Wyskakujące reklamy w nowych kartach google chrome

Dla specjalistów Bezpieczeństwo
#1

Witam

#2

Odinstaluj Whilokii 1.0.0,Mobogenie,PC Speed Maximizer v3.1,SupTab,

Tibia MULTI-ip changer,tuto4pc_pl_17,tuto4pc_pl_20,WinZipper,DAEMON Tools Lite Packages,Update for Mipony Download Manager,Lollipop,Mipony Download Manager Packages.Użyj AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/ z funkcji Skan(Szukaj) a następnie Clean(usuń) (w przypadku Visty/Windows7 uruchom z prawokliku jako Administrator).

Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.

Uruchom FRST i kliknij Scan. Pokaż raport FRST i Addition.

#3

Oto wynik z AdwCleaner : http://wklej.org/id/1353199/

#4

Otwórz Notatnik i wklej:

Task: {83DE2DA4-F3D2-4286-998E-75E7C238983E} - System32\Tasks\SmartPCFix Task = C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe [2013-06-10] (smartpcfix.com) ==== ATTENTION
Task: {C9408B1B-4405-4BC0-9B89-E8E37D39EF35} - \DigitalSite No Task File ==== ATTENTION
Task: {E056068D-B285-45FA-BA39-A4EDE05555C6} - \EPUpdater No Task File ==== ATTENTION
Task: C:\Windows\Tasks\SmartPCFix Task.job = C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe ==== ATTENTION
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\Run: [Tok-Cirrhatus-2652] = "C:\Users\Toshiba\AppData\Local\br6327on.exe"
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\Run: [Tok-Cirrhatus] = [X]
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\Run: [WindowsServices] = C:\Users\Toshiba\AppData\Roaming\service.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\Run: [spoolsv32] = "C:\Windows\system32\javaw.exe" -jar "C:\Users\Toshiba\AppData\Roaming\Win32\spoolsv32.jar"
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: F - F:\LGAutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: H - explorer.exe http://www.drei.at/inside3
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {05a6a7cf-c1ee-11e0-8bf8-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {146374cf-4624-11e3-b605-00266c68593b} - J:\LGAutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {20414693-6ede-11e2-be7c-00266c68593b} - H:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {21f62b95-1a6d-11e1-a439-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {40855472-3ab8-11e0-8c67-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {440822e0-b763-11e0-8a29-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {440822ef-b763-11e0-8a29-00266c68593b} - G:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {4fabdc80-b762-11e0-a9b4-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {5c2fb062-6efb-11e2-ad16-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {7866cd5c-ca6d-11e0-94d4-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {8e1076af-ee64-11df-a490-00266c68593b} - G:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {91963dac-b6e4-11e0-a23e-00266c68593b} - G:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {91963dc7-b6e4-11e0-a23e-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {92d61184-bcd9-11df-ba39-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {9b941e42-bd24-11df-ba41-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {9eaa0b64-8bed-11e3-a739-00266c68593b} - explorer.exe http://www.drei.at/inside3
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {a4bfdbe7-cc82-11e2-a6ab-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {ad2894bf-c9bb-11e0-9575-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {bb1245a1-c8ed-11e0-ab72-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {c3e4d32a-c5a1-11df-88db-00266c68593b} - F:\USBAutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {c5a609eb-c0ea-11e0-b52f-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {c5a609ef-c0ea-11e0-b52f-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {c5e6fdbc-ca6b-11e0-a02f-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {d26381d3-ca4d-11e0-9f47-00266c68593b} - G:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {e4bc1f4e-bcd8-11df-a21d-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {e94cbac6-cf06-11e0-b6c8-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {eb8d1b40-b6e8-11e0-a7f4-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {ebb0f80b-89cb-11e3-8305-00266c68593b} - explorer.exe http://www.drei.at/inside3
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {ec0194af-c9bc-11e0-9fc2-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {ec0194c9-c9bc-11e0-9fc2-00266c68593b} - F:\AutoRun.exe
HKU\S-1-5-21-3322185647-3728636149-2410453221-1000\...\MountPoints2: {ec0194f0-c9bc-11e0-9fc2-00266c68593b} - F:\AutoRun.exe
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - URL http://www.searchgol.com/?q={searchTerms}babsrc=SP_ss_Btisdt7mntrId=6C9C582C80137FD7affID=121828tsp=5024
SearchScopes: HKCU - 6E8509EC85E44A85AC08712F7B37BDE2 URL = http://search.softonic.com/MON00085/tb_v1?q={searchTerms}SearchSource=4cc=
CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Toshiba\AppData\Local\newhb2.crx [2013-10-20]
CHR HKCU\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Toshiba\AppData\Local\newhb2.crx [2013-10-20]
CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Toshiba\AppData\Local\newhb2.crx [2013-10-20]
CHR HKLM-x32\...\Chrome\Extension: [dljhohhmfjfhgfhpgkfefjoojfobodhn] - C:\Program Files (x86)\Whilokii\dljhohhmfjfhgfhpgkfefjoojfobodhn.crx [2013-10-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
2014-05-06 11:09 - 2014-05-06 11:11 - 00000000 ____ D () C:\AdwCleaner
2014-05-06 11:14 - 2013-06-14 14:31 - 00000380 _____ () C:\Windows\Tasks\SmartPCFix Task.job
2014-05-06 11:04 - 2014-05-06 11:04 - 00003128 _____ () C:\Windows\System32\Tasks\{877483C4-20FE-4F9C-AD74-F3284F52247A}
2014-04-13 02:12 - 2014-04-13 02:12 - 00903288 _____ () C:\Users\Toshiba\Downloads\yet_another_cleaner_bro (2).exe
2014-04-12 11:24 - 2014-04-12 11:24 - 00903288 _____ () C:\Users\Toshiba\Downloads\yet_another_cleaner_bro (1).exe
2014-04-11 12:14 - 2014-04-11 12:14 - 00903288 _____ () C:\Users\Toshiba\Downloads\yet_another_cleaner_bro.exe

