Proszę o pomoc .
Wirus zainfekował mi google chrome , myślałem , że wystarczy oddinstalować i wgrać od nowa przeglądarkę ale tak się nie da . Gdy instaluję ponownie chrome , wyświetla mi się Firefox (nigdy go nie instalowałem ) .
Masz kilka różnych wirusów.
Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
CloseProcesses:
HKU\S-1-5-21-1031273376-264648106-4064382686-1000\...\Run: [MSConfig] => "C:\Users\Kriz\cpuhmzsa.exe"
HKU\S-1-5-21-1031273376-264648106-4064382686-1000\...\Run: [Haali] => C:\Users\Kriz\AppData\Roaming\589C2F\589C2F.exe [32592 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1031273376-264648106-4064382686-1000\...\Run: [Google Update**.d<*>] => "C:\Users\Kriz\AppData\Local\Google\Desktop\Install\{b12eb133-9941-96b2-8d16-44ebda942077}\d'x"Ů"\", &h#\. ůű[\{b12eb133-9941-96b2-8d16-44ebda942077}\GoogleUpdate.exe" > <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1031273376-264648106-4064382686-1000\...\Run: [nvxasync] => C:\Users\Kriz\AppData\Roaming\nvxasync\nvxasync.exe [142679040 2014-12-10] ()
HKU\S-1-5-21-1031273376-264648106-4064382686-1000\...\CurrentVersion\Windows: [Load] C:\Users\Kriz\LOCALS~1\Temp\msaifrkub.exe <===== ATTENTION
HKU\S-1-5-21-1031273376-264648106-4064382686-1000\...\Winlogon: [Shell] C:\ProgramData\nvxasync\cvxasync.exe [142679040 2014-12-10] () <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 07 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 07 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
FF Homepage: hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF SearchPlugin: C:\Users\Kriz\AppData\Roaming\Mozilla\Firefox\Profiles\al2k4rz0.default\searchplugins\starter.xml
FF Extension: SNT - C:\Users\Kriz\AppData\Roaming\Mozilla\Firefox\Profiles\al2k4rz0.default\Extensions\ycb_w0@aeyacsflm.co.uk [2014-12-10]
S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
U4 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{b12eb133-9941-96b2-8d16-44ebda942077}\ \...\???\{b12eb133-9941-96b2-8d16-44ebda942077}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
C:\ProgramData\nvxasync
C:\Users\Kriz\AppData\Roaming\nvxasync
C:\Users\Kriz\AppData\Roaming\*.exe
C:\Users\Kriz\AppData\Roaming\fportable
C:\Users\Kriz\AppData\Roaming\589C2F
C:\Users\Kriz\*.exe
C:\Users\Kriz\AppData\Local\Web Data
C:\Users\Kriz\AppData\Local\Google\Desktop\Install
C:\Program Files (x86)\Google\Desktop\Install
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
Task: {59794E69-2B8A-417C-8011-92BB1FDD7B8A} - System32\Tasks\{A967D52D-DAF3-404F-ACEB-E4A23035545B} => pcalua.exe -a "C:\Users\Kriz\Downloads\The Elder Scrolls V Skyrim-Razor1911\install.exe" -d "C:\Users\Kriz\Downloads\The Elder Scrolls V Skyrim-Razor1911"
Task: {7577D158-2403-4535-8660-AED0522B98B1} - System32\Tasks\{6265036D-378F-4A90-BBE1-07452046F797} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=5.8.0.158.259&LastError=404
Task: {C93596AD-DEEF-4637-AED3-2CED2F333A9F} - System32\Tasks\{F5CFA7DC-6EA3-4B71-BE62-1FDC1838066F} => pcalua.exe -a "C:\Users\Kriz\Downloads\Instrukcja Uruchamiania\themes.exe" -d "C:\Users\Kriz\Downloads\Instrukcja Uruchamiania"
CMD: netsh winsock reset
EmptyTemp:
Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.
Kliknij Scan i pokaż nowy raport z FRST bez Addition.
Dziękuje i mam pytanie czym może być spowodowane przy włączaniu komputera pojawiająca się konsola(po 1-5 sek znika)
Nie widać nic związanego z konsolą.
W pasek adresu wpisz: about:support Kliknij Zresetuj program Firefox.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
HKU\S-1-5-21-1031273376-264648106-4064382686-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surfvox.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1031273376-264648106-4064382686-1000 -> {27138FA3-27B4-4655-9526-F40BA8D48D90} URL = http://search.us.com...k={searchTerms}
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
S4 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
C:\AdwCleaner
C:\Users\Kriz\lbsan
DeleteQuarantine:
Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.
Kliknij Scan i pokaż nowy raport z FRST bez Addition.
Pobierz i uruchom TDSSKiller
Kliknij Start scan i jeśli coś wykryje wybierz Skip
Pokaż raport z tego programu zapisany na: C:\TDSSKiller.wersja_data_czas_log.txt
Pobierz i uruchom Farbar Service Scanner
Zaznacz wszystkie pozycje i kliknij Scan.
Pokaż raport z tego programu.