Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o sprawdzenie logów FRST

Agrehor 24 Maj 2017 11:54 381 4
  • Pomocny post
    #2 24 Maj 2017 12:29
    Kolobos
    Spec od komputerów

    Nie sciagaj bezmyslnie, zainfekowanych aktywatorow.

    Zgraj zakladki z Chrome, profil zostanie usuniety.

    Odinstaluj:
    initialpage123 - Uninstall
    SlimCleaner Plus
    Chrome

    Wykonaj Fixlist.txt dla FRST:
    Task: {7B4F07FF-8BD1-4957-9EC9-5BE7A1016F4B} - System32\Tasks\AutoPico Daily Restart => C:\Users\Marcin\AppData\Local\Temp\RarSFX0\AutoPico.exe <==== ATTENTION
    Task: {BB73041C-48AE-41C3-BDB7-86DB1C796AE6} - System32\Tasks\Microsoft\Windows\DeviceSettings\Kisose => msiexec.exe /i hxxp://D2bUH1bF1g584W.clOuDfroNt.net/mmtsk/oc...ATAXSP900NS38_2G2920002877&amp;d=20170524 /q <==== ATTENTION
    Task: {DCF783CD-D6CA-402A-B3B5-3A5469F96140} - System32\Tasks\Maqtainipuch Cloud => C:\Program Files (x86)\Couteghthuvuy\yaupdcache.exe [2017-05-24] ()
    HKLM\...\Providers\zqhedljj: C:\Program Files (x86)\Maqtainipuch Cloud\local64spl.dll [308224 2017-05-24] ()
    ShellExecuteHooks: No Name - {19723278-3EB3-11E7-8F89-64006A5CFC23} - C:\Users\Marcin\AppData\Roaming\Nudercultcaberward\Rfechdrobiied.dll [145408 2017-05-24] ()
    CHR DefaultProfile: futukogechpluces
    CHR HomePage: futukogechpluces -> about:blank
    CHR StartupUrls: futukogechpluces -> "","hxxp://www.initialpage123.com/?z=caf76b03d45d70ec9b829b9g9z1t5w3q7g3q2b7tdz&from=amz&uid=ADATAXSP900NS38_2G2920002877&type=hp"
    CHR Profile: C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\futukogechpluces [2017-05-24] <==== ATTENTION
    C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\futukogechpluces
    CHR Extension: (Prezentacje Google) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\futukogechpluces\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-23]
    CHR Extension: (Dokumenty Google) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\futukogechpluces\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-23]
    CHR Extension: (Dysk Google) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\futukogechpluces\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-23]
    CHR Extension: (YouTube) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\futukogechpluces\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-23]
    CHR Extension: (Arkusze Google) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\futukogechpluces\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-23]
    CHR Extension: (Dokumenty Google offline) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\futukogechpluces\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-23]
    CHR Extension: (AdBlock) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\futukogechpluces\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-05-24]
    CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\futukogechpluces\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-23]




    CHR Extension: (Adblock Pro) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\futukogechpluces\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2017-05-24]
    CHR Extension: (Gmail) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\futukogechpluces\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-23]
    CHR Extension: (Chrome Media Router) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\futukogechpluces\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-23]
    2017-05-24 11:17 - 2017-05-24 11:19 - 00000000 ____D C:\AdwCleaner
    2017-05-24 11:08 - 2017-05-24 11:08 - 00006122 _____ C:\Windows\System32\Tasks\Maqtainipuch Cloud
    2017-05-24 11:08 - 2017-05-24 11:08 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Nudercultcaberward
    2017-05-24 11:08 - 2017-05-24 11:08 - 00000000 ____D C:\Users\Marcin\AppData\Local\Receentrioward
    2017-05-24 11:08 - 2017-05-24 11:08 - 00000000 ____D C:\Program Files (x86)\Maqtainipuch Cloud
    2017-05-24 11:08 - 2017-05-24 11:08 - 00000000 ____D C:\Program Files (x86)\Couteghthuvuy
    2017-05-23 17:53 - 2017-05-23 17:53 - 00135240 _____ C:\Users\Marcin\AppData\Roaming\3799672641
    2017-05-23 17:53 - 2017-05-23 17:53 - 00016658 _____ C:\Users\Marcin\US2D0-1DFTR-KTZTX-THXHT-ZYYYY.html
    2017-05-23 17:53 - 2017-05-23 17:53 - 00016658 _____ C:\Users\Marcin\AppData\Roaming\US2D0-1DFTR-KTZTX-THXHT-ZYYYY.html
    2017-05-23 17:53 - 2017-05-23 17:53 - 00000956 _____ C:\Program Files (x86).lnk
    2017-05-23 17:53 - 2017-05-23 17:53 - 00000944 _____ C:\Program Files.lnk
    2017-05-23 17:53 - 2017-05-23 17:53 - 00000934 _____ C:\PerfLogs.lnk
    2017-05-23 17:53 - 2017-05-23 17:53 - 00000932 _____ C:\Windows.lnk
    2017-05-23 17:53 - 2017-05-23 17:53 - 00000928 _____ C:\Users.lnk
    2017-05-23 17:53 - 2017-05-23 17:53 - 00000928 _____ C:\Intel.lnk
    2017-05-23 17:53 - 2017-05-23 17:53 - 0135240 _____ () C:\Users\Marcin\AppData\Roaming\3799672641
    2017-05-23 17:53 - 2017-05-23 17:53 - 0016658 _____ () C:\Users\Marcin\AppData\Roaming\US2D0-1DFTR-KTZTX-THXHT-ZYYYY.html
    C:\Users\Marcin\installshield_scm.reg
    C:\Users\Marcin\scm.reg
    EmptyTemp:

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    0
  • Pomocny post
    #4 24 Maj 2017 14:13
    Kolobos
    Spec od komputerów

    Usun: C:\Users\Marcin\Downloads\Fixlog.txt
    C:\Users\Marcin\Downloads\FRST-OlderVersion
    C:\FRST
    To wszystko.

    0
  • #5 24 Maj 2017 14:19
    Agrehor
    Poziom 10  

    Dziękuje za pomoc. Pozdrawiam

    0