Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Skany logów FRST + addition

bento94 17 Lip 2018 16:54 144 4
  • #2 17 Lip 2018 18:38
    Kolobos
    Spec od komputerów

    Odinstaluj:
    AnonymizerGadget
    Chameleon Explorer

    Wykonaj Fixlist.txt dla FRST:
    Task: {1E40E904-E31D-49AC-81FE-5819AD4FDF11} - System32\Tasks\AGProxyCheck => C:\Program [Argument = Files (x86)\AnonymizerGadget\AGService.exe /recove]
    Task: {4671D3DB-D253-45D8-BB10-4C2EDBB33DB1} - \RILLITO -> Brak pliku <==== UWAGA
    Task: {656E6EF0-A137-44DB-ACEA-95F87AD584B1} - System32\Tasks\ViBjpuTCPmqJgCV => rundll32 "C:\Users\daniel\AppData\Local\Temp\pafUupFWESBBWQxVi\HQnWPqIsfeHPDCgF\bYLozwz.dll",#1 /adp MNET9ZMET6YNET1ANET8AMET4FMET4KNET5ZNET2GNET9DNET2BMET3GOET1XMET0ZNET7MNET6 /site_id 758 <==== UWAGA
    Task: {686A3FC4-8EE3-4CDA-A63F-E92049008C12} - System32\Tasks\Iota\Micro\Miclip => C:\ProgramData\Mbvhost.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Task: C:\WINDOWS\Tasks\RILLITO.job => C:\Program Files\RILLITO\RILLITO.exe
    Task: C:\WINDOWS\Tasks\ViBjpuTCPmqJgCV.job => C:\Users\daniel\AppData\Local\Temp\pafUupFWESBBWQxVi\HQnWPqIsfeHPDCgF\bYLozwz.dll <==== UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA
    C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dccefhjaifdmpkjcbiojjennojmedchc
    CHR Extension: (Adblocker for Youtube™) - C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dccefhjaifdmpkjcbiojjennojmedchc [2018-07-14] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== UWAGA
    2018-07-14 16:00 - 2018-07-14 17:17 - 000000000 ____D C:\Users\daniel\AppData\Roaming\rs1hejpycpu
    2018-07-14 16:00 - 2018-07-14 17:17 - 000000000 ____D C:\Users\daniel\AppData\Roaming\55dn5ilbavf
    2018-07-14 16:00 - 2018-07-14 17:17 - 000000000 ____D C:\Users\daniel\AppData\Roaming\4vsssr0gpd3
    2018-07-14 16:00 - 2018-07-14 16:00 - 000000000 ____D C:\ProgramData\JetMedia
    2018-07-14 15:59 - 2018-07-14 17:17 - 000000000 ____D C:\Users\daniel\AppData\Roaming\td5imi3s4p1
    2018-07-14 15:59 - 2018-07-14 17:17 - 000000000 ____D C:\Users\daniel\AppData\Roaming\jd2pmwecbi2
    2018-07-14 15:56 - 2018-07-14 15:58 - 000000586 _____ C:\WINDOWS\Tasks\ViBjpuTCPmqJgCV.job
    2018-07-14 15:56 - 2018-07-14 15:56 - 000003018 _____ C:\WINDOWS\System32\Tasks\ViBjpuTCPmqJgCV
    2018-07-14 15:54 - 2018-07-17 12:28 - 000000000 ____D C:\Users\daniel\AppData\Roaming\okz4x550szh
    2018-07-14 15:54 - 2018-07-17 12:26 - 000000000 ____D C:\Users\daniel\AppData\Roaming\a5g2bdz1zmd
    2018-07-14 15:54 - 2018-07-14 15:55 - 000000000 __SHD C:\ProgramData\360Quarant
    2018-07-14 15:54 - 2018-07-14 15:55 - 000000000 __SHD C:\$360Section
    2018-07-14 15:53 - 2018-07-14 17:16 - 000000000 ____D C:\Program Files (x86)\ProxyGate
    2018-07-14 15:53 - 2018-07-14 15:53 - 000002984 _____ C:\WINDOWS\System32\Tasks\Chameleon Folder-daniel




