Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Wirus yac another cleaner

kaziutek1955 30 Mar 2016 15:03 438 2
  • Pomocny post
    #2 30 Mar 2016 15:09
    Kolobos
    Spec od komputerów

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    CloseProcesses:
    Task: {12AA8258-7AB2-46B3-8A7B-4A728572DBF0} - System32\Tasks\WinTaske => C:\Program Files (x86)\WinTaske\WinTaske\WinTaske.exe
    Task: {54B2F657-C4E8-4AC3-80E8-557FCBD7A16F} - System32\Tasks\{C3DFB35F-FB12-4833-A224-4C89D6607F38} => pcalua.exe -a "C:\Program Files (x86)\Elex-tech\YAC\uninstall.exe"
    Task: {8935B1B2-B3E0-48EC-972D-169DED9E9158} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\QQBrowser\Update\Download\90496E72185FF72F53B2E9260C5BAB0F\Update\BrowserUpdate.exe [2016-03-17] (Tencent)
    Task: {FF9E3E3F-42CB-44A2-AA30-69D7DE5A8AEB} - System32\Tasks\{D9903183-4338-4328-820B-1C177427BCC3} => pcalua.exe -a C:\Windows\Temp\7zS10E1.tmp\Offercast391_AVG_.exe -d C:\Windows\SysWOW64 -c -funnelID DF73ED8D-551E-4E5E-A0F7-73000BFC1B1A -runonce -systemmodeattempt 1 -second
    2016-03-29 14:42 - 2015-08-19 08:59 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
    2016-03-29 14:42 - 2015-06-30 04:50 - 00176976 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unrar.dll
    2016-03-29 14:42 - 2015-06-30 04:50 - 00087744 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unacev2.dll
    2016-03-29 14:42 - 2015-08-19 08:59 - 00179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
    (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
    (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
    (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
    HKU\S-1-5-21-2692965124-2499433552-3874391588-1000\...\MountPoints2: {0610da06-c1d3-11e5-903d-806e6f6e6963} - F:\InstAll.exe
    HKU\S-1-5-21-2692965124-2499433552-3874391588-1000\...\MountPoints2: {19749192-c2d0-11e5-b81a-dc85de3307dc} - G:\SETUP.EXE /AUTORUN
    HKU\S-1-5-21-2692965124-2499433552-3874391588-1000\...\MountPoints2: {e6941b70-c1dc-11e5-9e83-806e6f6e6963} - F:\Instaluj_program_PIT_PRO_2015.exe
    HKU\S-1-5-21-2692965124-2499433552-3874391588-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0610da06-c1d3-11e5-903d-806e6f6e6963} - F:\InstAll.exe
    HKU\S-1-5-21-2692965124-2499433552-3874391588-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {19749192-c2d0-11e5-b81a-dc85de3307dc} - G:\SETUP.EXE /AUTORUN
    HKU\S-1-5-21-2692965124-2499433552-3874391588-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e6941b70-c1dc-11e5-9e83-806e6f6e6963} - F:\Instaluj_program_PIT_PRO_2015.exe
    HKU\S-1-5-21-2692965124-2499433552-3874391588-1001\...\MountPoints2: {0610da06-c1d3-11e5-903d-806e6f6e6963} - F:\InstAll.exe
    HKU\S-1-5-21-2692965124-2499433552-3874391588-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0610da06-c1d3-11e5-903d-806e6f6e6963} - F:\InstAll.exe
    CHR HKU\S-1-5-21-2692965124-2499433552-3874391588-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx




    CHR HKU\S-1-5-21-2692965124-2499433552-3874391588-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
    S2 GtkFree; C:\Program Files (x86)\GtkFree\GtkFree Update\GtkFree.exe [294072 2016-01-13] ()
    C:\Program Files (x86)\GtkFree\
    R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-08-19] (Elex do Brasil Participações Ltda)
    S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [316984 2016-03-23] ()
    R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-05-14] (Elex do Brasil Participações Ltda)
    S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2015-08-19] (Elex do Brasil Participações Ltda)
    R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2015-08-19] (Elex do Brasil Participações Ltda)
    R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2015-08-19] (Elex do Brasil Participações Ltda)
    R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2015-08-19] (Elex do Brasil Participações Ltda)
    R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-06-30] (Elex do Brasil Participações Ltda)
    S3 ASUSProcObsrv; \??\F:\I386\AsPrOb64.sys [X]
    S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
    S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
    S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
    S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
    S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
    S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
    S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
    S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
    2016-03-30 13:29 - 2016-03-30 13:29 - 00003096 _____ C:\Windows\System32\Tasks\{C3DFB35F-FB12-4833-A224-4C89D6607F38}
    2016-03-29 14:42 - 2016-03-29 14:42 - 00000000 ____D C:\Users\Kaziutek\AppData\Roaming\Elex-tech
    2016-03-29 14:42 - 2016-03-29 14:42 - 00000000 ____D C:\Program Files (x86)\Elex-tech
    2016-03-29 14:42 - 2015-08-19 09:02 - 00055056 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
    2016-03-29 14:42 - 2015-06-30 04:50 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
    2016-03-24 16:44 - 2016-03-24 16:44 - 00000000 ____D C:\Users\Kaziutek\AppData\Roaming\eCyber
    2016-03-24 14:17 - 2016-03-24 14:17 - 00015236 _____ C:\Windows\System32\Tasks\WinTaske
    2016-03-24 14:17 - 2016-03-24 14:17 - 00015146 _____ C:\Windows\System32\Tasks\Browser Updater Task(Core)
    2016-03-24 14:17 - 2016-03-24 14:17 - 00000000 ____D C:\Program Files (x86)\Winsere
    2016-03-24 14:17 - 2016-03-24 14:17 - 00000000 ____D C:\Program Files (x86)\QQBrowser
    2016-03-24 14:16 - 2016-03-24 14:16 - 00000000 ____D C:\Program Files (x86)\WinTaske
    2016-03-24 16:42 - 2016-01-23 17:06 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
    EmptyTemp:

    W FRST wybierz Napraw.

    Usun katalog C:\FRST.
    Odinstaluj YAC(Yet Another Cleaner!)

    0
  • #3 30 Mar 2016 15:43
    kaziutek1955
    Poziom 2  

    Dziękuje za pomoc! :) Wszystko działa teraz jak należy. Jeszcze raz dzięki!
    Wirus yac another cleaner

    0