Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Masa wyskakujących reklam

margolcia402 24 Sie 2015 15:58 765 7
  • #1 24 Sie 2015 15:58
    margolcia402
    Poziom 5  

    Witam.

    Mam problem z masą wyskakujących reklam które strasznie spowalniają mi komputer. Będę wdzięczny za pomoc.

    Z jakich programów podać logi ?

    Nie wiem dlaczego nie mogę dodać załączników, nie widzę tu takiej opcji

    0 7
  • CControls
  • #2 24 Sie 2015 16:02
    Kolobos
    Spec od komputerów

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

    Daj w zalaczniku logi z FRST (Frst.txt oraz Addition.txt):
    http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
    (Instrukcja uzycia: http://www.fixitpc.pl/topic/61-diagnostyka-ogólne-raporty-systemowe/#entry119294)

    Zrob pelny skan przy pomocy Mbam i usun to co wykryje:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/


    Po nacisnieciu na przycisk "odpowiedz" pod postem na dole masz opcje dodawania zalacznikow.

    0
  • CControls
  • #4 24 Sie 2015 17:16
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {0A2AA1E9-9586-4F3B-BD8C-3F659693E1BB} - System32\Tasks\{C6735E0B-CBAB-40B4-98A8-4DD77B04BA58} => pcalua.exe -a C:\Users\Daniel\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=smt
    Task: {37806965-AE34-4742-AF53-FE163D7CF581} - System32\Tasks\{3E3EB0A3-8249-49E9-B9B3-0521351DFB28} => pcalua.exe -a C:\Users\Daniel\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=face
    Task: {8AC1BFF3-AAF8-4518-9ECB-F95AFD1398F0} - System32\Tasks\{E5D1C151-A6A3-4C38-896A-2917543D8D81} => pcalua.exe -a "C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe"
    Task: {ABBC75AD-5A79-4E83-975E-561BA4848B43} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3739023031-529980907-1880025968-1001Core => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: {F07DC16B-6699-4DB1-9777-C8332F78B8D6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3739023031-529980907-1880025968-1001UA => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\alpha_shopper_helper_service.job => C:\Program Files (x86)\Alpha Shopper\alpha_shopper_helper_service.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3739023031-529980907-1880025968-1001Core.job => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3739023031-529980907-1880025968-1001UA.job => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3739023031-529980907-1880025968-1006Core.job => C:\Users\Aneta\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3739023031-529980907-1880025968-1006UA.job => C:\Users\Aneta\AppData\Local\Facebook\Update\FacebookUpdate.exe
    HKLM-x32\...\Run: [gmsd_pl_77] => C:\Program Files (x86)\gmsd_pl_77\gmsd_pl_77.exe [3985064 2015-03-26] ()
    HKU\S-1-5-21-3739023031-529980907-1880025968-1001\...\Run: [cmifPQEC] => C:\Users\Daniel\AppData\Local\Temp\AltT9_33.exe [282624 2015-06-02] () <===== ATTENTION
    HKU\S-1-5-21-3739023031-529980907-1880025968-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKU\S-1-5-21-3739023031-529980907-1880025968-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3739023031-529980907-1880025968-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.mystartsearch.com/web/?utm_source=...TC0&ts=1427655692&type=default&q={searchTerms}
    CHR Extension: (gpbepnljaakggeobkclonlkhbdgccfek) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpbepnljaakggeobkclonlkhbdgccfek [2015-05-28]




