Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Pojawiają sie niechciane strony - logi OTL FRST64

GiiboN 05 Lis 2016 16:09 495 9
  • #2 05 Lis 2016 16:13
    GiiboN
    Poziom 3  

    GiiboN napisał:
    Pomożecie ? :(


    Mam jakiś Program YAC nie da rady go usunąć ...

    0
  • Pomocny post
    #3 05 Lis 2016 16:47
    Acorus 20
    Spec od komputerów

    Odinstaluj Smileys We Love Toolbar for IE, UpdateChecker, YAC(Yet Another Cleaner!). Otwórz notatnik systemowy i wklej:

    Cytat:
    CloseProcesses:
    Task: {3FD4B9BD-D16E-4051-A424-F1EFD64B3200} - \Anaqeght Builder -> Brak pliku <==== UWAGA
    Task: {8ABC049B-15B2-4615-B10A-39AAFCCF5603} - \SetmikeUpdateTaskMachineUA -> Brak pliku <==== UWAGA
    Task: {9D1912DE-82CE-4E65-ACC6-A8C981030517} - System32\Tasks\SetmikeUpdateTaskMachineCore => C:\Program Files (x86)\Setmike\Update\SetmikeUpdate.exe <==== UWAGA
    Hosts:
    MSCONFIG\startupreg: Video Performer63615.exe => "C:\Users\Home\AppData\Local\Temp\Video Performer63615.exe" /XML="C:\Users\Home\AppData\Local\Temp\648C.tmp" /STP=0:2
    HKU\S-1-5-21-3580686813-3719035558-2041652506-1000\...\Policies\Explorer: []
    HKU\S-1-5-21-3580686813-3719035558-2041652506-1000\...\MountPoints2: {77f2fb0f-f3b5-11e4-96ca-3085a94621c2} - H:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3580686813-3719035558-2041652506-1000\...\MountPoints2: {ad8f1a75-5463-11e5-89be-3085a94621c2} - I:\DPFMate.exe
    HKU\S-1-5-21-3580686813-3719035558-2041652506-1000\...\MountPoints2: {c6418ef3-ed32-11e5-8688-3085a94621c2} - H:\Startme.exe
    HKU\S-1-5-21-3580686813-3719035558-2041652506-1000\...\MountPoints2: {f6c20c16-6ba3-11e3-8625-3085a94621c2} - G:\Startme.exe
    HKU\S-1-5-21-3580686813-3719035558-2041652506-1000\...\MountPoints2: {ff44ce0c-8771-11e3-8753-3085a94621c2} - G:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
    HKLM\...\Providers\9mcn49b2: C:\Program Files (x86)\\local64spl.dll
    HKLM\...\Providers\dnf1am2g: C:\Program Files (x86)\\local64spl.dll
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
    AutoConfigURL: [S-1-5-21-3580686813-3719035558-2041652506-1000] => hxxp://stoppblock.org/wpad.dat?367ae0d9dacc682589d374bdcf31437213912473
    ManualProxies: 0hxxp://stoppblock.org/wpad.dat?367ae0d9dacc682589d374bdcf31437213912473
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =




