Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Chrome odpala sam nowe karty i nie da się pobrać antywirusa

Admonek 14 Lis 2018 16:28 42 1
  • #2 14 Lis 2018 16:35
    Kolobos
    Spec od komputerów

    Nie pobieraj zainfekowanych gier.

    Odinstaluj: Spybot - Search & Destroy

    Wykonaj Fixlist.txt dla FRST:
    CloseProcesses:
    ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
    ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
    ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
    ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
    Task: {560B0832-B4C7-4EA2-AEAF-40891367F6AB} - System32\Tasks\{62100C95-E8DF-E969-AD8C-F386382BDE29} => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://browser-net.org/cl/?guid=prwrxpu7b84xedo39rk2py1j2nkazbie&prid=1&pid=4_1324_0
    Task: {655C2568-6358-496D-8D09-0209B2A481E0} - System32\Tasks\{980390B7-3914-9BEC-388B-B010B884795A} => "msiexec" -i hxxps://eryseefor.info/1lb53trpclow.vau -q
    Task: {7264459C-6492-4EBB-A81E-5F6FBB45A92E} - System32\Tasks\{85070393-63DD-0D50-B3AF-18E7A5371F92} => C:\Users\aweda\AppData\Local\OooenoauOVuA.exe [2018-04-12] (Microsoft Corporation) <==== UWAGA
    C:\Users\aweda\AppData\Local\OooenoauOVuA.exe
    Task: {C40058D3-6540-4BD1-9C03-0970696D4E01} - System32\Tasks\Opera scheduled Autoupdate 1528704441 => C:\Users\aweda\AppData\Local\Programs\Opera\launcher.exe
    Task: {E0DADA4C-BB00-4297-BB17-E72DB5DD702D} - System32\Tasks\{3511A0D9-EAAD-E4AE-C7DE-C05916C96CBE} => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://browser-net.org/cl/?guid=t2q6oflepp11gleit31r5aqkbndgrp2a&prid=1&pid=4_1324_0
    Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
    Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe




    C:\WINDOWS\SysWOW64\EiJcYnPEZORS.exe
    FirewallRules: [{FDDE5800-3C80-4898-8EFD-561D6AA1EAE4}] => (Allow) C:\Users\aweda\AppData\Local\OooenoauOVuA.exe
    FirewallRules: [{D5499DDB-C4DC-44E1-B05A-4C0DC2BA4037}] => (Allow) C:\WINDOWS\SysWOW64\EiJcYnPEZORS.exe
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd.)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-3089237935-2019380829-2095078411-1001\...\RunOnce: [Application Restart #0] => C:\Users\aweda\AppData\Roaming\Spotify\Spotify.exe [25323240 2018-11-14] (Spotify Ltd)
    BootExecute: autocheck autochk * sdnclean64.exe
    S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd.)
    S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd.)
    S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd.)
    2018-11-14 16:13 - 2018-11-14 16:13 - 000000000 ____D C:\Users\aweda\Desktop\FRST-OlderVersion
    2018-11-14 15:27 - 2018-11-14 15:27 - 000001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2018-11-14 15:27 - 2018-11-14 15:27 - 000001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2018-11-14 15:27 - 2018-11-14 15:27 - 000000656 _____ C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
    2018-11-14 15:27 - 2018-11-14 15:27 - 000000628 _____ C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
    2018-11-14 15:27 - 2018-11-14 15:27 - 000000458 _____ C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
    2018-11-14 15:27 - 2018-11-14 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2018-11-14 15:27 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
    2018-11-04 13:24 - 2018-11-14 15:46 - 000000000 ____D C:\AdwCleaner
    2018-11-04 11:57 - 2018-11-14 15:47 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2018-11-04 11:57 - 2018-11-14 15:27 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2018-11-04 11:57 - 2018-11-04 11:57 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
    2018-11-04 11:56 - 2018-11-04 11:56 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\aweda\Downloads\spybotsd-2.7.64.0.exe
    2018-11-03 17:15 - 2018-11-03 17:15 - 000003910 _____ C:\WINDOWS\System32\Tasks\{62100C95-E8DF-E969-AD8C-F386382BDE29}
    2018-11-03 11:31 - 2018-11-03 11:31 - 000003910 _____ C:\WINDOWS\System32\Tasks\{3511A0D9-EAAD-E4AE-C7DE-C05916C96CBE}
    2018-11-03 11:31 - 2018-11-03 11:31 - 000003804 _____ C:\WINDOWS\System32\Tasks\{85070393-63DD-0D50-B3AF-18E7A5371F92}
    2018-11-03 11:31 - 2018-11-03 11:31 - 000003516 _____ C:\WINDOWS\System32\Tasks\{980390B7-3914-9BEC-388B-B010B884795A}
    2018-11-03 11:31 - 2018-11-03 11:31 - 000000002 _____ C:\Users\aweda\AppData\Local\imw.ini
    2018-11-09 14:47 - 2018-11-13 11:31 - 006161408 _____ () C:\Users\aweda\AppData\Local\dump007.dat
    2018-11-03 11:31 - 2018-11-03 11:31 - 000000002 _____ () C:\Users\aweda\AppData\Local\imw.ini
    2018-04-12 00:34 - 2018-04-12 00:34 - 000060416 ____N (Microsoft Corporation) C:\Users\aweda\AppData\Local\OooenoauOVuA.exe

    Po wykonaniu usun katalog C:\FRST i to wszystko.

    0