    CHR Extension: (ifanaabofjmgladnlbckonoiohpmchik) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifanaabofjmgladnlbckonoiohpmchik [2015-04-02]
    CHR Extension: (Alpha Shopper) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojnnkfigfalgaefhdjiphlnepmjkagjd [2015-05-28]
    CHR Extension: (pfgjjlnidkopfimlhcfcjhakhifbnmof) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfgjjlnidkopfimlhcfcjhakhifbnmof [2015-04-02]
    OPR Extension: (gpbepnljaakggeobkclonlkhbdgccfek) - C:\Users\Daniel\AppData\Roaming\Opera Software\Opera Stable\Extensions\gpbepnljaakggeobkclonlkhbdgccfek [2015-05-28]
    OPR Extension: (Alpha Shopper) - C:\Users\Daniel\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojnnkfigfalgaefhdjiphlnepmjkagjd [2015-05-28]
    U3 a1ndnbpl; C:\Windows\System32\Drivers\a1ndnbpl.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
    U3 apb7vz4a; C:\Windows\System32\Drivers\apb7vz4a.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
    2015-08-24 16:20 - 2015-08-24 16:20 - 00000000 ____D C:\Users\Daniel\Desktop\FRST-OlderVersion
    2015-08-24 16:04 - 2015-08-24 16:06 - 00000000 ____D C:\AdwCleaner
    2015-04-01 13:52 - 2015-04-02 18:03 - 0002432 _____ () C:\Users\Daniel\AppData\Local\Tempai1048.html
    2015-04-15 06:34 - 2015-04-15 23:58 - 0002089 _____ () C:\Users\Daniel\AppData\Local\TempbG3920.html
    2015-04-07 22:22 - 2015-04-10 00:06 - 0002432 _____ () C:\Users\Daniel\AppData\Local\Tempcm2556.html
    2015-04-01 13:52 - 2015-04-02 18:03 - 0002089 _____ () C:\Users\Daniel\AppData\Local\TempFg1048.html
    2015-04-15 23:59 - 2015-04-21 00:03 - 0002089 _____ () C:\Users\Daniel\AppData\Local\Tempft3228.html
    2015-04-07 22:22 - 2015-04-10 00:06 - 0002089 _____ () C:\Users\Daniel\AppData\Local\TempKS2556.html
    2015-04-10 00:15 - 2015-04-10 00:15 - 0002089 _____ () C:\Users\Daniel\AppData\Local\TempLZU400.html
    2015-04-14 14:40 - 2015-04-15 03:45 - 0002089 _____ () C:\Users\Daniel\AppData\Local\TempMH3484.html
    2015-04-15 06:34 - 2015-04-15 23:58 - 0002432 _____ () C:\Users\Daniel\AppData\Local\TempPZ3920.html
    2015-04-14 14:40 - 2015-04-15 03:45 - 0002432 _____ () C:\Users\Daniel\AppData\Local\TempTo3484.html
    2015-03-31 15:23 - 2015-03-31 22:02 - 0002089 _____ () C:\Users\Daniel\AppData\Local\Tempuy2828.html
    2015-04-10 00:15 - 2015-04-10 00:15 - 0002432 _____ () C:\Users\Daniel\AppData\Local\TempVwV400.html
    2015-03-31 15:23 - 2015-03-31 22:02 - 0002432 _____ () C:\Users\Daniel\AppData\Local\Tempwk2828.html
    2015-04-15 23:59 - 2015-04-21 00:03 - 0002432 _____ () C:\Users\Daniel\AppData\Local\TempxC3228.html
    C:\Users\Daniel\AppData\Local\Temp\AltT9_33.exe
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix.

    0
  • #5 25 Sie 2015 13:15
    margolcia402
    Poziom 5  

    Ok, dzięki. Wszystko wróciło do normy. Mam ten sam problem na drugim komputerze, więc wieczorem wrzucę logi. Możecie mi polecić jakiś dobry darmowy antywirus ?

    0
  • #6 25 Sie 2015 14:50
    Kolobos
    Spec od komputerów

    Nie ma takich. Trzeba uwazac co sie robi, a antywirus moze byc dowolny, avast, avg itp.

    0
  • #8 25 Sie 2015 17:46
    Acorus 20
    Spec od komputerów

    Odinstaluj majtuto4pc_pl_9, McAfee Security Scan Plus, Update_for_BonanzaDeals, YAC(Yet Another Cleaner!). Otwórz notatnik systemowy i wklej:

