URL:Mal Avast


(Ja Cie Ninja) #1

Cześć wszystkim. 

Avast cały czas sygnalizuje mi zablokowanie zagrożenia URL:Mal. Skany systemu nic nie wykrywają. 

Dołączam logi z Farbar Recovery Scan Tool.

FRST: http://wklej.org/id/2255404/

Addition: http://wklej.org/id/2255405/


(Atis) #2

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

CloseProcesses:
HKLM-x32\...\Run: [mcui_exe] = "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM\...\Run: [IntelTBRunOnce] = wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKU\S-1-5-21-2447425306-2777386305-186753463-1001\...\Run: [Akamai NetSession Interface] = C:\Users\Dziko\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2447425306-2777386305-186753463-1001\...\Run: [home] = wscript.exe //B "C:\Users\Dziko\AppData\Roaming\home.vbe"
Startup: C:\Users\Dziko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\home.vbe [2015-09-08] ()
SearchScopes: HKU\S-1-5-21-2447425306-2777386305-186753463-1001 - DefaultScope {59417351-56AF-4DC9-A4D5-457DB94BC12F} URL =
SearchScopes: HKU\S-1-5-21-2447425306-2777386305-186753463-1001 - {59417351-56AF-4DC9-A4D5-457DB94BC12F} URL =
Toolbar: HKLM - Brak nazwy - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Brak pliku
Toolbar: HKLM - Brak nazwy - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Brak pliku
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dziko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
2016-04-09 16:48 - 2016-04-09 16:48 - 00000000 __HDC C:\ProgramData\{05EE3202-A879-4F9D-895C-AC535855E0A9}
2016-04-06 10:21 - 2015-09-08 22:04 - 0092629 ___SH () C:\Users\Dziko\AppData\Roaming\home.vbe
2015-02-04 15:41 - 2003-04-09 11:28 - 0233472 ____ R () C:\Users\Dziko\AppData\Roaming\MafiaSetup.exe
C:\ProgramData\*.log
Task: {16DADEF8-20A7-4680-A5F6-369D83D37A37} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d - Brak pliku ==== UWAGA
Task: {2B9A7FF7-A62A-4E7B-9D18-EB36D27E60F2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d - Brak pliku ==== UWAGA
Task: {2FE2E90D-FA07-4C4D-945F-B6EBA228A408} - \Microsoft\Windows\Setup\gwx\launchtrayprocess - Brak pliku ==== UWAGA
Task: {31A2F0A0-6CC9-4E9A-B147-24EDFBA072B8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - Brak pliku ==== UWAGA
Task: {71169652-8471-4241-B635-E8E61681C38D} - System32\Tasks\{09DE4641-7CAE-4037-85C7-504428480294} = pcalua.exe -a F:\NFS_Carbon\NFSC.exe -d F:\NFS_Carbon
Task: {76024A9A-D746-42B3-886E-93EF6D49CA10} - System32\Tasks\{1D6DA207-E597-4AD7-93F9-B9925C4AD311} = pcalua.exe -a F:\NX6\NX6\NX6_update01\Launch.exe -d F:\NX6\NX6\NX6_update01
Task: {7F2B8CB3-8800-4FB0-A47D-25362605FDB8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d - Brak pliku ==== UWAGA
Task: {88B207B3-9664-41E0-A9FA-663BEF1B5308} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent - Brak pliku ==== UWAGA
Task: {8B50E925-0CE9-419D-8757-B7B83C44FA57} - System32\Tasks\{E39BE143-33E9-4951-9FF7-05E904664F04} = pcalua.exe -a F:\NFS_Carbon\EAUninstall.exe
Task: {99B597FA-9DFC-4776-94A8-CF4CB8C20337} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig - Brak pliku ==== UWAGA
Task: {A08614AE-72B1-4262-B4B7-4F0E5F40D7D6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d - Brak pliku ==== UWAGA
Task: {AD5D3A5F-3621-4774-B395-02302BFAB0F4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - Brak pliku ==== UWAGA
Task: {AE756AFD-4CC5-4485-ABDC-2DE145F13331} - System32\Tasks\{C5D051D6-4ACC-4C02-8E03-734AEAB63580} = Chrome.exe hxxp://ui.skype.com/ui/0/7.7.0.103/pl/go/help.faq.installer?source=lightinstalleramp;LastError=1601
Task: {B8C980F5-FCBE-4BE8-A6D5-0431120BB8D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d - Brak pliku ==== UWAGA
Task: {BCEC8445-37F0-4E8F-AADF-50D14EB33D23} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - Brak pliku ==== UWAGA
Task: {E83483DF-C0E3-4281-B8D1-B0F67F4F1CE8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - Brak pliku ==== UWAGA
EmptyTemp:

Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.