Url:mal avast przy otwieraniu kart w Chromie


(Logifringe) #1

Przy otwieraniu stron w chromie, avast informuje o zarażeniu url:mal, obiekt:https://codegv.ru

 

Otl:

otl: http://wklej.to/tbFEf

extras: http://wklej.to/TfA7I

 

FRST

Additional: http://wklej.to/wUVNv

Frst: http://wklej.to/F0NvE

 

 


(Atis) #2

Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.


(Logifringe) #3

Frst http://wklej.to/n5ATp


(Atis) #4

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

Fatal1ty UtilityHKU\S-1-5-21-3821626288-2620339525-3063120332-1000\...\Run: [Fatal1tySTU] => [X]
HKU\S-1-5-21-3821626288-2620339525-3063120332-1000\...\RunOnce: [AsrOMG_Day0] => [X]
HKU\S-1-5-21-3821626288-2620339525-3063120332-1000\...\RunOnce: [AsrOMG_Day1] => [X]
HKU\S-1-5-21-3821626288-2620339525-3063120332-1000\...\RunOnce: [AsrOMG_Day2] => [X]
HKU\S-1-5-21-3821626288-2620339525-3063120332-1000\...\RunOnce: [AsrOMG_Day3] => [X]
HKU\S-1-5-21-3821626288-2620339525-3063120332-1000\...\RunOnce: [AsrOMG_Day4] => [X]
HKU\S-1-5-21-3821626288-2620339525-3063120332-1000\...\RunOnce: [AsrOMG_Day5] => [X]
HKU\S-1-5-21-3821626288-2620339525-3063120332-1000\...\RunOnce: [AsrOMG_Day6] => [X]
AppInit_DLLs-x32: => "" File Not Found
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {47AD8455-59D3-49E6-8888-130B38830108} URL = http://www.only-search.com/?babsrc=SP_kms&affID=129300&tt=020914_onst&mntrid=EA11BC5FF4F4A420&tsp=5363&q={searchTerms}&r=439
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR Extension: (AS Magic Player) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2014-10-25]
CHR HKCU\...\Chrome\Extension: [kpckgflgdapkpabemgkielbefdildaio] - C:\Users\kamil\AppData\Roaming\ACEStream\extensions\chrome_new\magicplayer.crx []
C:\Users\kamil\AppData\Roaming\ACEStream
S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz137; \??\C:\Users\kamil\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
C:\_OTL
C:\Qoobox
C:\Program Files (x86)\Temp
Task: {253C972D-6D00-4CA8-A8EF-53340F9DB6D5} - System32\Tasks\{2476B637-740A-430A-B1A5-BA531111F3A4} => C:\Windows\system32\msiexec.exe [2009-07-14] (Microsoft Corporation)
Task: {36B202AF-167F-49D7-AFE8-4988543DBE08} - System32\Tasks\{8312AE38-D2B3-43A4-B98C-F23B4E40C1BE} => C:\Program Files (x86)\Codemasters\Rise of the Argonauts\Binaries\RiseOfTheArgonauts.exe
Task: {4F3D9EE6-087D-4D2E-806F-B1BDB0FF4BA4} - System32\Tasks\{704C38EB-E8C2-4E2E-8178-4F0F24D27A91} => C:\Program Files (x86)\Codemasters\Rise of the Argonauts\Binaries\RiseOfTheArgonauts.exe
Task: {CC5AEEFF-C364-43BA-A8AB-5C41498C14F5} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {DAF1D7FA-C6B5-4297-8D02-73E35B4E20DB} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {FB1D7580-913A-4C30-9885-3AC0A38D3853} - System32\Tasks\{67CA663E-E89D-4FD2-A044-251B82DDF2C6} => C:\Users\kamil\Downloads\FarmingSimulator2013_NoDVD\FarmingSimulator2013Game.exe
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.


(Logifringe) #5

Chyba już jest ok. Dzięki wielkie.

 

FRST http://wklej.to/yNyQ3

FIX http://wklej.to/rackM


(Atis) #6

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKU\S-1-5-21-3821626288-2620339525-3063120332-1000\...\Run: [Fatal1tySTU] => [X]
C:\AdwCleaner
C:\ComboFix.txt
C:\Users\kamil\Downloads\FRST-OlderVersion
Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows" /v AppInit_DLLs /t REG_SZ /d "" /f
DeleteQuarantine:

Uruchom FRST i kliknij Fix. Później skasuj folder C:\FRST

Odinstaluj:

Adobe Flash Player 15 ActiveX

Adobe Flash Player 15 Plugin

Java 7 Update 67

Zainstaluj:

Flash Player 15.0.0.189 Plugin

Flash Player 15.0.0.189 ActiveX

Java 8 Update 25

Service Pack 1 x64 (903.2 MB)

Internet Explorer 11