Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Wirus - reimage repair, wyskakujące okienka

Wielecete 20 Lut 2017 18:47 516 2
  • #1 20 Lut 2017 18:47
    Wielecete
    Poziom 1  

    Brat naściągał jakiegoś dziadostwa i po kliknięciu np. w google na stronę czy nawet pustą przestrzeń otwiera się kilka reklam w tym m.in reimage repair. Skanowałem komputer Malwarebytes Anti-Malware i Adw-cleaner, ale żaden nie usunął problemu. Zaznaczę, że te reklamy pojawiają się tylko na Operze, a na innej przeglądarce nie ma tego problemu.

    0 2
  • #3 20 Lut 2017 19:24
    Kolobos
    Spec od komputerów

    Odinstaluj Dll-Files Fixer

    Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
    Task: {03E3422E-84AA-45C5-974E-4F315E0E43BB} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    Task: {0B525CA7-2939-49BB-9286-8155E5366BC5} - System32\Tasks\{94794314-8534-4CB2-9090-D6D3C295C016} => C:\Program Files (x86)\Skype\Phone\Skype.exe
    Task: {138D54E7-71C6-4B20-AC14-A6B52DCA1EEF} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{86EA8F95-F864-4D37-8947-BAAF4D095483}.exe <==== UWAGA
    Task: {16CB1477-0792-48EA-BAEE-43F729683CF8} - System32\Tasks\{4B263011-707C-4394-9B9A-50C8A0DF14DF} => C:\Users\Krystian.sm-Komputer\Desktop\Super_Simple_Wall_v7.0_-----_upload_by_Gammerstv\SSWv7.0.exe
    Task: {1934C03D-9DFC-4B84-AA3D-BBB43481741E} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2016-12-15] (DivX, LLC)
    Task: {1DC27191-E084-4855-A79C-A67477ACC280} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1849482365-865085567-2908473667-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
    Task: {210C711A-8D0A-4949-8212-D037956A4464} - System32\Tasks\{54F53EBC-F29E-4D31-AE4F-3D505B5A8E96} => pcalua.exe -a "C:\Program Files (x86)\Nikon\ViewNX\ViewNX.exe" -d "C:\Program Files (x86)\Nikon\ViewNX\"
    Task: {2B934A4E-ED8D-4131-985E-2B0E2C123AC7} - System32\Tasks\{29D0959E-C365-45FB-AE03-0491F79D33CD} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.120/en/abandon...gle-chrome:notoffered;systemlevelpresent
    Task: {368E44AC-FD23-4DF6-B47C-3AE6B4D36F82} - System32\Tasks\{18226B51-D2A1-44A4-AF0A-0A1836BA8453} => C:\Users\Krystian.sm-Komputer\Desktop\Super_Simple_Wall_v7.0_-----_upload_by_Gammerstv\SSWv7.0.exe
    Task: {3AC4270F-BCB0-43F3-B34B-52AF771C7E4C} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    Task: {41F7F515-C0C2-4A1B-8961-0297ACEB7C7A} - System32\Tasks\{24DAB49A-93A1-4BA1-909C-8CF92BBD0995} => pcalua.exe -a C:\Users\Krystian.sm-Komputer\Desktop\drtl109b\drtl109b.exe -d C:\Users\Krystian.sm-Komputer\Desktop\drtl109b
    Task: {5235E218-89AE-44C6-9C29-900825116656} - System32\Tasks\{792229C0-651C-4435-81F2-2BFE7B0FCBB6} => E:\GRY\Pro Evolution Soccer 13\pes2013.exe
    Task: {5BAB9C96-9DC2-449A-AEAE-2BC63789ADAE} - System32\Tasks\{D98C5212-3B07-431D-AAAE-A909B91E686F} => pcalua.exe -a "C:\Users\sm\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4V3G94EU\S-NEFCDC-190WF-ALLIN[1].exe" -d C:\Users\sm\Desktop
    Task: {657FD8E5-2EC8-4BCC-8D52-59C204B1774C} - System32\Tasks\{39ED2909-62F8-43AE-B83B-8F8CA8F977D5} => pcalua.exe -a H:\setup.exe -d H:\




