Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek dla www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Chrome sam się uruchamia na stronie dipladoks.org

15 Mar 2019 22:29 162 3
  • Pomocny post
    Moderator - Komputery Serwis
    Otwórz notatnik i wklej zawartość:
    Cytat:
    CloseProcesses:
    CreateRestorePoint:
    HKU\S-1-5-21-3346320225-234801048-3651183731-1001\...\Run: [WicheR] => explorer.exe hxxp://dipladoks.org <==== UWAGA
    Tcpip\..\Interfaces\{94ddbb8d-1a50-47b1-af57-dd3dcb8d3308}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{d30f41ef-5ae7-4f51-a27d-e71440b4446e}: [DhcpNameServer] 192.168.0.1 0.0.0.0
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    HKLM\SYSTEM\CurrentControlSet\Services\45838B257FA8B314 <==== UWAGA (Rootkit!)
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku
    ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Brak pliku
    ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku
    ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Brak pliku
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku
    ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
    ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku
    ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku
    Task: {D15D6D6C-69E3-4C3B-9D48-881F0CA91EFA} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
    AlternateDataStreams: C:\ProgramData\TEMP:0CE7F3C9 [163]
    AlternateDataStreams: C:\ProgramData\TEMP:C895616B [356]
    FirewallRules: [UDP Query User{5EE115F7-ADD3-4510-AC04-CD54227A246F}C:\program files (x86)\games\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) C:\program files (x86)\games\mortal kombat xl\binaries\retail\mk10.exe Brak pliku
    FirewallRules: [TCP Query User{CBEDCE47-2423-4D75-85E0-A8F6191C8EF7}C:\program files (x86)\games\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) C:\program files (x86)\games\mortal kombat xl\binaries\retail\mk10.exe Brak pliku
    FirewallRules: [{3BDBE0AA-53A4-4918-9483-5EC6182FC174}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe Brak pliku
    FirewallRules: [UDP Query User{1147577A-D751-4CA5-B748-ED8F8D5BBBD7}C:\program files (x86)\games\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) C:\program files (x86)\games\mortal kombat xl\binaries\retail\mk10.exe Brak pliku
    FirewallRules: [TCP Query User{BD4DDBA8-2FC4-47B4-A724-4221E14D1BFB}C:\program files (x86)\games\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) C:\program files (x86)\games\mortal kombat xl\binaries\retail\mk10.exe Brak pliku
    FirewallRules: [UDP Query User{8DEC58C7-FE3B-4A80-99A5-706656457069}C:\program files (x86)\games\the witcher 2 assassins of kings - enhanced edition\bin\witcher2.exe] => (Allow) C:\program files (x86)\games\the witcher 2 assassins of kings - enhanced edition\bin\witcher2.exe Brak pliku
    FirewallRules: [TCP Query User{A5474EA4-8078-46F5-A398-6D96957CC51E}C:\program files (x86)\games\the witcher 2 assassins of kings - enhanced edition\bin\witcher2.exe] => (Allow) C:\program files (x86)\games\the witcher 2 assassins of kings - enhanced edition\bin\witcher2.exe Brak pliku
    FirewallRules: [{684D16F4-266B-4BEC-B2EB-905E58619391}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe Brak pliku
    FirewallRules: [{75EDB476-913C-42FC-8594-FA44133ED7E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe Brak pliku
    FirewallRules: [{4A2EA077-92BB-4B7D-8771-44DC11E2778E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe Brak pliku
    FirewallRules: [{84C2A309-3A5F-4646-8D11-269BBE15130D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe Brak pliku
    FirewallRules: [{F03B5603-D514-48F0-9DF9-E216455A5A11}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe Brak pliku
    FirewallRules: [{3878E363-FD5A-448E-B340-C5CD076F96B2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe Brak pliku
    FirewallRules: [{640A9C75-BA8D-462F-B1F2-C5A3313D52F7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe Brak pliku
    FirewallRules: [{8625734D-A574-4C52-A1CF-B17A11F9823B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe Brak pliku
    FirewallRules: [TCP Query User{4DF01936-6A05-4030-9C09-0E9EA4C13EB2}C:\program files (x86)\games\fc3\bin\farcry3.exe] => (Block) C:\program files (x86)\games\fc3\bin\farcry3.exe Brak pliku
    FirewallRules: [UDP Query User{54D1D4AD-6848-4F30-ACFE-C68F1AC6CFE4}C:\program files (x86)\games\fc3\bin\farcry3.exe] => (Block) C:\program files (x86)\games\fc3\bin\farcry3.exe Brak pliku
    FirewallRules: [TCP Query User{859581D6-77A7-4B40-887D-8E2DF0245504}C:\program files (x86)\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) C:\program files (x86)\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe Brak pliku
    FirewallRules: [UDP Query User{52567924-D412-4826-BB75-9A6F4A220E1B}C:\program files (x86)\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) C:\program files (x86)\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe Brak pliku
    FirewallRules: [{631D79EE-D677-4E9F-A2BB-B10E7FBCB9A8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe Brak pliku
    FirewallRules: [{8F8A806C-6C41-457C-AEE5-6D9660E40CA9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe Brak pliku
    FirewallRules: [TCP Query User{F92219FE-D746-4CF0-9990-7CF24394A410}C:\program files (x86)\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) C:\program files (x86)\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe Brak pliku
    FirewallRules: [UDP Query User{8B90B763-929D-4BCE-AEB0-4942B73F1751}C:\program files (x86)\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) C:\program files (x86)\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe Brak pliku
    FirewallRules: [{74B426D6-7AC0-4F00-A725-A44883B58F48}] => (Block) %ProgramFiles% (x86)\GAMES\OKAMI HD\okami.exe Brak pliku
    FirewallRules: [TCP Query User{A7072520-891D-41F0-81EA-0A22D5D10193}C:\program files (x86)\games\battlefield 1\bf1.exe] => (Block) C:\program files (x86)\games\battlefield 1\bf1.exe Brak pliku
    FirewallRules: [UDP Query User{9ABCD401-E21A-41C4-8516-44C3180E8036}C:\program files (x86)\games\battlefield 1\bf1.exe] => (Block) C:\program files (x86)\games\battlefield 1\bf1.exe Brak pliku
    FirewallRules: [{3451656A-1C1A-47C4-AF07-89FAB3FFC38C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Brak pliku
    FirewallRules: [{E8C5FC0D-C458-4F5B-8849-D171F8772ABE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Brak pliku
    FirewallRules: [{FCC04481-8E48-471E-93CF-60EA2BCE72D7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Brak pliku
    FirewallRules: [{389DB522-AD69-4D42-8445-B81C1679761E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Brak pliku
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.
  • Poziom 2  
    Problem zniknął! Dzięki wielkie! Pozdrawiam
  • Moderator - Komputery Serwis
    Usuń folder C:\FRST i to wszystko.