Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Nie moge poradzic sobie z wirusami z fb

czarny2483 29 Lip 2017 13:13 423 6
  • Pomocny post
    #2 29 Lip 2017 13:42
    Kolobos
    Spec od komputerów

    Wymagane sa logi z FRST, jak zapewne widzisz...

    0
  • Pomocny post
    #4 29 Lip 2017 14:48
    Kolobos
    Spec od komputerów

    Odinstaluj: SpyHunter

    Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
    ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    Task: {445ECAFF-FEBB-4A31-BDC7-B0B8E254DFF3} - System32\Tasks\SpyHunter4Startup => C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe [2017-07-27] (Enigma Software Group USA, LLC.)
    Task: {5457E4CC-C3EA-4273-83B4-AAD39F751B07} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-01] ()
    Task: {A4300F69-4877-4B64-B716-277B4BFF84C0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-01] ()
    (Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
    (Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
    HKU\S-1-5-21-2401701634-3997738242-1948987266-1001\...\MountPoints2: {44d6185d-bfdb-11e6-af18-b88198128b6c} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-2401701634-3997738242-1948987266-1001\...\MountPoints2: {a1bac6a8-5d57-11e7-afe8-82fe802ea198} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-2401701634-3997738242-1948987266-1001\...\MountPoints2: {e8d9531f-e647-11e6-af26-94b4cefa4d88} - "F:\Autorun.exe"
    HKU\S-1-5-21-2401701634-3997738242-1948987266-1001\...\MountPoints2: {e8d95351-e647-11e6-af26-94b4cefa4d88} - "G:\autorun.exe"
    GroupPolicy: Ograniczenia <==== UWAGA
    GroupPolicy\User: Ograniczenia <==== UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
    CHR StartupUrls: Default -> "hxxp://www.trotux.com/?z=10500782c55963d40310cbag8z8m5q9cfm1tfo8b8e&from=wsy1&uid=WDCXWD800BB-00JHA0_WD-WCAM91326016&type=hp","hxxps://www.duckduckgo.com"




    CHR Extension: (Kontinus) - C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdcpgkehghddmnhdjcmbkjipfonpkkng [2017-07-26]
    CHR Extension: (VkDown Download music/video vKontakte vk.com) - C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejibnkmjndjbphokedoefmhhkimnmej [2017-07-01]
    CHR Extension: (Скачать музыку ВКонтакте) - C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\joaplibfhijpjafmlkgjonfgldcmhhca [2017-06-23]
    CHR Extension: (VK Music Downloader - Safe) - C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\npllhemgjjicmogpjecjcfdejcgkgomo [2017-05-06]
    CHR Extension: (VK Downloader) - C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjdlpaffkkdggnabfdbhbfbncmcckio [2017-05-17]
    CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
    R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [769920 2013-01-14] (Enigma Software Group USA, LLC.)
    S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
    2017-07-29 14:36 - 2017-07-29 14:36 - 00000000 ____D C:\Users\dzeju\Desktop\FRST-OlderVersion
    2017-07-29 12:58 - 2017-07-29 12:58 - 00709940 _____ C:\Users\dzeju\Desktop\Extras.Txt
    2017-07-29 12:57 - 2017-07-29 12:57 - 00303590 _____ C:\Users\dzeju\Desktop\OTL.Txt
    2017-07-29 12:45 - 2017-07-29 12:45 - 00602112 _____ (OldTimer Tools) C:\Users\dzeju\Desktop\OTL_www.INSTALKI.pl.exe
    2017-07-27 19:23 - 2017-07-27 19:23 - 00003454 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
    2017-07-27 19:23 - 2017-07-27 19:23 - 00002368 _____ C:\Users\dzeju\Desktop\SpyHunter.lnk
    2017-07-27 19:23 - 2017-07-27 19:23 - 00000000 ____D C:\WINDOWS\46B04D534E344388B6EE80FAB66AEF9B.TMP
    2017-07-27 19:23 - 2017-07-27 19:23 - 00000000 ____D C:\Users\dzeju\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
    2017-07-27 19:23 - 2017-07-27 19:23 - 00000000 ____D C:\sh4ldr
    2017-07-27 19:23 - 2017-07-27 19:23 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
    2017-05-01 21:05 - 2017-05-01 21:11 - 7649280 _____ () C:\Program Files (x86)\GUT3C7B.tmp
    EmptyTemp:

    W FRST wybierz Napraw.

    0
  • Pomocny post
    #6 29 Lip 2017 18:22
    Kolobos
    Spec od komputerów

    Wykonaj kolejny Fixlist.txt dla FRST:
    C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdcpgkehghddmnhdjcmbkjipfonpkkng
    C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejibnkmjndjbphokedoefmhhkimnmej
    C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\joaplibfhijpjafmlkgjonfgldcmhhca
    C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\npllhemgjjicmogpjecjcfdejcgkgomo
    C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjdlpaffkkdggnabfdbhbfbncmcckio

    Po wykonaniu sprawdz czy problem nadal wystepuje.

    0
  • #7 30 Lip 2017 12:50
    czarny2483
    Poziom 5  

    Kolobos napisał:
    Wykonaj kolejny Fixlist.txt dla FRST:
    C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdcpgkehghddmnhdjcmbkjipfonpkkng
    C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejibnkmjndjbphokedoefmhhkimnmej
    C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\joaplibfhijpjafmlkgjonfgldcmhhca
    C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\npllhemgjjicmogpjecjcfdejcgkgomo
    C:\Users\dzeju\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjdlpaffkkdggnabfdbhbfbncmcckio

    Po wykonaniu sprawdz czy problem nadal wystepuje.


    Na chwile obecna nic na razie sie nie pokazało okaze sie jutro mimo to wielkie dzieki za pomoc

    Dodano po 16 [godziny] 50 [minuty]:

    Wszystko jest ok jeszcze raz dzieki za pomoc.

    0