Elektroda.pl
Elektroda.pl
X

Wyszukiwarki naszych partnerów

Wyszukaj w ofercie 200 tys. produktów TME
Europejski lider sprzedaży techniki i elektroniki.
Proszę, dodaj wyjątek elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Perfect Keylogger - błąd przy ładowaniu systemu.

Solus92 15 Sie 2014 13:25 1173 14
  • #1 15 Sie 2014 13:25
    Solus92
    Poziom 5  

    Witam. Po instalacji Perfect Keyloggera, wszystko było ok do momentu wyłączenia kompa. Po ponownym uruchomieniu i zalogowaniu do systemu na pulpicie pojawia się jedynie kursor, brak reakcji na cokolwiek. Przypuszczam, że w tym tym temacie był podobny problem:
    https://www.elektroda.pl/rtvforum/viewtopic.php?p=7430750#7430750
    Niemniej moja wiedza jest w zasadzie żadna i nie chce ryzykować dotykania combofix'a bez rady kogoś obeznanego.
    Dodaje raport z OTL przy domyślnych ustawieniach.
    Byłbym wdzięczny za wyjaśnienie co tam nawaliło i co zrobić żeby ten błąd się nie pojawiał, jednak priorytetem jest oczywiście przywrócenie normalnej pracy systemu.
    Z góry dzięki za pomoc bardzo potrzebuje tego kompa, nie tylko w trybie awaryjnym :/

  • #2 15 Sie 2014 13:31
    Kolobos
    Spec od komputerów

    Uzyj przywracania systemu i przywroc system do czasu przed instalacja.

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun:
    http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

    Daj w zalaczniku logi z FRST:
    http://www.fixitpc.pl/topic/61-diagnostyka-ogólne-raporty-systemowe/#entry119294

    Zrob pelny skan przy pomocy Mbam:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

  • #3 15 Sie 2014 13:54
    Solus92
    Poziom 5  

    Obawiam się, że że coś w ochronie systemu było nie tak, bo krzyczy, że nie ma punktów przywracania żadnych. Czy wykonać pozostałe kroki w trybie awaryjnym po prostu?

  • #4 15 Sie 2014 14:20
    Kolobos
    Spec od komputerów

    Tak, wykonaj reszte.

  • #6 15 Sie 2014 20:00
    Kolobos
    Spec od komputerów

    Tak, usunac to co wykryl.

    Daj jeszcze addition.txt z FRST.

  • #7 16 Sie 2014 13:16
    Solus92
    Poziom 5  

    Hmm to trialowa wersja jest. jedyne akcje jakie da się podjąć po skanie to: ignoruj raz, kwarantanna i dodaj wykluczenie. Mogę to wypieprzyć ręcznie.


    ps. Czemu mu sie nie podoba na przykład DAEMONToolsPro520-0348.exe ?

  • #8 16 Sie 2014 15:06
    Kolobos
    Spec od komputerów

    Wybierz kwarantanne.

    Daemon zapewne instaluje szkodliwe dodatki przy instalacji wlasciwego programu.

    Odinstaluj:
    Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
    Movies Toolbar for Internet Explorer (Dist. by Somoto Ltd.) (HKLM-x32\...\somotomoviestoolbar1IE) (Version: 1.6.2.0 - APN LLC) <==== ATTENTION
    Search.us.com (HKCU\...\{C4DEDE0A-96DD-4102-9807-34DCA5E23813}) (Version: - Search.us.com)
    Search.us.com (HKCU\...\{D7256F88-A762-44C1-9791-DE48D123C011}) (Version: - Search.us.com)

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    HKLM-x32\...\Run: [WService] => WService.exe
    Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S0].txt [10755 2014-08-15] ()
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: G - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: H - H:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {01a7f8cd-8422-11e2-ab7c-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {0459ba2d-55a6-11e3-bb2c-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {0616fa03-79fb-11e3-bb80-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {0abba6f2-6a2f-11e3-b7d2-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {0c8fc1dd-6d58-11e3-aefb-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {0c8fc1fb-6d58-11e3-aefb-74e543f06720} - H:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {0e9f5032-d9c8-11e2-963c-74e543f06720} - H:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {11f348b9-616e-11e3-ae48-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {1290058f-8369-11e3-bdf8-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {12900595-8369-11e3-bdf8-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {1cc4b8d6-ac00-11e2-bffc-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {1db3e2c2-5a81-11e3-ac6a-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {2079b930-87d5-11e2-b94f-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {2079b93a-87d5-11e2-b94f-74e543f06720} - G:\AutoRun.exe