    Cytat:
    CloseProcesses:
    Task: {34F116B5-72E1-474F-BA05-3534D7DA0CBB} - System32\Tasks\{276FBC15-1120-4E2A-ABD8-CB646A65C192} => Chrome.exe http://ui.skype.com/ui/0/5.3.0.120/en/abandon...e-chrome:notoffered;ienotdefaultbrowser2
    Task: {3615920F-8911-4BFF-AA67-A49978F37B54} - System32\Tasks\JEXJW => C:\Users\Acer\AppData\Roaming\JEXJW.exe <==== UWAGA
    Task: {3904059D-72B4-4E8F-905E-B975875A6A5E} - System32\Tasks\{43A3FFE5-10FF-45A9-8584-EBF4955FEDB3} => pcalua.exe -a "C:\Program Files (x86)\YouTube Accelerator\YTAUninstall.exe"
    Task: {6F97C2BB-F2E1-47F7-AB42-5E24D27DF6A1} - \The Bluetooth service discovery -> Brak pliku <==== UWAGA
    Task: {B20FDA96-39EB-4488-8F9F-364E099B69BA} - \AdobeFlashPlayerUpdate 2 -> Brak pliku <==== UWAGA
    Task: {B46C7340-B874-4C1E-ABFD-9AECAF9A2CED} - System32\Tasks\IYRQ => C:\Users\Acer\AppData\Roaming\IYRQ.exe <==== UWAGA
    Task: {C2FBDD92-87A0-46A6-9E2E-1F38F3C8BC06} - System32\Tasks\KTICYGE => C:\Users\Acer\AppData\Roaming\KTICYGE.exe <==== UWAGA
    Task: {CA90C507-3352-4733-ABD2-065C27F49E0D} - System32\Tasks\PWJELSF => C:\Users\Acer\AppData\Roaming\PWJELSF.exe <==== UWAGA
    Task: {F4B591BF-892A-4DDC-998E-88D14AB9A982} - \AdobeFlashPlayerUpdate -> Brak pliku <==== UWAGA
    Task: C:\Windows\Tasks\GadgetBox UpdaterUpdaterTask{86EAF97B-01F5-476B-896E-9E1946A8A44C}.job => C:\ProgramData\Premium\GadgetBox Updater\GadgetBox Updater.exeN/schedule /profilepath C:\ProgramData\Premium\GadgetBox Updater\profile.ini <==== UWAGA
    Task: C:\Windows\Tasks\IYRQ.job => C:\Users\Acer\AppData\Roaming\IYRQ.exe <==== UWAGA
    Task: C:\Windows\Tasks\j0km7GFOqSDAyqq.job => C:\Windows\system32\config\systemprofile\AppData\Roaming\j0km7GFOqSDAyqq.exe <==== UWAGA
    Task: C:\Windows\Tasks\JEXJW.job => C:\Users\Acer\AppData\Roaming\JEXJW.exe <==== UWAGA
    Task: C:\Windows\Tasks\KTICYGE.job => C:\Users\Acer\AppData\Roaming\KTICYGE.exe <==== UWAGA
    Task: C:\Windows\Tasks\PWJELSF.job => C:\Users\Acer\AppData\Roaming\PWJELSF.exe <==== UWAGA
    HKLM-x32\...\Run: [tuto4pc_pl_12] => [X]
    HKLM-x32\...\Run: [tuto4pc_pl_8] => [X]
    HKU\S-1-5-21-1256150823-49688030-3688170873-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Acer\AppData\Local\Akamai\netsession_win.exe"
    HKU\S-1-5-21-1256150823-49688030-3688170873-1000\...\Run: [PlayNC Launcher] => [X]
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-02-24]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
    GroupPolicy: Zasady grupy Chrome wykryto <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1436184081&a...;z=7f866140e661c701d1ed55cg1z8c4qcgfb7zee5taq
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1436184081&a...;z=7f866140e661c701d1ed55cg1z8c4qcgfb7zee5taq
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1436184081&a...;z=7f866140e661c701d1ed55cg1z8c4qcgfb7zee5taq
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1436184081&a...;z=7f866140e661c701d1ed55cg1z8c4qcgfb7zee5taq
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1436184081&a...;z=7f866140e661c701d1ed55cg1z8c4qcgfb7zee5taq
    HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1436184081&a...;z=7f866140e661c701d1ed55cg1z8c4qcgfb7zee5taq
    HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1436184081&a...;z=7f866140e661c701d1ed55cg1z8c4qcgfb7zee5taq
    HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1436184081&a...;z=7f866140e661c701d1ed55cg1z8c4qcgfb7zee5taq
    HKU\S-1-5-21-1256150823-49688030-3688170873-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1436184081&a...;z=7f866140e661c701d1ed55cg1z8c4qcgfb7zee5taq
    HKU\S-1-5-21-1256150823-49688030-3688170873-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1436184081&a...;z=7f866140e661c701d1ed55cg1z8c4qcgfb7zee5taq
    URLSearchHook: HKLM-x32 - Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files (x86)\Gossiper\prxtbGos0.dll (Conduit Ltd.)
    URLSearchHook: HKLM-x32 - PC Gear EN Generic Toolbar - {3796e649-4334-4cbf-89d3-a927554ad438} - C:\Program Files (x86)\PC_Gear_EN_Generic\prxtbPC_0.dll (Conduit Ltd.)
    URLSearchHook: HKLM-x32 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll Brak pliku
    URLSearchHook: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll Brak pliku
    URLSearchHook: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 - Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files (x86)\Gossiper\prxtbGos0.dll (Conduit Ltd.)
    URLSearchHook: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 - PC Gear EN Generic Toolbar - {3796e649-4334-4cbf-89d3-a927554ad438} - C:\Program Files (x86)\PC_Gear_EN_Generic\prxtbPC_0.dll (Conduit Ltd.)
    URLSearchHook: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 - (Brak nazwy) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - Brak pliku
    SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts...p;uid=ST3500418AS_6VMCXKRFXXXX6VMCXKRF&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=14314111...9bd57e6a812a6900632gdz2c2gez7g3g6geb4z&q={searchTerms}
