Witam wszystkich!
Mam problem, nie instalowałem nic na kompie a dzisiaj po włączeniu przeglądarki mam wszędzie tyle reklam że można oszaleć… Używam admunchera ale on tego wogóle nie blokuje… Próbowałem adwcleanera, nic nie widzi…
Witam wszystkich!
Mam problem, nie instalowałem nic na kompie a dzisiaj po włączeniu przeglądarki mam wszędzie tyle reklam że można oszaleć… Używam admunchera ale on tego wogóle nie blokuje… Próbowałem adwcleanera, nic nie widzi…
Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.
Odinstaluj Spybot - Search & Destroy,YAC(Yet Another Cleaner!).Otwórz notatnik systemowy i wklej:
Task: {1266C8CE-67FF-4B6C-B91D-769CC4C338CE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system = C:\Program Files (x86)\Spybot - Search amp; Destroy 2\SDScan.exe
Task: {4252BF96-73E4-406E-91A2-80956573D912} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization = C:\Program Files (x86)\Spybot - Search amp; Destroy 2\SDImmunize.exe
Task: {E98E5576-B08D-491C-8797-2A5C636FA887} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates = C:\Program Files (x86)\Spybot - Search amp; Destroy 2\SDUpdate.exe
HKLM-x32\...\Run: [GrooveMonitor] = C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1215762617-548569583-2457175153-1000\...\Run: [Spybot-SD Cleaning] = C:\Program Files (x86)\Spybot - Search Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\dtlite.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ifrmewrk.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\imfrmwrk.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\itfrmwrk.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\rgsclauncher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\sptdinst-x64.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [00avast] - {472083B0-C522-11CF-8763-00608CC02F24} = No File
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
SearchScopes: HKLM - DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 - DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}type=dsfrom=yacuid=wdcxwd7500bpvt-75a1yt0_wxl1cb1h4349cb1h4349ts=1423411201
SearchScopes: HKLM-x32 - {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}type=dsfrom=yacuid=wdcxwd7500bpvt-75a1yt0_wxl1cb1h4349cb1h4349ts=1423411201
SearchScopes: HKU\.DEFAULT - DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}type=dsfrom=yacuid=wdcxwd7500bpvt-75a1yt0_wxl1cb1h4349cb1h4349ts=1423411201
SearchScopes: HKU\.DEFAULT - {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}type=dsfrom=yacuid=wdcxwd7500bpvt-75a1yt0_wxl1cb1h4349cb1h4349ts=1423411201
SearchScopes: HKU\S-1-5-19 - DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}type=dsfrom=yacuid=wdcxwd7500bpvt-75a1yt0_wxl1cb1h4349cb1h4349ts=1423411201
SearchScopes: HKU\S-1-5-19 - {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}type=dsfrom=yacuid=wdcxwd7500bpvt-75a1yt0_wxl1cb1h4349cb1h4349ts=1423411201
SearchScopes: HKU\S-1-5-20 - DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}type=dsfrom=yacuid=wdcxwd7500bpvt-75a1yt0_wxl1cb1h4349cb1h4349ts=1423411201
SearchScopes: HKU\S-1-5-20 - {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}type=dsfrom=yacuid=wdcxwd7500bpvt-75a1yt0_wxl1cb1h4349cb1h4349ts=1423411201
SearchScopes: HKU\S-1-5-21-1215762617-548569583-2457175153-1000 - DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}type=dsfrom=yacuid=wdcxwd7500bpvt-75a1yt0_wxl1cb1h4349cb1h4349ts=1423411201
SearchScopes: HKU\S-1-5-21-1215762617-548569583-2457175153-1000 - {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}type=dsfrom=yacuid=wdcxwd7500bpvt-75a1yt0_wxl1cb1h4349cb1h4349ts=1423411201
Toolbar: HKU\S-1-5-21-1215762617-548569583-2457175153-1000 - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [120128 2015-01-19] (Elex do Brasil Participações Ltda)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [249000 2015-01-19] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45224 2015-01-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [99496 2015-01-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [42152 2015-01-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [93352 2015-01-19] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-01-03] (Elex do Brasil Participações Ltda)
S3 cpuz136; \\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-02-08 16:58 - 2015-02-08 16:58 - 00001902 _____ () C:\Users\Public\Desktop\YAC.lnk
2015-02-08 16:58 - 2015-02-08 16:58 - 00000000 ____ D () C:\Windows\system32\log
2015-02-08 16:58 - 2015-02-08 16:58 - 00000000 ____ D () C:\Users\Robo\AppData\Roaming\Elex-tech
2015-02-08 16:58 - 2015-02-08 16:58 - 00000000 ____ D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2015-02-08 16:58 - 2015-02-08 16:58 - 00000000 ____ D () C:\Program Files (x86)\Elex-tech
2015-02-08 16:58 - 2015-01-19 12:04 - 00045224 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-02-08 16:58 - 2015-01-03 09:57 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-02-08 16:54 - 2015-02-08 17:00 - 00000000 ____ D () C:\Users\Robo\AppData\Roaming\eCyber
2015-02-08 16:53 - 2015-02-08 16:54 - 02213088 _____ (Elex do Brasil Participações Ltda) C:\Users\Robo\Downloads\yet_another_cleaner_sk.exe
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Dalej to samo… AdwCleaner nic nie znalazł ;/
Dodam że jak kliknę na rolkę od myszki to otwiera mi nową stronę i coś w stylu wygrałeś ipada…
Na IE brak tego syfu…
Odinstalowałem chroma i zainstalowałem na nowo. Jak narazie odpukać działa
Skasuj folder C:\FRST
Trzeba go było tylko zresetować.