Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Obrona przed Wirusem differentia.ru disorderstatus.ru

katarinax 02 Lip 2018 21:30 126 1
  • Pomocny post
    #2 02 Lip 2018 22:33
    krzychupar
    Poziom 40  

    Odinstaluj:
    Advanced SystemCare
    Driver Booster 5

    Otwórz notatnik systemowy i wklej:
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    Task: {20DA59DC-2978-4A38-AF2D-25A71843DABD} - System32\Tasks\ASC11_SkipUac_Kasia => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2018-02-07] (IObit)
    Task: {3FAA045D-95F7-4128-8435-C335DDCC439F} - System32\Tasks\Driver Booster SkipUAC (Kasia) => C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DriverBooster.exe [2018-03-22] (IObit)
    Task: {474141B9-6A41-4F8D-815D-9749755F0663} - System32\Tasks\Opera scheduled Autoupdate 1493115966 => C:\Program Files\Opera\launcher.exe [2018-06-12] (Opera Software)
    Task: {7DC68B37-C015-4EA3-9E3B-269BA06E71C0} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.3.0\Scheduler.exe [2018-01-26] (IObit)
    Task: {AA629333-E6EA-4537-8649-010DB6852A29} - System32\Tasks\ASC11_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2018-01-15] (IObit)
    Hosts:
    (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
    Brak dostępu do procesu -> instup.exe
    Brak dostępu do procesu -> instup.exe
    (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
    HKU\S-1-5-21-390263598-1935332313-2521442328-1001\...\MountPoints2: {016a3346-7ac6-11e7-826a-e4f89c0f8420} - "G:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-390263598-1935332313-2521442328-1001\...\MountPoints2: {016a3381-7ac6-11e7-826a-e4f89c0f8420} - "G:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-390263598-1935332313-2521442328-1001\...\MountPoints2: {016a3390-7ac6-11e7-826a-e4f89c0f8420} - "G:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-390263598-1935332313-2521442328-1001\...\MountPoints2: {762b0384-6f8d-11e6-829d-e4f89c0f8420} - "G:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-390263598-1935332313-2521442328-1001\...\MountPoints2: {c06c9da7-417a-11e8-8281-e4f89c0f8420} - "G:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-390263598-1935332313-2521442328-1001\...\MountPoints2: {f2c6122d-6415-11e8-8284-e4f89c0f8420} - "G:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-390263598-1935332313-2521442328-1001\...\MountPoints2: {f2c6124c-6415-11e8-8284-e4f89c0f8420} - "G:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-390263598-1935332313-2521442328-1001\...\MountPoints2: {f2c61267-6415-11e8-8284-e4f89c0f8420} - "G:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-390263598-1935332313-2521442328-1001\...\MountPoints2: {f2c612b9-6415-11e8-8284-e4f89c0f8420} - "G:\HiSuiteDownLoader.exe"
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com




    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    HKU\S-1-5-21-390263598-1935332313-2521442328-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
    HKU\S-1-5-21-390263598-1935332313-2521442328-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://pl.search.yahoo.com/yhs/web?hspart=lv...ebcompa__1_0__ya__hp_WCYID10454__180608__yaie
    HKU\S-1-5-21-390263598-1935332313-2521442328-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
    HKU\S-1-5-21-390263598-1935332313-2521442328-500\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-390263598-1935332313-2521442328-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://pl.search.yahoo.com/yhs/search?hspart...ompa__1_0__ya__ch_WCYID10454__180608__yaie&p={searchTerms}
    CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
    CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
    U1 aswbdisk; Brak ImagePath
    2018-07-02 18:32 - 2018-03-27 19:29 - 000002888 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Kasia)
    2018-06-16 15:59 - 2018-03-27 19:29 - 000002317 _____ C:\Users\Public\Desktop\Driver Booster 5.lnk
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    1