Aktualizacje na programosy.pl: Mozilla FirefoxSoft OrganizerPlex Media ServerKaraokeMonkey′s AudioGetFLVFarbar Recovery Scan ToolDevice Cleanup ToolFar Manager  

  • Ogłoszenie:

Reklamy nie dają mi żyć

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

Reklamy nie dają mi żyć

Postprzez tzimisce1989 01 Kwi 2015, 19:45

reklama
Witam, W Mozilli zaczęły mi się wyświetlać niepożądane reklamy i nie mogę sobie z nimi poradzić. Proszę o pomoc

Addition: http://wklej.to/2wrE6
FRST: http://wklej.to/BhuAY
tzimisce1989
~user
 
Posty: 7
Dołączenie: 01 Kwi 2015, 19:31


Góra

Reklamy nie dają mi żyć

Postprzez ordynat 01 Kwi 2015, 19:47

1) Odinstaluj te programy:
Ask Toolbar (HKLM\...\{4F524A2D-5637-4300-76A7-A758B70C1902}) (Version: 12.25.2.88 - APN, LLC) <==== ATTENTION
Math Problem Solver (HKU\S-1-5-21-3824283560-2361477642-4214435734-1000\...\Math Problem Solver) (Version: - ) <==== ATTENTION
Shopper-Pro (HKLM\...\ShopperPro) (Version: - ) <==== ATTENTION



2) Użyj Adw-Cleaner http://www.programosy.pl/program,adwcleaner.html
najpierw kliknij na SZUKAJ (SCAN), a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ (CLEANING), to kliknij na niego.
Pokaż raport z niego C:\AdwCleaner\AdwCleaner[S].txt

