Jak w tytule, z tym że to nie mój komputer tylko koleżanki.
Oto logi:
Przeczytaj temat nowy log obowiązkowy.
W panelu sterowania odinstaluj Framed Display i WeatherBlink Internet Explorer Toolbar.
Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [fst_pl_166] => [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 - {597b1823-7ff0-4cd3-8095-9d8cba514992} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XN^xdm246^YYA^pl&si=CH_WEAT_INTL_POL_258&ptb=44598190-A3A0-4922-A517-55E3FADC34C5&psa=&ind=2014061808&st=sb&n=780c24f0&searchfor={searchTerms}
SearchScopes: HKCU - {04DBBB6D-4F8C-4AF8-9DE5-1C4BC44E6056} URL =
SearchScopes: HKCU - {597b1823-7ff0-4cd3-8095-9d8cba514992} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XN^xdm246^YYA^pl&si=CH_WEAT_INTL_POL_258&ptb=44598190-A3A0-4922-A517-55E3FADC34C5&psa=&ind=2014061808&st=sb&n=780c24f0&searchfor={searchTerms}
BHO-x32: Framed Display -> {05b5ef3f-4c6a-426e-b77e-48ebb3e721f1} -> C:\Program Files (x86)\Framed Display\FramedDisplaybho.dll (Framed Display)
CHR Extension: (Framed Display) - C:\Users\Jolanta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gagcbogmgkaogoadfcoicjdojbmkegao [2014-10-07]
R2 Update Framed Display; C:\Program Files (x86)\Framed Display\updateFramedDisplay.exe [523512 2014-10-21] ()
R2 Util Framed Display; C:\Program Files (x86)\Framed Display\bin\utilFramedDisplay.exe [523512 2014-10-21] ()
R1 {7012eec1-4f37-42d4-a2cd-26727494d248}Gw64; C:\Windows\System32\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys [48792 2014-10-11] (StdLib)
R1 {e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64; C:\Windows\System32\drivers\{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64.sys [48792 2014-10-05] (StdLib)
S2 SPDRIVER_1.37.0.202; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.sys [X]
C:\Windows\System32\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys
C:\Windows\System32\drivers\{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64.sys
C:\Program Files (x86)\Framed Display
C:\Users\Jolanta\Downloads\setup.exe
C:\Users\Jolanta\Downloads\uTorrent(13270)-dp.exe
C:\Users\Jolanta\Downloads\AdwCleaner.exe
C:\Users\Jolanta\Downloads\RemoteAdministrator_downloader-I0CSOhYSO.exe
C:\AdwCleaner
Task: {0318E7EE-004C-4F9F-A129-68C3E4378B73} - \aeb72fb8-9cd0-4140-8976-13d9595577ee-5 No Task File <==== ATTENTION
Task: {09319D5E-D4D6-4C51-A33D-A917DC88630B} - \1bae8c22-25f7-4a6a-92c6-74ba3c556f52-5 No Task File <==== ATTENTION
Task: {0DACBBDF-8F71-4E4A-8FF6-78333F53FB33} - \0d86c470-191d-4395-bef9-225c3ff3fbb4-5 No Task File <==== ATTENTION
Task: {0F35379B-3CBD-468A-BFC8-0A98C061C6F6} - \0c552eb1-f3ab-4d2d-95ae-0921fc11def2-5 No Task File <==== ATTENTION
Task: {11D26972-7B74-45C6-B879-3F5A974D7F6D} - \ce8e0b0b-2b3e-4bfd-a530-326a78f1421f-2 No Task File <==== ATTENTION