    SearchScopes: HKLM-x32 -> %SearchDefender_IESearchEngineGuid% URL = hxxp://search.gboxapp.com/?q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts...p;uid=ST3500418AS_6VMCXKRFXXXX6VMCXKRF&q={searchTerms}
    SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=14314111...9bd57e6a812a6900632gdz2c2gez7g3g6geb4z&q={searchTerms}
    SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} URL = hxxp://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}
    SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2612669
    SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=14314111...9bd57e6a812a6900632gdz2c2gez7g3g6geb4z&q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=14314111...9bd57e6a812a6900632gdz2c2gez7g3g6geb4z&q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> %SearchDefender_IESearchEngineGuid% URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://do-search.com/web/?utm_source=b&ut...G6A&ts=1420373293&type=default&q={searchTerms}
    BHO: Brak nazwy -> {0124123D-61B4-456f-AF86-78C53A0790C5} -> Brak pliku
    BHO-x32: Gossiper Toolbar -> {0a452a47-c5a8-4854-a237-4b9b06b376f0} -> C:\Program Files (x86)\Gossiper\prxtbGos0.dll [2011-01-17] (Conduit Ltd.)
    BHO-x32: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll Brak pliku
    Toolbar: HKLM - Brak nazwy - {0124123D-61B4-456f-AF86-78C53A0790C5} - Brak pliku
    Toolbar: HKLM-x32 - Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files (x86)\Gossiper\prxtbGos0.dll [2011-01-17] (Conduit Ltd.)
    Toolbar: HKLM-x32 - PC Gear EN Generic Toolbar - {3796e649-4334-4cbf-89d3-a927554ad438} - C:\Program Files (x86)\PC_Gear_EN_Generic\prxtbPC_0.dll [2013-06-18] (Conduit Ltd.)
    Toolbar: HKLM-x32 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll Brak pliku
    Toolbar: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> Brak nazwy - {0A452A47-C5A8-4854-A237-4B9B06B376F0} - Brak pliku
    Toolbar: HKU\S-1-5-21-1256150823-49688030-3688170873-1000 -> Brak nazwy - {3796E649-4334-4CBF-89D3-A927554AD438} - Brak pliku
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
    FF HKU\S-1-5-21-1256150823-49688030-3688170873-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    FF HKU\S-1-5-21-1256150823-49688030-3688170873-1000\...\Firefox\Extensions: [{63ADCAB1-34B5-ACCA-7D6B-F82DDF8E706A}] - C:\Program Files (x86)\ver4BlockAndSurf\178.xpi
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\!vitruvian-autoenable.js [2015-03-11] <==== UWAGA (Linkuje do pliku *.cfg)
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\!vitruvian-csp.js [2015-03-11]
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-03-11] <==== UWAGA
    CHR HKLM-x32\...\Chrome\Extension: [hpilclpacieflhmobalmaccogiioldoo] - C:\ProgramData\TheBflix\hpilclpacieflhmobalmaccogiioldoo.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx <nie znaleziono>
    R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-06-10] (Elex do Brasil Participações Ltda)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
    R2 supmajt4pc_pl_9; C:\Users\Acer\AppData\Local\majtuto4pc_pl_9\supmajt4pc_pl_9.exe [3058024 2013-05-21] () [Brak podpisu cyfrowego]
    R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-02] () [Brak podpisu cyfrowego] <==== UWAGA
    R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-06-10] (Elex do Brasil Participações Ltda)
    R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [108616 2015-06-10] (Elex do Brasil Participações Ltda)
    R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [50944 2015-06-10] (Elex do Brasil Participações Ltda)
    R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [102416 2015-06-10] (Elex do Brasil Participações Ltda)
    R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-04-17] (Elex do Brasil Participações Ltda)
    U3 a9e2vndv; C:\Windows\System32\Drivers\a9e2vndv.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
    S3 dump_wmimmc; \??\C:\AeriaGames\WolfTeam-PL\GameGuard\dump_wmimmc.sys [X]
    S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
    2015-08-25 16:25 - 2015-08-25 16:25 - 00000000 ____D C:\Users\Acer\AppData\Roaming\Elex-tech
    2015-08-25 16:25 - 2015-04-17 04:43 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
    2015-08-25 16:11 - 2015-08-25 16:15 - 00000000 ____D C:\AdwCleaner
    2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Acer\AppData\Roaming\IYRQ
    2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Acer\AppData\Roaming\JEXJW
    2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Acer\AppData\Roaming\KTICYGE
    2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Acer\AppData\Roaming\PWJELSF
    2013-11-19 16:23 - 2014-04-01 21:07 - 0000610 _____ () C:\Users\Acer\AppData\Roaming\wklnhst.dat
    2014-09-05 22:13 - 2014-09-05 22:13 - 0616256 _____ (ClickMeIn Limited) C:\Users\Acer\AppData\Local\nspC90C.tmp
    C:\Users\Acer\jagex_runescape_preferences.dat
    C:\Users\Acer\jagex_runescape_preferences2.dat
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix.

    0