3) Otwórz Notatnik i wklej w nim:
C:\Program Files\Plus-HD-8.1
C:\Program Files\iWebar
C:\Program Files\PHD-V1.4
C:\Program Files\globalUpdate
C:\Users\Admin\AppData\Roaming\FQGPzh1vy8XgrbZYwwvzg.exe
C:\Program Files\ShopperPro
C:\Users\Admin\AppData\Local\Temp\nslF471.tmp
C:\Users\Admin\AppData\Local\Math Problem Solver
Task: {01116B93-38E8-4F4A-A310-68FD5066F5F9} - System32\Tasks\7faa1713-d10d-4826-99c8-0b552082b88c-5 => C:\Program Files\iWebar\7faa1713-d10d-4826-99c8-0b552082b88c-5.exe <==== ATTENTION
Task: {0C1AED7A-CDA2-40F2-895F-6E912923AF1A} - System32\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-2 => C:\Program Files\PHD-V1.4\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-2.exe <==== ATTENTION
Task: {1138DE5A-2020-4EA0-8A38-4B612F3C372C} - System32\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-11 => C:\Program Files\PHD-V1.4\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-11.exe <==== ATTENTION
Task: {1CE3BE60-0C29-480D-9AE0-66745E5235E6} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-19] (globalUpdate) <==== ATTENTION
Task: {376FD7D5-3EAA-4C5F-B920-35B69C73625B} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-19] (globalUpdate) <==== ATTENTION
Task: {3DEEFED8-68F7-4771-8DE2-B8591DB537EA} - System32\Tasks\Plus-HD-8.1-validator => C:\Program Files\Plus-HD-8.1\Plus-HD-8.1-validator.exe <==== ATTENTION
Task: {4A766C86-2E74-4B72-B076-01C6C1E9EE27} - System32\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-3 => C:\Program Files\PHD-V1.4\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-3.exe <==== ATTENTION
Task: {4D72870F-EBD4-4E94-97EA-350E704C5ED2} - System32\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-1 => C:\Program Files\PHD-V1.4\PHD-V1.4-codedownloader.exe <==== ATTENTION
Task: {6252EFD9-6B03-413E-A082-D24FD15D66B3} - System32\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-5 => C:\Program Files\PHD-V1.4\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-5.exe <==== ATTENTION
Task: {88BA2E35-0176-4AF5-9E27-03A0A87B2C1E} - System32\Tasks\FQGPzh1vy8XgrbZYwwvzg => C:\Users\Admin\AppData\Roaming\FQGPzh1vy8XgrbZYwwvzg.exe [2015-04-03] ()
Task: {938B9C96-51B4-45A2-B274-9E80F2776BBD} - System32\Tasks\ShopperPro => C:\Program Files\ShopperPro\ShopperPro.exe <==== ATTENTION
Task: {AD6146FF-16A4-44ED-BEB7-5AD342C9B6CE} - System32\Tasks\Installer_sense => C:\Users\Admin\AppData\Local\Temp\nslF471.tmp\setup.exe <==== ATTENTION
Task: {BBBC70CA-238C-4C2D-9ADD-2F5D3640167F} - System32\Tasks\Math Problem Solver Optimize => C:\Users\Admin\AppData\Local\Math Problem Solver\Optimize.exe [2014-01-20] () <==== ATTENTION
Task: {BC5E904C-5A05-45A1-9CB9-0D4767CDCFE6} - System32\Tasks\SPDriver => C:\Program Files\ShopperPro\JSDriver\1.37.0.199\jsdrv.exe <==== ATTENTION
Task: {BCB0014B-923C-4ECF-9FC3-915E474ED20C} - System32\Tasks\7faa1713-d10d-4826-99c8-0b552082b88c-5_user => C:\Program Files\iWebar\7faa1713-d10d-4826-99c8-0b552082b88c-5.exe <==== ATTENTION
Task: {C90513C7-47BF-41D4-8928-A41B266E13EA} - System32\Tasks\7faa1713-d10d-4826-99c8-0b552082b88c-11 => C:\Program Files\iWebar\7faa1713-d10d-4826-99c8-0b552082b88c-11.exe <==== ATTENTION
task: {D335A475-A9C1-4C7C-A756-F3885BC46DC4} - System32\Tasks\7faa1713-d10d-4826-99c8-0b552082b88c-2 => C:\Program Files\iWebar\7faa1713-d10d-4826-99c8-0b552082b88c-2.exe <==== ATTENTION
Task: {DE2F8DB6-34C0-4179-9715-99837A536BE1} - System32\Tasks\7faa1713-d10d-4826-99c8-0b552082b88c-1 => C:\Program Files\iWebar\iWebar-codedownloader.exe <==== ATTENTION
Task: {EE7A88F8-485D-4220-A8F7-51BF8CBF23B6} - System32\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-5_user => C:\Program Files\PHD-V1.4\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-5.exe <==== ATTENTION