Task: {12631D0A-97C9-4160-8588-DE4F2B8AEE42} - System32\Tasks\{21ED355E-8217-4069-8DFC-95E0EDC6CCA4} => Iexplore.exe http://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsMain
Task: {15ECE394-828B-4C9C-BC21-03B881E0724B} - \0c552eb1-f3ab-4d2d-95ae-0921fc11def2-6 No Task File <==== ATTENTION
Task: {193A5043-FC21-4E38-90C8-F94F1947B2A8} - \ce8e0b0b-2b3e-4bfd-a530-326a78f1421f-11 No Task File <==== ATTENTION
Task: {2221DB57-4E41-43A9-BCD2-11D8BEB587DD} - \0d86c470-191d-4395-bef9-225c3ff3fbb4-5_user No Task File <==== ATTENTION
Task: {23D8080A-5611-4EBB-9C07-A0F6D2F1C617} - \0c552eb1-f3ab-4d2d-95ae-0921fc11def2-5_user No Task File <==== ATTENTION
Task: {260A36E2-EBC1-4E88-AF91-AF81F34C74C6} - \ce8e0b0b-2b3e-4bfd-a530-326a78f1421f-5 No Task File <==== ATTENTION
Task: {2A61A203-1E17-41C7-A37B-2CAF56FFBA69} - \0c552eb1-f3ab-4d2d-95ae-0921fc11def2-4 No Task File <==== ATTENTION
Task: {3631968B-38D7-4A97-BF8F-AC43A37203A5} - \ce8e0b0b-2b3e-4bfd-a530-326a78f1421f-5_user No Task File <==== ATTENTION
Task: {442CBAF9-13D9-4886-8322-DC2D367692D7} - \0d86c470-191d-4395-bef9-225c3ff3fbb4-4 No Task File <==== ATTENTION
Task: {513834C9-2188-483E-A491-E378878E4B33} - \aeb72fb8-9cd0-4140-8976-13d9595577ee-11 No Task File <==== ATTENTION
Task: {5680F00B-23FA-448A-AD58-69FFCE4F60E1} - \aeb72fb8-9cd0-4140-8976-13d9595577ee-5_user No Task File <==== ATTENTION
Task: {5BB43FCA-4435-41F7-B144-56BA6822E305} - \0d86c470-191d-4395-bef9-225c3ff3fbb4-2 No Task File <==== ATTENTION
Task: {5EA7C014-46F7-4081-B19A-75369C9B0954} - \ce8e0b0b-2b3e-4bfd-a530-326a78f1421f-6 No Task File <==== ATTENTION
Task: {5EC9C319-E927-40E2-BB9A-6C55FA4BB54B} - \aeb72fb8-9cd0-4140-8976-13d9595577ee-7 No Task File <==== ATTENTION
Task: {5F39F35C-751D-4645-873B-A7E289EDA649} - \0d86c470-191d-4395-bef9-225c3ff3fbb4-7 No Task File <==== ATTENTION
Task: {5F3CE91F-8A36-47DC-84AA-901DC609B895} - \aeb72fb8-9cd0-4140-8976-13d9595577ee-1 No Task File <==== ATTENTION
Task: {5F754D73-25DD-4B36-A586-9CC1A3B10910} - \1bae8c22-25f7-4a6a-92c6-74ba3c556f52-4 No Task File <==== ATTENTION
Task: {6397B88E-8BEC-4F51-8EAC-818D9805AAD7} - \1bae8c22-25f7-4a6a-92c6-74ba3c556f52-7 No Task File <==== ATTENTION
Task: {70169576-21F3-43AA-8D2C-F2A9B6307141} - \aeb72fb8-9cd0-4140-8976-13d9595577ee-6 No Task File <==== ATTENTION
Task: {78D5640F-8C09-42FC-8BF2-6DACB08337B0} - \1bae8c22-25f7-4a6a-92c6-74ba3c556f52-5_user No Task File <==== ATTENTION
Task: {894B60A4-4DA4-4AD1-84BA-CD17F2433550} - \0d86c470-191d-4395-bef9-225c3ff3fbb4-6 No Task File <==== ATTENTION
Task: {8E06E8C1-FB0B-4E01-A7C0-5DF2511386A8} - \1bae8c22-25f7-4a6a-92c6-74ba3c556f52-3 No Task File <==== ATTENTION
Task: {92747DE7-4945-4400-B7AA-E4DE3CBAD905} - \ce8e0b0b-2b3e-4bfd-a530-326a78f1421f-1 No Task File <==== ATTENTION
Task: {9FC42AA6-837F-4FEF-869C-DA405D13BAFC} - \aeb72fb8-9cd0-4140-8976-13d9595577ee-4 No Task File <==== ATTENTION
