x-kom hosting

wirus http://cr2.gogorithm.com

bartek_p12
utworzono
utworzono

Witam wyskakuje mi same okno w internecie o tej nazwie co w tytule to jest jakas strona żeby wyleczyć komputer... wyskakują bez opamietania czasami po 10 sztuk sie nazbiera i komp muli... nie wiem jak to usunac. proszę o pomoc z góry dziekuje i pozdrawiam

slivero
komentarz
komentarz

Użyj programu ADWCleaner .

 

Wybierz skanuj a jak już skończy się proces skanowania wybierz usuń .

bartek_p12
komentarz
komentarz

niestety ale dalej wyskakuja... poczatek to cr2... prosze o pmoc

pawel315
komentarz
komentarz

Podaj log z FRST

bartek_p12
komentarz
komentarz

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by user (administrator) on USER-KOMPUTER on 09-09-2014 20:19:33
Running from C:\Users\user\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Redefine Sp z o.o.) C:\Program Files (x86)\ipla\ipla.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Redefine Sp z o.o.) C:\Program Files (x86)\ipla\iplabrowser.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-05] (IDT, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1143437768-3705706729-3898712085-1000\...\Run: [BlackBerryLink.exe] => "C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe" /minimize
HKU\S-1-5-21-1143437768-3705706729-3898712085-1000\...\Run: [IPLA!] => C:\Program Files (x86)\ipla\ipla.exe [21421664 2014-08-12] (Redefine Sp z o.o.)
HKU\S-1-5-21-1143437768-3705706729-3898712085-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1143437768-3705706729-3898712085-1000\...\MountPoints2: H - H:\setup.exe
HKU\S-1-5-21-1143437768-3705706729-3898712085-1000\...\MountPoints2: {e7359850-1b23-11e4-b1af-806e6f6e6963} - G:\setup.exe
HKU\S-1-5-21-1143437768-3705706729-3898712085-1000\...\MountPoints2: {e7359851-1b23-11e4-b1af-806e6f6e6963} - H:\setup.exe
HKU\S-1-5-21-1143437768-3705706729-3898712085-1000\...\MountPoints2: {e7359852-1b23-11e4-b1af-806e6f6e6963} - I:\setup.exe
HKU\S-1-5-21-1143437768-3705706729-3898712085-1000\...\MountPoints2: {e7359853-1b23-11e4-b1af-806e6f6e6963} - J:\setup.exe
HKU\S-1-5-21-1143437768-3705706729-3898712085-1000\...\MountPoints2: {e7359854-1b23-11e4-b1af-806e6f6e6963} - K:\setup.exe
HKU\S-1-5-21-1143437768-3705706729-3898712085-1000\...\MountPoints2: {e7359856-1b23-11e4-b1af-806e6f6e6963} - M:\setup.exe
HKU\S-1-5-21-1143437768-3705706729-3898712085-1000\...\MountPoints2: {e7359857-1b23-11e4-b1af-806e6f6e6963} - N:\setup.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220140817
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220140817
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220140817
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=101&systemid=488&v=n12521-427&apn_uid=6500711160504035&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=101&systemid=488&v=n12521-427&apn_uid=6500711160504035&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=101&systemid=488&v=n12521-427&apn_uid=6500711160504035&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 83.175.144.9 83.175.144.14

