Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Proszę o sprawdzenie logów

tysia.kr 20 Lip 2018 10:03 102 1
  • #1 20 Lip 2018 10:03
    tysia.kr
    Poziom 7  

    Witam,

    bardzo proszę o sprawdzenie logów. Od jakiegoś czasu przekierowuje mnie z przeglądarki na nie chciane strony i komputer jest zalewany wyskakującymi okienkami z reklamami.

    Bardzo dziękuję za pomoc.

    0 1
  • #2 20 Lip 2018 11:14
    safbot1st
    Poziom 43  

    Wklej w notatnik:

    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
    Tcpip\Parameters: [DhcpNameServer] 62.179.1.61 62.179.1.63
    Tcpip\..\Interfaces\{0BBDB9A5-D747-4D56-8445-8A34B76B5CFB}: [DhcpNameServer] 62.179.1.61 62.179.1.63
    Tcpip\..\Interfaces\{0E5CDCA4-CA1E-4EA5-A09A-210C06757D36}: [DhcpNameServer] 208.67.220.220 10.0.0.138
    SearchScopes: HKU\S-1-5-21-2644010997-3895038919-4171945393-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
    BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
    CHR HomePage: Default -> hxxp://www.radiozet.pl/
    CHR HKU\S-1-5-21-2644010997-3895038919-4171945393-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2018-07-20 09:35 - 2018-07-20 09:36 - 000000000 ____D C:\AdwCleaner
    2018-06-23 18:51 - 2017-04-08 20:27 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    Task: {07872B83-6896-4667-91A1-E0644908C1A1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
    Task: {07872B83-6896-4667-91A1-E0644908C1A1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-08] (Microsoft Corporation)
    Task: {4A3AD096-0CEC-4020-B758-44C99E61AA9B} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
    Task: {55E220B7-078B-4D66-B1FA-DF89EC27DDA6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-06-25] (AVG Technologies CZ, s.r.o.)
    Task: {648C7E79-3F14-4B08-8476-303E57D5C022} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-04-13] (AVG Technologies CZ, s.r.o.)
    Task: {74C7F546-BF4D-4C51-8F05-00868B010601} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
    Task: {74C7F546-BF4D-4C51-8F05-00868B010601} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
    Task: {74C7F546-BF4D-4C51-8F05-00868B010601} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-08] (Microsoft Corporation)
    Task: {B2FE440B-A8E1-4F8C-B50C-A47E0C03E6FC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
    Task: {B2FE440B-A8E1-4F8C-B50C-A47E0C03E6FC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-08] (Microsoft Corporation
    Task: {D0D81FB7-36E7-4BA1-82AB-FC856F6C58A5} - System32\Tasks\OpenIE => C:\Program Files\Internet Explorer\IEXPLORE.EXE
    Task: {DDC217FB-2C2F-4501-892A-2DC4C1A8E774} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
    Task: {DDC217FB-2C2F-4501-892A-2DC4C1A8E774} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-08] (Microsoft Corporation)
    EmptyTemp:

    i zapisz jako fixlist.txt obok FRST.exe. W FRST kliknij "Napraw" i po naprawie usuń C:\FRST

    0