Zawirusowany komputer + wyskakujące reklamy w przeglądarce

joski · 15 Maj 2015 19:51

Proszę o pomoc w oczyszczeniu laptopa. Poniżej wrzucam logi

pozdrawiam

Atis · 15 Maj 2015 21:40

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

CloseProcesses:
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [LManager] => [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3937200338-3606021010-42822680-1002\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\Chola\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=1072f9645bd147d39dc1f1c0c2bc9d5a-a7bd95323a450c17f5eb19f99c56369423f89f3d /CMPID=1213b
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
Startup: C:\Users\Chola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Toolkit 2.5.4 Update.lnk [2015-04-24]
C:\ProgramData\{79b14857-0b97-e231-79b1-148570b9215c}
Startup: C:\Users\Chola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\o.lnk [2015-04-23]
C:\Users\Chola\AppData\Roaming\*.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3937200338-3606021010-42822680-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={1298A457-9308-4CEB-83DE-B3DE08CDA05F}&mid=1072f9645bd147d39dc1f1c0c2bc9d5a-a7bd95323a450c17f5eb19f99c56369423f89f3d&lang=pl&ds=AVG&coid=avgtbavg&cmpid=1214tb&pr=fr&d=2013-12-20 22:39:30&v=18.3.0.885&pid=safeguard&sg=&sap=hp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3937200338-3606021010-42822680-1002 -> {315A352D-BF3F-4D09-8909-915118484A47} URL = 
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.0.49
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
2015-04-22 22:29 - 2015-05-10 14:21 - 00000000 ____ D () C:\AdwCleaner
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Chola\AppData\Roaming\911K1TGxsF
Task: {D260078F-CD23-491C-8E9D-5D3AFC9FA8BC} - System32\Tasks\911K1TGxsF => C:\Users\Chola\AppData\Roaming\911K1TGxsF.exe <==== ATTENTION
Task: {F36B6FEC-5F9D-4D28-B06C-16D40DD5A014} - System32\Tasks\Open Chrome => Chrome.exe --new-window http://toolbar.avg.com/almost-done?pid=safeguard&amp;lang=pl
Task: C:\Windows\Tasks\911K1TGxsF.job => C:\Users\Chola\AppData\Roaming\911K1TGxsF.exe <==== ATTENTION
Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exeF--new-window http:/toolbar.avg.com/
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Odinstaluj Chrome zaznaczając usunięcie danych przeglądania za pomocą Geek Uninstaller Free: KLIK

Najpierw możesz wyeksportować zakładki: KLIK

Później zainstaluj stabilną wersję: KLIK

Kliknij Scan i pokaż nowy raport z FRST bez Addition i Shortcut.