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\u3165nml.default
FF NewTab: about:blank
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.wp.pl/?src01=dp220140817
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: Plus-HD-V1.9c - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\u3165nml.default\Extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [2014-08-24]
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\u3165nml.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-04]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-08-14]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-04-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET)
S2 Update Deal Keeper; "C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe" [X]
S2 Util Deal Keeper; "C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-02] (Advanced Micro Devices, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-02] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-14] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-09 20:19 - 2014-09-09 20:19 - 00009963 _____ () C:\Users\user\Downloads\FRST.txt
2014-09-09 20:18 - 2014-09-09 20:19 - 00000000 ____D () C:\FRST
2014-09-09 20:17 - 2014-09-09 20:18 - 02105344 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-09-08 21:03 - 2014-09-09 17:28 - 00002314 _____ () C:\Windows\SysWOW64\debug.log
2014-09-08 20:57 - 2014-09-08 21:23 - 00000000 ____D () C:\AdwCleaner
2014-09-08 20:56 - 2014-09-08 20:56 - 01370467 _____ () C:\Users\user\Downloads\adwcleaner_3.309.exe
2014-09-07 14:31 - 2014-09-07 14:31 - 00000000 ____D () C:\Program Files (x86)\PlayReady
2014-09-07 14:30 - 2014-09-08 21:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\ipla
2014-09-07 14:30 - 2014-09-07 14:31 - 00000000 ____D () C:\ProgramData\ipla
2014-09-07 14:30 - 2014-09-07 14:30 - 00000955 _____ () C:\Users\Public\Desktop\ipla.lnk
2014-09-07 14:30 - 2014-09-07 14:30 - 00000000 ____D () C:\ProgramData\RDRM
2014-09-07 14:30 - 2014-09-07 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla
2014-09-07 14:30 - 2014-09-07 14:30 - 00000000 ____D () C:\Program Files (x86)\ipla
2014-09-07 14:29 - 2014-09-07 14:29 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-09-07 14:29 - 2014-09-07 14:29 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-09-07 14:29 - 2014-09-07 14:29 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-09-07 14:28 - 2014-09-07 14:29 - 39124432 _____ () C:\Users\user\Downloads\iplasetup.exe
2014-09-07 12:51 - 2014-09-09 19:25 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-07 12:51 - 2014-09-07 12:51 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-07 12:51 - 2014-09-07 12:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-07 12:51 - 2014-09-07 12:51 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-07 12:50 - 2014-09-07 12:50 - 19182768 _____ (Adobe Systems Incorporated) C:\Users\user\Downloads\install_flash_player.exe
2014-09-04 17:20 - 2014-09-04 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-04 17:20 - 2014-09-04 17:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-04 17:20 - 2014-09-04 17:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-04 17:19 - 2014-09-04 17:19 - 13087456 _____ (Microsoft Corporation) C:\Users\user\Downloads\Silverlight_x64.exe
2014-08-17 10:42 - 2014-08-17 10:42 - 02733228 _____ () C:\Users\user\Downloads\SetupCloneCD5314.exe
2014-08-17 10:42 - 2014-08-17 10:42 - 00003148 _____ () C:\Windows\System32\Tasks\{9421DDDD-F38D-471C-A7E5-8737E3259CD5}
2014-08-17 10:33 - 2014-08-17 10:33 - 02733228 _____ () C:\Users\user\Downloads\SetupCloneCD_51399.exe
2014-08-17 10:27 - 2014-08-17 10:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2014-08-17 10:27 - 2014-08-17 10:27 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-08-17 10:26 - 2014-08-17 10:25 - 02734688 _____ () C:\Users\user\Downloads\SetupCloneCD.exe
2014-08-17 09:31 - 2014-08-17 09:40 - 01055716 _____ (Adobe) C:\Users\user\Downloads\install_flashplayer14x32_mssa_aaa_aih.exe
2014-08-14 21:20 - 2014-08-14 21:20 - 00000000 ____D () C:\Users\user\AppData\Local\ESET
2014-08-14 21:16 - 2014-08-14 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-08-14 21:16 - 2014-08-14 21:16 - 00000000 ____D () C:\ProgramData\ESET
2014-08-14 21:16 - 2014-08-14 21:16 - 00000000 ____D () C:\Program Files\ESET
