Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

blokowanie reklam chrome, wiru -

kar0lusss 28 Lis 2015 20:29 1128 1
  • #2 28 Lis 2015 21:50
    Kolobos
    Spec od komputerów

    Odinstaluj:
    337 GAMES (HKU\S-1-5-21-3307710284-1175783678-2482569940-1000\...\337Games) (Version: 1.1.1.0 - ) <==== UWAGA
    Akamai NetSession Interface (HKU\S-1-5-21-3307710284-1175783678-2482569940-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
    awesomehp Browser newtab extension (HKLM-x32\...\awesomehp Browser newtab extension) (Version: - awesomehp) <==== UWAGA
    Beach Browser (HKU\S-1-5-21-3307710284-1175783678-2482569940-1000\...\{D6BB5D05-7BCB-D7FE-2362-58843CADB1E1}) (Version: 1.4.6 - Form Bus corp)
    BrowserDefender (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version: - Bit89 Inc) <==== UWAGA
    Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version: - Visual Tools) <==== UWAGA
    Delta toolbar (HKLM-x32\...\delta) (Version: 1.8.21.5 - Delta) <==== UWAGA
    Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 3.1.81 - Dll-Files.com)
    GIMP Packages (HKU\S-1-5-21-3307710284-1175783678-2482569940-1000\...\GIMP Packages) (Version: - ) <==== UWAGA
    IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== UWAGA
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.226.1 - McAfee, Inc.)
    Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== UWAGA
    SmartView for IE (HKLM-x32\...\{C448EA30-BB7F-4D42-83BC-385EBA140AF2}) (Version: 1.0.4.1 - DeviceVM, Inc.) <==== UWAGA
    SmartView Software Updater (HKLM-x32\...\{5B0CE14A-B9B6-4E25-A1BE-3EEC1998AC2C}) (Version: 1.0.4.1 - DeviceVM, Inc.) <==== UWAGA
    SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== UWAGA
    WebCake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - WebCake LLC) <==== UWAGA
    WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== UWAGA

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    Task: {2D734F8A-F33B-4FED-BF2C-A10D1946AAB2} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files (x86)\Omiga Plus\omigaplus.exe <==== UWAGA
    Task: {38C97E8E-B440-46E0-AF05-147AEFCE352E} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    Task: {47FC7E7C-76B9-483F-BDCA-B3992B7A47D0} - System32\Tasks\LuckyBrowse => C:\Program Files (x86)\LuckyBrowse\app\luckybrowse.exe [2015-11-27] () <==== UWAGA
    Task: {5DDD7C60-A358-4B48-B665-D39750127635} - System32\Tasks\{8836EF4E-7485-4675-90E6-1096D8A72FBC} => pcalua.exe -a C:\Users\Karol\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=exp1
    Task: {9E8A7C8D-A408-47B1-98AC-60744B750510} - System32\Tasks\Beach Browser => Rundll32.exe "C:\Users\Karol\AppData\Local\Beach Browser\{FF50D1EC-4B93-2FBD-437D-F1D706CB398E}\BeachBrowser.dll",#3




