Wyskakujące okienka z reklamami-prośba o pomoc


(Senzafondo) #1

poniżej link z OTL:

http://wklej.org/id/1423087/

oraz z Extras:

http://wklej.org/id/1423091/

Extras.Txt

OTL.Txt


(Acorus) #2

Odinstaluj McAfee Security Scan Plus,webget.Pobierz i uruchom AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Szukaj i później Usuń.

Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.

Uruchom FRST i kliknij Scan. Pokaż raport FRST i Addition.


(Senzafondo) #3

 

raport FRST:

http://wklej.org/id/1423147/

raport Addition:

http://wklej.org/id/1423149/


(Acorus) #4

Otwórz Notatnik i wklej:

Task: {F2456091-D91C-4720-A0A5-DF278FBFA863} - System32\Tasks\Yahoo! Search = C:\Users\karolina\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
HKU\S-1-5-21-2593621946-3980997215-1943864699-1000\...\Run: [Yahoo! Search] = C:\Users\karolina\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
HKU\S-1-5-21-2593621946-3980997215-1943864699-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2593621946-3980997215-1943864699-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-2593621946-3980997215-1943864699-1000\...\MountPoints2: {18ba3e9c-9029-11e0-80bd-00235a561e01} - F:\AutoRun.exe
HKU\S-1-5-21-2593621946-3980997215-1943864699-1000\...\MountPoints2: {308962ae-aad6-11e3-93e1-e44cf891e7b2} - F:\LGAutoRun.exe
HKU\S-1-5-21-2593621946-3980997215-1943864699-1000\...\MountPoints2: {4ed77671-a4b2-11e3-833a-a4d5e1ad578d} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-2593621946-3980997215-1943864699-1000\...\MountPoints2: {8d6e04e4-a9ab-11e1-9d7d-00235a561e01} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2593621946-3980997215-1943864699-1000\...\MountPoints2: {8d6e0546-a9ab-11e1-9d7d-00235a561e01} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2593621946-3980997215-1943864699-1000\...\MountPoints2: {8d6e0551-a9ab-11e1-9d7d-00235a561e01} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2593621946-3980997215-1943864699-1000\...\MountPoints2: {da27dc82-660f-11e2-ae8f-00235a561e01} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2593621946-3980997215-1943864699-1000\...\MountPoints2: {da27dcd6-660f-11e2-ae8f-001e101ffe17} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2593621946-3980997215-1943864699-1000\...\MountPoints2: {da27dce1-660f-11e2-ae8f-001e101fc33c} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2593621946-3980997215-1943864699-1000\...\MountPoints2: {dbd790b6-4b8f-11e2-91ca-00235a561e01} - F:\AutoRun.exe /s
SearchScopes: HKLM - DefaultScope value is missing.
R1 {55685567-4840-4a91-962b-49a412e9485a}Gt; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gt.sys [55224 2014-05-27] (StdLib)
R1 {55685567-4840-4a91-962b-49a412e9485a}t; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}t.sys [55224 2014-06-12] (StdLib)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
2014-07-23 12:45 - 2014-07-23 12:47 - 00000000 ____ D () C:\AdwCleaner
2014-06-24 22:04 - 2014-06-24 22:04 - 00721592 _____ (Elex do Brasil Participações Ltda) C:\Users\karolina\Downloads\yet_another_cleaner_mat.exe
CMD: del /f /s /q %TEMP%\*.*

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Senzafondo) #5

zrobione

wszystko czy coś jeszcze?:slight_smile:

dzieki serdeczne za pomoc


(Acorus) #6

Skasuj folder C:\FRST