Prawdopodobnie wirus trojan. Proszę o pomoc, wysyłam logi: Logfile of Trend Micro HijackThis v2.0.4

Pobierz Farbar Recovery Scan Tool zgodny z wersją systemu 32-bit lub 64-bit. Uruchom FRST i kliknij Scan. Pokaż raport FRST i Addition jako załączniki.

Odinstaluj SweetIM for Messenger 3.7,YAC(Yet Another Cleaner!). Otwórz notatnik systemowy i wklej: Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze. Uruchom jako administrator FRST i kliknij w Fix. Pobierz i uruchom jako administrator AdwCleaner Kliknij Scan i później Cleaning.

Wymagane sa logi z FRST w ZALACZNIKU, a nie bezuzyteczny log z HJT!

@Acorus20 serdeczne dzięki za wskazówki które okazały się pomocne. Wszystko znów działa poprawnie a uporczywe reklamy które pojawiały się na stronach zniknęły Jeszcze raz serdeczne dzięki. Pozdrawiam serdecznie.

REKLAMA

Adblock/uBlockOrigin/AdGuard mogą powodować znikanie niektórych postów z powodu nowej reguły.

Prawdopodobnie wirus trojan. Proszę o pomoc, wysyłam logi:

alexsa2 03 Maj 2015 14:00 1179 5

REKLAMA

Zgłoś naruszenie prawa

| Nowy temat

#1 14664767 03 Maj 2015 14:00

alexsa2 alexsa2

Poziom 11

Posty: 131

Ocena: 13
Autor tematu

Post #1
14664767 03 Maj 2015 14:00

Prawdopodobnie wirus trojan. Proszę o pomoc, wysyłam logi:

Logfile of Trend Micro HijackThis v2.0.4
Spoiler:
Scan saved at 12:53:10, on 2015-05-03
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)

FIREFOX: 38.0 (x86 pl)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Users\Alexsa2\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Elex-tech\YAC\iDesk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Alexsa2\Downloads\HijackThis_2.0.4.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [F.lux] "C:\Users\Alexsa2\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - (no file)
O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (file missing)
O23 - Service: CyberLink PowerDVD 11.0 Service - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9449 bytes
REKLAMA
Pomocny post

#2 14665183 03 Maj 2015 16:43

Acorus 20 Acorus 20

Poziom 43

Posty: 10541

Pomógł: 3247

Ocena: 1063
Pomocny post? (+1)

Pomocny post
Post #2
14665183 03 Maj 2015 16:43

Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.
Uruchom FRST i kliknij Scan. Pokaż raport FRST i Addition jako załączniki.
REKLAMA
#3 14665194 03 Maj 2015 16:49

Kolobos Kolobos

Spec od komputerów

Posty: 85152

Pomógł: 17159

Ocena: 10419
Pomocny post? (0)

Post #3
14665194 03 Maj 2015 16:49

Wymagane sa logi z FRST w ZALACZNIKU, a nie bezuzyteczny log z HJT!
REKLAMA
#4 14665376 03 Maj 2015 18:05

alexsa2 alexsa2

Poziom 11

Posty: 131

Ocena: 13
Autor tematu Pomocny post? (0)

Post #4
14665376 03 Maj 2015 18:05

Odsyłam prawidłowe logi.

Załączniki:

Addition.txt (51.06 KB) Musisz być zalogowany, aby pobrać ten załącznik.

FRST.txt (73.65 KB) Musisz być zalogowany, aby pobrać ten załącznik.
REKLAMA
Pomocny post

#5 14665465 03 Maj 2015 18:35

Acorus 20 Acorus 20

Poziom 43

Posty: 10541

Pomógł: 3247

Ocena: 1063
Pomocny post? (+1)

Pomocny post
Post #5
14665465 03 Maj 2015 18:35

Odinstaluj SweetIM for Messenger 3.7,YAC(Yet Another Cleaner!). Otwórz notatnik systemowy i wklej:

