Http://utils.cdneurope.com/js/mo.js?


(Kamil 002) #1

Witam przy uzywaniu firefoxa avast pokazuje mi zarazenie ze strony podanej w temacie.

Uzylem AdwCleanera ( skanuj-usun) ale nadal wyskakuje zarazenie.

Skan Malvarebytem i Dr.Web tez robilem i nie pomoglo i nie wiem co dalej.

Dodaje Logi z OTL

Extras.Txt

OTL.Txt


(Acorus) #2

Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.


(Kamil 002) #3

Prosze bardzo

 

 

FRST.txt

Addition.txt


(Acorus) #4

Odinstaluj Akamai NetSession Interface.Otwórz Notatnik i wklej:

Task: {C034BC48-1CE6-48E0-8D45-8F608D1B5A16} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3166035305-549744606-1486784859-1000Core = C:\Users\Kamil.Kamil-HP\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-13] (Facebook Inc.)
Task: {D5CBE89E-1F8F-4D55-A679-F9311F0E5076} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3166035305-549744606-1486784859-1000UA = C:\Users\Kamil.Kamil-HP\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-13] (Facebook Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3166035305-549744606-1486784859-1000Core.job = C:\Users\Kamil.Kamil-HP\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3166035305-549744606-1486784859-1000UA.job = C:\Users\Kamil.Kamil-HP\AppData\Local\Facebook\Update\FacebookUpdate.exe
HKU\S-1-5-21-3166035305-549744606-1486784859-1000\...\Run: [Facebook Update] = C:\Users\Kamil.Kamil-HP\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-13] (Facebook Inc.)
HKU\S-1-5-21-3166035305-549744606-1486784859-1000\...\Run: [Akamai NetSession Interface] = C:\Users\Kamil.Kamil-HP\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} = No File
ShellIconOverlayIdentifiers: DropboxExt2 - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} = No File
ShellIconOverlayIdentifiers: DropboxExt3 - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} = No File
ShellIconOverlayIdentifiers: DropboxExt4 - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} = No File
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - 4DDE9123EA114B8486E5F6896A8D2072 URL = http://www2.delta-search.com/?q={searchTerms}affID=120519tt=gc_babsrc=SP_ssmntrId=B44A74DE2BF663FA
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {49B8C750-6E16-4154-A672-147B687054DA} URL = http://websearch.ask.com/redirect?client=ietb=ORJo=100000027src=kwq={searchTerms}locale=en_EUapn_ptnrs=U3apn_dtid=OSJ000YYBEapn_uid=B51CA7F5-CBFE-4F51-8676-BD8AB5394DFAapn_sauid=9847B31E-122A-49D5-9159-F13CE2915D1B
SearchScopes: HKCU - {A30CA945-A416-4898-B549-289CE35E2312} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8tag=hp-uk3-vsb-21link%5Fcode=qsindex=apsfield-keywords={searchTerms}
SearchScopes: HKCU - {A385AB70-84B9-47F3-B77F-398B860F3B63} URL = http://search.softonic.com/INF00229/tb_v1?q={searchTerms}SearchSource=4cc=mi=b44a37f700000000000074de2bf663fatoi=16069r=509
BHO-x32: No Name - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - No Name - {8dcb7100-df86-4384-8842-8fa844297b3f} - No File
FF SearchPlugin: C:\Users\Kamil.Kamil-HP\AppData\Roaming\Mozilla\Firefox\Profiles\ytm92ago.default-1352603981615\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Kamil.Kamil-HP\AppData\Roaming\Mozilla\Firefox\Profiles\ytm92ago.default-1352603981615\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Kamil.Kamil-HP\AppData\Roaming\Mozilla\Firefox\Profiles\ytm92ago.default-1352603981615\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Kamil.Kamil-HP\AppData\Roaming\Mozilla\Firefox\Profiles\ytm92ago.default-1352603981615\searchplugins\softonic.xml
FF Extension: Site Finder - C:\Users\Kamil.Kamil-HP\AppData\Roaming\Mozilla\Firefox\Profiles\ytm92ago.default-1352603981615\Extensions\sitefinder@sitefinder.com [2014-04-23]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-07-08]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
CHR StartupUrls: "hxxp://search.softonic.com/INF00229/tb_v1?SearchSource=48cc=mi=b44a37f700000000000074de2bf663fatoi=16069"
CHR DefaultSearchKeyword: softonic
CHR DefaultSearchProvider: Search the web (Softonic)
CHR DefaultSearchURL: http://search.softonic.com/INF00229/tb_v1?q={searchTerms}SearchSource=49cc=mi=b44a37f700000000000074de2bf663fatoi=16069
S3 BRDriver64; \\C:\programdata\bitraider\BRDriver64.sys [X]
S3 EagleX64; \\C:\Windows\system32\drivers\EagleX64.sys [X]
2014-07-08 12:56 - 2014-07-08 13:06 - 00000000 ____ D () C:\AdwCleaner
2014-06-11 19:40 - 2014-06-11 19:40 - 00000000 ____ D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 19:40 - 2014-06-11 19:40 - 00000000 ____ D () C:\Program Files\McAfee Security Scan
2014-07-08 14:21 - 2014-07-08 14:11 - 00000000 ____ D () C:\Users\Kamil.Kamil-HP\Doctor Web
C:\Users\Kamil\AppData\Local\Temp\*.exe
C:\Users\Kamil\AppData\Local\Temp\*.dll
C:\Users\Kamil.Kamil-HP\AppData\Local\Temp\*.exe
C:\Users\Kamil.Kamil-HP\AppData\Local\Temp\*.dll

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Kamil 002) #5

Serdecznie dziekuje za pomoc w naprawie tego irytujacego problemu.

Juz wszystko dziala, temat do zamkniecia.


(Acorus) #6

Skasuj folder C:\FRST

Użyj http://www.bleepingcomputer.com/download/tfc/ (uruchom TFC i kliknij Start).


(Kamil 002) #7

Zrobione.