Ezolbusp.exe, yurejjaeb.exe i inne gowienka ;/

**Posty:** 1 · przez **LaYuPL** 04 Paź 2016, 20:32

Zainstalowało mi sie takie coś, i strasznie to zamula itp, jak mam to usunąć itp? adwcleaner nie pomaga na to wszystko ;/

**Posty:** 4765 · przez **ordynat** 04 Paź 2016, 20:43

1) Spróbuj odinstalować te programy:
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== UWAGA
shopperz (HKLM-x32\...\{F0422270-2580-43FE-b53A-7F0BA1FB86E9}) (Version: 2.0.0.480 - shopperz) <==== UWAGA

2) Otwórz Notatnik i wklej w nim:

WMI_ActiveScriptEventConsumer_ASEC: <===== UWAGA
RemoveDirectory: c:\program files (x86)\tjaiedrevak_
RemoveDirectory: C:\Users\Michal\AppData\Local\00000000-1475611557-0000-0000-001A4D5A29BF
RemoveDirectory: C:\Users\Michal\AppData\Roaming\Geunfy
RemoveDirectory: C:\Program Files (x86)\GreatMaker
RemoveDirectory: C:\Program Files\Yhid
RemoveDirectory: C:\Program Files (x86)\sbqh
RemoveDirectory: C:\Program Files (x86)\mpck
RemoveDirectory: C:\Program Files (x86)\Youtube AdBlock
RemoveDirectory: C:\Users\Michal\AppData\Roaming\GowvePitpagf
RemoveDirectory: C:\Windows\system32\ouv
RemoveDirectory: C:\Users\Michal\AppData\Local\tuto_monetize_120161004
RemoveDirectory: C:\Users\Michal\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
RemoveDirectory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MaohaWiFi
RemoveDirectory: C:\Program Files (x86)\Tjaiedrevak
RemoveDirectory: C:\Program Files (x86)\CleanBrowser
RemoveDirectory: C:\Users\Public\Thunder Network
RemoveDirectory: C:\Users\Michal\AppData\Roaming\Ghasetion
RemoveDirectory: C:\Users\Michal\AppData\LocalLow\Company
RemoveDirectory: C:\Users\Michal\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
RemoveDirectory: C:\Users\Michal\AppData\Local\Tempfolder
RemoveDirectory: C:\Users\Michal\AppData\Local\Aticolyvqage
RemoveDirectory: C:\Program Files (x86)\00000000-1475603411-0000-0000-001A4D5A29BF
RemoveDirectory: C:\uninst
RemoveDirectory: C:\ProgramData\Thunder Network
RemoveDirectory: C:\Program Files\YhidUn
RemoveDirectory: C:\Program Files (x86)\WebShield
RemoveDirectory: C:\Users\Michal\AppData\Roaming\BrowserModule
C:\Program Files (x86)\1oknpqsjnlw
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MaohaWiFi\MaohaWiFi.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MaohaWiFi\卸载MaohaWiFi.lnk
C:\Users\Michal\Desktop\Pliki\Curse.lnk
HKLM-x32\...\Run: [app] => C:\Program Files (x86)\sbqh\uc.exe [294959 2016-09-18] ( )
HKLM\...\RunOnce: [OTUTPRODUCT_74CYR] => C:\Program Files (x86)\mpck\o_network.exe [1153024 2016-10-04] (9OW)
HKU\S-1-5-21-3790574275-4139197764-3253370536-1000\...\Run: [svchost0] => C:\Program Files (x86)\sbqh\uc.exe [294959 2016-09-18] ( )
Tcpip\..\Interfaces\{3638D2B5-B6F3-4987-84E7-0B0A9D8B9B01}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{3BADEC14-1631-4664-86E9-D95C7D32DB11}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{C4CE5704-313D-4D9F-B5B2-655545A4534A}: [NameServer] 104.197.191.4
BHO: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> C:\Program Files (x86)\Youtube AdBlock\IEEF\u7lxM2nGYk.dll [2016-10-04] ()
