Masa samootwierających się reklam


(Ferwexx) #1

Od jakiegoś czasu po kilku minutach od uruchomienia przeglądarki wyskakuje mi masa reklam w okienkach.

 

Additional - http://www.wklej.org/id/1667670/

FRST - http://www.wklej.org/id/1667672/

 

Dziękuję za wsparcie


(Acorus) #2

Odinstaluj Radio Canyon,Settings Manager.Otwórz notatnik systemowy i wklej:

Task: {10EE6F1F-7B38-4BAB-8205-CA59992764F4} - System32\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-4 = C:\Program Files (x86)\Radio Canyon\b81c3d12-541f-481e-9d7d-12f7c95f64ff-4.exe [2014-11-13] (Buca Apps) ==== ATTENTION
Task: {1486AB2B-96BB-4897-9496-600FF478FEE6} - System32\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-5_user = C:\Program Files (x86)\Radio Canyon\b81c3d12-541f-481e-9d7d-12f7c95f64ff-5.exe [2014-11-13] (Buca Apps) ==== ATTENTION
Task: {2F75F219-6B0F-41AA-8686-D323AC37D169} - System32\Tasks\{027113C5-0DB2-487D-AC85-DCB2E0BFD384} = Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/pl/abandoninstall?page=tsBing
Task: {337F3AA1-A732-413E-9D20-2DEFC16DC215} - System32\Tasks\globalUpdateUpdateTaskMachineUA = C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-13] (globalUpdate) ==== ATTENTION
Task: {3C87B91D-30DC-4D73-8F21-DF1DE711766E} - System32\Tasks\{1660B354-6472-44AA-83B2-09D4B42AAEA2} = Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/pl/abandoninstall?page=tsMain
Task: {65EA4EAB-C374-440E-98E7-598B1DD62382} - System32\Tasks\{2E4FDFFF-B490-4072-BB64-C7F8B1CAC29F} = Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/pl/abandoninstall?page=tsMain
Task: {7D6A4BFE-3623-4745-9FB0-533325554829} - System32\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-1 = C:\Program Files (x86)\Radio Canyon\Radio Canyon-codedownloader.exe [2014-11-13] (Buca Apps) ==== ATTENTION
Task: {7EEEC0E7-99ED-4A58-BF8F-F8C32002F831} - System32\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-5 = C:\Program Files (x86)\Radio Canyon\b81c3d12-541f-481e-9d7d-12f7c95f64ff-5.exe [2014-11-13] (Buca Apps) ==== ATTENTION
Task: {9C9A7CDA-68EE-43D5-8CD6-663DB0CFDE46} - System32\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-7 = C:\Program Files (x86)\Radio Canyon\b81c3d12-541f-481e-9d7d-12f7c95f64ff-7.exe [2014-11-13] (Buca Apps) ==== ATTENTION
Task: {EBF25FB1-6BE3-427B-A75D-B8366AFD7FA6} - System32\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-6 = C:\Program Files (x86)\Radio Canyon\b81c3d12-541f-481e-9d7d-12f7c95f64ff-6.exe [2014-11-13] (Buca Apps) ==== ATTENTION
Task: {EC9D1B25-BFA0-450F-9685-E3FE64685996} - System32\Tasks\globalUpdateUpdateTaskMachineCore = C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-13] (globalUpdate) ==== ATTENTION
Task: {F4DA742A-8E4F-43C4-B0B4-01A21D95C064} - System32\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-11 = C:\Program Files (x86)\Radio Canyon\b81c3d12-541f-481e-9d7d-12f7c95f64ff-11.exe [2014-11-13] (Buca Apps) ==== ATTENTION
Task: C:\Windows\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-1.job = C:\Program Files (x86)\Radio Canyon\Radio Canyon-codedownloader.exe ==== ATTENTION
Task: C:\Windows\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-11.job = C:\Program Files (x86)\Radio Canyon\b81c3d12-541f-481e-9d7d-12f7c95f64ff-11.exe ==== ATTENTION
Task: C:\Windows\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-4.job = C:\Program Files (x86)\Radio Canyon\b81c3d12-541f-481e-9d7d-12f7c95f64ff-4.exe ==== ATTENTION
Task: C:\Windows\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-5.job = C:\Program Files (x86)\Radio Canyon\b81c3d12-541f-481e-9d7d-12f7c95f64ff-5.exe ==== ATTENTION
Task: C:\Windows\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-5_user.job = C:\Program Files (x86)\Radio Canyon\b81c3d12-541f-481e-9d7d-12f7c95f64ff-5.exe ==== ATTENTION
Task: C:\Windows\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-6.job = C:\Program Files (x86)\Radio Canyon\b81c3d12-541f-481e-9d7d-12f7c95f64ff-6.exe ==== ATTENTION
Task: C:\Windows\Tasks\b81c3d12-541f-481e-9d7d-12f7c95f64ff-7.job = C:\Program Files (x86)\Radio Canyon\b81c3d12-541f-481e-9d7d-12f7c95f64ff-7.exe ==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job = C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe ==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job = C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe ==== ATTENTION
HKLM-x32\...\Run: [HP Software Update] = C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] = [X]
HKLM\...\AppCertDlls: [x86] - C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll
HKLM\...\AppCertDlls: [x64] - C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?sid=503aid=112itype=nver=13986tm=530src=dsp={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?sid=503aid=112itype=nver=13986tm=530src=dsp={searchTerms}
SearchScopes: HKU\S-1-5-21-4237949960-754375959-665237629-1000 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL =
BHO: Radio Canyon - {11111111-1111-1111-1111-110611081104} - C:\Program Files (x86)\Radio Canyon\Radio Canyon-bho64.dll [2014-11-13] (Buca Apps)
BHO-x32: Radio Canyon - {11111111-1111-1111-1111-110611081104} - C:\Program Files (x86)\Radio Canyon\Radio Canyon-bho.dll [2014-11-13] (Buca Apps)
FF SearchEngineOrder.1: default-search.net
FF SelectedSearchEngine: default-search.net
FF Keyword.URL: hxxp://www.default-search.net/search?sid=503aid=112itype=nver=13986tm=530src=dsp=
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ojlyg9yn.default\searchplugins\default-search.xml [2014-11-13]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml [2014-11-13]
FF Extension: Radio Canyon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ojlyg9yn.default\Extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [2015-03-17]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-11-13] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-11-13] (globalUpdate) [File not signed]
S3 gdrv; \\C:\Windows\gdrv.sys [X]
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Ferwexx) #3

Wszystko wg instrukcji, nadal to samo soft4click, fałszywy flashplayer instal, koło fortuny.

Logi po oczyszczeniu AdwCleanerem, kolejne skanowanie nic nie wykrywa

 

Additional - http://www.wklej.org/id/1669853/

FRST - http://www.wklej.org/id/1669856/


(Acorus) #4

Odinstaluj Chrome zaznaczając usunięcie danych przeglądania.