Cytat:
Hosts:
Task: {1F1DD8BA-4BE8-470F-B192-487F4ECAB845} - \LaunchSignup No Task File <==== ATTENTION
Task: {5AA934D7-5D12-41C7-A57B-4982076FAA2F} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {71258C0B-872A-4CD5-8386-641CF21ED0B0} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {71B573C5-5781-44D3-A693-A91E46E81E26} - System32\Tasks\IOX5zVCOqeyBZl0vZ => C:\Users\Alexsa2\AppData\Roaming\IOX5zVCOqeyBZl0vZ.exe <==== ATTENTION
Task: {B94F94F8-930E-4C92-ADE5-CC51FB3B9F08} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: C:\Windows\Tasks\IOX5zVCOqeyBZl0vZ.job => C:\Users\Alexsa2\AppData\Roaming\IOX5zVCOqeyBZl0vZ.exe <==== ATTENTION
HKU\S-1-5-21-4221770284-1464191300-4186219855-1003\...\RunOnce: [StartMSu] => "C:\Program Files (x86)\Creative\MediaSource5\Startmsu.exe" /s
HKU\S-1-5-21-4221770284-1464191300-4186219855-1003\...\RunOnce: [InetReg] => "C:\Program Files (x86)\Creative\Product Registration\English\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6
HKU\S-1-5-21-4221770284-1464191300-4186219855-1003\...\RunOnce: [CTAutoUpdate] => "C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe" /RunFromInstaller
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=wdcxwd10ealx-009ba0_wd-wcatr555642556425&ts=1430649713
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=wdcxwd10ealx-009ba0_wd-wcatr555642556425&ts=1430649713
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=wdcxwd10ealx-009ba0_wd-wcatr555642556425&ts=1430649713
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=wdcxwd10ealx-009ba0_wd-wcatr555642556425&ts=1430649713
SearchScopes: HKU\S-1-5-21-4221770284-1464191300-4186219855-1000 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=wdcxwd10ealx-009ba0_wd-wcatr555642556425&ts=1430649713
SearchScopes: HKU\S-1-5-21-4221770284-1464191300-4186219855-1000 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-4221770284-1464191300-4186219855-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=wdcxwd10ealx-009ba0_wd-wcatr555642556425&ts=1430649713
SearchScopes: HKU\S-1-5-21-4221770284-1464191300-4186219855-1003 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=wdcxwd10ealx-009ba0_wd-wcatr555642556425&ts=1428678104
SearchScopes: HKU\S-1-5-21-4221770284-1464191300-4186219855-1003 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-4221770284-1464191300-4186219855-1003 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=wdcxwd10ealx-009ba0_wd-wcatr555642556425&ts=1428678104
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
FF Extension: FF Toolbar - C:\Users\Alexsa2\AppData\Roaming\Mozilla\Firefox\Profiles\xz6bawns.default-1428060159354\Extensions\fftoolbar2014@etech.com [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Alexsa2\AppData\Roaming\Mozilla\Firefox\Profiles\xz6bawns.default-1428060159354\extensions\fftoolbar2014@etech.com
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-04-30] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-04-30] <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx [Not Found]
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-03-20] (Elex do Brasil Participações Ltda)
S2 CyberLink PowerDVD 11.0 Monitor Service; "C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe" [X]
S2 CyberLink PowerDVD 11.0 Service; "C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe" [X]
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [249000 2015-03-20] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45224 2015-03-20] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [99496 2015-03-20] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [42152 2015-03-20] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [93352 2015-03-20] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-02-15] (Elex do Brasil Participações Ltda)
S3 ALSysIO; \??\C:\Users\Alexsa2\AppData\Local\Temp\ALSysIO64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7751v140\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_T; \??\C:\Program Files (x86)\MSI\OTPService\NTIOLib_X64.sys [X]
S2 ntk_PowerDVD; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [X]
2015-04-20 12:07 - 2015-04-20 12:07 - 00003168 _____ () C:\Windows\System32\Tasks\{342158F9-2F80-4BDD-883F-EAB9BD611B36}
2015-04-04 21:06 - 2015-04-04 21:06 - 00003176 _____ () C:\Windows\System32\Tasks\{9B331B75-268D-4EAD-B4CA-1209C1CB4FE8}
2015-04-03 18:12 - 2015-04-03 18:12 - 00000000 ____D () C:\Users\Alexsa2\AppData\Roaming\Elex-tech
2015-04-03 18:12 - 2015-04-03 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2015-04-03 18:12 - 2015-04-03 18:12 - 00000000 ____D () C:\Program Files (x86)\Elex-tech
2015-04-03 18:12 - 2015-03-20 04:49 - 00045224 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-04-03 18:12 - 2015-02-15 09:37 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-04-03 18:11 - 2015-04-03 18:18 - 00000000 ____D () C:\Users\Alexsa2\AppData\Roaming\eCyber
2015-03-31 09:14 - 2015-03-31 09:14 - 0004387 _____ () C:\Users\Alexsa2\AppData\Roaming\ftOKVKcPVXH9XLzNprcl3M
2015-03-31 09:14 - 2015-03-31 09:14 - 0004387 _____ () C:\Users\Alexsa2\AppData\Roaming\IOX5zVCOqeyBZl0vZ
C:\Users\Alexsa2\ntuser (2).dat
C:\Users\Alexsa2\SH-S223C_SB07.exe
C:\Users\Alexsa2\xobglu16.dll
C:\Users\Alexsa2\xobglu32.dll
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Uruchom jako administrator FRST i kliknij w Fix. Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.
#6 14665672 03 Maj 2015 19:43

alexsa2 alexsa2

Poziom 11

Posty: 131

Ocena: 13
Autor tematu Pomocny post? (0)

Post #6
14665672 03 Maj 2015 19:43

@Acorus20 serdeczne dzięki za wskazówki które okazały się pomocne. Wszystko znów działa poprawnie a uporczywe reklamy które pojawiały się na stronach zniknęły Jeszcze raz serdeczne dzięki. Pozdrawiam serdecznie.
Zarejestruj konto, Zaloguj się i bądź aktywny na forum, a wtedy reklamy nie będą się pojawiać. Otrzymaj punkty za rejestrację oraz odpowiedzi.

Zainstaluj aplikację Elektroda

| Nowy temat

Zgłoś naruszenie prawa

REKLAMA