logi do sprawdzenia

Drzewko
Od najstarszego
Od najnowszego

kolobos Re: logi do sprawdzenia 12.12.14, 21:06

Uzyj deinstalator ze strony Avg do Avg.

Obok frst.exe utworz plik fixlist.txt z zawartoscia:
HKU\S-1-5-21-1010469748-1338215776-2214227889-1000\...\RunOnce: [Adobe Speed Launcher] => 1418406962
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-1010469748-1338215776-2214227889-500.bak] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Extension: BrowseStudio - C:\Users\jjks\AppData\Roaming\Mozilla\Firefox\Profiles\xm79c46g.default-1415393552133\Extensions\{770f8173-dbeb-406e-bb39-f5f1a22362d8}.xpi [2014-11-13]
2014-12-12 18:54 - 2014-11-07 21:30 - 00000000 ____D () C:\AdwCleaner
2014-11-16 08:43 - 2014-10-01 17:39 - 00000266 __RSH () C:\ProgramData\ntuser.pol
EmptyTemp:

W FRST wybierz Fix. Usun katalog C:\FRST i to wszystko.
lary264 Re: logi do sprawdzenia 15.12.14, 12:52

witam nie wiem czy pisze w dobrym wątku gdyż nigdy tego nie robiłem. Mam problem z laptopem, strasznie zamula i mam strasznie dużo reklam na przeglądarkach internetowych.
Zgodnie z instrukcjom zamieszczam logi z FRST
Addition - wklej.org/id/1558615/
FRST - wklej.org/id/1558617/
- kolobos Re: logi do sprawdzenia 15.12.14, 14:18
  
  Tylko czekalem az trafi sie "uzdolniony" uzytkownik, ktory podczepi sie pod podwieszony watek...
  
  Odinstaluj:
  ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
  Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
  YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇ?ES LTDA) <==== ATTENTION
  
  Obok frst.exe utworz plik fixlist.txt z zawartoscia:
  (Elex do Brasil Participaç?es Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
  (Elex do Brasil Participaç?es Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
  GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
  Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
  Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - No File
  Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - No File
  FF Extension: Faster Light 1.0.1 - C:\Users\Lary\AppData\Roaming\Mozilla\Firefox\Profiles\aue8wo8m.default\Extensions\{d274785e-a122-4588-b510-cd4d0fe10348}.xpi [2014-12-13]
  R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2014-12-04] (Elex do Brasil Participaç?es Ltda)
  R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [249000 2014-12-04] (Elex do Brasil Participaç?es Ltda)
  R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [99496 2014-12-04] (Elex do Brasil Participaç?es Ltda)
  R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [65704 2014-12-04] (Elex do Brasil Participaç?es Ltda)
  R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [49320 2014-11-03] (Elex do Brasil Participaç?es Ltda)
  S3 ASUSProcObsrv; \??\C:\eSupport\eDriver\I386\AsPrOb64.sys [X]
  S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
  S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
  S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
  S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
  S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
  S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
  S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
  S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
  2014-12-15 11:39 - 2014-12-15 11:39 - 00000000 ____D () C:\Users\Lary\AppData\Roaming\Elex-tech
  2014-12-15 11:38 - 2014-12-15 11:38 - 00000266 __RSH () C:\ProgramData\ntuser.pol
  2014-12-15 11:28 - 2014-12-15 11:31 - 00000000 ____D () C:\AdwCleaner
  2014-12-12 09:28 - 2014-12-12 09:28 - 00638888 _____ (Oracle Corporation) C:\Users\Lary\Downloads\jxpiinstall(2).exe
  2014-12-12 09:25 - 2014-12-12 09:25 - 00754240 _____ ( ) C:\Users\Lary\Downloads\Adobe-Shockwave-Player(13041)-dp(1).exe
  2014-12-12 09:25 - 2014-12-12 09:25 - 00638888 _____ (Oracle Corporation) C:\Users\Lary\Downloads\jxpiinstall(1).exe
  2014-12-12 09:13 - 2014-12-12 09:13 - 00754240 _____ ( ) C:\Users\Lary\Downloads\Adobe-Shockwave-Player(13041)-dp.exe
  2014-12-12 08:40 - 2014-12-12 08:41 - 05009368 _____ (Adobe Systems Inc.) C:\Users\Lary\Downloads\Shockwave_Installer_Slim(1).exe
  2014-12-05 07:50 - 2014-11-03 10:04 - 00049320 _____ (Elex do Brasil Participaç?es Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
  2014-12-05 07:49 - 2014-12-05 07:49 - 00000000 ____D () C:\Program Files (x86)\Elex-tech
  2014-11-16 21:55 - 2014-12-15 10:09 - 00000000 ____D () C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009
  2014-11-16 21:07 - 2014-11-16 21:07 - 11458112 _____ () C:\Users\Lary\Downloads\YTDSetup.exe
  EmptyTemp:
  Reboot:
  
  W FRST wybierz Fix. Usun katalog C:\FRST i to wszystko.
  - lary264 Re: logi do sprawdzenia 15.12.14, 17:19
    
    Dzięki serdeczne
    Wykonałem wg instrukcji
    Wrzucam logi z FRST tak na wszelki wypadek
    wklej.org/id/1558865/
    wklej.org/id/1558868/
    Jeszcze raz dziękuje
    - kolobos Re: logi do sprawdzenia 15.12.14, 20:00
      
      Nowe logi sa zbedne.
      - lary264 Re: logi do sprawdzenia 15.12.14, 20:52
        
        W takim razie dziękuje za pomoc

Najnowsze z forum Wirusy, trojany, spyware

Zaloguj się