SafeGroup

Pełna wersja: Wirus w firefox prefs.js

Aktualnie przeglądasz uproszczoną wersję forum. Kliknij tutaj, by zobaczyć wersję z pełnym formatowaniem.

Objawy zainfekowania:
Siostra ściągnęła mi wirusa omiga.plus..
usunąłem go w większości miejsc, jednak pozostał wciąż we wspomnianym pliku.
Jak usunąć go bez usuwania tego pliku i tracenia wszystkich preferencji?

Zastosuj się do instrukcji.

Nie miałem czasu Sad

Sad

Poza tym liczyłem, że jest jakiś prostszy sposób niestety wygląda na to, że wirus zainfekował rejestr, spróbuje zrobić tego skana i zaraz wrzucić wyniki

Mozna uruchomic oba skany jednoczesnie?
Bo nie mam za dużo czasu:/

Podaje link do loga z OTL (choleradalem jako publicznie dostepne :/)

[Aby zobaczyć linki, zarejestruj się tutaj]

[Aby zobaczyć linki, zarejestruj się tutaj]

[Aby zobaczyć linki, zarejestruj się tutaj]

[Aby zobaczyć linki, zarejestruj się tutaj]

Do notatnika wklej i zapisz jako fixlist.txt

Kod:
CloseProcesses:

CreateRestorePoint:

HKU\S-1-5-21-2221867206-870365832-3413207140-1001\...0c966feabec1\InprocServer32: [Default-shell32]ATTENTION! ====> ZeroAccess?

Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskmgr.exe (Microsoft Corporation)

ProxyServer: [S-1-5-21-2221867206-870365832-3413207140-1001] => 115.108.30.55:81

ProxyServer: [S-1-5-21-2221867206-870365832-3413207140-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => 115.108.30.55:81

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

SearchScopes: HKU\S-1-5-21-2221867206-870365832-3413207140-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

SearchScopes: HKU\S-1-5-21-2221867206-870365832-3413207140-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500BEVS-22UST0_WD-WXE807D4146241462&ts=1422224847&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2221867206-870365832-3413207140-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500BEVS-22UST0_WD-WXE807D4146241462&ts=1422224847&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2221867206-870365832-3413207140-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500BEVS-22UST0_WD-WXE807D4146241462&ts=1422224847&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2221867206-870365832-3413207140-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500BEVS-22UST0_WD-WXE807D4146241462&ts=1422224847&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2221867206-870365832-3413207140-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500BEVS-22UST0_WD-WXE807D4146241462&ts=1422224847&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2221867206-870365832-3413207140-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

SearchScopes: HKU\S-1-5-21-2221867206-870365832-3413207140-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500BEVS-22UST0_WD-WXE807D4146241462&ts=1422224847&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2221867206-870365832-3413207140-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500BEVS-22UST0_WD-WXE807D4146241462&ts=1422224847&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2221867206-870365832-3413207140-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500BEVS-22UST0_WD-WXE807D4146241462&ts=1422224847&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2221867206-870365832-3413207140-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500BEVS-22UST0_WD-WXE807D4146241462&ts=1422224847&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2221867206-870365832-3413207140-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500BEVS-22UST0_WD-WXE807D4146241462&ts=1422224847&type=default&q={searchTerms}

BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)