Task: {F18E0E35-5A32-423F-8B0C-06D3DF24FDDD} - System32\Tasks\SPBIW_UpdateTask_Time_333132323437323833332d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {F9F34BD2-E280-4886-9BBA-90536C072BDB} - System32\Tasks\7faa1713-d10d-4826-99c8-0b552082b88c-4 => C:\Program Files\iWebar\7faa1713-d10d-4826-99c8-0b552082b88c-4.exe <==== ATTENTION
Task: {FD65E52E-C964-4E8A-B8E3-8CA3FD0D6613} - System32\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-4 => C:\Program Files\PHD-V1.4\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\7faa1713-d10d-4826-99c8-0b552082b88c-1.job => C:\Program Files\iWebar\iWebar-codedownloader.exeÜ/KAgOeO /GhMcgT=task /EULsgStB='iWebar' /qZerxEp=35510 /LAGNHump='000171' /zlGDEpa='0' /HVzXtNy='eyJkYXRhIjp7ImRhdGUiOiJFN0p3c210eWNsMSwwNDU2OTIyZC04YjVmLTRlODktYjcxOC1hNTNkYmVlN2UwYTAsIiwidW5xIjoiMDQ1NjkyMmQtOGI1Zi00ZTg5LWI3MTgtYTUzZGJlZTdlMGEwIn19' /ggHcsUA=EC73EE6EA56B49D69F69362D746B7598IE /aMfofmGBR=ae89d24e679c16fc86d304a67d6a3543 /ZYSIh=1_34_07_01 /UfsKgx=1.34.7.1 /oPfzFlAg=1405766540 /HVFDO=http:/stats.genstatsnet.com /aSYWFrS=http:/errors.genstatsnet.com /AhPGcayf=http:/js.genstatsnet.com /INsFsII=ff /xzZla='iWebar' /CuesV=http:/js.clientdemocloud.com /JTyUet /TGNMdcyOR='{asw:[32768, 46137348, 0]}' /zYPeaB='http:/update.genstatsnet.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\7faa1713-d10d-4826-99c8-0b552082b88c-11.job => C:\Program Files\iWebar\7faa1713-d10d-4826-99c8-0b552082b88c-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\7faa1713-d10d-4826-99c8-0b552082b88c-2.job => C:\Program Files\iWebar\7faa1713-d10d-4826-99c8-0b552082b88c-2.exeo/jspKGKwKB /EULsgStB='iWebar' /qZerxEp=35510 /LAGNHump='000171' /zlGDEpa='0' /HVzXtNy='eyJkYXRhIjp7ImRhdGUiOiJFN0p3c210eWNsMSwwNDU2OTIyZC04YjVmLTRlODktYjcxOC1hNTNkYmVlN2UwYTAsIiwidW5xIjoiMDQ1NjkyMmQtOGI1Zi00ZTg5LWI3MTgtYTUzZGJlZTdlMGEwIn19' /ggHcsUA=EC73EE6EA56B49D69F69362D746B7598IE /aMfofmGBR=ae89d24e679c16fc86d304a67d6a3543 /ZYSIh=1_34_07_01 /oPfzFlAg=1405766540 /HVFDO=http:/stats.genstatsnet.com /aSYWFrS=http:/errors.genstatsnet.com /JwbBPdbM=11111111-1111-1111-1111-110311551110 /INsFsII=ff /JTyUet /zYPeaB='http:/update.genstatsnet.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\7faa1713-d10d-4826-99c8-0b552082b88c-4.job => C:\Program Files\iWebar\7faa1713-d10d-4826-99c8-0b552082b88c-4.exe/cCZMfeSA /EULsgStB='iWebar' /RanEoJ C:\Program Files\iWebar\7faa1713-d10d-4826-99c8-0b552082b88c.xpi' /qZerxEp=35510 /LAGNHump='000171' /zlGDEpa='0' /HVzXtNy='eyJkYXRhIjp7ImRhdGUiOiJFN0p3c210eWNsMSwwNDU2OTIyZC04YjVmLTRlODktYjcxOC1hNTNkYmVlN2UwYTAsIiwidW5xIjoiMDQ1NjkyMmQtOGI1Zi00ZTg5LWI3MTgtYTUzZGJlZTdlMGEwIn19' /ggHcsUA=EC73EE6EA56B49D69F69362D746B7598IE /aMfofmGBR=ae89d24e679c16fc86d304a67d6a3543 /ZYSIh=1_34_07_01 /UfsKgx=1.34.7.1 /oPfzFlAg=1405766540 /HVFDO=http:/stats.genstatsnet.com /aSYWFrS=http:/errors.genstatsnet.com /EiEqtOy=300 /pwecmz=2eb528f3-950d-48a3-be4b-5d7de6c8331e@a41e199b-6ca4-4d23-ab87-73f2d1973314.com /QLZumaMwy=0.95 /zZXXloF=a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510 /zorOFLDxT=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/35510.rdf /aAiVVgDmZ='iWebar' /qPdhclo='iWebar' /eVbrN='iWebar' /INsFsII=ff /TGNMdcyOR='{asw:[32768, 46137348, 0]}' /JTyUet /cSPRk /lDxORFfy /zYPeaB='http:/update.genstatsnet.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\7faa1713-d10d-4826-99c8-0b552082b88c-5.job => C:\Program Files\iWebar\7faa1713-d10d-4826-99c8-0b552082b88c-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\7faa1713-d10d-4826-99c8-0b552082b88c-5_user.job => C:\Program Files\iWebar\7faa1713-d10d-4826-99c8-0b552082b88c-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-1.job => C:\Program Files\PHD-V1.4\PHD-V1.4-codedownloader.exeW/YsHijX /stxUVB=task /cVaJrsxGU='PHD-V1.4' /rEhSVmGi=58362 /WDAmvhcFA='001660' /ZZCSA='0' /BzRPlo='0' /fvSPebLz=39D2A78FD14C4503825D7BD54B67B430IE /SeqCKvP=5eceace86a8c48d5b8637f8ddc042491 /nEEbv=1_34_07_01 /XRnMuiu=1.34.7.1 /tbpiZjKf=1405764580 /gvuSmd=http:/stats.genstatsnet.com /IbKOff=http:/errors.genstatsnet.com /mQjzgfFHD=http:/js.genstatsnet.com /jGPsA=ff /VfXeAPNUs='PHD-V1.4' /adudxwoxi=http:/js.clientdemocloud.com /qKxvgqHi /UtzYxBGai='{asw:[32768, 12582916, 0]}' /EOeVwrgAC='http:/update.genstatsnet.