2DC21B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {E1773E88-C6EA-4A2B-B701-BE23022AA662} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    ShortcutWithArgument: C:\Users\Eryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,FileProtocolHandler "hxxp://www.mail.ru/cnt/20775012?gp=811035"
    HKU\S-1-5-21-502776278-3225769316-1208340296-1001\...\MountPoints2: {55a0c14e-f79a-11e6-827a-28c2dd1b1020} - "E:\AutoRun.exe"
    HKU\S-1-5-21-502776278-3225769316-1208340296-1001\...\MountPoints2: {55a0c185-f79a-11e6-827a-28c2dd1b1020} - "E:\AutoRun.exe"
    HKU\S-1-5-21-502776278-3225769316-1208340296-1001\...\MountPoints2: {55a0c1c3-f79a-11e6-827a-28c2dd1b1020} - "E:\AutoRun.exe"
    Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-03-08]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
    GroupPolicy: Ograniczenia <======= UWAGA
    GroupPolicy\User: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-502776278-3225769316-1208340296-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/cnt/10445?gp=811040
    SearchScopes: HKU\S-1-5-21-502776278-3225769316-1208340296-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B53DBF628-DF61-47A4-9DEF-C7170D54E59A%7D&gp=811041
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
    2017-03-08 21:37 - 2017-03-08 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    2017-03-08 21:37 - 2017-03-08 21:37 - 00000000 ____D C:\Program Files\McAfee Security Scan
    2017-03-08 21:07 - 2017-03-08 21:07 - 00000000 ____D C:\ProgramData\McAfee Security Scan
    2017-03-12 20:10 - 2017-01-28 20:39 - 00000000 ____D C:\Program Files (x86)\McAfee
    2017-03-10 23:24 - 2017-01-28 20:29 - 00000000 ____D C:\ProgramData\McAfee
    2017-03-08 21:15 - 2017-01-28 20:39 - 00000000 ____D C:\Program Files\Common Files\McAfee
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0