    2018-07-14 15:53 - 2018-07-14 15:53 - 000000000 ____D C:\WINDOWS\System32\Tasks\Iota
    2018-07-14 15:53 - 2018-07-14 15:53 - 000000000 ____D C:\Users\daniel\AppData\Roaming\Python
    2018-07-14 15:53 - 2018-06-19 13:57 - 000095232 _____ (360.cn) C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys
    2018-07-14 15:52 - 2018-07-14 17:18 - 000000000 ____D C:\Program Files\NzQ0MzFkNTEz
    2018-07-14 15:52 - 2018-07-14 17:17 - 000000000 ____D C:\Users\daniel\AppData\Roaming\qvdfeklqly1
    2018-07-14 15:52 - 2018-07-14 17:17 - 000000000 ____D C:\Users\daniel\AppData\Roaming\pv24q25lqbn
    2018-07-14 15:52 - 2018-07-14 17:16 - 000000000 ____D C:\Users\daniel\AppData\Roaming\2df4oykrds0
    2018-07-14 15:52 - 2018-07-14 16:06 - 000000000 ____D C:\Program Files (x86)\FireBall
    2018-07-14 15:52 - 2018-07-14 16:04 - 000000000 ____D C:\Program Files\RILLITO
    2018-07-14 15:52 - 2018-07-14 15:58 - 000001540 _____ C:\WINDOWS\Tasks\RILLITO.job
    2018-07-14 15:52 - 2018-07-14 15:52 - 000140800 _____ C:\Users\daniel\AppData\Local\installer.dat
    2018-07-14 15:52 - 2018-07-14 15:52 - 000000000 ____D C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnonymizerGadget
    2018-07-14 15:51 - 2018-07-14 17:18 - 000000000 ____D C:\Program Files (x86)\AnonymizerGadget
    2018-07-14 15:51 - 2018-07-14 17:17 - 000000000 ____D C:\Users\daniel\AppData\Roaming\WNetworkMgmt
    2018-07-14 15:51 - 2018-07-14 16:00 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
    2018-07-14 15:51 - 2018-07-14 15:59 - 000000000 ____D C:\Program Files (x86)\360
    2018-07-14 15:51 - 2018-07-14 15:52 - 000000000 ____D C:\Users\daniel\AppData\Roaming\AGData
    2018-07-14 15:51 - 2018-07-14 15:51 - 000003418 _____ C:\WINDOWS\System32\Tasks\AGProxyCheck
    2018-07-14 15:52 - 2018-07-14 15:52 - 000140800 _____ () C:\Users\daniel\AppData\Local\installer.dat

    0
  • #4 18 Lip 2018 06:48
    Kolobos
    Spec od komputerów

    Usun katalog C:\FRST i to wszystko.

    0
  • #5 27 Lip 2018 23:07
    RADU23
    Moderator - Komputery Serwis

    Jeszcze możesz wykonać taki fixlist:

    Cytat:
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [Brak pliku]
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [Brak pliku]
    U3 iswSvc; Brak ImagePath
    ShellIconOverlayIdentifiers: [ !!!smico] -> {C6E713CA-A7FD-4C73-9E34-AD7676CB957F} => -> Brak pliku
    ContextMenuHandlers1: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> Brak pliku
    ContextMenuHandlers1: [SMShellExts] -> {3871F95B-BF7A-4c17-950B-3ECBCA765A45} => -> Brak pliku
    ContextMenuHandlers1-x32: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => -> Brak pliku
    ContextMenuHandlers2: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> Brak pliku
    ContextMenuHandlers4: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> Brak pliku
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
    ContextMenuHandlers6-x32: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => -> Brak pliku
    Task: {4D453E1B-39BB-48A5-A3E7-EB9EA5A29C23} - \Chameleon Folder-daniel -> Brak pliku <==== UWAGA

    0