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-11.job => C:\Program Files\PHD-V1.4\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-2.job => C:\Program Files\PHD-V1.4\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-2.exeĺ/tvwYOOPO /cVaJrsxGU='PHD-V1.4' /rEhSVmGi=58362 /WDAmvhcFA='001660' /ZZCSA='0' /BzRPlo='0' /fvSPebLz=39D2A78FD14C4503825D7BD54B67B430IE /SeqCKvP=5eceace86a8c48d5b8637f8ddc042491 /nEEbv=1_34_07_01 /tbpiZjKf=1405764580 /gvuSmd=http:/stats.genstatsnet.com /IbKOff=http:/errors.genstatsnet.com /nAybIxQQ=11111111-1111-1111-1111-110511831162 /jGPsA=ff /LAAdem /qKxvgqHi /EOeVwrgAC='http:/update.genstatsnet.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-3.job => C:\Program Files\PHD-V1.4\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-4.job => C:\Program Files\PHD-V1.4\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-4.exeĄ/opqpsEAa /cVaJrsxGU='PHD-V1.4' /hNFFULjC C:\Program Files\PHD-V1.4\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5.xpi' /rEhSVmGi=58362 /WDAmvhcFA='001660' /ZZCSA='0' /BzRPlo='0' /fvSPebLz=39D2A78FD14C4503825D7BD54B67B430IE /SeqCKvP=5eceace86a8c48d5b8637f8ddc042491 /nEEbv=1_34_07_01 /XRnMuiu=1.34.7.1 /tbpiZjKf=1405764580 /gvuSmd=http:/stats.genstatsnet.com /IbKOff=http:/errors.genstatsnet.com /gtHFBaWfp=300 /TugnA=508d4e2f-a469-421d-a294-135dbb84fe1b@f7b17943-cc9e-4d4a-b223-0bd1e7cfc871.com /gHVnhQxhQ=0.95 /xkrGx=a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362 /WMhqd=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/58362.rdf /oyTjj='PHD-V1.4' /btOke='Turn YouTube videos to High Definition by default' /NVIXHHIps='PHD' /jGPsA=ff /UtzYxBGai='{asw:[32768, 12582916, 0]}' /qKxvgqHi /rbwbnF /MdrbH /EOeVwrgAC='http:/update.genstatsnet.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-5.job => C:\Program Files\PHD-V1.4\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-5_user.job => C:\Program Files\PHD-V1.4\e45b0a1a-9ba8-49b2-9360-d03dce7d97e5-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\FQGPzh1vy8XgrbZYwwvzg.job => C:\Users\Admin\AppData\Roaming\FQGPzh1vy8XgrbZYwwvzg.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-8.1-validator.job => C:\Program Files\Plus-HD-8.1\Plus-HD-8.1-validator.exe <==== ATTENTION
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
C:\Users\Admin\Downloads\DOSBox(12810)-dp.exe
C:\ProgramData\IHProtectUpDate
C:\Program Files\XTab
C:\ProgramData\WindowsMangerProtect
C:\Users\Admin\AppData\Roaming\FQGPzh1vy8XgrbZYwwvzg.exe
S3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [25600 2014-07-16] () [File not signed]
R1 {ef8714df-a44b-464c-9034-549a70dc4cd7}Gt; C:\Windows\System32\drivers\{ef8714df-a44b-464c-9034-549a70dc4cd7}Gt.sys [55224 2014-04-24] (StdLib)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S2 SPDRIVER_1.37.0.199; \??\C:\Program Files\ShopperPro\JSDriver\1.37.0.199\jsdrv.sys [X]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [493712 2015-03-21] (SysTool PasSame LIMITED)
R2 IHProtect Service; C:\Program Files\XTab\ProtectService.exe [158816 2015-03-16] (XTab system)
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-19] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-19] (globalUpdate) [File not signed]
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [177560 2015-02-14] (APN LLC.)
OPR Extension: (iWebar) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\cigiagpbkapepgklncnajbakkpkopmam [2014-09-27]
FF HKLM\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f23zik8x.default\extensions\searchengine@gmail.com
FF HKLM\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f23zik8x.default\extensions\fftoolbar2014@etech.com
