Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Witryna Hao 123 Mozilla i Chrome kilka prób usunięcia i nic

damian740vp 13 Cze 2017 16:24 330 2
  • #1 13 Cze 2017 16:24
    damian740vp
    Poziom 2  

    Witam mam problem z witryna hao 123. Po kilku próbach usunięcia za pomocą malwarebytes oraz adw cleaner nic się nie zmienia. Malwarebytes nie wykrywa już problemów, a adw cleaner naprawia tylko skróty przeglądarek, a po ponownym uruchomieniu laptopa znowu ta sama strona startowa. W załącznikach podaje logi FRST. Dziękuję z góry za każdą pomoc!
    Dodano po 1 [minuty]:
    Logi z FRST,a

    0 2
  • Pomocny post
    #2 13 Cze 2017 16:36
    Kolobos
    Spec od komputerów

    Odinstaluj Intel Security True Key.

    Uzyj: https://sourceforge.net/projects/adobeflashup...an%20Remover/RemoveMcAfee_silent.exe/download

    Wykonaj Fixlist.txt dla FRST:
    Task: {7B2E0931-D3C7-4FC2-A001-FA0767C37EF6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
    Task: {E3EC3A0B-F00D-4C8C-B702-FEFC100BD014} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
    ShortcutWithArgument: C:\Users\DYMEK\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://hao.169x.cn/?v=108
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://hao.169x.cn/?v=108
    ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://hao.169x.cn/?v=108
    (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\UPDMGR\5.0.154.1\mcupdatemgr.exe
    (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== UWAGA
    HKU\S-1-5-21-3998861291-3063410951-1157275892-1001\...\Policies\Explorer: []
    HKU\S-1-5-21-3998861291-3063410951-1157275892-1001\...\MountPoints2: {7cd9269d-4e90-11e7-9465-98541b494b9c} - "F:\HiSuiteDownLoader.exe"
    Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
    SearchScopes: HKLM -> {715B0ACD-3C16-40A7-8D9D-A2CF73BDAB11} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?i...k%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> {715B0ACD-3C16-40A7-8D9D-A2CF73BDAB11} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?i...k%5Fcode=qs&index=aps&field-keywords={searchTerms}




    SearchScopes: HKU\S-1-5-21-3998861291-3063410951-1157275892-1001 -> {715B0ACD-3C16-40A7-8D9D-A2CF73BDAB11} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?i...k%5Fcode=qs&index=aps&field-keywords={searchTerms}
    BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-05-17] (Intel Security)
    BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-05-17] (Intel Security)
    Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-05-17] (Intel Security)
    Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-05-17] (Intel Security)
    R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [998296 2017-05-10] (McAfee, Inc.)
    R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16160 2017-05-10] (McAfee, Inc.)
    S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86776 2017-05-10] (McAfee, Inc.)
    S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
    2017-06-13 14:35 - 2017-06-13 14:35 - 05659512 _____ (Swearware) C:\Users\DYMEK\Downloads\ComboFix.exe
    2017-06-10 23:33 - 2017-06-12 07:10 - 00000000 ____D C:\AdwCleaner
    2017-04-15 23:40 - 2017-06-13 14:38 - 00001249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
    2017-04-15 23:40 - 2017-06-13 14:38 - 00001235 _____ C:\Users\Public\Desktop\True Key.lnk
    2017-04-15 23:40 - 2017-05-04 09:20 - 00000000 ____D C:\Users\DYMEK\AppData\Local\tkdata
    2017-04-15 23:40 - 2017-04-15 23:40 - 00000000 ____D C:\ProgramData\TrueKey
    2017-04-15 23:39 - 2017-04-15 23:39 - 00000000 ____D C:\Program Files\Intel Security
    2017-04-15 23:24 - 2017-06-10 20:12 - 00000000 ____D C:\Program Files\TrueKey
    EmptyTemp:


    Po wykonaniu usun katalog C:\FRST.



    PS. Nie uzywaj Combofix!

    1
  • #3 13 Cze 2017 21:21
    damian740vp
    Poziom 2  

    Dziękuję bardzo za pomoc ;) Wszystko już jest ok!

    0