Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

O tym decyduje administrator-Wirus google chrome

AszerPL 03 Sty 2016 13:52 705 3
  • CControls
  • #2 03 Sty 2016 13:54
    Kolobos
    Spec od komputerów

    Zly dzial, brak addition.txt. Popraw tez temat!

    0
  • CControls
  • Pomocny post
    #3 03 Sty 2016 20:20
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:
    Task: {BA4B2C5A-3818-4768-9E46-31703BB451EB} - System32\Tasks\LuckyBrowse => C:\Program Files (x86)\LuckyBrowse\app\luckybrowse.exe <==== UWAGA
    ShortcutWithArgument: C:\Users\RafalAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1446738398&a=1024132"
    ShortcutWithArgument: C:\Users\RafalAdmin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1446738398&a=1024132"
    HKLM-x32\...\Run: [] => [X]HKU\S-1-5-21-2173484541-4213059149-2560647033-1001\...\MountPoints2: {3f1f4d30-86f8-11e5-825b-002522c6fd23} - "D:\Startme.exe"
    HKU\S-1-5-21-2173484541-4213059149-2560647033-1001\...\MountPoints2: {8cdc8306-aa8b-11e5-8295-806e6f6e6963} - "D:\Autorun.exe"
    HKU\S-1-5-21-2173484541-4213059149-2560647033-1001\...\MountPoints2: {f087d6fa-80a4-11e5-8252-002522c6fd23} - "D:\HTC_Sync_Manager_PC.exe"
    HKU\S-1-5-21-2173484541-4213059149-2560647033-1001\...\MountPoints2: {f087d757-80a4-11e5-8252-002522c6fd23} - "G:\setup.exe"
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1446...xwd10ezex-00kuwa0_wd-wcc1s539674796747&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1446...xwd10ezex-00kuwa0_wd-wcc1s539674796747&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1446...xwd10ezex-00kuwa0_wd-wcc1s539674796747&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1446...xwd10ezex-00kuwa0_wd-wcc1s539674796747&q={searchTerms}
    SearchScopes: HKLM -> DefaultScope - brak wartości
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.piesearch.com/?type=sc&ts=1451...&uid=7b3a9763-7d85-4424-8bb7-6df449ffd7f3
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-06]
    S3 GalaxyClientService; "C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe" [X]
    S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [X]
    S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
    2016-01-02 14:47 - 2016-01-02 14:47 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\RafalAdmin\Downloads\SpyHunter-Installer (1).exe
    2016-01-02 14:27 - 2016-01-02 14:27 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
    2016-01-02 14:26 - 2016-01-02 14:26 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\RafalAdmin\Downloads\SpyHunter-Installer.exe
    2016-01-03 13:19 - 2015-10-30 16:14 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    -1
  • #4 04 Sty 2016 07:55
    AszerPL
    Poziom 2  

    Sprawa załatwiona można zamknąć temat

    0