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f23zik8x.default\searchplugins\ask-search.xml [2014-03-03]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f23zik8x.default\searchplugins\do-search.xml [2015-03-22]
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-07-19] (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-07-19] (globalUpdate)
FF Plugin: Web Components -> C:\Program Files\Web Components\npWebVideoPlugin.dll No File
FF Homepage: hxxp://do-search.com/?type=hppp&ts=1426931743&from=cor&uid=ST9250320AS_5SW2KQT5
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-07-02] (AOL LLC)
Toolbar: HKU\S-1-5-21-3824283560-2361477642-4214435734-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-07-02] (AOL LLC)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll No File
BHO: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-07-02] (AOL LLC)
BHO: No Name -> {7E853D72-626A-48EC-A868-BA8D5E23E045} -> No File
BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\XTab\SupTab.dll [2015-03-16] (Thinknice Co. Limited)
BHO: iWebar -> {11111111-1111-1111-1111-110311551110} -> C:\Program Files\iWebar\iWebar-bho.dll No File
BHO: PHD-V1.4 -> {11111111-1111-1111-1111-110511831162} -> C:\Program Files\PHD-V1.4\PHD-V1.4-bho.dll No File
HKU\S-1-5-21-3824283560-2361477642-4214435734-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hppp&ts=1426931743&from=cor&uid=ST9250320AS_5SW2KQT5
HKU\S-1-5-21-3824283560-2361477642-4214435734-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hppp&ts=1426931743&from=cor&uid=ST9250320AS_5SW2KQT5
HKU\S-1-5-21-3824283560-2361477642-4214435734-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=dspp&ts=1426931743&from=cor&uid=ST9250320AS_5SW2KQT5&q={searchTerms}
HKU\S-1-5-21-3824283560-2361477642-4214435734-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=dspp&ts=1426931743&from=cor&uid=ST9250320AS_5SW2KQT5&q={searchTerms}
SearchScopes: HKLM -> {59EE6FAA-1A56-48C9-B026-D541620D85D1} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl
SearchScopes: HKU\S-1-5-21-3824283560-2361477642-4214435734-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9250320AS_5SW2KQT5&ts=1426931754&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3824283560-2361477642-4214435734-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9250320AS_5SW2KQT5&ts=1426931754&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3824283560-2361477642-4214435734-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9250320AS_5SW2KQT5&ts=1426931754&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3824283560-2361477642-4214435734-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9250320AS_5SW2KQT5&ts=1426931754&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3824283560-2361477642-4214435734-1000 -> {59EE6FAA-1A56-48C9-B026-D541620D85D1} URL = http://do-search.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9250320AS_5SW2KQT5&ts=1426931754&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3824283560-2361477642-4214435734-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9250320AS_5SW2KQT5&ts=1426931754&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hppp&ts=1426931743&from=cor&uid=ST9250320AS_5SW2KQT5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1426931653&from=cor&uid=ST9250320AS_5SW2KQT5&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hppp&ts=1426931743&from=cor&uid=ST9250320AS_5SW2KQT5
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1426931653&from=cor&uid=ST9250320AS_5SW2KQT5&q={searchTerms}
HKU\S-1-5-21-3824283560-2361477642-4214435734-1000\...\Run: [SPDriver] => C:\Program Files\ShopperPro\JSDriver\1.37.0.199\jsdrv.exe
HKLM\...\Run: [SPDriver] => C:\Program Files\ShopperPro\JSDriver\1.37.0.199\jsdrv.exe
HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1949592 2015-02-14] (APN)
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.
Uruchom FRST i kliknij przycisk Fix.
Powstanie plik fixlog.txt.
Daj ten log.