    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3580686813-3719035558-2041652506-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
    SearchScopes: HKU\S-1-5-21-3580686813-3719035558-2041652506-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
    BHO: SmileysWeLoveToolbar -> {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} -> C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader64.dll => Brak pliku
    Toolbar: HKLM - SmileysWeLove - {CF0F43AB-9C23-4D7B-8040-201B82844854} - C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader64.dll Brak pliku
    Toolbar: HKLM-x32 - SmileysWeLove - {CF0F43AB-9C23-4D7B-8040-201B82844854} - C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader.dll Brak pliku
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Brak pliku
    FF DefaultSearchEngine: Mozilla\Firefox\Profiles\taq3z7ta.default -> nice
    FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\taq3z7ta.default -> nice
    FF SelectedSearchEngine: Mozilla\Firefox\Profiles\taq3z7ta.default -> nice
    FF Homepage: Mozilla\Firefox\Profiles\taq3z7ta.default -> hxxp://www.nicesearches.com?type=hp&ts=14...;z=57abab0bf2cafa61d39125fgfz6m1bcefc5eeo2wbo
    FF NewTab: Mozilla\Firefox\Profiles\taq3z7ta.default -> hxxp://www.nicesearches.com?type=hp&ts=14...;z=57abab0bf2cafa61d39125fgfz6m1bcefc5eeo2wbo
    FF DefaultSearchEngine: Firefox\Firefox\Profiles\taq3z7ta.default -> nice
    FF SearchEngineOrder.1: Firefox\Firefox\Profiles\taq3z7ta.default -> nice
    FF SelectedSearchEngine: Firefox\Firefox\Profiles\taq3z7ta.default -> nice
    FF Homepage: Firefox\Firefox\Profiles\taq3z7ta.default -> hxxp://www.searchinme.com/?type=hp&ts=147...uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S037482874828
    FF SearchPlugin: C:\Users\Home\AppData\Roaming\Firefox\Firefox\Profiles\taq3z7ta.default\searchplugins\searchinme.xml [2016-10-21]
    CHR DefaultProfile: lejutplovshprohey
    CHR HomePage: lejutplovshprohey -> hxxp://www.nicesearches.com?type=hp&ts=14...;z=3ed22fe9e830adac5c232f0g3zdmacbg5mac2b8b4w
    CHR StartupUrls: lejutplovshprohey -> "hxxp://www.nicesearches.com?type=hp&ts=1473173874&from=4a200902&uid=wdcxwd10ezex-00rkka0_wd-wmc1s037482874828&z=3ed22fe9e830adac5c232f0g3zdmacbg5mac2b8b4w"
    CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\lejutplovshprohey [2016-11-05] <==== UWAGA
    R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [131024 2016-08-19] (Elex do Brasil Participações Ltda)
    S2 FirefoxU; "C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe" [X]
    R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-10] (AVG Technologies)
    R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda)
    S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-23] (Elex do Brasil Participações Ltda)
    R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda)
    R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda)
    R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
    U3 a2sdvsih; C:\Windows\System32\Drivers\a2sdvsih.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
    2016-11-02 18:34 - 2016-11-02 19:25 - 00000002 _____ C:\END
    2016-10-28 20:46 - 2016-10-28 20:46 - 00000000 ____D C:\Users\Home\AppData\Roaming\Elex-tech
    2016-10-28 20:46 - 2016-10-28 20:46 - 00000000 ____D C:\ProgramData\UvConverter
    2016-10-28 20:46 - 2016-10-28 20:46 - 00000000 ____D C:\ProgramData\ehaeh
    2016-10-28 20:46 - 2016-10-28 20:46 - 00000000 ____D C:\Program Files (x86)\Elex-tech
    2016-10-28 20:46 - 2016-05-23 03:41 - 00055056 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
    2016-10-28 20:46 - 2016-05-19 07:42 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
    2016-10-28 20:45 - 2016-10-28 20:46 - 00000000 ____D C:\ProgramData\QQBrowser
    2016-10-28 20:45 - 2016-10-28 20:45 - 00000000 ____D C:\ProgramData\ttff
    2016-10-25 18:24 - 2016-10-25 18:25 - 46524600 _____ C:\Users\Home\Downloads\Firefox-13108-dp.exe
    2016-10-21 20:48 - 2016-10-21 20:48 - 00000000 ____D C:\ProgramData\ibeib
    2016-10-21 20:46 - 2016-10-21 20:46 - 00000000 ____D C:\ProgramData\chuvc
    2016-10-21 20:46 - 2016-10-21 20:46 - 00000000 ____D C:\ProgramData\BaofengUpdate_U
    2016-10-18 20:50 - 2016-10-28 00:12 - 00000000 ____D C:\AdwCleaner
    2016-10-16 17:36 - 2016-10-16 17:37 - 01190144 _____ (Tefasahofi ) C:\Users\Home\Downloads\Firefox-13108-dp.exe.citrioDownload
    2016-08-07 11:42 - 2016-08-07 11:42 - 7129600 _____ () C:\Users\Home\AppData\Roaming\agent.dat
    2016-08-07 11:42 - 2016-08-07 11:42 - 0054272 _____ () C:\Users\Home\AppData\Roaming\ApplicationHosting.dat
    2016-08-07 11:42 - 2016-08-07 11:42 - 0070752 _____ () C:\Users\Home\AppData\Roaming\Config.xml
    2016-06-28 02:12 - 2016-06-28 02:12 - 0314434 ____N () C:\Users\Home\AppData\Roaming\EYapp.apk
    2016-08-07 11:42 - 2016-08-07 11:42 - 0072824 _____ () C:\Users\Home\AppData\Roaming\Icelight.tst
    2016-08-07 11:42 - 2016-08-07 11:42 - 0018432 _____ () C:\Users\Home\AppData\Roaming\InstallationConfiguration.xml
    2016-08-07 11:42 - 2016-08-07 11:42 - 0138240 _____ () C:\Users\Home\AppData\Roaming\Installer.dat
    2016-08-07 11:42 - 2016-08-07 11:42 - 0126464 _____ () C:\Users\Home\AppData\Roaming\lobby.dat
    2016-08-07 11:42 - 2016-08-07 11:42 - 0018432 _____ () C:\Users\Home\AppData\Roaming\Main.dat
    2016-08-07 11:42 - 2016-08-07 11:42 - 0005568 _____ () C:\Users\Home\AppData\Roaming\md.xml
    2016-08-07 11:42 - 2016-08-07 11:42 - 0126464 _____ () C:\Users\Home\AppData\Roaming\noah.dat
    2016-08-07 11:42 - 2016-08-07 11:42 - 1906116 _____ () C:\Users\Home\AppData\Roaming\Ontoity.tst
    C:\Users\Home\TeamSpeak3-Client-win32-3-0-8-1.exe
    EmptyTemp:



