Ukash - Policja - Pilne

tomyclik · 22 Sierpień 2014 10:33

Przed piecioma minutami dopadł mnie wirus jak w temacie.

Komputera nie wyłaczam.

Prosze o pomoc.

Atis · 22 Sierpień 2014 10:42

http://forum.dobreprogramy.pl/nowy-log-obowiązkowy-farbar-recovery-scan-tool-t478727/

tomyclik · 22 Sierpień 2014 11:07

http://www.wklej.org/id/1446362/ FRST txt

http://www.wklej.org/id/1446365/ Addition txt

http://www.wklej.org/id/1446366/ Shortcut txt

Atis · 22 Sierpień 2014 11:22

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\.DEFAULT\...\Policies\system: [DisableCMD] 0
HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispBackgroundPage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFind] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SearchScopes: HKLM - DefaultScope value is missing.
Handler: WSIEChrome - No CLSID Value - 
S1 AntiLog32; \??\C:\WINDOWS\system32\drivers\AntiLog32.sys [X]
S0 cerc6; No ImagePath
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-1409082233-1844237615-1606980848-1003\Software\Classes\exefile: "%1" %* <===== ATTENTION!

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

tomyclik · 22 Sierpień 2014 11:38

http://www.wklej.org/id/1446395/ Fixlog.txt

Mam zainstalowanego SpywareBlaster - system snapshot można użyć ?

Oczywiście nic nie ruszam żeby przypadkiem nie namieszać.

Nie wiem czy to ważne ale ten Ukash zmienił się w Interpol Security

Atis · 22 Sierpień 2014 12:37

Nie rozumiesz, że nie masz infekcji.

To tylko strona internetowa żeby przestraszyć użytkownika.

Wyczyść pamięć podręczną przeglądarki i przestań wchodzić na zainfekowane strony.

Skasuj folder C:\FRST

Odinstaluj Adobe Flash Player 14 Plugin

Zainstaluj Flash Player 14.0.0.179 Internet Explorer i Internet Explorer 8

tomyclik · 22 Sierpień 2014 12:54

Dzięki Atis! Pozdrawiam.