Wirus w Chrome

anon5363518 · 2 Styczeń 2016 18:17

Witam, mój problem wygląda podobnie jak tutaj: http://forum.dobreprogramy.pl/wirus-na-przegladarce-chrome-506926t.html tyle że wirus nazywa się coldsearch. Proszę o pomoc.

FRST http://www.wklej.org/id/1894315/

Addition http://www.wklej.org/id/1894318/

Shortcut http://www.wklej.org/id/1894319/

Atis · 2 Styczeń 2016 18:47

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

Winlogon\Notify\igfxcui: igfxdev.dll [X]
ShellIconOverlayIdentifiers: [SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7} =  Brak pliku
ShellIconOverlayIdentifiers: [SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} =  Brak pliku
ShellIconOverlayIdentifiers: [SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} =  Brak pliku
ShellIconOverlayIdentifiers: [GGDriveOverlay1] - {E68D0A50-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll Brak pliku
ShellIconOverlayIdentifiers: [GGDriveOverlay2] - {E68D0A51-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll Brak pliku
ShellIconOverlayIdentifiers: [GGDriveOverlay3] - {E68D0A52-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll Brak pliku
ShellIconOverlayIdentifiers: [GGDriveOverlay4] - {E68D0A53-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll Brak pliku
GroupPolicy: Ograniczenia - Chrome ======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia ======= UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4118013680-3836196915-2330699128-1001 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-4118013680-3836196915-2330699128-1001 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-4118013680-3836196915-2330699128-1001 - {3CD242FD-3221-4896-B3F0-1AB473ED083A} URL =
BHO: Brak nazwy - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - Brak pliku
BHO: Brak nazwy - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - Brak pliku
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} -  Brak pliku
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-26] ()
S1 {0b8efc7b-9d58-4cc6-9916-8445c9d2e11f}Gw64; system32\drivers\{0b8efc7b-9d58-4cc6-9916-8445c9d2e11f}Gw64.sys [X]
S2 MustangService_2015_10_10; C:\ProgramData\TempMoudleSet\MustangSer270.exe [235776 2015-12-15] (MustangService)
2016-01-02 17:45 - 2016-01-02 17:51 - 00000000 ____ D C:\AdwCleaner
2016-01-02 17:15 - 2016-01-02 17:15 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Kamila\Downloads\SpyHunter-Installer (2).exe
2016-01-02 13:11 - 2016-01-02 17:18 - 00000001 _____ C:\WINDOWS\SysWOW64\pl.html
2015-12-27 16:00 - 2015-12-27 16:00 - 00000000 ____ D C:\ProgramData\TempMoudleSet
2015-12-26 17:09 - 2015-12-26 17:09 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Kamila\Downloads\SpyHunter-Installer (1).exe
2015-12-26 17:09 - 2015-12-26 17:09 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2015-12-23 11:53 - 2015-12-23 11:54 - 00000000 ____ D C:\ProgramData\iWdMi
Task: {00DEB0DA-5799-41A3-9B69-50E7BA857DB0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d - Brak pliku ==== UWAGA
Task: {252A1A38-7FA1-4AF1-87CB-A2FC01C9A762} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd - Brak pliku ==== UWAGA
Task: {398376BE-3477-4324-84D0-18EEB13B9C7A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - Brak pliku ==== UWAGA
Task: {4370F276-110F-447D-B8BF-ED836517BCF4} - System32\Tasks\MakeMarkerFile = C:\ProgramData\MakeMarkerFile.exe [2012-08-08] (Samsung Electronics) ==== UWAGA
C:\ProgramData\MakeMarkerFile.exe
Task: {639A621D-A30F-4E01-B0F5-182959DDE050} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d - Brak pliku ==== UWAGA
Task: {6836BE11-8F38-4A91-ADDC-BFAC5F6D1768} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d - Brak pliku ==== UWAGA
Task: {6BE529F1-E559-48E3-9AAC-2E72F5105258} - System32\Tasks\DriverDocRunAtStartup = C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe
Task: {6DC4D82E-47F8-4E5D-A9FE-0B2E4B3F9852} - System32\Tasks\DriverDoc_UPDATES = C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe
Task: {70FAA195-F238-4F7C-BB2E-2178862F8003} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d - Brak pliku ==== UWAGA
Task: {798AA0A6-4F43-44A7-AEB1-B48A34657469} - \Microsoft\Windows\Setup\gwx\launchtrayprocess - Brak pliku ==== UWAGA
Task: {7E92ACF0-45E2-4DB8-BA27-3DAD53FDC105} - System32\Tasks\{39E9B547-4EBF-40EC-915B-3C903AAEF2E7} = pcalua.exe -a C:\AMD\WU-CCC2\ccc2_install\WULaunchApp.exe -c -uninstall
Task: {7F12445E-47BF-44F9-B55A-9106E7DF7696} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d - Brak pliku ==== UWAGA
Task: {9AA0A4BE-6604-4CF8-BD08-AD53964EF831} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - Brak pliku ==== UWAGA
Task: {BAAF89FB-48DD-44DD-AC92-C4B3E638CDEC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent - Brak pliku ==== UWAGA
Task: {CDFFF3EA-79C4-42A1-9652-A9D266757E52} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig - Brak pliku ==== UWAGA
Task: C:\WINDOWS\Tasks\DriverDoc_UPDATES.job = C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe
EmptyTemp:

Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.

anon5363518 · 2 Styczeń 2016 19:42

Fixlog http://www.wklej.org/id/1894402/

FRST http://www.wklej.org/id/1894404/

Atis · 2 Styczeń 2016 20:26

Skasuj folder C:\FRST