    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    0
  • #5 06 Lis 2016 09:31
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    BHO-x32: SmileysWeLoveToolbar -> {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} -> C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader.dll => Brak pliku
    FF DefaultSearchEngine: Mozilla\Firefox\Profiles\taq3z7ta.default -> nice
    FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\taq3z7ta.default -> nice
    FF SelectedSearchEngine: Mozilla\Firefox\Profiles\taq3z7ta.default -> nice
    FF Homepage: Mozilla\Firefox\Profiles\taq3z7ta.default -> hxxp://www.nicesearches.com?type=hp&ts=14...;z=57abab0bf2cafa61d39125fgfz6m1bcefc5eeo2wbo
    FF NewTab: Mozilla\Firefox\Profiles\taq3z7ta.default -> hxxp://www.nicesearches.com?type=hp&ts=14...;z=57abab0bf2cafa61d39125fgfz6m1bcefc5eeo2wbo
    S2 UvConverter; "C:\ProgramData\UvConverter\UvConverter.exe" {2C8E8C85-942B-451C-8243-97A089265577} [X]
    U3 au4i07jh; C:\Windows\System32\Drivers\au4i07jh.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder)
    S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
    S1 iSafeNetFilter; system32\DRIVERS\iSafeNetFilter.sys [X]
    2016-10-11 12:21 - 2016-10-16 09:25 - 00000000 ____D C:\Users\Home\AppData\Roaming\aMule
    2016-10-09 10:24 - 2016-10-09 10:24 - 00000000 ____D C:\Users\Home\AppData\Local\Gunone
    2016-10-09 10:23 - 2016-10-09 10:23 - 00000000 ____D C:\Program Files (x86)\UvConverter
    2016-10-09 09:48 - 2016-10-09 09:50 - 00000000 ____D C:\Program Files (x86)\hc5a2bhg


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Odinstaluj Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals)
    Reset Chrome: https://support.google.com/chrome/answer/3296214?hl=pl
    Menu Pomoc > Informacje dla pomocy technicznej > Odśwież program Firefox.

    0
  • Pomocny post
    #7 06 Lis 2016 10:09
    Acorus 20
    Spec od komputerów

    Pokaż nowy raport z FRST bez Addition i Shortcut.

    0
  • #10 06 Lis 2016 12:51
    GiiboN
    Poziom 3  

    Dzięki stary za pomoc :) jest póki co ok w razie w odezwę się dzięki wielkie :)

    0