Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] Prośba o sprawdzenie logów FRST

taxiarz 01 Lip 2018 09:46 84 2
  • Pomocny post
    #2 01 Lip 2018 10:19
    safbot1st
    Poziom 43  

    Odinstaluj Advanced SystemCare 4,

    Podaję fixlist:

    C:\Program Files (x86)\IObit\
    ContextMenuHandlers1: [Advanced SystemCare] -> {7C8D3E6A-13A6-4D8F-BF77-D267D0F9AC21} => C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCv4ExtMenu_64.dll [2011-04-21] ()
    ContextMenuHandlers2: [Advanced SystemCare] -> {7C8D3E6A-13A6-4D8F-BF77-D267D0F9AC21} => C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCv4ExtMenu_64.dll [2011-04-21] ()
    ContextMenuHandlers4: [Advanced SystemCare] -> {7C8D3E6A-13A6-4D8F-BF77-D267D0F9AC21} => C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCv4ExtMenu_64.dll [2011-04-21] ()
    Task: {B3D1A1A4-A243-4CB2-B24E-71E5D5312191} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe [2011-04-21] (IObit)
    R2 AdvancedSystemCareService; C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [352656 2011-04-21] (IObit) [Brak podpisu cyfrowego]
    HKU\S-1-5-21-3208515226-2010266281-175035788-1001\...\MountPoints2: {7f8d7cbd-8cf5-11e7-9751-001bb1f83952} - F:\iStudio.exe
    HKU\S-1-5-21-3208515226-2010266281-175035788-1001\...\MountPoints2: {e817bf09-87d3-11e6-8e73-806e6f6e6963} - F:\AutoRun.exe
    HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
    HKU\S-1-5-21-3208515226-2010266281-175035788-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190
    HKU\S-1-5-21-3208515226-2010266281-175035788-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
    Toolbar: HKU\S-1-5-21-3208515226-2010266281-175035788-1001 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku
    FF Extension: (Советник Яндекс.Маркета) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\sovetnik-yandex@yandex.ru.xpi [2017-06-06]
    FF Extension: (Visual Bookmarks) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\vb@yandex.ru.xpi [2017-06-06] [Przestarzałe]
    FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2010-12-29] [Przestarzałe] [Brak podpisu cyfrowego]




    FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
    2016-09-24 09:09 - 2018-05-30 21:29 - 002305896 _____ (ALLPlayer ) C:\Users\Wanda\AppData\Local\Temp\ALLRemote.exe
    2016-12-13 19:42 - 2016-12-13 19:42 - 001118360 _____ (ˆ 2015 Microsoft Corporation) C:\Users\Wanda\AppData\Local\Temp\BSvcProcessor.exe
    2016-12-13 19:42 - 2016-12-13 19:42 - 000170128 _____ (ˆ 2015 Microsoft Corporation) C:\Users\Wanda\AppData\Local\Temp\BSvcUpdater.exe
    2016-09-24 17:10 - 2018-02-10 13:34 - 004346990 _____ (Napisy24.pl ) C:\Users\Wanda\AppData\Local\Temp\Napisy24.exe
    2018-06-11 23:21 - 2017-08-18 11:46 - 002167152 _____ () C:\Users\Wanda\AppData\Local\Temp\WinRARx86Rus.exe
    „Messenger“ pagalbinė priemonė (HKLM-x32\...\{7E274911-32ED-4489-9B04-4EF100D0E4D3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    „Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    „Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
    „Windows Live Messenger“ (HKLM-x32\...\{539A0CEA-17E4-4FE4-A5E8-EC5D40610A79}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
    „Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Agatha Christie - Death on the Nile (HKLM-x32\...\WT085587) (Version: 2.2.0.82 - WildTangent) Hidden
    BatteryLifeExtender (HKLM-x32\...\{EA257ECF-5F72-4461-B890-959394DCD087}) (Version: 1.0.10 - Samsung)
    Bejeweled 2 Deluxe (HKLM-x32\...\WT089286) (Version: 2.2.0.95 - WildTangent) Hidden
    Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
    Build-a-lot (HKLM-x32\...\WT085597) (Version: 2.2.0.82 - WildTangent) Hidden
    Chuzzle Deluxe (HKLM-x32\...\WT085567) (Version: 2.2.0.82 - WildTangent) Hidden
    Complément Messenger (HKLM-x32\...\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Complemento Messenger (HKLM-x32\...\{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT085559) (Version: 2.2.0.82 - WildTangent) Hidden
    Doplnok programu Messenger (HKLM-x32\...\{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Farm Frenzy (HKLM-x32\...\WT085618) (Version: 2.2.0.82 - WildTangent) Hidden
    Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Insaniquarium Deluxe (HKLM-x32\...\WT085622) (Version: 2.2.0.82 - WildTangent) Hidden
    John Deere Drive Green (HKLM-x32\...\WT085580) (Version: 2.2.0.82 - WildTangent) Hidden
    Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Assistent (HKLM-x32\...\{56D42B00-572C-4AE9-BCFB-CD45A3B5D0E1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{066219C8-4BE6-46D7-9E01-60FCFA6B32DC}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{082E37F5-3924-4168-A69A-1B6B1FEA587C}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{3889988F-762B-4B85-AB17-71C9CC3AE445}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{6DD3B54B-F0D0-4A69-8344-F52033225A02}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{781E0319-15CD-4A4C-A47E-D9FFF697E7A1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{8142D25E-028A-4563-86ED-5755783C8029}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{847C879C-1467-4924-A491-1302B4C58F70}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{939C80FA-96C9-44A6-B318-8E7D8BD8481B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{96403552-88D1-429F-9C92-388B814B885E}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{B44F3823-52DD-45CA-A916-8B320778715D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{C7DAD22D-29D4-438F-B986-03B9ED582EA4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{D4F81B27-4054-4AD6-A588-265508BAA17C}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{D58E381C-DE02-46A9-B9D1-A2CB807D2676}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger kísérő (HKLM-x32\...\{F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Pratilac (HKLM-x32\...\{902585EB-8FA3-43A5-AD1C-5C9821A77114}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger Suradnik (HKLM-x32\...\{3FD1CB9F-807F-451B-926C-9D19C84CFC61}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger 사이트 공유 (HKLM-x32\...\{AB067785-9646-456B-91C3-E71228132A4C}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger 分享元件 (HKLM-x32\...\{CF088261-BC81-4FB9-9BA0-7B5B9602D01A}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger 浏览器插件 (HKLM-x32\...\{7F061FA8-5A87-4758-876B-17EE28B358D0}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Messenger-kumppani (HKLM-x32\...\{D657CCB5-9F2F-4D3C-B93D-F77EBEF79B66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Peggle (HKLM-x32\...\WT085663) (Version: 2.2.0.82 - WildTangent) Hidden
    Penguins! (HKLM-x32\...\WT085581) (Version: 2.2.0.82 - WildTangent) Hidden
    Plants vs. Zombies (HKLM-x32\...\WT085669) (Version: 2.2.0.82 - WildTangent) Hidden
    Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Polar Golfer (HKLM-x32\...\WT085583) (Version: 2.2.0.82 - WildTangent) Hidden
    Pomocnik Messenger (HKLM-x32\...\{BD8DA595-F501-4ABE-85A0-5C23E82472A0}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Samsung AnyWeb Print (HKLM-x32\...\{6C016AC4-0282-4C82-B12F-3D5910DA7319}) (Version: 1.0 - Samsung Electronics Co., Ltd.) Hidden
    Spremljevalec Messenger (HKLM-x32\...\{F14F9EE9-9B68-42B4-90F7-0924F7619281}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
    WildTangent ORB Game Console (HKLM-x32\...\Game Console - WildGames) (Version: - WildTangent) Hidden
    Zuma Deluxe (HKLM-x32\...\WT089285) (Version: 2.2.0.95 - WildTangent) Hidden
    Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Компаньон Messenger (HKLM-x32\...\{3705D53F-BB01-4BEE-8585-289E71CAC4B4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Помощник на Messenger (HKLM-x32\...\{FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
    Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    מסייע Messenger (HKLM-x32\...\{AB5977C5-11AE-4003-BA7D-261C48F2BC35}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Shortcut: C:\Users\Wanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Новости в последней версии.lnk -> C:\Program Files (x86)\WinRAR\WhatsNew.txt () <==== Cyrillic
    Shortcut: C:\Users\Wanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Руководство по консольной версии RAR.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt () <==== Cyrillic
    Shortcut: C:\Users\Wanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Справка WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm () <==== Cyrillic
    EmptyTemp:

    Infekcji brak, jednak po wykonaniu naprawy odinstaluj złośliwe gry "WildTangent" oraz instalacje Windows Live i Messengera dla krajów z cyrylicą tudzież innymi krzaczkami.
    Instalacje pojawią się po wykonaniu naprawy, gdyż są ukryte.

    0
  • #3 01 Lip 2018 12:59
    taxiarz
    Poziom 14  

    Zgodnie z instrukcją wykonano czyszczenie. Dziękuję serdecznie.

    1