Task: {A23D007A-820B-41C2-93EA-78DC7FCDBB44} - \aeb72fb8-9cd0-4140-8976-13d9595577ee-2 No Task File <==== ATTENTION
Task: {A272940F-F760-4BCB-977B-2401A0A993A0} - System32\Tasks\SPBIW_UpdateTask_Time_323635323031383232392d324a574123346c2a556c2a5a => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0
Task: {A3516932-0D92-4E37-B692-C6FE051BEEC4} - \0d86c470-191d-4395-bef9-225c3ff3fbb4-11 No Task File <==== ATTENTION
Task: {A5050275-2CE4-4A4B-A43A-AA73E15406EA} - \1bae8c22-25f7-4a6a-92c6-74ba3c556f52-6 No Task File <==== ATTENTION
Task: {AB55CDD6-7A81-49B2-8E00-56317A893455} - \1bae8c22-25f7-4a6a-92c6-74ba3c556f52-1 No Task File <==== ATTENTION
Task: {AB774761-CA72-4FAB-AF2E-8FECA4261D9F} - \0c552eb1-f3ab-4d2d-95ae-0921fc11def2-7 No Task File <==== ATTENTION
Task: {B331302C-03C7-4122-8943-0960ED632288} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
C:\PROGRA~1\COMMON~1\System\SysMenu.dll
Task: {B3482707-5DB0-4912-9BA1-E8D49CA75A06} - \0d86c470-191d-4395-bef9-225c3ff3fbb4-1 No Task File <==== ATTENTION
Task: {C63C0242-90B2-4B61-AEC0-9EB09A311CD2} - \0c552eb1-f3ab-4d2d-95ae-0921fc11def2-2 No Task File <==== ATTENTION
Task: {CD54CC92-3257-451B-8526-8312E1F9B77A} - \ce8e0b0b-2b3e-4bfd-a530-326a78f1421f-4 No Task File <==== ATTENTION
Task: {D96B45AD-69E7-407B-85F5-B7785A784CC7} - \1bae8c22-25f7-4a6a-92c6-74ba3c556f52-2 No Task File <==== ATTENTION
Task: {DDB03374-A302-4E63-99AD-8B6E33BCF83D} - \ce8e0b0b-2b3e-4bfd-a530-326a78f1421f-7 No Task File <==== ATTENTION
Task: {DEA08059-019B-4489-BF70-6D27413858D5} - \0c552eb1-f3ab-4d2d-95ae-0921fc11def2-11 No Task File <==== ATTENTION
Task: {E133CBA1-3E0B-4764-8428-3741925C628C} - \0d86c470-191d-4395-bef9-225c3ff3fbb4-3 No Task File <==== ATTENTION
Task: {E7340D5E-4788-458E-9203-5BEEDB405FF5} - \0c552eb1-f3ab-4d2d-95ae-0921fc11def2-1 No Task File <==== ATTENTION
Task: {EA039A2E-726B-4BB2-A764-D662ABA6DB21} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
Task: {F3D5BF52-D205-44C3-8347-9AC1AF09E0D1} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
EmptyTemp:
Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.
Kliknij Scan i pokaż nowy raport z FRST bez Addition.
Skasuj folder C:\FRST
Usuń stare punkty przywracania: Przywracanie systemu i kopie w tle
Dysk przeskanuj Malwarebytes Anti-Malware
Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.
http://wstaw.org/m/2014/03/25/2014-03-25_123039.png
Język PL > Settings > General Settings > Language > Polish
Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK
Odinstaluj Adobe Reader XI i zainstaluj Adobe Reader XI 11.0.9
dalej są reklamy, ale rzadziej.
Żartujesz sobie w ten sposób?
Na stronach są reklamy i to jest normalne, a Ty nie masz żadnego Adblocka.
To nie jest mój komputer. Mówiąc reklamy mam na myśli to że same z siebie się włączają gdy koleżanka nic nie kliknie.
Nie widać żadnej infekcji o ile w międzyczasie nie zainstalowała programów adware.