    Task: {C0E70E03-A1EF-4019-A65F-FAA05A7579D0} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== UWAGA
    Task: {C5B5E359-BED0-42B7-94A9-7CBF64ACE3D5} - System32\Tasks\EPUpdater => C:\Users\Karol\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== UWAGA
    Task: {C6DD250D-5A86-437D-BE0E-B46DB68E1597} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert <==== UWAGA
    ShortcutWithArgument: C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\337Games\337 GAMES.lnk -> C:\Users\Karol\AppData\Roaming\337Games\337Games.exe (337 Technology Limited) -> -url="hxxp://goo.mx/aEBnEf" <==== UWAGA
    ShortcutWithArgument: C:\Users\Karol\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\337 GAMES.lnk -> C:\Users\Karol\AppData\Roaming\337Games\337Games.exe (337 Technology Limited) -> -url="hxxp://goo.mx/aEBnEf" <==== UWAGA
    ShortcutWithArgument: C:\Users\Karol\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\337 GAMES.lnk -> C:\Users\Karol\AppData\Roaming\337Games\337Games.exe (337 Technology Limited) -> -url="hxxp://goo.mx/aEBnEf" <==== UWAGA
    ShortcutWithArgument: C:\Users\Karol\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Games.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c "start hxxp://socialgames.splashtop.com/redirectGames/?oem=ASRKBCU01^&os=Windows^&p=970DE3/U3S3^&pv=1.0.4^&v=1^&flv=^&c=1045^&t=4203c50288aee50d8feb63f11c1b2fe5^&l=pl-PL" <==== UWAGA
    ShortcutWithArgument: C:\Users\Karol\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\337 GAMES.lnk -> C:\Users\Karol\AppData\Roaming\337Games\337Games.exe (337 Technology Limited) -> -url="hxxp://goo.mx/aEBnEf" <==== UWAGA
    () C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe
    HKLM-x32\...\Run: [SmartViewAgent] => C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe [948504 2010-09-02] ()
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-3307710284-1175783678-2482569940-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Karol\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-3307710284-1175783678-2482569940-1000\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-11-10]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe (McAfee, Inc.)
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    AutoConfigURL: [S-1-5-21-3307710284-1175783678-2482569940-1000] => hxxp://unstopp.me/wpad.dat?09c5926e30516efb812337f2de4fc8a82014783
    Hosts: 0.0.0.1 mssplus.mcafee.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=14...mp;uid=ST500DM002-1BD142_Z2ASW00LXXXXZ2ASW00L
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=...ST500DM002-1BD142_Z2ASW00LXXXXZ2ASW00L&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=14...mp;uid=ST500DM002-1BD142_Z2ASW00LXXXXZ2ASW00L
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=...ST500DM002-1BD142_Z2ASW00LXXXXZ2ASW00L&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_re...ndex.jsp?lg=pl&pid=NIS&pvid=21.1.0.18
    HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_re...ndex.jsp?lg=pl&pid=NIS&pvid=21.1.0.18
    HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_re...ndex.jsp?lg=pl&pid=NIS&pvid=21.1.0.18
    HKU\S-1-5-21-3307710284-1175783678-2482569940-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?utm_source...00L&ts=1393414432&type=default&q={searchTerms}
    HKU\S-1-5-21-3307710284-1175783678-2482569940-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&...840BC5FF435518A&affID=119357&tsp=4923
    HKU\S-1-5-21-3307710284-1175783678-2482569940-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?utm_source...00L&ts=1393414432&type=default&q={searchTerms}
    URLSearchHook: HKU\S-1-5-21-3307710284-1175783678-2482569940-1000 - SearchHook Class - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\DeviceVM\SmartView\AddressBarSearch.dll (DeviceVM, Inc.)
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=...ST500DM002-1BD142_Z2ASW00LXXXXZ2ASW00L&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=...ST500DM002-1BD142_Z2ASW00LXXXXZ2ASW00L&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    SearchScopes: HKU\S-1-5-21-3307710284-1175783678-2482569940-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
