Wyskakujace reklamy i dziwne procesy

Pokal16 · 13 Luty 2010 14:39

Witam,mam problem z wyskakujacymi reklamami w firefoxie i mam kilka dziwnych procesow np questservice. LOG z OTL http://wklej.org/id/278815/ Prosze o sprawdzenie.

deFco247 · 13 Luty 2010 15:05

W białe dolne okno Custom Scans/Fixes w OTL wklej:

:Processes Explorer.EXE :OTL PRC - [2010-01-29 20:14:20 | 000,058,744 | ---- | M] () – C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice121.exe PRC - [2010-01-29 20:14:20 | 000,058,744 | ---- | M] () – C:\Program Files\QuestService\questservice.exe MOD - [2010-01-29 20:14:14 | 000,589,824 | ---- | M] () – C:\Program Files\QuestService\questservice.dll SRV - [2010-01-29 20:14:20 | 000,058,744 | ---- | M] () [Auto | Running] – C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice121.exe – (QuestService Service) IE - HKU\S-1-5-21-1202660629-362288127-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mykeysearch.com FF - prefs.js…extensions.enabledItems: {8141440E-08F0-4339-9959-5C31C6A69F23}:4.2.0.5360 FF - prefs.js…extensions.enabledItems: 6 FF - prefs.js…extensions.enabledItems: 2 FF - prefs.js…extensions.enabledItems: 44 FF - prefs.js…extensions.enabledItems: {E889F097-B0BE-471B-89AD-B86B6F04B506}:4.2.0.2050 FF - prefs.js…extensions.enabledItems: {E63605FC-D583-4C81-867F-9457BDB3EA1B}:4.2.0.2150 FF - HKLM\software\mozilla\Firefox\extensions\{E63605FC-D583-4C81-867F-9457BDB3EA1B}: C:\Program Files\Web Search Operator\4.2.0.2150\FF [2009-12-29 15:58:10 | 000,000,000 | —D | M] FF - HKLM\software\mozilla\Firefox\extensions\{8141440E-08F0-4339-9959-5C31C6A69F23}: C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF [2009-12-29 15:58:19 | 000,000,000 | —D | M] FF - HKLM\software\mozilla\Firefox\extensions\{E889F097-B0BE-471B-89AD-B86B6F04B506}: C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF [2009-12-29 15:58:28 | 000,000,000 | —D | M] [2010-01-30 04:31:00 | 000,000,000 | —D | M] (QuestService) – C:\Program Files\Mozilla Firefox\extensions{AAF6454A-4000-4015-84C1-6CD844C06B19} [2009-12-29 16:00:16 | 000,002,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\questservice112.xml [2009-12-29 16:05:05 | 000,002,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\questservice113.xml [2010-01-30 04:31:00 | 000,002,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\questservice121.xml O2 - BHO: (Automated Content Enhancer) - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEIEAddOn.dll () O2 - BHO: (Customized Platform Advancer) - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPAIEAddOn.dll () O2 - BHO: (Content Management Wizard) - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll () O2 - BHO: (Textual Content Provider) - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.2.0.2040\TCPIE.dll () O2 - BHO: (Web Search Operator) - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.2.0.2150\WSO.dll () O3 - HKU\S-1-5-21-1202660629-362288127-839522115-1004…\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found. O3 - HKU\S-1-5-21-1202660629-362288127-839522115-1004…\Toolbar\WebBrowser: (no name) - {D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - No CLSID value found. :Reg [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2] :Files C:\Documents and Settings\All Users\Dane aplikacji\QuestService C:\Program Files\QuestService C:\Program Files\Web Search Operator C:\Program Files\Automated Content Enhancer C:\Program Files\Customized Platform Advancer C:\Program Files\Content Management Wizard C:\Program Files\Textual Content Provider C:\Program Files\DoubleD :Commands [emptytemp] [start explorer]

Run Fix. Restart, jeśli będzie potrzebny.

Potem log z usuwania oraz nowy log robiony opcją Run Scan.

Pokal16 · 17 Luty 2010 18:24

Log z OTL http://wklej.org/id/281024/ Prosze o sprawdzenie.

deFco247 · 17 Luty 2010 20:48

Widzę, że się nie śpieszysz w wstawianiem logów…

W logu już nic nie widać niczego poważnego.

W OTL wklej:

Run Fix , następnie klikasz CleanUp.

Wykonaj pełny skan Malwarebytes’ Anti-Malware - znalezione obiekty usuń.

Gdy będą wirusy pokaż raport po usuwaniu.

Wyczyść rejestr i dysk CCleaner oraz wyłącz nim zbędniki z autostartu (Narzędzia -> Autostart).

No i zaktualizuj system do stanu Service Pack 3.