przez artsushi 16 Mar 2015, 00:53
przez ordynat 16 Mar 2015, 10:23
:OTL
[2015-02-18 21:50:08 | 000,000,000 | ---D | M] -- C:\Users\euro\AppData\Roaming\OpenCandy
[2015-02-22 04:33:46 | 000,055,824 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{8ec7a18b-bb06-4e8b-bc9b-34809b4a9468}t.sys
[2015-02-18 21:50:08 | 000,000,000 | ---D | C] -- C:\Users\euro\AppData\Roaming\OpenCandy
[2015-02-18 21:48:00 | 000,000,000 | ---D | C] -- C:\Program Files\Clock Hand
O33 - MountPoints2\{dba4adca-ee04-11de-85a7-001377d85467}\Shell\AutoRun\command - "" = p.exe
O33 - MountPoints2\{dba4adca-ee04-11de-85a7-001377d85467}\Shell\open\Command - "" = p.exe
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T27L10NSP28EP2-12243/webex/ieatgpc1.cab (Reg Error: Key error.)
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O4 - HKU\S-1-5-21-3878333226-3259774740-2300350480-1003..\Run: [] File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
DRV - [2015-02-22 04:33:46 | 000,055,824 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{8ec7a18b-bb06-4e8b-bc9b-34809b4a9468}t.sys -- ({8ec7a18b-bb06-4e8b-bc9b-34809b4a9468}t)
:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes]
:Commands
[emptytemp]
Error - 2015-03-14 16:10:02 | Computer Name = euro-PC | Source = WinMgmt | ID = 10
Description =
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" _
& strComputer & "\root\subscription")
Set obj1 = objWMIService.Get("__EventFilter.Name='BVTFilter'")
set obj2set = obj1.Associators_("__FilterToConsumerBinding")
set obj3set = obj1.References_("__FilterToConsumerBinding")
For each obj2 in obj2set
WScript.echo "Deleting the object"
WScript.echo obj2.GetObjectText_
obj2.Delete_
next
For each obj3 in obj3set
WScript.echo "Deleting the object"
WScript.echo obj3.GetObjectText_
obj3.Delete_
next
WScript.echo "Deleting the object"
WScript.echo obj1.GetObjectText_
obj1.Delete_
przez artsushi 21 Mar 2015, 11:45
przez ordynat 21 Mar 2015, 12:43
CHR Extension: (Clock Hand) - C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dboobfghnnnlmngfjifahcbfbgjedhkj [2015-02-22]
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
C:\Users\euro\Downloads\FRST-OlderVersion
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {B78AC599-BF92-4ED3-9D8D-6EA4B6BE9CA9} - System32\Tasks\PC-Mechanic Subscription => C:\Program Files\Uniblue\PC-Mechanic\pc-mechanic.exe
EmptyTemp:
DeleteQuarantine:
przez artsushi 21 Mar 2015, 14:23
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 8 gości
