Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek dla www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] Proszę o sprawdzenie logów z FRST

24 Mar 2020 23:07 69 2
  • Pomocny post
    Moderator - Komputery Serwis
    Do odinstalowania z panelu sterowania:
    Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.0.3619.133 - Autorzy Avast Secure Browser)
    - jeśli nie używasz
    McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.84 - McAfee, LLC.)

    Propozycja fixlist:
    Code:
    HKU\S-1-5-21-1107690652-3390491019-3770496001-1001\...\Run: [Akamai NetSession Interface] => C:\Users\kluski\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
    
    HKU\S-1-5-21-1107690652-3390491019-3770496001-1001\...\Run: [AvastBrowserAutoLaunch_26B7C5A2FE28EF25BA14EB18E57316F1] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1868352 2020-03-09] (Avast Software s.r.o. -> AVAST Software)
    HKU\S-1-5-21-1107690652-3390491019-3770496001-1001\...\Run: [Gyazo] => [X]
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
    Task: {08E02D07-64A9-4A30-8E03-EFE577AA9AC8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies)
    Task: {1AAC5754-64F2-4C64-BEDE-BC21DC718738} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
    Task: {32886C24-9DEB-49D3-BC75-8CF75745873F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1868352 2020-03-09] (Avast Software s.r.o. -> AVAST Software)
    Task: {3FBC316C-93DA-41D3-8958-C2A52D4A828E} - System32\Tasks\update-S-1-5-21-1107690652-3390491019-3770496001-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
    Task: {5519C7E6-6AD2-41CC-AF74-4E0E18AF64EC} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1868352 2020-03-09] (Avast Software s.r.o. -> AVAST Software)
    Task: {EB23E27D-49F0-4C84-9B8E-5425090CF12E} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-12-03] (Nota Inc. -> Nota Inc.)
    Task: {F521C89A-4137-48EC-B1F0-3A6065493D10} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-12-03] (Nota Inc. -> Nota Inc.)
    Task: C:\WINDOWS\Tasks\update-S-1-5-21-1107690652-3390491019-3770496001-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
    Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

    HKU\S-1-5-21-1107690652-3390491019-3770496001-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.x-kom.pl
    SearchScopes: HKLM -> DefaultScope {CD582BEE-71CD-4120-88D6-9DF66618429F} URL = hxxp://www.x-kom.pl
    SearchScopes: HKLM -> {CD582BEE-71CD-4120-88D6-9DF66618429F} URL = hxxp://www.x-kom.pl
    SearchScopes: HKLM-x32 -> DefaultScope {CD582BEE-71CD-4120-88D6-9DF66618429F} URL = hxxp://www.x-kom.pl
    SearchScopes: HKLM-x32 -> {CD582BEE-71CD-4120-88D6-9DF66618429F} URL = hxxp://www.x-kom.pl
    BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-03-10] (McAfee, LLC -> McAfee, LLC)
    BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-03-10] (McAfee, LLC -> McAfee, LLC)
    Edge HomeButtonPage: HKU\S-1-5-21-1107690652-3390491019-3770496001-1001 -> hxxp://www.x-kom.pl/l/dziekujemy-za-zakupy
    FF Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\kluski\AppData\Roaming\Mozilla\Firefox\Profiles\mrwcnhg5.default-1487409745495-1526642907613\Extensions\sp@avast.com.xpi [2019-02-07]
    FF Extension: (Avast Online Security) - C:\Users\kluski\AppData\Roaming\Mozilla\Firefox\Profiles\mrwcnhg5.default-1487409745495-1526642907613\Extensions\wrc@avast.com.xpi [2020-03-12] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
    FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-03-10] [UpdateUrl:hxxps://www.siteadvisor.com/waffinstall/update.json]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
    CHR HomePage: Default -> hxxp://www.x-kom.pl
    CHR Extension: (グランブルーファンタジー[ChromeApps版]) - C:\Users\kluski\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf [2020-02-20]
    CHR Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\kluski\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-03-19]
    CHR Extension: (McAfee® WebAdvisor) - C:\Users\kluski\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-02-20]
    CHR Extension: (Avast Online Security) - C:\Users\kluski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-03]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
    R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [907224 2020-03-10] (McAfee, LLC -> McAfee, LLC)
    S3 mhyprotect; \??\C:\Users\kluski\AppData\Local\Temp\mhyprotect.sys [X] <==== UWAGA
    2020-03-15 21:39 - 2020-03-15 21:39 - 004179293 _____ (Lavalys, Inc. ) C:\Users\kluski\Downloads\everesthome220(dobreprogramy.pl).exe
    2020-03-15 21:38 - 2020-03-15 21:38 - 003222344 _____ (Hame ) C:\Users\kluski\Downloads\Everest-Home-Edition-11558-AsystentPobierania_0037016460.exe

    AlternateDataStreams: C:\Users\kluski\AppData\Local\Temp:$DATA​ [16]
    AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
    AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482]

    EmptyTemp:
  • Poziom 16  
    dziekuje bardzo pozdrawiam