    Task: {6DCEB743-F409-403C-9C87-7FD46DC559C8} - System32\Tasks\{71A85623-7C74-4E45-BC2C-E395E97AA1FC} => pcalua.exe -a E:\GRY\Heroes\WoG\Install.exe -d E:\GRY\Heroes\WoG
    Task: {7A4541E9-2610-4D3A-82DA-8D28C9BAB43E} - System32\Tasks\{DB4F6D98-D93A-460B-A6F7-1576E8DFA7D7} => C:\Users\Krystian.sm-Komputer\Desktop\Super_Simple_Wall_v7.0_-----_upload_by_Gammerstv\SSWv7.0.exe
    Task: {838BCD4F-60CC-4A70-9AC2-A5771431FAB6} - System32\Tasks\{24B38892-4241-43B6-B30D-0C3486E87C49} => pcalua.exe -a "C:\Program Files (x86)\Diablo\AUTORUN.EXE" -d "C:\Program Files (x86)\Diablo"
    Task: {841DE138-6577-4B7A-BA59-A3B6656D202C} - System32\Tasks\{CD9B811A-72CD-4D16-9944-7D6B9ECEF261} => pcalua.exe -a C:\Users\sm\Downloads\S-VNX2__-212WF-EUREN-32BIT_.exe -d "C:\Program Files (x86)\Mozilla Firefox"
    Task: {894B30ED-4705-4EFA-A8C0-2365A05EBE5E} - System32\Tasks\{063E8463-E797-4A10-9670-D2E8261E6AEA} => pcalua.exe -a I:\Fairlight\Installer.exe -d I:\
    Task: {A02F0562-4FB4-48BB-A173-D56B7B9109F3} - System32\Tasks\{527689AC-3FBD-481D-99C5-20C3F4173B77} => E:\GRY\pes11\pes2011.exe
    Task: {A290AAA7-2FE4-4D6F-B6A5-5B43603061EB} - System32\Tasks\{C8E7CB92-3BD5-4FED-8968-A3D443DC4FEA} => pcalua.exe -a G:\setup.exe -d G:\
    Task: {AC510384-9FF9-4DE7-923B-EAA42BD43016} - System32\Tasks\{CC778AA8-F084-4035-BEDA-2F720394BADC} => pcalua.exe -a G:\Install.exe -d G:\
    Task: {B184A35C-70F0-442B-9E66-ED33B59B39B3} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    Task: {B3D11409-539B-4736-9BF0-9326E71DFC2A} - System32\Tasks\Opera scheduled Autoupdate 1487601508 => C:\Program Files\Opera\launcher.exe [2017-02-06] (Opera Software)
    Task: {BBCF2F08-3334-433F-9D65-46F58BDA3589} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1849482365-865085567-2908473667-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
    Task: {C5CDD79E-C0FE-4B3D-B7BB-E40D3E8A2E6A} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{D6F26775-EC78-4175-8545-A1B4D4CF08A8}.exe <==== UWAGA
    Task: {C6FC60AA-8941-4DAC-95E1-11B2D975F5B5} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1849482365-865085567-2908473667-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
    Task: {D2DA5667-3554-4D5B-8D97-1D85608894EE} - System32\Tasks\{66D8A421-85D7-495F-9B26-D6C0A0512A20} => pcalua.exe -a "C:\Program Files (x86)\LG PC Suite 2\LGPCSuiteLanucher_Setup.exe" -d C:\Users\Krystian.sm-Komputer\Desktop
    Task: {E400FB92-DEB4-4336-929E-ABC80741C36B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1849482365-865085567-2908473667-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
    Task: {EC8EF321-5C1C-48FC-9426-F0D6E18575B5} - System32\Tasks\{3725EB93-F6B2-4921-9775-F9D3412708C5} => pcalua.exe -a G:\Software\AntiVirus\AsusSetup.exe -d G:\Software\AntiVirus
    Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{86EA8F95-F864-4D37-8947-BAAF4D095483}.exe <==== UWAGA
    Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{D6F26775-EC78-4175-8545-A1B4D4CF08A8}.exe <==== UWAGA
    Task: C:\Windows\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVTFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GV6PYM54U3M96HFNXH553Y8VPHKL606FVGEG1P6ERPVRDVT8JL9JJMPYV0PRUEF39P8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVV1VTVVTVMVV7 [1944]
    AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_LBP6VPVFLVGVTFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GV6PYM54U3M96HFNXH553Y8VPHKL606FVGEG1P6ERPVRDVT8JL9JJMPYV0PRUEF39P8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVV1VTVVTVMVV7 [1944]
    AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_LBP6VPVFLVGVTFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GV6PYM54U3M96HFNXH553Y8VPHKL606FVGEG1P6ERPVRDVT8JL9JJMPYV0PRUEF39P8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVV1VTVVTVMVV7 [1944]
    AlternateDataStreams: C:\ProgramData\Dane aplikacji:$SS_DESCRIPTOR_LBP6VPVFLVGVTFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GV6PYM54U3M96HFNXH553Y8VPHKL606FVGEG1P6ERPVRDVT8JL9JJMPYV0PRUEF39P8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVV1VTVVTVMVV7 [1944]
    HKU\S-1-5-21-1849482365-865085567-2908473667-1003\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3670472 2015-07-28] (ALLPlayer Group Ltd.)
    HKU\S-1-5-21-1849482365-865085567-2908473667-1003\...\MountPoints2: {718ebc96-6c1c-11df-b08a-90e6ba776d26} - I:\autorun.exe
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    SearchScopes: HKU\S-1-5-21-1849482365-865085567-2908473667-1003 -> {11D7A9A1-4A15-41DF-84B5-533788E5B05C} URL = hxxp://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
    FF Keyword.URL: Mozilla\Firefox\Profiles\sh9z6byn.default -> hxxp://go.mail.ru/distib/ep/?product_id=%7BC0...-2B6E-4E03-9E46-918D098829DF%7D&gp=811041
    FF Extension: (Brak nazwy) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [nie znaleziono]
    FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => nie znaleziono
    FF HKU\S-1-5-21-1849482365-865085567-2908473667-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => nie znaleziono
    CHR DefaultSearchURL: Default -> hxxp://go.mail.ru/distib/ep/?q={searchTerms}&product_id=%7B46507BC4-C315-4A84-8335-D63A5EB347D1%7D&gp=811041
    CHR DefaultSearchKeyword: Default -> go.mail.ru
    CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/ff3?q={searchTerms}
    CHR Extension: (Brak nazwy) - C:\Users\Krystian.sm-Komputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-20]
    CHR Extension: (SiteAdvisor) - C:\Users\Krystian.sm-Komputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-11-21]
    CHR HKLM-x32\...\Chrome\Extension: [jplkfokjjfkgkfcceafomnekninckbfm] - <Brak Path/update_url>
    R2 themctrl; C:\Windows\SysWOW64\themctrl.dll [362496 2015-10-20] () [Brak podpisu cyfrowego]
    R2 wbiosrvp; C:\Windows\SysWOW64\wbiosrvp.dll [345088 2015-10-20] () [Brak podpisu cyfrowego]
    S2 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [X]
    U3 a4lebzah; C:\Windows\System32\Drivers\a4lebzah.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder)
    S3 ALSysIO; \??\C:\Users\sm\AppData\Local\Temp\ALSysIO64.sys [X] <==== UWAGA
    S2 eamonm; system32\DRIVERS\eamonm.sys [X]
    S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
    2017-02-20 16:02 - 2016-11-04 15:10 - 00000000 ____D C:\AdwCleaner
    2017-02-20 12:14 - 2011-12-24 01:28 - 00000000 ____D C:\ProgramData\McAfee
    2017-02-19 20:08 - 2015-10-07 17:08 - 00000290 _____ C:\Windows\Tasks\DLL-Files FixerASKUSER.job
    2017-02-19 12:27 - 2012-12-22 11:44 - 00000000 ____D C:\Program Files\McAfee
    2017-02-18 17:52 - 2015-10-07 16:52 - 00000298 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
    2014-06-19 19:04 - 2014-06-19 19:06 - 6010880 _____ () C:\Program Files (x86)\GUT25DF.tmp
    EmptyTemp:

    W FRST wybierz Napraw.

    Usun katalog C:\FRST.

    1