Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] Zainfekowana przeglądarka, wyskakujące reklamy w chrome

Piter9605 17 Kwi 2018 22:27 273 3
  • Pomocny post
    #2 17 Kwi 2018 23:20
    Kolobos
    Spec od komputerów

    Odinstaluj McAfee WebAdvisor

    W Chrome zgraj zakladki i usun profil
    CHR Profile: C:\Users\piotr\AppData\Local\Google\Chrome\User Data\Default [2018-04-17]
    usun tez dane synchronizacji z konta google o ile synchronizujesz ustawienia.

    Wykonaj Fixlist.txt dla FRST:
    Task: {3FE192F3-24F0-41E6-84FF-35C1E3C76496} - System32\Tasks\{5F05AF91-42CE-4B86-C18B-1085925C9B22} => C:\WINDOWS\IqoYIEo.exe [2017-09-29] (Microsoft Corporation)
    Task: {BB6744F1-40C4-4E6E-97B2-25C90BF47827} - System32\Tasks\{3FDF31A4-90C4-4C6C-1F79-9BD7AAD62417} => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://wkalle.com/cl/?guid=ys5rc12m8d787fn521yemz62sqllsthg&prid=1&pid=4_1324_0
    Task: {F9D5B818-D3FA-464C-A43B-B4A77B40EC7F} - System32\Tasks\{30A41DD8-B611-AFB3-35C1-BB9D11E94ED1} => C:\Users\piotr\QyvmiqcyUP.exe [2017-09-29] (Microsoft Corporation)
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
    HKU\S-1-5-21-1886942721-3410257716-2743654305-1002\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
    HKU\S-1-5-21-1886942721-3410257716-2743654305-1002\...\Policies\Explorer: []
    BootExecute: autocheck autochk * sdnclean64.exe
    GroupPolicy: Ograniczenia <==== UWAGA
    GroupPolicy\User: Ograniczenia <==== UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
    BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
    BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
    FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-04-11]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\local-settings.js [2016-04-04] <==== UWAGA (Linkuje do pliku *.cfg)
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\mozilla.cfg [2017-02-27] <==== UWAGA
    CHR HomePage: Default -> inline.go.mail.ru
    CHR StartupUrls: Default -> "hxxps://www.google.com/"




    CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=dse&q={searchTerms}&fr=chxtn12.0.23
    CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
    CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [bhjhnafpiilpffhglajcaepjbnbjemci] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [hcadgijmedbfgciegjomfpjcdchlhnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [lhemechcanjmilllmccjbjldonmnnjjj] - hxxps://clients2.google.com/service/update2/crx
    2018-04-17 21:05 - 2018-04-17 21:48 - 000000000 ____D C:\AdwCleaner
    2018-04-16 21:53 - 2018-04-17 20:56 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2018-04-16 21:53 - 2018-04-17 20:55 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2018-04-16 21:53 - 2018-04-16 21:53 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
    2018-04-16 10:24 - 2018-04-16 10:24 - 000000002 _____ C:\Users\piotr\AppData\Local\WMI.ini
    2018-04-11 07:21 - 2018-04-11 07:21 - 001726698 _____ (Tonu ) C:\Users\piotr\Downloads\WinRAR-12398-AsystentPobierania_0549380159.exe
    2017-09-29 15:42 - 2017-09-29 15:42 - 000059904 ____N (Microsoft Corporation) C:\Users\piotr\QyvmiqcyUP.exe
    2017-09-29 15:42 - 2017-09-29 15:42 - 000174592 ____N (Microsoft Corporation) C:\Users\piotr\AppData\Local\pAKSovnoIHt.exe
    2018-04-16 10:24 - 2018-04-16 10:24 - 000000002 _____ () C:\Users\piotr\AppData\Local\WMI.ini

    0
  • #3 19 Kwi 2018 08:07
    Piter9605
    Poziom 2  

    Problem został rozwiązany. Dzięki za pomoc :)

    0
  • #4 19 Kwi 2018 08:16
    Piter9605
    Poziom 2  

    Problem został rozwiązany. Dzięki za pomoc :)

    Dodano po 9 [minuty]:

    -Odinstalowałem McAfee WebAdvisor
    -Usunąłem google chrome
    -Wykonałem Fixlist.txt dla FRST.exe

    0