S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

C:\Users\Acer\AppData\Roaming\PUTTY.RND

C:\Users\Acer\AppData\Local\PUTTY.RND

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{056440FD-8568-48E7-A632-72157243B55B}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{0E25DC18-9F5E-48B1-80B3-D124E81B773B}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{145B4335-FE2A-4927-A040-7C35AD3180EF}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{19352205-42B0-4690-9AA4-D7DB9AE5F259}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{1EEB5B5A-06FB-4732-96B3-975C0194EB39}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{1FDA955B-61FF-11DA-978C-0008744FAAB7}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{35B1D3BB-2D4E-4A7C-9AF0-F2F677AF7C30}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{375FF002-DD27-11D9-8F9C-0002B3988E81}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{3ABEAFC4-F48F-4517-A9B0-8AD6A94A99A1}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{3D154A2D-D911-437E-A30C-5F56A9B7081D}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{41937347-2ABA-4D4C-A4CA-6FE4F11F1BAC}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{5F6C1BA8-5330-422E-A368-572B244D3F87}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{6756A641-DE71-11D0-831B-00AA005B4383}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{6F13DD2E-EBEE-4DD5-A72E-850B2087F5DD}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{72B624DF-AE11-4948-A65C-351EB0829419}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{88D96A06-F192-11D4-A65F-0040963251E5}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{88D96A0C-F192-11D4-A65F-0040963251E5}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{896664F7-12E1-490F-8782-C0835AFD98FC}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{8D80504A-0826-40C5-97E1-EBC68F953792}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{AF02484C-A0A9-4669-9051-058AB12B9195}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{B77B1CBF-E827-44A9-A33A-6CCFEEAA142A}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{C100BEA3-D33A-4A4B-BF23-BBEF4663D017}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{C120DE80-FDE4-49F5-A713-E902EF062B8A}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{C605507B-9613-4756-9C07-E0D74321CB1E}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{C707F6A6-A1F3-45D7-99AA-A2B9491E84AD}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{C72BE2EC-8E90-452C-B29A-AB8FF1C071FC}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{D34A6CA6-62C2-4C34-8A7C-14709C1AD938}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{D3DCB472-7261-43CE-924B-0704BD730D5F}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{F61FFEC1-754F-11D0-80CA-00AA005B4383}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> No File Path

CustomCLSID: HKU\S-1-5-21-2221867206-870365832-3413207140-1001_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> No File Path

Task: {1355D4D7-0340-4C37-A223-376F97798B5C} - System32\Tasks\{A30AC876-EA2A-45EE-9AE4-58806C43EDB8} => pcalua.exe -a "C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe" -d C:\Users\Acer\Desktop

Task: {19243E48-A74D-4F42-82F3-E197A9F4A166} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {250907F9-DD9B-47CA-A356-A3228D15E56C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {82407C9B-1199-47C2-B537-244BE54E4488} - System32\Tasks\e-pity2013_styczen => C:\Program Files\e-file\e-pity2013\Assets\signxml.exe [2014-02-21] (e-file sp. z o.o.)

Task: {9524A69A-77B9-4499-BD45-6F8CE070DAF7} - System32\Tasks\e-pity2013_kwiecien => C:\Program Files\e-file\e-pity2013\Assets\signxml.exe [2014-02-21] (e-file sp. z o.o.)

Task: {CC4471CA-BE1A-4435-9DF5-97470305F4F4} - System32\Tasks\{46D0A4C6-58D4-466C-8A3D-13217956A847} => pcalua.exe -a "D:\Deluxe Ski Jump 4\Setup.exe" -d "D:\Deluxe Ski Jump 4"

Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f

CMD: netsh advfirewall reset

EmptyTemp:

Zapisany skrypt umieść obok ściągniętego programu FRST
Następnie w programie kliknij Fix,po wykonaniu pokaż raport z tego działania.

W przeglądarce Firefox

Otwórz menu w górnym rogu po prawej stronie > otwórz menu pomoc oznaczone czerwoną ramką.

[Aby zobaczyć linki, zarejestruj się tutaj]

Informacje dla pomocy technicznej > Zresetuj program Firefox. Reset nie naruszy zakładek i haseł.

Ściągnij program

[Aby zobaczyć linki, zarejestruj się tutaj]

kliknij Szukaj i następnie Usuń
Pokaż raport z niego.

Odinstaluj:
Java 7 Update 55

Zrób nowe logi i przedstaw z FRST.txt > Addition.txt,Shortcut.txt

[Aby zobaczyć linki, zarejestruj się tutaj]

niestety usunelo mi historie, mam nadzieje ze nie bede niczego z niej potrzebowal chociaz i tak nastreczylo mi to problemow.. no ale.. bezpieczenstwo przede wszystkim Smile

Smile

Było to potrzebne i zamierzone.

Zrób nowe logi o które pisałem.

ale hasla mialy zostać! (tymczasem usunelo mi wszystkie profile autofillforms :/)
frstlog

[Aby zobaczyć linki, zarejestruj się tutaj]

Nie dokonałeś resetu firefoxa jakbyś dokonał to na pewno dodatki zostaną utracone,jest to jakiś problem dla ciebie ?
Po co właściwie stosujesz to proxy które jest widoczne ?

