Komputer zaśmiecony, nie nadążam wyłączać reklam, pomocy


(Jankaleta) #1

Proszę o pomoc w przeskanowaniu komputera. Staram się ściągnąć adw cleaner ale mimo wyłączonego programu antywirusowego komputer mi to uniemożliwia. Z góry dziękuje i pozdrawiam.


(Acorus) #2

Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.


(Jankaleta) #3

http://wklej.to/15Mub

http://wklej.to/JrGSa

 

Proszę o dalsze instrukcje.


(Acorus) #4

Odinstaluj Faster Light,LuuckyCoupon,New Tab New Window,Optimizer Pro v3.2,RoyalCCoupOna,SaleEsChecker,SaveItCoupons,savoerNet,shhopndroP,SmArtCompare,System Update kb70007,TiCTaCouepon.Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.

Przeskanuj programem Malwarebytes Anti-Malware http://data-cdn.mbamupdates.com/v2/mbam/consumer/data/mbam-setup-2.0.4.1028.exe

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

Pokaż nowe logi z FRST.


(Jankaleta) #5

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

Ad by BestDiscountApp | Close

Malwarebytes Anti-Malware

SCAN arrow-10x10.png Date: 2015-02-16

Scan Time: 13:52:05

Logfile: malwa.txt

Administrator: Yes

Version: 2.00.4.1028

Malware Database: v2014.11.20.06

Rootkit Database: v2015.02.03.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

OS: WINDOWS 8 arrow-10x10.png.1

CPU: x64

File System: NTFS

User: marek

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 317247

Time Elapsed: 23 min, 46 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

Registry Values: 3

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE[MICROSOFT arrow-10x10.png](http://wklej.to/BsRVa# “Click to Continue > by KingCoupon”)INTERNET EXPLORER arrow-10x10.png\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\Mysearchdial\1.8.29.0, , [42c4142aafcda591107aa8030afa27d9]

PUM.Bad.Proxy, HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:8118;https=127.0.0.1:8118, , [7492fe40e597bf7786f796b49172e020]

PUM.Bad.Proxy, HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:8118;https=127.0.0.1:8118, , [5fa787b74a3276c025581a30897a8c74]

Registry Data: 0

(No malicious items detected)

Folders: 2

Rogue.Multiple, C:\PROGRAMDATA\1078601655, , [7e8867d7adcf9f970405d8218a78a957],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff, , [25e1320c99e392a44107d144e51ec838],

Files: 27

PUP.Optional.Amonetize, C:\Users\marek\AppData\Local\Temp\MsiToExe.SetupExtension.msi, , [57af1a24b8c4191d8a90d1d770912ad6],

PUP.Optional.CouponDownloader.A, C:\Users\marek\AppData\Local\Temp\nsp4D13.tmp.exe, , [14f2dd614d2f9c9ad799c380ab5557a9],

PUP.Optional.CouponDownloader.A, C:\Users\marek\AppData\Local\Temp\nswF820.tmp.exe, , [cc3a3c02ff7dbd79bcb470d330d060a0],

PUP.Optional.Installcore, C:\Users\marek\AppData\Local\Temp\index.exe, , [897d67d7205cc571a3e58c8235d00ff1],

PUP.Optional.Wajam.A, C:\Users\marek\AppData\Local\Temp\is1248515637\165594839_stp\wajam_download.exe, , [d82e2c122557fe38b76fcb7cf20e56aa],

PUP.Optional.CouponDownloader.A, C:\Users\marek\AppData\Local\Temp\is1890775716\1190351_stp\coupondownloader.exe, , [19eddc628defd2649150b36e877e7987],

PUP.Optional.OpenCandy, C:\Users\marek[DOWNLOADS arrow-10x10.png\DTLite4491-0356.exe, , [7b8b7bc392ea40f6df276a0bc2438c74],](http://wklej.to/BsRVa# “Click to Continue > by KingCoupon”)

PUP.Optional.OptimumInstaller.A, C:\Users\marek\Downloads\Player-Chrome (1).exe, , [8383f945720a290d1bbf0d5a629f0af6],

PUP.Optional.OptimumInstaller.A, C:\Users\marek\Downloads\Player-Chrome (2).exe, , [96706ad4fd7f2e083d9d17504cb5fb05],