    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {23f79f0d-6404-11e3-bbf1-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {23f79f3b-6404-11e3-bbf1-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {26d0d9ee-0801-11e4-97e8-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {2874b056-d1d4-11e2-b33f-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {28d68672-01b3-11e3-bef8-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {2b6f1291-7d2b-11e3-9f98-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {2b6f12d6-7d2b-11e3-9f98-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {2db7f272-e415-11e2-bf08-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {3205f312-aa7e-11e2-8f8e-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {38dd83f5-bce8-11e2-96b3-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {394f2aa0-955f-11e3-bad1-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {394f2aa6-955f-11e3-bad1-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {399b593d-6326-11e3-b9d2-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {399b5973-6326-11e3-b9d2-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {3e01a897-85bd-11e3-8b0d-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {3f5d6283-25e2-11e3-ba4e-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {44f0dd38-16be-11e3-b831-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {48b4c98b-d44a-11e2-baa9-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {48cfda03-8a64-11e2-b8c1-b4b52f779117} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {4f467cf7-ff42-11e2-b7df-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {538e76b8-5cff-11e3-85f2-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {55717be9-0fe9-11e3-9004-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {585121ef-beb8-11e2-aab7-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {585121f8-beb8-11e2-aab7-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {5a76daf5-c946-11e2-be9f-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {5a76db02-c946-11e2-be9f-74e543f06720} - J:\arun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {5a76db79-c946-11e2-be9f-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {5a76db88-c946-11e2-be9f-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {5c12d909-d90f-11e2-bf48-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {5e71b5a5-829f-11e3-bab4-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {61f182aa-c78a-11e2-80a0-806e6f6e6963} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {61f18311-c78a-11e2-80a0-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {61f1838a-c78a-11e2-80a0-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {61f18420-c78a-11e2-80a0-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {6525954d-b472-11e3-9674-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {66837db3-1d24-11e3-bbfe-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {674d70fb-94d7-11e2-a979-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {6a51855d-9281-11e2-8dc3-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {6a7af439-59b8-11e3-8f43-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {6a7af446-59b8-11e3-8f43-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {7338e2f5-d71c-11e2-81f5-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {7338e310-d71c-11e2-81f5-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {734a64d0-bbb8-11e2-ba86-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {7650c7c8-84fa-11e2-8d88-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {7650c7cd-84fa-11e2-8d88-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {7650c895-84fa-11e2-8d88-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {7ab706ae-7f7f-11e3-970c-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {7aff2521-c247-11e2-9047-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {7e0a5803-5ff5-11e3-b791-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {7e0a5879-5ff5-11e3-b791-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {7e0a5889-5ff5-11e3-b791-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {7f22c12f-0cd8-11e3-8dd6-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {81e85824-8290-11e3-968d-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {8cc70a88-867c-11e3-baac-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {8e8cd3ae-5873-11e3-ba33-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {8e8cd3b3-5873-11e3-ba33-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {8f0d31e9-7f9a-11e2-ac36-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {8f0d325c-7f9a-11e2-ac36-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {9acb3d2a-c171-11e2-9c8a-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {9acb3dcd-c171-11e2-9c8a-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {9acb3dd3-c171-11e2-9c8a-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {9d563315-2609-11e3-bb50-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {9ee505e3-9249-11e3-b81a-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {a0c0ac55-f310-11e2-aed4-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {a27c1a11-fdb8-11e2-93ff-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {a27c1abd-fdb8-11e2-93ff-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {aa18fa71-5826-11e3-803b-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {b96c0a08-7e9f-11e3-a050-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {c06b0e16-05e0-11e4-bad2-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {c6012575-5743-11e3-b8ff-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {ce7ef5ca-0b43-11e3-93f3-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {cead29a5-529e-11e3-bea2-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {cead29fe-529e-11e3-bea2-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {dadb969e-9548-11e2-b406-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {e31c8b72-9c44-11e2-871e-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {e99c6beb-0e25-11e3-bf1e-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {eb594906-7ed3-11e2-af47-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {eb59493d-7ed3-11e2-af47-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {efd56926-12e8-11e3-b20c-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {f186f102-c46d-11e2-bb20-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {f186f109-c46d-11e2-bb20-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {f186f118-c46d-11e2-bb20-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {f186f179-c46d-11e2-bb20-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {f186f28d-c46d-11e2-bb20-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {f186f2ce-c46d-11e2-bb20-74e543f06720} - H:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {f448cc89-a0b0-11e2-957a-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {f8991722-b99b-11e2-9078-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {f899176a-b99b-11e2-9078-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {fa74ad1e-d011-11e2-a941-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {fac3cce9-97c8-11e3-969e-74e543f06720} - G:\AutoRun.exe
    HKU\S-1-5-21-3165002146-305848723-799885356-1001\...\MountPoints2: {fdf22714-821b-11e3-b858-74e543f06720} - G:\AutoRun.exe
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk
    ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\C2MP\TrayMenu.exe ()
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
    ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
    SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=...ND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
    SearchScopes: HKLM-x32 - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=...ND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
    SearchScopes: HKCU - {0D75FC6B-9005-429B-9F39-7024A55F2CF6} URL = http://search.yahoo.com/search?fr=chr-greentr...mp;ei=utf-8&ilc=12&type=888596&p={searchTerms}
    SearchScopes: HKCU - {422166C2-E2EB-4046-A513-0F45DF35659B} URL = http://search.us.com/serp?guid={C4DEDE0A-96DD-4102-9807-34DCA5E23813}&action=default_search&serpv=5&k={searchTerms}
    SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=...ND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
    SearchScopes: HKCU - {D80B681F-96EC-43F9-A7BF-304C62887C35} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=197B5684-6B41-498F-A0FE-44235504380F&apn_sauid=65F25915-8CFE-42FB-B747-5661A21AD90F
    FF Plugin HKCU: @tightropeinteractive.com/Plugin -> C:\Users\$$$$\AppData\Local\TNT2\2.0.0.1534\npTNT2.dll (Search.Us.com)
    FF Plugin HKCU: @tnt2ghost.com/Plugin -> C:\Users\$$$$\AppData\Local\TNT2\2.0.0.1534\npTNT2ghost.dll (Search.Us.com)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    CHR Extension: (Helper extension) - C:\Users\$$$$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchpfiddbhbdnagofhkjlaiaejmkdcla [2013-11-17]
    2014-08-15 14:36 - 2014-08-15 14:47 - 00000000 ____D () C:\AdwCleaner