Prosiłem też o raport z adwclenaer.
Hasła zapamiętane przez przeglądarkę nie są tracone ani przez reset przeglądarki ani przez komendę EmptyTemp:

Komenda EmptyTemp: jest stosowana też dla twojego bezp. wykonuje takie o to rzeczy:
Opróżnia następujące katalogi:
Windows Temp
Foldery Temp użytkowników
Cache, Cookies i Historia IE, FF i Chrome
Cache ostatnio otwieranych plików
Cache Flash Player
Cache Java
Cache miniatur Windows Explorer i pliki sieciowe qmgr?.dat
Kosz

W logu był widoczny szczątkowy zeroaccess tak więc zmiana haseł była by tu wymagana.

Poza tym czemu nie używasz do haseł np. lastpass,lub czegoś podobnego. Wystarczy znać jedno hasło główne i problem z głowy.

przepraszam, ostatnio nie mam dosc czasu by sie tym wszystkim zajac
raport z adwcleaner mi sie nie pokazal Sad

Sad

a ten zeroacces to dawno mogl wejsc? co moglo sie stac przez to?

o jakie proxy chodzi? kiedys probowalem jeden programik do proxy juz nawet nie pamietam po co , ale praktycznie od razu go odinstalowalem
Z dodatkow na pewno potrzebuje GreaseMonkey (bo autofill forms juz jest w tym momencie bezuzyteczny - bede musial go zastapic czyms innym - sprobuje poszukac czegos co zarowno bedzie sluzyc do wypelniania formularzy jak i zarzadzania haslami)

LOg z OTL:

[Aby zobaczyć linki, zarejestruj się tutaj]

[Aby zobaczyć linki, zarejestruj się tutaj]

shortcuts
wklej.org/hash/c666c3c9e7c/ addition

[Aby zobaczyć linki, zarejestruj się tutaj]

frst - swiezy

z Adwcleaner mi sie nie robi log cos

cos tu sie niezle namieszalo, chcialem zaktualizowac ff ale wyskakuje "blad z nieznanych przyczyn" jednak musialem zresetowac bo nic sie nie dalo zrobic.. Oczywiscie wiem ze to w zaden sposob niezamierzone, ale mam wrazenie ze po tych zmianach komputer zaczal dzialac jakby wolniej... Czy ktorys z zabiegow mogl to spowodowac? wylaczyc jakies kodeki, wtyczki itd?

Rozumiem że reset został firefoxa wykonany ?

tak

W takim wypadku zrób nowy log z samego FRST.txt , wcześniejszy był zrobiony i zapodany zanim dokonałeś resetu przeglądarki.

[Aby zobaczyć linki, zarejestruj się tutaj]

Nic więcej tu już nie widać.

Do notatnika wklej i zapisz jako fixlist.txt

Kod:
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f

Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f

SearchScopes: HKU\S-1-5-21-2221867206-870365832-3413207140-1008 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

HKU\S-1-5-21-2221867206-870365832-3413207140-1001\Software\Classes\.exe:=><===== ATTENTION!

C:\ProgramData\C__Users_Acer_Downloads_STARE_Auto Hide IP 5.3.0.2_AutoHideIP.exe

C:\ProgramData\C__Users_Acer_Downloads_STARE_Auto Hide IP 5.3.0.2_Crack_AutoHideIP.exe

RemoveDirectory: C:\AdwCleaner

Zapisany skrypt umieść obok ściągniętego programu FRST
Następnie w programie kliknij Fix,po wykonaniu pokaż raport z tego działania.

Ściągnij

[Aby zobaczyć linki, zarejestruj się tutaj]

Zapisz na pulpicie,uruchom i zaznacz Remove disinfection tools,następnie kliknij Run
Program do usuwania wszelkich użytych narzędzi typu OTL.ADW.FRST i innych.

Odinstaluj:

Java 8 Update 25

Zainstaluj jre-8u31-windows-i586.exe

[Aby zobaczyć linki, zarejestruj się tutaj]

Dzieki

Smile

A raport z działania ?