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST

#5

http://wklej.org/id/1354157/ tutaj jest fixlog.txt teraz zrobić nowy scan frst ?

#6

Otwórz Notatnik i wklej:

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {FC8FC57D-205F-49FC-AF05-EF51889447FD} URL =

Uruchom FRST i kliknij w Fix.

Skasuj folder C:\FRST

Użyj http://www.bleepingcomputer.com/download/tfc/ (uruchom TFC i kliknij Start).

#7

zapisać to w notatniku jako fixlist ? czy jak ?

#8

TFC już Ci śmieci usunął.To wszystko. 

#9

aha a jeszcze jedna sprawa http://wklej.org/id/1354244/ tutaj mam listę programów z dodaj usuń programy mógłbyś mi powiedzieć co z tego jest nie potrzebne i mogę usunąć ? dodam że nie używam office’a i nero

#10

Sam musisz wiedzieć co Ci jest potrzebne.Za dużo nie masz programów.

Zainstaluj aktualizacje do programow wskazanych przez Security Check

#11

 Results of screen317’s Security Check version 0.99.82  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 11  

Antivirus/Firewall Check:

  Windows Security Center service is not running! This report may not be accurate!

 WMI entry may not exist for antivirus; attempting automatic update.

Anti-malware/Other Utilities Check:

 Java 6 Update 17  

  Java version out of Date!

 Adobe Flash Player 10 Flash Player out of Date!

 Adobe Reader 9 Adobe Reader out of Date!

 Google Chrome 34.0.1847.116  

 Google Chrome 34.0.1847.131  

Process Check: objlist.exe by Laurent

 AVAST Software Avast AvastSvc.exe  

 AVAST Software Avast AvastUI.exe  

System Health check

 Total Fragmentation on Drive C:  

````````````````````End of Log``````````````````````

#12

Odinstaluj Java™ 6 Update 17, Adobe Flash Player 10,Adobe Reader 9.

Zainstaluj:

http://www.java.com/pl/download/windows_offline.jsp

http://get.adobe.com/pl/flashplayer/

FoxitReader http://ninite.com/foxit/

#13

a podpowiesz jakiś darmowy dobry antywirus bo za 20 dni kończy mi się avast

#14

Możesz go dalej używać.