Dodaj do ulubionych

Proszę o sprawdzenie loga.

IP: *.clubnet.pl 07.07.17, 15:51
FRST
wklej.org/id/3214826/
Addiotion
wklej.org/id/3214828/
Short cut
wklej.org/id/3214834/
Edytor zaawansowany
  • Gość: Kolobos IP: *.zask.pl 08.07.17, 08:45
    Odinstaluj:
    McAfee Security Scan Plus
    McAfee WebAdvisor

    Wykonaj Fixlist.txt dla FRST:
    Task: {B01A0930-661A-41AB-BC30-DEE7B01476B3} - System32\Tasks\psv_Geofan => cmd.exe /c regedit.exe /s "C:\ProgramData\Quotenamron\Triscore.reg" & del "C:\ProgramData\Quotenamron\Triscore.reg" & SCHTASKS /Delete /TN "psv_Geofan" /F <==== UWAGA
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.584\SSScheduler.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
    HKU\S-1-5-21-392818877-1939927122-1532879338-1001\...\MountPoints2: {4abe2389-7815-11e6-a430-b8030556029c} - F:\autorun.exe
    HKU\S-1-5-21-392818877-1939927122-1532879338-1001\...\MountPoints2: {5d0e2bcc-946b-11e6-83ae-b8030556029c} - F:\AutoRun.exe
    HKU\S-1-5-21-392818877-1939927122-1532879338-1001\...\MountPoints2: {5d0e2be1-946b-11e6-83ae-b8030556029c} - F:\AutoRun.exe
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-07-04]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.584\SSScheduler.exe (McAfee, Inc.)
    Hosts: 0.0.0.1 mssplus.mcafee.com
    HKU\S-1-5-21-392818877-1939927122-1532879338-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn5dJ8gs0DGDT3GOWsi_8CTz4dOMjrehtwI3i01VKgG5Y87pAf50GdyoKIAch1rWwhtMwyN2JF4EmCNDVEaCQl_12-qSBLH1WatoCIlsN0FVHhao2QMjzAabh1lVXpkyZki57TTVZyaz_ALgQRlY8BuFa7f1ecEcQRZ0F1lupktL25aPG_hTbEBw&q={searchTerms}
    HKU\S-1-5-21-392818877-1939927122-1532879338-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com/
    HKU\S-1-5-21-392818877-1939927122-1532879338-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
    SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
    SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn5dJ8gs0DGDT3GOWsi_8CTz4dOMjrehtwI3i01VKgG5Y87pAf50GdyoKIAch1rWwhtMwyN2JF4EmCNDVEaCQl_12-qSBLH1WatoCIlsN0FVHhao2QMjzAabh1lVXpkyZki57TTVZyaz_ALgQRlY8BuFa7f1ecEcQRZ0F1lupktL25aPG_hTbEBw&q={searchTerms}
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-392818877-1939927122-1532879338-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn5dJ8gs0DGDT3GOWsi_8CTz4dOMjrehtwI3i01VKgG5Y87pAf50GdyoKIAch1rWwhtMwyN2JF4EmCNDVEaCQl_12-qSBLH1WatoCIlsN0FVHhao2QMjzAabh1lVXpkyZki57TTVZyaz_ALgQRlY8BuFa7f1ecEcQRZ0F1lupktL25aPG_hTbEBw&q={searchTerms}
    BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
    BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
    Toolbar: HKU\S-1-5-21-392818877-1939927122-1532879338-1001 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-04-18]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    CHR DefaultSearchURL: Default -> hxxps://feed.safefinder.biz/?fext=true&publisherid=51218&publisher=extensiondefaultap&st=ed&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> SafeFinder
    CHR Extension: (McAfee® WebAdvisor) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-06-07]
    CHR Extension: (SafeFinder Search) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidkebcigjgheaahopdnlfaohgnocfai [2017-03-19]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-392818877-1939927122-1532879338-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [jidkebcigjgheaahopdnlfaohgnocfai] - hxxps://clients2.google.com/service/update2/crx
    R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188256 2017-05-16] (McAfee, Inc.)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.584\McCHSvc.exe [404368 2017-06-23] (McAfee, Inc.)
    R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
    2017-07-04 23:21 - 2017-07-04 23:21 - 00001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    2017-07-04 23:21 - 2017-07-04 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    2017-07-04 23:20 - 2017-07-04 23:21 - 00000000 ____D C:\ProgramData\McAfee Security Scan
    2017-06-18 04:52 - 2017-06-18 04:52 - 00000000 ____H C:\Users\Ja\AppData\Local\BIT4476.tmp
    2017-07-04 23:21 - 2017-02-23 18:01 - 00000000 ____D C:\Program Files\McAfee Security Scan
    2017-06-16 09:08 - 2016-12-10 09:25 - 00000000 ____D C:\Program Files\McAfee
    2016-06-24 21:27 - 2016-06-24 21:27 - 6867968 _____ () C:\Users\Ja\AppData\Roaming\agent.dat
    2016-06-24 21:27 - 2016-06-24 21:27 - 0067968 _____ () C:\Users\Ja\AppData\Roaming\Config.xml
    2016-06-24 21:26 - 2016-06-24 21:27 - 0014448 _____ () C:\Users\Ja\AppData\Roaming\InstallationConfiguration.xml
    2016-06-24 21:26 - 2016-06-24 21:26 - 0128512 _____ () C:\Users\Ja\AppData\Roaming\Installer.dat
    2016-06-24 21:27 - 2016-06-24 21:27 - 2279413 _____ () C:\Users\Ja\AppData\Roaming\Joyis.bin
    2016-06-24 21:27 - 2016-06-24 21:26 - 0964608 _____ () C:\Users\Ja\AppData\Roaming\Kondax.exe
    2016-06-24 21:27 - 2016-06-24 21:27 - 1759964 _____ () C:\Users\Ja\AppData\Roaming\Kondax.tst
    2016-06-24 21:27 - 2016-06-24 21:27 - 0018432 _____ () C:\Users\Ja\AppData\Roaming\Main.dat
    2016-06-24 21:27 - 2016-06-24 21:27 - 0005568 _____ () C:\Users\Ja\AppData\Roaming\md.xml
    2016-06-24 21:27 - 2016-06-24 21:27 - 0126464 _____ () C:\Users\Ja\AppData\Roaming\noah.dat
    2016-06-24 21:27 - 2016-06-24 21:27 - 0032038 _____ () C:\Users\Ja\AppData\Roaming\uninstall_temp.ico
    2016-06-24 22:27 - 2016-06-24 22:27 - 0000046 _____ () C:\Users\Ja\AppData\Roaming\WB.CFG
    2017-06-18 04:52 - 2017-06-18 04:52 - 0000000 ____H () C:\Users\Ja\AppData\Local\BIT4476.tmp
    EmptyTemp:

    Po wykonaniu usun katlaog C:\FRST i to wszyst

Popularne wątki

Nie pamiętasz hasła lub ?

Zapamiętaj mnie

Nie masz jeszcze konta? Zarejestruj się

Nakarm Pajacyka
Agora S.A. - wydawca portalu Gazeta.pl nie ponosi odpowiedzialności za treść wypowiedzi zamieszczanych przez użytkowników Forum. Osoby zamieszczające wypowiedzi naruszające prawo lub prawem chronione dobra osób trzecich mogą ponieść z tego tytułu odpowiedzialność karną lub cywilną. Regulamin.