Usuwanie wirusa

bocian12 · 14 Kwiecień 2014 07:37

witam , szukam pomocy najprawdopodobnie mam wirusa i nie wiem jak go usunąć a w tej dziedznie jestem laikem

Raport otl. http://www.wklejto.pl/197872

raport EXTRAS . http://www.wklejto.pl/197873

za pomoc z góry dzięki

Atis · 14 Kwiecień 2014 09:41

W panelu sterowania odinstaluj:

Yontoo 1.10.02

Bundled software uninstaller

Bonanza Deals

FilesFrog Update Checker

SearchYa! Web Search

VideoDownloadConverter Internet Explorer Toolbar

Update for Zip Opener

Movies Toolbar for Firefox

Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.

Pobierz Farbar Recovery Scan Tool 64-Bit Version

Uruchom FRST i kliknij Scan. Pokaż raport FRST i Addition.

bocian12 · 14 Kwiecień 2014 10:50

rapotr FRST. http://www.wklejto.pl/197884

RAPORT. Addition. http://www.wklejto.pl/197885

Atis · 14 Kwiecień 2014 11:18

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VideoDownloadConverter EPM Support] => "C:\PROGRA~2\VIDEOD~1\bar\2.bin\4zmedint.exe" T8EPMSUP.DLL,S
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies toolbar\safetynut\x64\safetycrt.dll [665096 2014-04-10] ()
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies toolbar\safetynut\safetycrt.dll [490504 2014-04-10] ()
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=105&systemid=473&v=a11465-200&apn_uid=2695852924264261&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=105&systemid=473&v=a11465-200&apn_uid=2695852924264261&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.certified-toolbar.com?si=41460&bs=true&tid=3223&q={searchTerms}
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=105&systemid=473&v=a11465-200&apn_uid=2695852924264261&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKCU - {608AA9AC-73E4-4A15-9C98-991ABA761D2F} URL = http://search.ividi.org/?q={searchTerms}&src=tbsp&id=a434853e000000000000000000000000&affilt=3&r=378
BHO: No Name - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - No File
BHO-x32: No Name - {11111111-1111-1111-1111-110411151154} - No File
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
FF Extension: VideoDownloadConverter - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\d5ml3vek.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com [2014-03-30]
FF Extension: Ask New Tabs - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\d5ml3vek.default\Extensions\{9572F96B-8DD3-0D00-CE9F-956955F73C86} [2014-03-26]
CHR Extension: (a2zLyrics-1) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn [2013-10-10]
CHR Extension: (iVidi Chrome Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef [2013-11-10]
CHR Extension: (No Name) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchpfiddbhbdnagofhkjlaiaejmkdcla [2013-09-26]
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\configmgrc1.cfg [36224 2014-04-10] (Somoto LTD)
S3 wlxybeao; C:\Windows\System32\Drivers\wlxybeao.sys [423240 2014-04-13] (AVAST Software)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Windows\system32\Drivers\wlxybeao.sys
C:\Users\User\reset_access.bat
C:\Users\User\definitions.txt
C:\Users\User\readme.txt
C:\Users\User\info.bat
C:\Users\User\7za.exe
C:\Users\User\Downloads\VideoDownloadConvertSetup2.5.14.83.^HJ^man000^YYA^.exe
C:\Users\User\subinacl.exe
C:\Program Files (x86)\Movies Toolbar
C:\Users\User\AppData\Local\Temp\*.exe
Task: {1485100D-2850-4CBB-ABC1-34CB61D08E52} - \BonanzaDealsLiveUpdateTaskMachineCore ATTENTION ====> No Task File
Task: {F5EE204A-DD42-4A20-A670-02007CD05C12} - System32\Tasks\{7E78E29F-6622-4219-9708-0174DB735102} => D:\s a d\GTA San Andreas\gta_sa.exe
Task: {977DF081-63BE-4F20-965C-4E1FCD701E31} - \DigitalSite ATTENTION ====> No Task File
Task: {CBECDB88-7B6C-46EE-98B3-88CFFF3217DB} - \BonanzaDealsLiveUpdateTaskMachineUA ATTENTION ====> No Task File
Task: {E27ACA4F-E687-4929-8CF3-21C673CD063D} - \ProtectedSearch\Protected Search ATTENTION ====> No Task File
Task: {ECD35083-C777-4A22-8966-A6D86415B244} - \Digital Sites ATTENTION ====> No Task File
Task: {F49C6722-EE5B-48BE-B55F-19F9F00AC06D} - \DSite ATTENTION ====> No Task File

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

bocian12 · 14 Kwiecień 2014 11:31

raport frst. http://www.wklejto.pl/197900

Atis · 14 Kwiecień 2014 11:43

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npffividiplg.dll (iVIDI.org)
C:\ProgramData\SafetyNut
C:\AdwCleaner
C:\_OTL
C:\Windows\System32\Tasks\ProtectedSearch

Uruchom FRST i kliknij Fix. Później skasuj folder C:\FRST

Pobierz TFC - Temp File Cleaner Uruchom TFC i kliknij Start.

Usuń stare punkty przywracania: Aby usunąć wszystkie punkty przywracania

Uruchom SecurityCheck i aktualizuj programy oznaczone jako Out of date

Dysk przeskanuj Malwarebytes Anti-Malware

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

http://wstaw.org/m/2014/03/25/2014-03-25_123039.png

Język PL > Settings > General Settings > Language > Polish

Przeczytaj w jaki sposób należy instalować programy: KLIK KLIK KLIK KLIK