BHO: Yhid -> {B1E7C398-824A-4CB9-8D98-DF02E560EA02} -> C:\Program Files\Yhid\Sioar64.dll => Brak pliku
R2 Coerlasy; C:\Program Files (x86)\Tjaiedrevak_\procaentvlotCollector.dll [276992 2016-10-04] () [Brak podpisu cyfrowego]
R2 Noije; C:\Users\Michal\AppData\Roaming\Geunfy\Geunfy.exe [170496 2016-08-11] () [Brak podpisu cyfrowego]
R2 zigipyro; C:\Users\Michal\AppData\Local\00000000-1475611557-0000-0000-001A4D5A29BF\qnsbEDC9.tmp [158720 2015-12-26] () [Brak podpisu cyfrowego]
R2 A664B55A-D881-48A8-bEA5-02B80DDCA170; "C:\Program Files\Yhid\Veticeq.exe" [X]
S2 Bokvunnu; "C:\Users\Michal\AppData\Roaming\GowvePitpagf\Lurzem.exe" -cms [X]
S2 UketShlo; "C:\Program Files\Yhid\UketShlo.exe" [X]
R2 Yhid Updater; C:\Program Files\Yhid\Amaak.exe [X]
R1 bsdpf64; C:\Windows\system32\Drivers\bsdpf64.sys [27456 2016-10-04] ()
R1 bsdpr64; C:\Windows\system32\Drivers\bsdpr64.sys [26944 2016-10-04] ()
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PopupProduct
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PopupProduct
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0422270-2580-43FE-b53A-7F0BA1FB86E9}
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0422270-2580-43FE-b53A-7F0BA1FB86E9}
Task: {021AA493-F38D-4712-B7C0-B320C586C1EA} - System32\Tasks\{424385B7-8505-49B2-9C1B-F907D6D9A2F5} => pcalua.exe -a C:\Users\Michal\Downloads\CrystalLauncher-Installer.exe -d C:\Users\Michal\Downloads
C:\Users\Michal\Desktop\Pliki\Gооglе Сhrоmе.lnk
C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr (64-bit).lnk
C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk
C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk
C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bsdpf64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bsdpr64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bsdpf64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bsdpr64.sys => ""="Driver"
FirewallRules: [{AF007874-0D67-4212-B975-41263081AA17}] => (Allow) C:\Users\Michal\AppData\Local\Temp\is-8ANPT.tmp\download\MiniThunderPlatform.exe
FirewallRules: [{746E990A-00C2-4095-912C-071EBFFC8B28}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
BHO-x32: Yhid -> {B1E7C398-824A-4CB9-8D98-DF02E560EA02} -> C:\Program Files\Yhid\Sioar.dll => Brak pliku
C:\Windows\system32\Drivers\bsdpf64.sys
C:\Windows\system32\Drivers\bsdpr64.sys
C:\TOSTACK
C:\Users\Michal\AppData\Roaming\updater.cfg
HOSTS:
EmptyTemp:

>>Menu Notatnika >> Plik >>
>>Zapisz jako >>
Nazwa pliku: fixlist
Zapisz jako typ: Dokumenty tekstowe
Kodowanie: Unicode
>>Zapisz
Plik umieść w folderze C:\Users\Michal\Downloads
Uruchom FRST i kliknij przycisk Fix (NAPRAW).

3) Zrób nowe logi FRST - już bez Shortcut.
.

**Posty:** 261 · przez **AdamPL234** 05 Paź 2016, 07:13

Te śmieci zostały zainstalowane przez brak ostrożności podczas instalacji darmowych programów, z ograniczonymi funkcjami, z menedżerów pobierania oraz z podejrzanych witryn które mają i niski poziom reputacji, by uniknąć ponownie sytuacji z takimi problemami należy zainstalować Unchecky który zadba o system by był czysty od instalacji niechcianych programów z instalatorów.