proszę o pomoc od jakiegoś czasu zasypują mnie reklamy Brought by Wa prosze pomoszciemi bo juz nie mam siły na to
Kto Ci pozwolił dodać logi w postaci załączników?
http://forum.dobreprogramy.pl/regulamin-dzia%C5%82u-bezpiecze%C5%84stwo-t503173/
przepraszam ale nie wiedzialem ze nie mozna tego robic
Odinstaluj YAC(Yet Another Cleaner!).Otwórz notatnik systemowy i wklej:
CloseProcesses:
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-27] (Realtek Semiconductor)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1435570265&z=1deba33010f8c211b621871gdzecfw1w2mce5o9wag&from=cor&uid=ST500LT012-1DG142_W3P220H2XXXXW3P220H2&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1435570265&z=1deba33010f8c211b621871gdzecfw1w2mce5o9wag&from=cor&uid=ST500LT012-1DG142_W3P220H2XXXXW3P220H2&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1435570265&z=1deba33010f8c211b621871gdzecfw1w2mce5o9wag&from=cor&uid=ST500LT012-1DG142_W3P220H2XXXXW3P220H2&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1435570265&z=1deba33010f8c211b621871gdzecfw1w2mce5o9wag&from=cor&uid=ST500LT012-1DG142_W3P220H2XXXXW3P220H2&q={searchTerms}
HKU\S-1-5-21-446445450-3165206308-2323617350-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-446445450-3165206308-2323617350-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-446445450-3165206308-2323617350-1001 -> {001EF3F8-75C9-4298-B67A-AE717409453B} URL =
FF DefaultSearchEngine: istartsurf
FF SelectedSearchEngine: istartsurf
FF SearchPlugin: C:\Users\Karola\AppData\Roaming\Mozilla\Firefox\Profiles\6jsx5lcf.default\searchplugins\istartsurf.xml [2015-07-15]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-04-30]
FF Extension: Default SearchProtected - C:\Users\Karola\AppData\Roaming\Mozilla\Firefox\Profiles\6jsx5lcf.default\Extensions\defsearchp@gmail.com.xpi [2015-07-14]
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Karola\AppData\Roaming\Mozilla\Firefox\Profiles\6jsx5lcf.default\extensions\sweetsearch@gmail.com
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-04-16] (Elex do Brasil Participações Ltda)
S2 vToolbarUpdater18.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [X]
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-05-14] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [53568 2015-04-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [108616 2015-04-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [50944 2015-04-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2015-07-01] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-04-14] (Elex do Brasil Participações Ltda)
2015-07-01 20:37 - 2015-07-01 20:37 - 00001886 _____ C:\ProgramData\Microsoft\Windows\Start Menu\YAC.lnk
2015-07-01 20:37 - 2015-07-01 20:37 - 00001880 _____ C:\Users\Public\Desktop\YAC.lnk
2015-07-01 20:37 - 2015-07-01 20:37 - 00000000 ____ D C:\Windows\system32\log
2015-07-01 20:37 - 2015-07-01 20:37 - 00000000 ____ D C:\Users\Karola\AppData\Roaming\Elex-tech
2015-07-01 20:37 - 2015-07-01 20:37 - 00000000 ____ D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2015-07-01 20:37 - 2015-07-01 20:37 - 00000000 ____ D C:\Program Files (x86)\Elex-tech
2015-07-01 20:37 - 2015-04-16 10:55 - 00053568 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-07-01 20:37 - 2015-04-14 11:01 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
zrobiłem tak jak mówiłeś chyba wszystko już jest ok
frst http://www.wklej.org/id/1758196/
addition http://www.wklej.org/id/1758200/
Otwórz notatnik systemowy i wklej:
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S2 wasvc_1.10.0.19; "C:\Program Files (x86)\WordAnchor_1.10.0.19\Service\wasvc.exe" [X]
2015-07-16 21:56 - 2015-07-16 21:58 - 00000000 ____ D C:\AdwCleaner
DeleteQuarantine:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
I po co te nowe logi?
tak dla zasady żebyś zobaczył czy już wszystko ok jakoś dużo ludzi tu jest przewrazliwionych ale spoko dziękuje za pomoc pozdrawiam