Niechciane reklamy, zamulony komputer


(Radu5) #1

Witam od paru dni zmagam się z reklamami od tego rozszerzenia w chrome  Uniseaoles.

Screen:

 

Co wyłączę rozszerzenie to po restarcie znowu jest, Malwarebytes Anti-Malware coś tam poznajdował i niby pokasował ale nic nie dało.

W firefoxie też mam od groma reklam. I laptop ogólnie coraz słabiej chodzi.

Jeżeli ktoś byłby tak miły i pomógł mi się uporać z moimi problemami to z góry ślicznie dziękuję.

 

Oto logi:

FRST:

- Addition.txt - http://www.wklej.org/id/1584565/

 

OTL:


(Acorus) #2

Otwórz notatnik systemowy i wklej:

Task: {7A0A606B-A56F-45FA-A0D4-43F57EEF9908} - System32\Tasks\AP = C:\Users\Radek\AppData\Roaming\AP.exe ==== ATTENTION
Task: {A2D7751E-69DE-4E6F-8057-8CBA4946AAAE} - System32\Tasks\{91071FF9-A1F1-4A75-AA8D-0A07305DA634} = Chrome.exe http://ui.skype.com/ui/0/6.10.0.104/pl/abandoninstall?source=lightinstalleramp;page=tsInstall
Task: {BB26EDAC-A8CB-4E63-92FD-05C445C66F76} - System32\Tasks\FYEI = C:\Users\Radek\AppData\Roaming\FYEI.exe ==== ATTENTION
Task: C:\WINDOWS\Tasks\AP.job = C:\Users\Radek\AppData\Roaming\AP.exe ==== ATTENTION
Task: C:\WINDOWS\Tasks\FYEI.job = C:\Users\Radek\AppData\Roaming\FYEI.exe ==== ATTENTION
HKLM\...\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] = C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [YouCam Service6] = C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [500696 2013-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM - {B12CCC10-B7BD-48A9-A848-59D20AC3B3FC} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8tag=hp-uk3-vsb-21link%5Fcode=qsindex=apsfield-keywords={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {B12CCC10-B7BD-48A9-A848-59D20AC3B3FC} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8tag=hp-uk3-vsb-21link%5Fcode=qsindex=apsfield-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2135721787-2095726146-1830996637-1002 - {B12CCC10-B7BD-48A9-A848-59D20AC3B3FC} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8tag=hp-uk3-vsb-21link%5Fcode=qsindex=apsfield-keywords={searchTerms}
FF DefaultSearchEngine: WebSearch
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchoholic.info/?pid=20495r=2015/01/02hid=13195443392972036237lg=ENcc=PLunqvl=72l=1q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: WebSearch
FF SelectedSearchEngine,S: WebSearch
CHR Extension: (Uniseaoles) - C:\ProgramData\kklbdllheemkkaokofnkhcfhfaicckfe\ [2013-10-31]
CHR HKLM-x32\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx [Not Found]
S3 EagleX64; \\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 mdareDriver_52; \\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_52.sys [X]
2015-01-05 12:35 - 2014-12-05 17:14 - 00001342 _____ () C:\WINDOWS\Tasks\AP.job
2015-01-05 12:35 - 2014-12-05 17:13 - 00001346 _____ () C:\WINDOWS\Tasks\FYEI.job
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Radu5) #3

Fixlog.txt - http://wklej.org/id/1585465/

 

Nowe logi:

- Addition.txt - http://wklej.org/id/1585467/

 

Reklam już tych nie ma :slight_smile: dziękuję ślicznie :slight_smile:


(Acorus) #4

Skasuj folder C:\FRST