Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Mail.ru i cmd cos pobiera

Labnori 08 Sty 2018 01:01 363 2
  • #2 08 Sty 2018 11:25
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:
    CustomCLSID: HKU\S-1-5-21-58987413-1646739696-1474314846-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\PawełŁ\AppData\Local\Microsoft\OneDrive\17.3.7073.1013\amd64\FileSyncShell64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-58987413-1646739696-1474314846-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\PawełŁ\AppData\Local\Microsoft\OneDrive\17.3.7073.1013\amd64\FileSyncShell64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-58987413-1646739696-1474314846-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\PawełŁ\AppData\Local\Microsoft\OneDrive\17.3.7073.1013\amd64\FileSyncShell64.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-58987413-1646739696-1474314846-1002_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
    Task: {0950D287-886A-40E3-BE4F-5EBC6D792DF1} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
    Task: {0A9E3B2F-1901-4E92-BBB0-D827E82DA748} - System32\Tasks\App Explorer => C:\Users\PawełŁ\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2017-07-27] (SweetLabs, Inc) <==== UWAGA
    Task: {323EDC73-8477-42B5-BB33-8660D7F6B4ED} - System32\Tasks\GfuS => C:\Program Files (x86)\upaCu.exe <==== UWAGA




    Task: {3FB747FA-8013-4EE0-9A14-14FEF02570BC} - System32\Tasks\AaUfEiSp => C:\WINDOWS\SysWOW64\DYxpjOuAoyyEU.bat [2017-09-29] () <==== UWAGA
    Task: {F913D112-492D-4E96-B620-01345C02CC67} - System32\Tasks\MailRuUpdater => C:\Users\PawełŁ\AppData\Local\Mail.Ru\MailRuUpdater.exe <==== UWAGA
    Task: {FC94DA0E-9C78-40F9-B781-9AC860324F57} - System32\Tasks\yhpyui => C:\WINDOWS\CEzpx.bat [2017-09-29] () <==== UWAGA
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA
    HKU\S-1-5-21-58987413-1646739696-1474314846-1002\...\Run: [mailruhomesearch] => "C:\Users\PawełŁ\AppData\Local\Mail.Ru\Sputnik\ptls\mailruhomesearch.exe" --pr_deferred
    HKU\S-1-5-21-58987413-1646739696-1474314846-1002\...\Run: [MailRuUpdater] => C:\Users\PawełŁ\AppData\Local\Mail.Ru\MailRuUpdater.exe
    HKU\S-1-5-21-58987413-1646739696-1474314846-1002\...\MountPoints2: {258f420b-53fe-11e7-af23-507b9da7341d} - "E:\HiSuiteDownLoader.exe"
    GroupPolicy: Ograniczenia <==== UWAGA
    GroupPolicy\User: Ograniczenia <==== UWAGA
    HKU\S-1-5-21-58987413-1646739696-1474314846-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/cnt/10445?gp=811141
    SearchScopes: HKU\S-1-5-21-58987413-1646739696-1474314846-1002 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B395A9AAC-186F-4DCD-8467-3BD605BCB930%7D&gp=811142
    SearchScopes: HKU\S-1-5-21-58987413-1646739696-1474314846-1002 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B395A9AAC-186F-4DCD-8467-3BD605BCB930%7D&gp=811142
    BHO-x32: Search(malpa)Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\PawełŁ\AppData\Local\Mail.Ru\Sputnik\ie_addon_dll.dll => Brak pliku
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    S2 mrupdsrv; "C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe" --s [X]
    R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
    S2 Updater.Mail.Ru; C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe --s [X]
    2018-01-05 21:39 - 2018-01-08 00:39 - 000003368 _____ C:\WINDOWS\System32\Tasks\AaUfEiSp
    2018-01-05 21:39 - 2018-01-07 23:02 - 000002708 _____ C:\WINDOWS\System32\Tasks\GfuS
    2018-01-05 21:39 - 2018-01-07 23:02 - 000002536 _____ C:\WINDOWS\System32\Tasks\yhpyui
    2018-01-05 21:39 - 2018-01-05 21:39 - 000000001 _____ C:\Users\PawełŁ\AppData\Local\WMI.ini
    2018-01-05 21:39 - 2017-09-29 14:42 - 000174592 _____ (Microsoft Corporation) C:\Users\PawełŁ\AppData\Roaming\ooyuUdyoPEuZ.exe
    2018-01-05 21:39 - 2017-09-29 14:42 - 000000061 _____ C:\WINDOWS\SysWOW64\DYxpjOuAoyyEU
    2018-01-05 21:39 - 2017-09-29 14:42 - 000000053 _____ C:\WINDOWS\CEzpx
    2018-01-05 21:38 - 2018-01-07 23:02 - 000002266 _____ C:\WINDOWS\System32\Tasks\MailRuUpdater
    2018-01-05 21:38 - 2018-01-07 13:14 - 000000000 ____D C:\Users\PawełŁ\Downloads\Divinity - Original Sin 2 by xatab
    2018-01-05 21:38 - 2018-01-05 21:38 - 000062690 _____ C:\Users\PawełŁ\Downloads\divinity-original-sin-2-v3_0_160_028.torrent
    2018-01-05 21:32 - 2018-01-05 21:32 - 000000529 _____ C:\Users\PawełŁ\Downloads\divinity-original-sin-2-v3_0_160_028_16Y8IW.torrent
    2017-12-20 23:52 - 2017-12-20 23:52 - 000000000 ____D C:\Users\PawełŁ\AppData\Local\ESET
    2017-12-20 23:51 - 2017-12-20 23:51 - 006974584 _____ (ESET spol. s r.o.) C:\Users\PawełŁ\Downloads\esetonlinescanner_plk.exe
    2017-09-29 14:42 - 2017-09-29 14:42 - 000001059 ____N () C:\Users\PawełŁ\GuOylPU.bat
    2017-07-08 01:30 - 2017-07-08 01:30 - 039293312 _____ () C:\Users\PawełŁ\AppData\Roaming\gameboxsetup.exe
    2018-01-05 21:39 - 2017-09-29 14:42 - 000174592 _____ (Microsoft Corporation) C:\Users\PawełŁ\AppData\Roaming\ooyuUdyoPEuZ.exe
    2017-10-01 01:09 - 2017-10-01 01:09 - 000001501 _____ () C:\Users\PawełŁ\AppData\Local\recently-used.xbel
    2018-01-05 21:39 - 2018-01-05 21:39 - 000000001 _____ () C:\Users\PawełŁ\AppData\Local\WMI.ini
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #3 08 Sty 2018 17:09
    Labnori
    Poziom 6  

    Ok dzięki mam nadzieje ze to pomoże

    0