Witam.
Problem z chrome, ruska wyszukiwarka rambler.
Prośba o sprawdzenie FRST.
Dziękuję.
W panelu sterowania odinstaluj initialsite123.
Pobierz i uruchom AdwCleaner Kliknij Skanuj (Scan) i później Oczyść (Clean).
Kliknij Skanuj (Scan) i pokaż nowy raport FRST i Addition.
Nie można odinstalować initialsite123
Adwcleaner zrobiony, znalazł 5 infekcji.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist:
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\...\Providers\lulch1bd: C:\Program Files (x86)\Ckiqersstgisy Agent\local64spl.dll [312832 2017-04-23] ()
ShellExecuteHooks: Brak nazwy - {3D1D68B4-2356-11E7-AD97-64006A5CFC23} - C:\Users\Admin\AppData\Roaming\Wosagemumiing\Ckalph.dll [145920 2017-04-23] ()
CHR HomePage: ChromeDefaultData -> hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=D1EEF05B239500C7C10E035246BD3C8B
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-04-28] <==== UWAGA
U3 idsvc; Brak ImagePath
U3 wpcsvc; Brak ImagePath
2017-04-28 10:58 - 2017-04-28 11:00 - 00000000 ____D C:\AdwCleaner
2017-04-27 17:52 - 2017-04-27 17:52 - 00000520 _____ C:\DelFix.txt
2017-04-25 22:14 - 2017-04-25 22:14 - 00000000 ____D C:\Program Files\g8b5kg56
2017-04-23 18:09 - 2017-04-26 00:49 - 00000000 ____D C:\Program Files (x86)\Hifothejeght
2017-04-23 18:09 - 2017-04-24 14:31 - 00016739 _____ C:\ProgramData\log.ewbt
2017-04-23 18:09 - 2017-04-24 14:31 - 00000128 _____ C:\ProgramData\log.ewbb
2017-04-23 18:09 - 2017-04-23 18:09 - 00006132 _____ C:\Windows\System32\Tasks\Ckiqersstgisy Agent
2017-04-23 18:09 - 2017-04-23 18:09 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Wosagemumiing
2017-04-23 18:09 - 2017-04-23 18:09 - 00000000 ____D C:\Users\Admin\AppData\Local\Perwaward
2017-04-23 18:09 - 2017-04-23 18:09 - 00000000 ____D C:\Program Files (x86)\Ckiqersstgisy Agent
2017-04-24 14:31 - 2017-04-24 14:32 - 0000132 _____ () C:\ProgramData\log.binb
Task: {068975C1-8417-48CF-83AE-C8B8C582EBA7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {082D3DD2-6DF1-49EF-B9CE-12B364A8979B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {09C6F103-460B-42E0-836D-CDF4629988F5} - System32\Tasks\Ckiqersstgisy Agent => C:\Program Files (x86)\Hifothejeght\zonery.exe [2017-04-23] (Google Inc.)
Task: {19D5EB68-93C9-486D-B986-A271E52BA0B4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {2D2E79EE-196A-4DD0-B300-D50E63AD65A2} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {4BC245FF-7189-4AB1-B41D-9C25409AADC4} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {5FCD454D-8C5E-4899-A045-776B26D8A873} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6DE2407E-821A-4963-A205-CA2A2820F013} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {7C358EAA-42EB-45A0-BE73-E164B5CF2E73} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {83AB93A6-07FE-4EAE-9BCB-8153CE4BEDC0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {84A15F98-8DCF-4587-BEA8-6EB8FC166D4B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {8A06F8C9-AE64-4583-82CE-69FBB066FA82} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {A84B40CE-04A3-4684-A828-AE8A1325A82E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {BBDD3732-1B10-45CD-A467-A6FC89FAF672} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {BCCFE25E-39A8-4F4A-A100-5FD0D8707932} - System32\Tasks\PolarClock => Rundll32.exe "C:\Program Files\PolarClock\PolarClock.dll",COZJjTWUHQ
C:\Program Files\PolarClock
Task: {C7A05B7D-761B-4119-A47A-7615259D2602} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {CF406051-49CA-415E-88AC-23EADDC70ADD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {D04821B9-F13E-4C90-83C1-C9ADD949EABA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {D16224DF-A878-4BBF-8F7C-A0C51A263E89} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {D83D3C76-49E5-4FAC-BE07-0043DA69B647} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {DFAE6121-0454-45FD-849B-48F032DD34E7} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {F6796CD6-B2B3-4DE8-8F63-3069326BA5C3} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-02-01] ()
Task: {F8776611-A445-4E87-B7EE-713852369123} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {FCAA9C39-08EF-4396-A6DB-F90BD5575844} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Hosts:
EmptyTemp:
Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.
Kliknij Skanuj (Scan) i pokaż nowy raport z FRST bez Addition i Shortcut.
- Resetowanie synchronizacji Chrome
-
Przywracanie ustawień domyślnych Chrome
Zainstaluj uBlock: Firefox - Chrome - Opera
Skasuj folder C:\FRST
Czyszczenie folderów Przywracania systemu
Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK
Odinstaluj Java 8 Update 121 i zainstaluj Java 8 Update 131
1 polubienie
Jak zawsze klasa Atis,
bardzo dziękuję za pomoc. Pozdrawiam!