Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Wyskakujące reklamy w Chrome

Stizi 06 Sty 2018 10:27 204 2
  • Pomocny post
    #2 06 Sty 2018 11:07
    Kolobos
    Spec od komputerów

    Wykonaj Fixlist.txt z zawartoscia:
    ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
    Task: {07618B33-85F8-4D0C-84CF-1FF26BD51719} - System32\Tasks\{0DC790FF-BA6C-2754-C141-4E23DCCDAC48} => C:\ProgramData\{ED982CA6-5A33-9B0D-7A6D-FE3D0703A5F3}\F40870FD-43A3-C756-4340-50279B50CA71.exe [2018-01-05] () <==== UWAGA
    Task: {2B5E8628-A0CC-4055-9176-15C292D0015F} - System32\Tasks\ShadowsocksS => C:\Applications\Service.exe
    Task: {3AEE6838-76FC-400C-9275-E07117E6EB99} - System32\Tasks\LaCieS => C:\Disk\WebService.exe
    Task: {446DE0CA-585C-43FC-BACF-4F9FFB8D8691} - System32\Tasks\49D92334-6BD2-9731-7C91-AAE4EA9CD9D6 => C:\WINDOWS\SysWOW64\regsvr32.exe /n /s /i:"/0f5357c03c50df19 /q" "C:\Users\Lenovo\AppData\Local\35968082-6B0A-572E-2340-89B584B1CD21\{1AB7D1DB-806C-6225-5951-212F66EB0B35}.."
    Task: {4CE77C9B-4CBE-40A0-9176-63973462A836} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
    Task: {6FEF4C94-D5A6-4EE0-9EA6-D5FA6A71FF31} - System32\Tasks\{9AEBCAD3-3880-458E-AFDA-DF66DB279D1A} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Lenovo\AppData\Local\Apps\2.0\70G5HVW9.JJC\70L7BV47.3R3\lsb...tion_2d7b41b05b24775e_0001.0006_4ccd0b1bea5227ca\Uninstaller.exe -c "rundll32.exe dfshim.dll,ShArpMaintain LSB.application, Culture=neutral, PublicKeyToken=2d7b41b05b24775e, processorArchitecture=msil"




