Problem z przeglądarką (Google Chrome)

plokpl123 · 3 Maja 2016

Otóż, mój brat naściągał jakiegoś gówna na komputer i ogólnie odczuwam spadek formy komputera, co do przeglądarki to strona główna zmieniła się na - http://search.safefinder.com/?st=dn&q=

Mam jakiś podejrzany proces o nazwie Holdtam i usługę CloudPrinter

Logi FRST:

FRST.txt - http://pastebin.com/6NKDAVJ3

Addition.txt - http://pastebin.com/jcc6xx0U

Shortcut.txt - http://pastebin.com/iCsMpxzY

Z góry dzięki za pomoc i zaintersowanie

Janusz. · 3 Maja 2016

Z pulpitu startuje dziwny plik

2016-04-14 18:37 - 2016-03-20 14:49 - 00633344 _____ (精灵软件) C:\Users\Michał\Desktop\jingling.exe

znasz go? Wyłączę go aktualnie z autostartu.

Odinstaluj SafeFinder.

Closeprocesses:
HKU\S-1-5-21-435576180-914227734-2057512724-1001\...\Run: [urlspace] => C:\Users\Michał\Desktop\jingling.exe [633344 2016-03-20] (精灵软件)
Startup: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2016-03-22] ()
Tcpip\..\Interfaces\{3A5CAD7D-1496-41FE-9EF3-08D2521ED807}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
HKU\S-1-5-21-435576180-914227734-2057512724-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBVRmzv2pJwNObeR_98Utx3C8ptWqJnmf5WAUKRuTJ46j4p2GAc4Z1JBcN_CBKIkz4IhIqPyTgdNlbsNElLStGPP1t5kmUuCL9qY1LYHqtEgA94Um8OtoJj49GfzqFbL71Lq6GVGxWDqtMElPgwyMwwtdRJcOBjEk4t5EBudmI3iXe5Le-FAa7f&q={searchTerms}
HKU\S-1-5-21-435576180-914227734-2057512724-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBVRmzv2pJwNObeR_98Utx3C8ptWqJnmf5WAUKRuTJ46j4p2GAc4Z1JBcN_CBKIkz4IhIqPyTgdNlbsNElLStGPP1t5kmUuCL9qY1LYHqtEgA94Um8OtoJj49GfzqFbL71Lq6GVGxWDqtMElPgwyMwwtdRJcOBjEk4t5EBudmI3iXe5Le-FAa7f&q={searchTerms}
HKU\S-1-5-21-435576180-914227734-2057512724-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBVRmzv2pJwNObeR_98Utx3C8ptWqJnmf5WAUKRuTJ46j4p2GAc4Z1JBcN_CBKIkz4IhIqPyTgdNlbsNElLStGPP1t5kmUuCL9qY1LYHqtEgA94Um8OtoJj49GfzqFbL71Lq6GVGxWDqtMElPgwyMwwtdRJcOBjEk4t5EBudmI3iXe5Le-FAa7f&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBVRmzv2pJwNObeR_98Utx3C8ptWqJnmf5WAUKRuTJ46j4p2GAc4Z1JBcN_CBKIkz4IhIqPyTgdNlbsNElLStGPP1t5knIpBrGyQR-8s--jkotx1U0Zm7U_5_p6dfg5WgBz6ypzBoJu95QDBkpO4A1MqpGRdhMF34K7VGoqXqX7IwXQiVnNfW8T&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
R4 Holdtam; C:\ProgramData\\Holdtam\\Holdtam.exe [832000 2016-05-03] () [Brak podpisu cyfrowego]
ShortcutWithArgument: C:\Users\Michał\Desktop\Program uruchamiający aplikacje Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1462271857&a=1054210&src=sh&uuid=e2f08ad4-502b-4c05-a1d3-aa9a260ffc43"
ShortcutWithArgument: C:\Users\Michał\Desktop\Start Tor Browser.lnk -> C:\Users\Michał\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://trustedsurf.com/?ssid=1462271857&a=1054210&src=sh&uuid=e2f08ad4-502b-4c05-a1d3-aa9a260ffc43"
ShortcutWithArgument: C:\Users\Michał\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\Michał\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://trustedsurf.com/?ssid=1462271857&a=1054210&src=sh&uuid=e2f08ad4-502b-4c05-a1d3-aa9a260ffc43"
ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\Michał\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://trustedsurf.com/?ssid=1462271857&a=1054210&src=sh&uuid=e2f08ad4-502b-4c05-a1d3-aa9a260ffc43"
ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Program uruchamiający aplikacje Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1462271857&a=1054210&src=sh&uuid=e2f08ad4-502b-4c05-a1d3-aa9a260ffc43"
ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Dingit Infinite HD App (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1462271857&a=1054210&src=sh&uuid=e2f08ad4-502b-4c05-a1d3-aa9a260ffc43"
ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Dingit Infinite HD App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1462271857&a=1054210&src=sh&uuid=e2f08ad4-502b-4c05-a1d3-aa9a260ffc43"
ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Infinite HD App (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1462271857&a=1054210&src=sh&uuid=e2f08ad4-502b-4c05-a1d3-aa9a260ffc43"
ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Infinite HD App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1462271857&a=1054210&src=sh&uuid=e2f08ad4-502b-4c05-a1d3-aa9a260ffc43"
ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
 
 
CMD: dir /a "C:\Users\Michał\appdata\Local"
CMD: dir /a "C:\Users\Michał\appdata\Roaming"
CMD: dir /a "C:\Users\Michał\appdata\Locallow"
CMD: dir /a "C:\Program Files (x86)"
CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\ProgramData"
CMD: dir /a "C:\program files (x86)\common files"
 
RemoveProxy:
EmptyTemp:

Zapisz jako fixlist.txt umieść obok FRST i kliknij FIX/Napraw. Po restarcie zamieść fixlog na forum.

Zaloguj się

👋 Witaj na MPCForum!

Problem z przeglądarką (Google Chrome)

Pytanie

plokpl123

plokpl123

1 odpowiedź na to pytanie

Rekomendowane odpowiedzi

Janusz.

Janusz.

Zarchiwizowany