4) Napisz, czy problem znikł?
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866


Góra

Reklamy nie dają mi żyć

Postprzez tzimisce1989 01 Kwi 2015, 20:15

AdwCleaner: http://wklej.to/kR8sY

Dodano Dzisiaj, 20:40:
Niestety sytuacja nie uległa polepszeniu.
tzimisce1989
~user
 
Posty: 7
Dołączenie: 01 Kwi 2015, 19:31


Góra

Reklamy nie dają mi żyć

Postprzez ordynat 01 Kwi 2015, 20:41

trzecie zalecenie też wykonane?
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866


Góra

Reklamy nie dają mi żyć

Postprzez tzimisce1989 01 Kwi 2015, 20:48

Wcześniej zapomniałem dodać.

fixlog: http://wklej.to/2aCvW
tzimisce1989
~user
 
Posty: 7
Dołączenie: 01 Kwi 2015, 19:31


Góra

Reklamy nie dają mi żyć

Postprzez ordynat 01 Kwi 2015, 20:50

jaki adres mają te reklamy?
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866


Góra

Reklamy nie dają mi żyć

Postprzez tzimisce1989 01 Kwi 2015, 20:55

Pod reklamami napis "ADS by name", czy chcesz wiedzieć na jaki adres wysyła po kliknięciu w opcje reklamy?
tzimisce1989
~user
 
Posty: 7
Dołączenie: 01 Kwi 2015, 19:31


Góra

Reklamy nie dają mi żyć

Postprzez ordynat 01 Kwi 2015, 20:59

Uruchom FRST.
W polu SEARCH wklej:
by name

kliknij na przycisk "Search Registry".
Raport z tego będzie tam, gdzie jest FRST.

W logach FRST jeszcze te były dla mnie nieznane:
Cycling Manager 3 (HKLM\...\Cycling Manager 3) (Version: 1.0 - Cyanide)

Pro Cycling Manager - Season 2008 1.0.0.0 (HKLM\...\Pro Cycling Manager 2008_is1) (Version: 1.0.0.0 - Cyanide Entertainment)
Tropico 3 (HKLM\...\{6CA1CD8C-2D65-491E-9467-00A3ACA4A0A9}) (Version: 1.00.0000 - Kalypso)
Twoo 2.1.1011 (HKU\S-1-5-21-3824283560-2361477642-4214435734-1000\...\{AE0A260B-E40D-4B82-B603-2D98BAD7EFDA}_is1) (Version: 2.1.1011 - Massive Media)

2014-05-18 09:53 - 2013-09-03 15:43 - 00962360 _____ () C:\Users\Admin\AppData\Roaming\Massive Media\wpsapi.dll

(Massive Media) C:\Users\Admin\AppData\Roaming\Massive Media\Twoo.exe

HKU\S-1-5-21-3824283560-2361477642-4214435734-1000\...\Run: [Twoo] => C:\Users\Admin\AppData\Roaming\Massive Media\Twoo.exe [10476000 2013-10-03] (Massive Media)