    Task: {6FF92286-840A-4257-AEF8-66343C323ECE} - System32\Tasks\{3CD198B0-0DF3-4FE9-8FCD-DC3E3CC980D7} => C:\WINDOWS\system32\pcalua.exe -a F:\autorun.exe -d F:\
    Task: {85E94967-02FA-4545-A624-5ED82E3F6B34} - System32\Tasks\{AC217934-2394-4CCB-A04E-0F01A54D54A4} => C:\WINDOWS\system32\pcalua.exe -a F:\autorun.exe -d F:\
    Task: {8711A8C5-7FF3-4A45-984E-F038FD2DB192} - System32\Tasks\{780A0E47-0908-0A09-0D11-0F0D0B7D1179} => C:\WINDOWS\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ADsAOwA7ADsAIAAgADsAIAA7ADsAIAA7ACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAG (dane wartości zawierają 9544 znaków więcej). <==== UWAGA
    Task: {CFC36A1F-9F37-459B-8CEB-A46EE4B1BB5C} - System32\Tasks\{26D45561-317A-EB30-A8E1-8F9F1DE64438} => C:\WINDOWS\system32\regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\789251b7\1ab7d1db.dll" <==== UWAGA
    Task: {F99A422F-AA8A-48C6-A6F1-50591522970A} - System32\Tasks\DllKitPRO => C:\Program Files (x86)\DllKitPRO\dllkitpro.exe
    Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
    HKLM\...\Run: [SERVICE] => [X]
    Hosts:
    Tcpip\Parameters: [NameServer] 82.163.143.176 82.163.142.178
    Tcpip\..\Interfaces\{1b750a4e-f156-4884-8ce2-3279c52330fe}: [NameServer] 82.163.143.176 82.163.142.178
    Tcpip\..\Interfaces\{aaae9106-0b2b-4213-bdde-eab3a6e8efb7}: [NameServer] 82.163.143.176 82.163.142.178
    Tcpip\..\Interfaces\{aaae9106-0b2b-4213-bdde-eab3a6e8efb7}: [DhcpNameServer] 82.163.143.176
    Tcpip\..\Interfaces\{d7c816ab-7935-4b2a-ab32-bdb0230808ef}: [NameServer] 82.163.143.176 82.163.142.178
    Tcpip\..\Interfaces\{d7c816ab-7935-4b2a-ab32-bdb0230808ef}: [DhcpNameServer] 82.163.143.176
    Tcpip\..\Interfaces\{df135e22-1ee6-4414-9290-e21b4513efda}: [NameServer] 82.163.143.176 82.163.142.178
    Tcpip\..\Interfaces\{df135e22-1ee6-4414-9290-e21b4513efda}: [DhcpNameServer] 82.163.143.176
    R1 wfcre; C:\WINDOWS\System32\drivers\wfcre.sys [124288 2017-07-04] ()
    C:\WINDOWS\System32\drivers\wfcre.sys
    S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
    S1 jcnxneeq; \??\C:\WINDOWS\system32\drivers\jcnxneeq.sys [X]
    2018-01-05 12:10 - 2018-01-05 12:10 - 000004184 _____ C:\WINDOWS\System32\Tasks\{0DC790FF-BA6C-2754-C141-4E23DCCDAC48}
    2018-01-05 12:10 - 2018-01-05 12:10 - 000000000 ____D C:\ProgramData\{ED982CA6-5A33-9B0D-7A6D-FE3D0703A5F3}
    2018-01-05 12:09 - 2018-01-05 12:09 - 000023564 _____ C:\WINDOWS\System32\Tasks\{780A0E47-0908-0A09-0D11-0F0D0B7D1179}
    2018-01-05 12:09 - 2018-01-05 12:09 - 000004546 _____ C:\WINDOWS\System32\Tasks\49D92334-6BD2-9731-7C91-AAE4EA9CD9D6
    2018-01-05 12:09 - 2018-01-05 12:09 - 000003884 _____ C:\WINDOWS\System32\Tasks\{26D45561-317A-EB30-A8E1-8F9F1DE64438}
    2018-01-05 12:09 - 2018-01-05 12:09 - 000000000 ____D C:\Users\Lenovo\AppData\Local\35968082-6B0A-572E-2340-89B584B1CD21
    2018-01-05 12:09 - 2018-01-05 12:09 - 000000000 ____D C:\ProgramData\9f8fe1a8-23e1-0
    2018-01-05 12:09 - 2018-01-05 12:09 - 000000000 ____D C:\ProgramData\9f8fe1a8-0637-1
    2018-01-05 12:09 - 2018-01-05 12:09 - 000000000 ____D C:\ProgramData\789251b7
    2018-01-05 12:08 - 2018-01-05 12:08 - 000000000 ____D C:\ProgramData\{7bd33919-212c-0}
    2018-01-05 12:08 - 2018-01-05 12:08 - 000000000 ____D C:\ProgramData\{7a2b3f3d-412c-1}
    2018-01-05 12:08 - 2018-01-05 12:08 - 000000000 ____D C:\ProgramData\{15b86b34-612c-0}
    2018-01-05 12:10 - 2017-11-11 11:44 - 000000000 ____D C:\ProgramData\8ae776fa-1db1-0
    2018-01-05 12:08 - 2017-11-11 11:44 - 000000000 ____D C:\ProgramData\8ae776fa-3f53-1

    Po wykonaniu usun katalog C:\FRST.

    Zrob pelny skan przy pomocy Mbam i usun to co wykryje:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

    0
  • #3 09 Sty 2018 10:37
    Stizi
    Poziom 3  

    Pomogło. Dzięki za pomoc.
    Wyskakujące reklamy w Chrome

    0