Witam,
Od jakiegoś czasu mam problem z reklamami, które wyskakują mi podczas przeglądania internetu. Kaspersky IS 2013 wykrywa coś co jakiś czas i usuwa, ale nic to nie zmienia. Bardzo utrudnia to korzystanie z internetu
Proszę o pomoc i zamieszczam logi.
OLT.txt
Extras.txt
FRST.txt
Addition.txt
Pozdrawiam
Odinstaluj CommonShare,MyBestOffersToday 008.26.Pobierz i uruchom AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Szukaj i później Usuń.
Pokaż nowe logi z FRST.
Otwórz notatnik systemowy i wklej:
Hosts:
Task: {9178DB36-213D-4C02-9275-B08F030EF4BD} - \RWUAA No Task File ==== ATTENTION
Task: {B21F69EC-D544-4A25-BC3A-2A48E88F27F9} - \OUYETZ No Task File ==== ATTENTION
Task: C:\Windows\Tasks\OUYETZ.job = C:\Users\User\AppData\Roaming\OUYETZ.exe ==== ATTENTION
Task: C:\Windows\Tasks\RWUAA.job = C:\Users\User\AppData\Roaming\RWUAA.exe ==== ATTENTION
HKLM\...\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mbot_pl_26] = [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Extension: CinemaHd For Pro 2.4cV18.01 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\drv7wlwf.default\Extensions\OIBMBKA115048682@HYKFIU97176590.com [2015-01-19]
CHR Extension: (CinemaHd For Pro 2.4cV18.01) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb [2015-01-19]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
S3 cpuz137; \\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X]
U2 DriverService; No ImagePath
S3 GPUZ; \\C:\Windows\TEMP\GPUZ.sys [X]
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
2015-01-20 12:45 - 2015-01-20 12:46 - 00000000 ____ D () C:\AdwCleaner
2015-01-19 09:45 - 2015-01-20 12:48 - 00001334 _____ () C:\Windows\Tasks\OUYETZ.job
2015-01-19 09:45 - 2015-01-20 12:48 - 00001332 _____ () C:\Windows\Tasks\RWUAA.job
2015-01-19 09:45 - 2015-01-19 20:47 - 00000000 ____ D () C:\Program Files (x86)\CinemaHd For Pro 2.4cV18.01
2015-01-19 09:45 - 2015-01-19 09:45 - 00000000 ____ D () C:\Program Files (x86)\0098e75b-fa50-4577-a45f-72bd9b7aefd5
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Zrobione. Czy wrzucić jeszcze jakieś logi, czy to wszystko?
Jak wszystko gra to skasuj folder C:\FRST