Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Websearch, findamo itp. Reklamy, syf.

Dirtyphnonics 19 Cze 2015 01:49 498 5
  • Pomocny post
    #2 19 Cze 2015 06:05
    jan288
    Poziom 19  

    Odinstaluj , Adobe Reader 9.3 , istartsurf uninstall , Użyj AdwCleaner, opcja Scan i Clean (Szukaj i Usuń):
    https://toolslib.net/downloads/viewdownload/1-adwcleaner/
    Wykonaj pełny skan za pomocą MBAM po aktualizacji bazy wirusów i usuń wykryte zagrożenia:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/
    Wstaw w załączniku logi z FRST (FRST.txt i Addition.txt):
    http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ http://www.arcabit.pl/skaner_online .

    1
  • #4 24 Cze 2015 08:44
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {49FC7ED0-79BF-418D-9FFA-C7D074A825D2} - \Program aktualizacji online firmy Adobe. No Task File <==== ATTENTION
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    Startup: C:\Users\NamidaIro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Torpedo.lnk [2015-06-18]
    ShortcutTarget: Torpedo.lnk -> C:\Users\NamidaIro\AppData\Local\Torpedo\Torpedo.exe (Torpedo)
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => No File
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    HKU\S-1-5-21-2511427120-3752212756-3090396669-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=sft&utm_medium=installer&utm_campaign=sft
    URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2511427120-3752212756-3090396669-1000 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
    SearchScopes: HKU\S-1-5-21-2511427120-3752212756-3090396669-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
    FF DefaultSearchEngine: WebSearch
    FF SelectedSearchEngine: WebSearch
    FF Plugin HKU\S-1-5-21-2511427120-3752212756-3090396669-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
    FF HKU\S-1-5-21-2511427120-3752212756-3090396669-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]




    CHR HKU\S-1-5-21-2511427120-3752212756-3090396669-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
    S2 avgfws; No ImagePath
    S2 AVGIDSAgent; No ImagePath
    S2 avgwd; No ImagePath
    S2 Nero BackItUp Scheduler 4.0; No ImagePath
    S3 EagleX64; No ImagePath
    S3 gdrv; No ImagePath
    S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
    S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
    S3 hwusb_cdcacm; system32\DRIVERS\ew_cdcacm.sys [X]
    S3 hwusb_wwanecm; system32\DRIVERS\ew_wwanecm.sys [X]
    R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2015-06-24 01:32 - 2015-06-24 01:35 - 00000000 ____D C:\AdwCleaner
    2015-06-20 21:01 - 2015-06-20 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    2015-06-20 21:01 - 2015-06-20 21:01 - 00000000 ____D C:\Program Files\McAfee Security Scan
    2015-06-18 13:10 - 2015-06-20 21:01 - 00001935 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    2015-06-18 13:10 - 2015-06-20 21:01 - 00000000 ____D C:\ProgramData\McAfee Security Scan
    2015-06-18 13:10 - 2015-06-18 13:10 - 00000000 ____D C:\ProgramData\McAfee
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix.

    0
  • #6 24 Cze 2015 18:08
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    CloseProcesses:
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-06-18]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
    Startup: C:\Users\NamidaIro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Torpedo.lnk [2015-06-24]
    ShortcutTarget: Torpedo.lnk -> C:\Users\NamidaIro\AppData\Local\Torpedo\Torpedo.exe (No File)
    HKU\S-1-5-21-2511427120-3752212756-3090396669-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=sft&utm_medium=installer&utm_campaign=sft
    SearchScopes: HKU\S-1-5-21-2511427120-3752212756-3090396669-1000 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
    SearchScopes: HKU\S-1-5-21-2511427120-3752212756-3090396669-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
    FF DefaultSearchEngine: WebSearch
    FF SelectedSearchEngine: WebSearch
    S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe" [X]
    R1 wafd_1_10_0_18; system32\drivers\wafd_1_10_0_18.sys [X]


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix. W pasek adresu wpisz: about:support Kliknij Odśwież program Firefox.

    0