PUP.Optional.OptimumInstaller.A, C:\Users\marek\Downloads\Player-Chrome.exe, , [56b06fcf8def69cd7b5f6dfa13eea25e],

PUP.Optional.Outbrowse, C:\Users\marek\Downloads\Player.exe, , [e62050eef6863ff7951e83157a8721df],

PUP.Optional.OutBrowse, C:\Users\marek\Downloads\setup (1).exe, , [ce381a24601ccb6b0abd910e44bd718f],

PUP.Optional.DomaIQ, C:\Users\marek\Downloads\Setup (2).exe, , [f31366d85527999dab78734ec43d24dc],

PUP.Optional.OutBrowse, C:\Users\marek\Downloads\setup.exe, , [4db9132bb6c6241295320a95ac5560a0],

PUP.Optional.OptimumInstaller.A, C:\Users\marek\Downloads\trz7729.tmp, , [20e67bc3daa28caa10cafe692ed3e719],

PUP.Optional.OptimumInstaller.A, C:\Users\marek\Downloads\trzCA8D.tmp, , [877fb08ea9d3ea4c409abaad5ba629d7],

PUP.Optional.Amonetize, C:\Windows[INSTALLER arrow-10x10.png\5d8799b.msi, , [23e31d2105779d99e238cddb738e9769],](http://wklej.to/BsRVa# “Click to Continue > by KingCoupon”)

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage-journal, , [56b0a39b91eb66d0133c406824e0bb45],

Rogue.Multiple, C:\ProgramData\1078601655\BITF7F5.tmp, , [7e8867d7adcf9f970405d8218a78a957],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\000005.ldb, , [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\000040.ldb, , [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\000151.log, , [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\CURRENT, , [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\LOCK, , [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\LOG, , [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\LOG.old, , [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\MANIFEST-000150, , [25e1320c99e392a44107d144e51ec838],

Physical Sectors: 0

(No malicious items detected)

(end)

 

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

Ad by BestDiscountApp | Close

Malwarebytes Anti-Malware

Scan Date: 2015-02-16

Scan Time: 13:52:05

Logfile: logi.txt

Administrator: Yes

Version: 2.00.4.1028

Malware Database: v2014.11.20.06

Rootkit Database: v2015.02.03.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

OS: WINDOWS 8 arrow-10x10.png.1

CPU: x64

File System: NTFS

User: marek

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 317247

Time Elapsed: 23 min, 46 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

Registry Values: 3

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE[MICROSOFT arrow-10x10.png\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\Mysearchdial\1.8.29.0, Quarantined, [42c4142aafcda591107aa8030afa27d9]](http://wklej.to/MFyHm# “Click to Continue > by KingCoupon”)

PUM.Bad.Proxy, HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE[MICROSOFT arrow-10x10.png\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:8118;https=127.0.0.1:8118, Quarantined, [7492fe40e597bf7786f796b49172e020]](http://wklej.to/MFyHm# “Click to Continue > by KingCoupon”)

PUM.Bad.Proxy, HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:8118;https=127.0.0.1:8118, Quarantined, [5fa787b74a3276c025581a30897a8c74]

Registry Data: 0

(No malicious items detected)

Folders: 2

Rogue.Multiple, C:\PROGRAMDATA\1078601655, Quarantined, [7e8867d7adcf9f970405d8218a78a957],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff, Quarantined, [25e1320c99e392a44107d144e51ec838],

Files: 27

PUP.Optional.Amonetize, C:\Users\marek\AppData\Local\Temp\MsiToExe.SetupExtension.msi, Quarantined, [57af1a24b8c4191d8a90d1d770912ad6],

PUP.Optional.CouponDownloader.A, C:\Users\marek\AppData\Local\Temp\nsp4D13.tmp.exe, Quarantined, [14f2dd614d2f9c9ad799c380ab5557a9],

PUP.Optional.CouponDownloader.A, C:\Users\marek\AppData\Local\Temp\nswF820.tmp.exe, Quarantined, [cc3a3c02ff7dbd79bcb470d330d060a0],

PUP.Optional.Installcore, C:\Users\marek\AppData\Local\Temp\index.exe, Quarantined, [897d67d7205cc571a3e58c8235d00ff1],

PUP.Optional.Wajam.A, C:\Users\marek\AppData\Local\Temp\is1248515637\165594839_stp\wajam_download.exe, Quarantined, [d82e2c122557fe38b76fcb7cf20e56aa],