    W FRST wybierz Fix.

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun:
    http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

    Po wykonaniu daj nowy log z OTL oraz logi z FRST, ze skanowania.

  • #10 18 Sie 2014 11:03
    Kolobos
    Spec od komputerów

    Wykonaj skrypt w OTL:

    :OTL
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O4 - HKCU..\RunOnce: [Report] C:\AdwCleaner\AdwCleaner[S1].txt ()
    [2014-08-17 18:08:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner


    Czy problem nadal wystepuje? W logach nie widac nic ciekawego.

  • #11 18 Sie 2014 19:32
    Solus92
    Poziom 5  

    Wykonany.

    Problem jak był tak jest. Czasem zdarzyło mu się załadować tapetę, pasek zadań i ikony z pulpitu. Ale jak próbowałem coś zrobić to zwieszał się na twardo. Teraz jest jak było wcześniej. Po logowaniu czarny ekran i kursor, nic nie działa menadżera zadań też nie da się włączyć.

    Coś po tym keyloggerze musiało zostać bo jak wpisać w trybie awaryjnym w wyszukiwarkę plików unhide to pojawia sie na ułamek sekundy jakieś okno, które zaraz znika.

  • #12 18 Sie 2014 19:35
    Kolobos
    Spec od komputerów

    W logu nic nie widac.

    Daj jeszcze log z TDSSKiller.

  • #15 19 Sie 2014 13:36
    Solus92
    Poziom 5  

    No nic. Szkoda, chciałem za wszelką cenę tego uniknąć bo nie mam żadnego dysku zewnętrznego a masa danych na tym kompie których nie mogę stracić :/
    I tak dzięki za pomoc.

 Szukaj w ofercie
Zamknij 
Wyszukaj w ofercie 200 tys. produktów TME