2014-08-14 21:14 - 2014-08-14 21:15 - 71143424 _____ () C:\Users\user\Downloads\eav_nt64_plk.msi
2014-08-12 18:25 - 2014-06-10 22:49 - 00000000 ____D () C:\Users\user\Downloads\4Clubbers Summer Dance Hit Mix (2014)
2014-08-11 20:22 - 2014-08-11 20:41 - 00000000 ____D () C:\Users\user\Downloads\[Maxi-Torrents.Pl] Basen - Swimming Pool (2003) [DVDRip] [Xvid-robmar] [Lektor PL]
2014-08-11 20:21 - 2014-08-11 20:26 - 00000000 ____D () C:\Users\user\Downloads\[Maxi-Torrents.Pl] Need For Speed (2014) [LQ] [BRRip] [XviD-BiDA] [Lektor PL]
2014-08-11 20:20 - 2014-08-11 21:08 - 00000000 ____D () C:\Users\user\Downloads\[Maxi-Torrents.Pl] Inna kobieta - The Other Woman (2014) [BRRip] [XviD-BiDA] [Lektor PL]
2014-08-10 21:46 - 2014-09-01 21:14 - 00000000 ____D () C:\Users\user\Desktop\Nowy folder
2014-08-10 21:42 - 2014-08-10 21:42 - 00000000 ____D () C:\Users\user\Documents\BLACKBERRY-050A
2014-08-10 21:37 - 2014-08-10 21:37 - 00000000 ____D () C:\Users\user\Documents\BlackBerry
2014-08-10 21:36 - 2014-09-08 21:03 - 00014949 _____ () C:\ads_err.adt
2014-08-10 21:36 - 2014-09-08 21:03 - 00003072 _____ () C:\ads_err.adi
2014-08-10 21:36 - 2014-08-10 21:36 - 00004562 _____ () C:\ads_err.adm
2014-08-10 21:36 - 2014-08-10 21:36 - 00000000 ____D () C:\Users\user\AppData\Roaming\XCPCSync.OEM
2014-08-10 21:34 - 2014-08-10 21:38 - 00000000 ____D () C:\Users\user\AppData\Roaming\Research In Motion
2014-08-10 21:33 - 2014-08-10 21:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
2014-08-10 21:33 - 2014-08-10 21:33 - 00000000 ____D () C:\Users\user\AppData\Local\Research In Motion
2014-08-10 21:33 - 2014-08-10 21:33 - 00000000 ____D () C:\ProgramData\Research In Motion
2014-08-10 21:33 - 2014-08-10 21:33 - 00000000 _____ () C:\Windows\SysWOW64\out.txt
2014-08-10 21:33 - 2014-08-10 21:33 - 00000000 _____ () C:\Windows\SysWOW64\err.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-09 20:19 - 2014-09-09 20:19 - 00009963 _____ () C:\Users\user\Downloads\FRST.txt
2014-09-09 20:19 - 2014-09-09 20:18 - 00000000 ____D () C:\FRST
2014-09-09 20:18 - 2014-09-09 20:17 - 02105344 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-09-09 19:25 - 2014-09-07 12:51 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-09 19:12 - 2014-07-25 22:07 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1143437768-3705706729-3898712085-1000UA.job
2014-09-09 17:28 - 2014-09-08 21:03 - 00002314 _____ () C:\Windows\SysWOW64\debug.log
2014-09-08 22:12 - 2014-07-25 22:07 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1143437768-3705706729-3898712085-1000Core.job
2014-09-08 22:00 - 2014-07-23 11:28 - 01190629 _____ () C:\Windows\WindowsUpdate.log
2014-09-08 21:31 - 2009-07-14 06:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 21:31 - 2009-07-14 06:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 21:30 - 2011-04-12 15:21 - 00697912 _____ () C:\Windows\system32\perfh015.dat
2014-09-08 21:30 - 2011-04-12 15:21 - 00134990 _____ () C:\Windows\system32\perfc015.dat
2014-09-08 21:30 - 2009-07-14 07:13 - 01549696 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-08 21:24 - 2014-09-07 14:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\ipla
2014-09-08 21:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-08 21:24 - 2009-07-14 06:51 - 00031422 _____ () C:\Windows\setupact.log
2014-09-08 21:23 - 2014-09-08 20:57 - 00000000 ____D () C:\AdwCleaner
2014-09-08 21:23 - 2010-11-21 05:47 - 00010606 _____ () C:\Windows\PFRO.log
2014-09-08 21:03 - 2014-08-10 21:36 - 00014949 _____ () C:\ads_err.adt
2014-09-08 21:03 - 2014-08-10 21:36 - 00003072 _____ () C:\ads_err.adi
2014-09-08 21:01 - 2014-08-04 19:18 - 00000000 ____D () C:\Windows\system32\log
2014-09-08 20:56 - 2014-09-08 20:56 - 01370467 _____ () C:\Users\user\Downloads\adwcleaner_3.309.exe
2014-09-07 19:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-07 14:31 - 2014-09-07 14:31 - 00000000 ____D () C:\Program Files (x86)\PlayReady
2014-09-07 14:31 - 2014-09-07 14:30 - 00000000 ____D () C:\ProgramData\ipla
2014-09-07 14:30 - 2014-09-07 14:30 - 00000955 _____ () C:\Users\Public\Desktop\ipla.lnk
2014-09-07 14:30 - 2014-09-07 14:30 - 00000000 ____D () C:\ProgramData\RDRM
2014-09-07 14:30 - 2014-09-07 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla
2014-09-07 14:30 - 2014-09-07 14:30 - 00000000 ____D () C:\Program Files (x86)\ipla
