Elektroda.pl
Elektroda.pl
X
Prosz, dodaj wyj徠ek www.elektroda.pl do Adblock.
Dzi瘯i temu, 瞠 ogl康asz reklamy, wspierasz portal i u篡tkownik闚.

[Rozwi您ano] B陰d rundll przy uruchamianiu systemu

piter498 08 Sie 2018 19:48 102 4
  • Pomocny post
    #2 08 Sie 2018 20:10
    Kolobos
    Spec od komputer闚

    Odinstaluj: PriceFountain

    Wykonaj Fixlist.txt dla FRST:
    Task: {46560674-3136-4F64-8DFB-051B6B37B299} - System32\Tasks\{25FE5CDD-0236-4F10-B562-16CF562B0E0C} => C:\Windows\system32\pcalua.exe -a C:\Users\acer\Downloads\AVG_Protection_Free_1064.exe -d C:\Users\acer\Downloads
    Task: {CDE76C03-56A3-4E2B-9425-4441ADBF4263} - System32\Tasks\acerAbrogatorMissilesV2 => rundll32.exe SkimpsLaggings.dll,main 7 1 <==== UWAGA
    Task: {D40596C4-0175-473B-8488-C94AB26552F1} - System32\Tasks\{49A66C53-BAB8-41C7-9268-5D060583D606} => C:\Windows\system32\pcalua.exe -a C:\Users\acer\Downloads\1370d67f2bmp68-win-mp250-105-eae24.exe -d C:\Users\acer\Downloads
    Task: {FFC54883-A30E-49BB-8CC6-B2AED35D9350} - System32\Tasks\{0CDF1BF4-D552-43E2-A9D0-9F9763FF5301} => C:\Windows\system32\pcalua.exe -a "C:\Users\acer\Downloads\Instalator Deluxe Ski Jump 2.exe" -d C:\Users\acer\Downloads
    HKU\S-1-5-21-924651746-1697844791-3824934317-1000\...\MountPoints2: E - E:\Setup.exe
    HKU\S-1-5-21-924651746-1697844791-3824934317-1000\...\MountPoints2: {27321bb0-64f0-11e8-9174-001f16cfc4e5} - E:\Setup.exe
    HKU\S-1-5-21-924651746-1697844791-3824934317-1000\...\MountPoints2: {27321bc4-64f0-11e8-9174-001f16cfc4e5} - F:\setup.exe
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&...ire_7540&r=27360316i136l03e8z1j5t47l1a409
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&...ire_7540&r=27360316i136l03e8z1j5t47l1a409
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&...ire_7540&r=27360316i136l03e8z1j5t47l1a409
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&...ire_7540&r=27360316i136l03e8z1j5t47l1a409
    HKU\S-1-5-21-924651746-1697844791-3824934317-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&...ire_7540&r=27360316i136l03e8z1j5t47l1a409
    HKU\S-1-5-21-924651746-1697844791-3824934317-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&...ire_7540&r=27360316i136l03e8z1j5t47l1a409




    SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
    SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
    SearchScopes: HKU\S-1-5-21-924651746-1697844791-3824934317-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_plPL704
    SearchScopes: HKU\S-1-5-21-924651746-1697844791-3824934317-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_plPL704
    FF user.js: detected! => C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\66bqd7v7.default\user.js [2018-05-31]
    C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\66bqd7v7.default\Extensions\{068e178c-61a9-4a63-b74f-87404a6f5ea1}
    FF Extension: (Video AdBlock) - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\66bqd7v7.default\Extensions\{068e178c-61a9-4a63-b74f-87404a6f5ea1} [2016-04-28] [Przestarza貫]
    CHR HKU\S-1-5-21-924651746-1697844791-3824934317-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
    2018-08-08 16:34 - 2018-08-08 16:35 - 000000000 ____D C:\AdwCleaner

    Po wykonaniu usun katalog C:\FRST i to wszystko.

    0
  • #3 08 Sie 2018 20:13
    motortrader2
    Poziom 9  

    Tak to mo瞠 by

    0
  • #4 08 Sie 2018 20:20
    piter498
    Poziom 6  

    Wielkie dzi瘯i, dzia豉!

    0
  • #5 08 Sie 2018 20:21
    piter498
    Poziom 6  

    Wielkie dzi瘯i, dzia豉!

    Dodano po 50 [sekundy]:

    Zastosowa貫m si do polece u篡tkownika Kolobos.

    0