    SearchScopes: HKU\S-1-5-21-3307710284-1175783678-2482569940-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    SearchScopes: HKU\S-1-5-21-3307710284-1175783678-2482569940-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
    SearchScopes: HKU\S-1-5-21-3307710284-1175783678-2482569940-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=8840BC5FF435518A&affID=119357&tsp=4923
    SearchScopes: HKU\S-1-5-21-3307710284-1175783678-2482569940-1000 -> {50579BA8-35E0-43e6-BBC4-D56B7F129F1B} URL = hxxp://www.google.com/custom?client=pub-37942...%3BGIMP%3A0000FF%3BFORID%3A1&hl=pl&q={searchTerms}
    BHO-x32: SmartView VisualBookmark -> {0E5680D1-BF44-4929-94AF-FD30D784AD1D} -> C:\Program Files (x86)\DeviceVM\SmartView\SmartView.dll [2010-09-02] (DeviceVM, Inc.)
    BHO-x32: Discover Treasure -> {bfa55139-82af-4663-a19b-e135dac8d043} -> C:\Program Files (x86)\Discover Treasure\Extensions\bfa55139-82af-4663-a19b-e135dac8d043.dll => Brak pliku
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\IEXPLORE.EXE hxxp://www.oursurfing.com/?type=sc&ts=144...mp;uid=ST500DM002-1BD142_Z2ASW00LXXXXZ2ASW00L
    CHR StartupUrls: Default -> "hxxp://www.oursurfing.com/?type=hp&ts=1448651399&z=18959026653772721b3f2efg5zez6b7q1w2gbzbecq&from=exp1&uid=ST500DM002-1BD142_Z2ASW00LXXXXZ2ASW00L"
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Brak pliku
    CHR Extension: (Quick Sidebar) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd [2014-07-23]
    CHR Extension: (Lightning Newtab) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-10-17]
    CHR Extension: (Discover Treasure) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\napdeaaamhggjcdogidgjjjpdecgimdg [2015-11-27] [UpdateUrl: hxxp://cdn.discovertreasurenow.com/update] <==== UWAGA
    CHR Extension: (Extended Protection) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26] [UpdateUrl: hxxp://www.lightningnewtab.com/newtabv1/updates.xml] <==== UWAGA
    CHR Extension: (Quick start) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-12]
    CHR Extension: (Beach Browser) - C:\Users\Karol\AppData\Local\Beach Browser\Component [2015-11-28]
    CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Karol\AppData\Roaming\BabSolution\CR\Delta.crx [2013-06-24]
    CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-02-26]
    R2 SmartViewService; C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe [125216 2010-09-02] (DeviceVM, Inc.)
    R2 WCUService; C:\Program Files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe [456976 2010-09-02] (DeviceVM, Inc.)
    R2 WdsManPro; C:\ProgramData\5WMiniPro5\WMiniPro.exe [309384 2015-11-27] (DTools LIMITED)
    S2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe -service [X]
    S2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [X] <==== UWAGA
    2015-11-27 20:10 - 2015-11-28 20:13 - 00000000 ____D C:\Users\Karol\AppData\Roaming\oursurfing
    2015-11-27 20:10 - 2015-11-27 20:11 - 00000000 ____D C:\ProgramData\5WMiniPro5
    2015-11-27 20:10 - 2015-11-27 20:10 - 00003074 _____ C:\Windows\System32\Tasks\LuckyBrowse
    2015-11-27 20:10 - 2015-11-27 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\LuckyBrowse
    2015-11-27 20:10 - 2015-11-27 20:10 - 00000000 ____D C:\ProgramData\LuckyBrowse
    2015-11-27 20:10 - 2015-11-27 20:10 - 00000000 ____D C:\Program Files (x86)\LuckyBrowse
    2015-11-27 20:09 - 2015-11-27 20:09 - 00003174 _____ C:\Windows\System32\Tasks\Beach Browser
    2015-11-27 20:09 - 2015-11-27 20:09 - 00000000 ____D C:\Users\Karol\AppData\Local\Beach Browser
    2015-11-10 20:01 - 2015-11-10 20:01 - 00001932 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    2015-11-10 20:01 - 2015-11-10 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    2015-11-10 20:00 - 2015-11-10 20:00 - 00000000 ____D C:\Program Files\McAfee Security Scan
    C:\ProgramData\SMRResults410.dat
    EmptyTemp:

    W FRST wybierz Napraw.

    Zrob pelny skan przy pomocy Mbam i usun to co wykryje:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

    Po wykonaniu usun katalog C:\FRST.

    0