2014-09-07 14:29 - 2014-09-07 14:29 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-09-07 14:29 - 2014-09-07 14:29 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-09-07 14:29 - 2014-09-07 14:29 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-09-07 14:29 - 2014-09-07 14:28 - 39124432 _____ () C:\Users\user\Downloads\iplasetup.exe
2014-09-07 12:51 - 2014-09-07 12:51 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-07 12:51 - 2014-09-07 12:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-07 12:51 - 2014-09-07 12:51 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-07 12:50 - 2014-09-07 12:50 - 19182768 _____ (Adobe Systems Incorporated) C:\Users\user\Downloads\install_flash_player.exe
2014-09-07 12:45 - 2014-08-02 12:25 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2014-09-04 17:20 - 2014-09-04 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-04 17:20 - 2014-09-04 17:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-04 17:20 - 2014-09-04 17:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-04 17:19 - 2014-09-04 17:19 - 13087456 _____ (Microsoft Corporation) C:\Users\user\Downloads\Silverlight_x64.exe
2014-09-01 21:14 - 2014-08-10 21:46 - 00000000 ____D () C:\Users\user\Desktop\Nowy folder
2014-08-31 22:08 - 2014-07-27 15:45 - 00000000 ____D () C:\Users\user\AppData\Roaming\Skype
2014-08-31 16:43 - 2014-07-27 15:45 - 00000000 ____D () C:\ProgramData\Skype
2014-08-31 10:39 - 2014-08-02 20:10 - 00000000 ____D () C:\Program Files (x86)\Deal Keeper
2014-08-23 16:40 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-08-17 10:44 - 2014-07-23 15:51 - 00000000 ____D () C:\Users\user\AppData\Local\Google
2014-08-17 10:42 - 2014-08-17 10:42 - 02733228 _____ () C:\Users\user\Downloads\SetupCloneCD5314.exe
2014-08-17 10:42 - 2014-08-17 10:42 - 00003148 _____ () C:\Windows\System32\Tasks\{9421DDDD-F38D-471C-A7E5-8737E3259CD5}
2014-08-17 10:33 - 2014-08-17 10:33 - 02733228 _____ () C:\Users\user\Downloads\SetupCloneCD_51399.exe
2014-08-17 10:27 - 2014-08-17 10:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2014-08-17 10:27 - 2014-08-17 10:27 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-08-17 10:25 - 2014-08-17 10:26 - 02734688 _____ () C:\Users\user\Downloads\SetupCloneCD.exe
2014-08-17 09:40 - 2014-08-17 09:31 - 01055716 _____ (Adobe) C:\Users\user\Downloads\install_flashplayer14x32_mssa_aaa_aih.exe
2014-08-15 16:27 - 2014-08-09 21:38 - 00000000 ____D () C:\Users\user\Documents\FIFA 14
2014-08-14 21:20 - 2014-08-14 21:20 - 00000000 ____D () C:\Users\user\AppData\Local\ESET
2014-08-14 21:16 - 2014-08-14 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-08-14 21:16 - 2014-08-14 21:16 - 00000000 ____D () C:\ProgramData\ESET
2014-08-14 21:16 - 2014-08-14 21:16 - 00000000 ____D () C:\Program Files\ESET
2014-08-14 21:15 - 2014-08-14 21:14 - 71143424 _____ () C:\Users\user\Downloads\eav_nt64_plk.msi
2014-08-12 17:54 - 2014-08-02 12:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\uTorrent
2014-08-11 21:08 - 2014-08-11 20:20 - 00000000 ____D () C:\Users\user\Downloads\[Maxi-Torrents.Pl] Inna kobieta - The Other Woman (2014) [BRRip] [XviD-BiDA] [Lektor PL]
2014-08-11 20:41 - 2014-08-11 20:22 - 00000000 ____D () C:\Users\user\Downloads\[Maxi-Torrents.Pl] Basen - Swimming Pool (2003) [DVDRip] [Xvid-robmar] [Lektor PL]
2014-08-11 20:26 - 2014-08-11 20:21 - 00000000 ____D () C:\Users\user\Downloads\[Maxi-Torrents.Pl] Need For Speed (2014) [LQ] [BRRip] [XviD-BiDA] [Lektor PL]
2014-08-10 21:42 - 2014-08-10 21:42 - 00000000 ____D () C:\Users\user\Documents\BLACKBERRY-050A
2014-08-10 21:38 - 2014-08-10 21:34 - 00000000 ____D () C:\Users\user\AppData\Roaming\Research In Motion
2014-08-10 21:37 - 2014-08-10 21:37 - 00000000 ____D () C:\Users\user\Documents\BlackBerry
2014-08-10 21:36 - 2014-08-10 21:36 - 00004562 _____ () C:\ads_err.adm
2014-08-10 21:36 - 2014-08-10 21:36 - 00000000 ____D () C:\Users\user\AppData\Roaming\XCPCSync.OEM
2014-08-10 21:33 - 2014-08-10 21:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
2014-08-10 21:33 - 2014-08-10 21:33 - 00000000 ____D () C:\Users\user\AppData\Local\Research In Motion
2014-08-10 21:33 - 2014-08-10 21:33 - 00000000 ____D () C:\ProgramData\Research In Motion
2014-08-10 21:33 - 2014-08-10 21:33 - 00000000 _____ () C:\Windows\SysWOW64\out.txt
2014-08-10 21:33 - 2014-08-10 21:33 - 00000000 _____ () C:\Windows\SysWOW64\err.txt

Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\user\AppData\Local\Temp\BlackBerryDeviceManager.exe
C:\Users\user\AppData\Local\Temp\BlackBerryLauncher.exe
C:\Users\user\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-09 18:43

==================== End Of Log ============================

pawel315
komentarz
komentarz

Jeszcze Addition.txt poproszę

  • Dobra wypowiedź 1
bartek_p12
komentarz
komentarz

dziekuje za pomoc:)

 

[attachment=34019:Addition.txt]

pawel315
komentarz
komentarz

Pobierz plik z załącznika, umieść go obok narzędzia [b][color=blue]FRST[/color][/b], po czym uruchom [b][color=blue]FRST[/color][/b] i kliknij w nim [b]"Fix"[/b]. Jeśli potrzebny będzie restart wyraź zgodę. Po pomyślnym wykonaniu Fixa utworzy się plik [b]fixlog.txt[/b] jego zawartość podaj na forum.

[b][color=orange]Następnie[/color][/b]
[list]
[*]Powiedz czy problem zginął[/*]
[/list]
 

bartek_p12
komentarz
komentarz

nie wiem czy to to bo nic mi nie wyskoczylo po restarcie...

 

a jeszcze odnosnie tego wirusa masz jakis pomysl jak jego sie pozbyc?

 

Ads by Plus-HD-V1.9

 

[attachment=34023:Fixlog_09-09-2014_21-26-46.txt]


i ten fix nie pomogl dalej te raklamy wyskakuja ...  moze jeszcze da sie cos zrobic?

bartek_p12
komentarz
komentarz

pomoze ktos?

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.