PUP.Optional.CouponDownloader.A, C:\Users\marek\AppData\Local\Temp\is1890775716\1190351_stp\coupondownloader.exe, Quarantined, [19eddc628defd2649150b36e877e7987],

PUP.Optional.OpenCandy, C:\Users\marek[DOWNLOADS arrow-10x10.png\DTLite4491-0356.exe, Quarantined, [7b8b7bc392ea40f6df276a0bc2438c74],](http://wklej.to/MFyHm# “Click to Continue > by KingCoupon”)

PUP.Optional.OptimumInstaller.A, C:\Users\marek[DOWNLOADS arrow-10x10.png\Player-Chrome (1).exe, Quarantined, [8383f945720a290d1bbf0d5a629f0af6],](http://wklej.to/MFyHm# “Click to Continue > by KingCoupon”)

PUP.Optional.OptimumInstaller.A, C:\Users\marek\Downloads\Player-Chrome (2).exe, Quarantined, [96706ad4fd7f2e083d9d17504cb5fb05],

PUP.Optional.OptimumInstaller.A, C:\Users\marek\Downloads\Player-Chrome.exe, Quarantined, [56b06fcf8def69cd7b5f6dfa13eea25e],

PUP.Optional.Outbrowse, C:\Users\marek\Downloads\Player.exe, Quarantined, [e62050eef6863ff7951e83157a8721df],

PUP.Optional.OutBrowse, C:\Users\marek\Downloads\setup (1).exe, Quarantined, [ce381a24601ccb6b0abd910e44bd718f],

PUP.Optional.DomaIQ, C:\Users\marek\Downloads\Setup (2).exe, Quarantined, [f31366d85527999dab78734ec43d24dc],

PUP.Optional.OutBrowse, C:\Users\marek\Downloads\setup.exe, Quarantined, [4db9132bb6c6241295320a95ac5560a0],

PUP.Optional.OptimumInstaller.A, C:\Users\marek\Downloads\trz7729.tmp, Quarantined, [20e67bc3daa28caa10cafe692ed3e719],

PUP.Optional.OptimumInstaller.A, C:\Users\marek\Downloads\trzCA8D.tmp, Quarantined, [877fb08ea9d3ea4c409abaad5ba629d7],

PUP.Optional.Amonetize, C:\Windows[INSTALLER arrow-10x10.png\5d8799b.msi, Quarantined, [23e31d2105779d99e238cddb738e9769],](http://wklej.to/MFyHm# “Click to Continue > by KingCoupon”)

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage-journal, Quarantined, [56b0a39b91eb66d0133c406824e0bb45],

Rogue.Multiple, C:\ProgramData\1078601655\BITF7F5.tmp, Quarantined, [7e8867d7adcf9f970405d8218a78a957],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\000005.ldb, Quarantined, [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\000040.ldb, Quarantined, [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\000151.log, Quarantined, [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\CURRENT, Quarantined, [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\LOCK, Quarantined, [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\LOG, Quarantined, [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\LOG.old, Quarantined, [25e1320c99e392a44107d144e51ec838],

PUP.Optional.MySpeedDial.A, C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\MANIFEST-000150, Quarantined, [25e1320c99e392a44107d144e51ec838],

Physical Sectors: 0

(No malicious items detected)

(end)

 

1

2

3

4

5

6

7

8

9

10

11

Ad by BestDiscountApp | Close

Malwarebytes Anti-Malware

Update, 2015-02-16 13:52:01, SYSTEM, JONY, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,

Update, 2015-02-16 13:52:01, SYSTEM, JONY, Manual, Rootkit Database, 2014.11.18.1, 2015.2.3.1,

Error, 2015-02-16 13:52:05, SYSTEM, JONY, Manual, 0,

Error, 2015-02-16 13:52:05, SYSTEM, JONY, Manual, 0,

SCAN arrow-10x10.png, 2015-02-16 15:38:27, SYSTEM, JONY, Manual, Start:2015-02-16 13:52:05, Duration:23 min 46 sec, Threat SCAN arrow-10x10.png, Completed, 4 Malware Detections, 60 Non-Malware Detections,

(end)

czy pomożesz mi dalej 


(Acorus) #6

Dałeś wszystko do kwarantanny?Pokaż nowe logi z FRST.Raporty umieść na http://wklej.org/ i podaj link.