2015-04-01 18:53 - 2015-04-01 18:53 - 00001278 _____ () C:\Windows\Tasks\mr_fun_notification_service.job
2015-04-01 18:53 - 2015-04-01 18:53 - 00000640 _____ () C:\Windows\Tasks\mr_fun_updating_service.job
2015-04-01 18:53 - 2015-04-01 18:53 - 00000000 ____D () C:\Program Files\mr fun

2015-03-21 11:56 - 2015-03-21 11:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\DOSBox
2015-04-01 18:58 - 2015-01-23 12:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Korner 5
2015-04-01 18:58 - 2015-01-23 12:03 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Korner 5

Które, wg Ciebie, są najbardziej podejrzane?
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866


Góra

Reklamy nie dają mi żyć

Postprzez tzimisce1989 01 Kwi 2015, 21:09

search registry nie znalazło nic niestety. Co do tych programów z logów to Cycling Manager 3,Pro Cycling Manager - Season 2008, Tropico 3 oraz Twoo znam i są bezpieczne. Reszty jakoś nie kojarzę.
tzimisce1989
~user
 
Posty: 7
Dołączenie: 01 Kwi 2015, 19:31


Góra

Reklamy nie dają mi żyć

Postprzez ordynat 01 Kwi 2015, 21:17

Otwórz Notatnik i wklej w nim:
2015-04-01 18:53 - 2015-04-01 18:53 - 00001278 _____ () C:\Windows\Tasks\mr_fun_notification_service.job
2015-04-01 18:53 - 2015-04-01 18:53 - 00000640 _____ () C:\Windows\Tasks\mr_fun_updating_service.job
2015-04-01 18:53 - 2015-04-01 18:53 - 00000000 ____D () C:\Program Files\mr fun
2015-03-21 11:56 - 2015-03-21 11:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\DOSBox
2015-04-01 18:58 - 2015-01-23 12:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Korner 5
2015-04-01 18:58 - 2015-01-23 12:03 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Korner 5
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.
Uruchom FRST i kliknij przycisk Fix.
Powstanie plik fixlog.txt.
Daj ten log.


Zrób nowe logi FRST.
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866


Góra

Reklamy nie dają mi żyć

Postprzez tzimisce1989 01 Kwi 2015, 21:43

fixlog: http://wklej.to/wvtSS

frst: http://wklej.to/5NJ0Q
Addition: http://wklej.to/Sitaj
tzimisce1989
~user
 
Posty: 7
Dołączenie: 01 Kwi 2015, 19:31


Góra

Reklamy nie dają mi żyć

Postprzez ordynat 01 Kwi 2015, 23:13

Otwórz Notatnik i wklej w nim:
C:\Users\Admin\AppData\Roaming\FQGPzh1vy8XgrbZYwwvzg
C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
Task: {C5C868B1-7BAC-43D5-A2E9-F7010953281C} - System32\Tasks\mr_fun_notification_service => C:\Program Files\mr fun\mr_fun_notification_service.exe
Task: {90A1D4B3-C6E9-418E-BA60-4C4C6FEDB6E0} - System32\Tasks\mr_fun_updating_service => C:\Program Files\mr fun\mr_fun_updating_service.exe
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.
Uruchom FRST i kliknij przycisk Fix.
Powstanie plik fixlog.txt.
Daj ten log.

Napisz, czy problem znikł?
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866


Góra

Reklamy nie dają mi żyć

Postprzez tzimisce1989 02 Kwi 2015, 17:25

Niestety ale problem nadal istnieje.

fixlog: http://wklej.to/qDw8b
tzimisce1989
~user
 
Posty: 7
Dołączenie: 01 Kwi 2015, 19:31


Góra

Reklamy nie dają mi żyć

Postprzez ordynat 02 Kwi 2015, 19:43

Przeinstaluj przeglądarki, na których to występuje.
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866


Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 12 gości

Powered by phpBB © Group
Forum Programosy.pl
cron