Zawirusowany komputer.Pełno niechcianych programów

Mwalimu · 2 Lipiec 2014 11:30

Witam. Ostatnio używam laptopa brata ciotecznego. Jest na nim pełno programów typu Fix My Registry. Mimo posiadania Ad Blocka często pojawiają się wyskakujące okienka oraz reklamy. Używałem już kilku antywirusów, np. Hitman Pro, Malwarebytes, jednak żaden nie pomógł. Komputer nie jest mój więc proszę o pomoc na forum. Tutaj jest log z OTL, proszę o sprawdzenie oraz pomoc:http://www.wklej.org/id/1407384/ oraz Extras http://www.wklej.org/id/1407388/

Atis · 2 Lipiec 2014 12:38

W panelu sterowania odinstaluj:

TakeeTheCuOuapon

SaveNewaAppz

RandomPricE

surf auND keEp

grEaTsaveR

IsaviEr

DefaultTab

FixMyRegistry

IePluginService12.27.0.3326

iVIDI Plugin 1.3

Media View

Media Watch

nationzoom Browser newtab extension

SupTab

Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.

Pobierz Farbar Recovery Scan Tool 64-Bit Version

Uruchom FRST i kliknij Scan. Pokaż raport FRST i Addition.

Acorus · 2 Lipiec 2014 12:43

Odinstaluj SaveNewaAppz,surf auND keEp,grEaTsaveR,DefaultTab,FixMyRegistry,IePluginService12.27.0.3326,iVIDI Plugin 1.3,Media View,Media Watch,Plus-HD-4.9,SupTab.Pobierz i uruchom AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Szukaj i później Usuń.

Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.

Uruchom FRST i kliknij Scan. Pokaż raport FRST i Addition.

Mwalimu · 2 Lipiec 2014 15:32

FRST:http://www.wklej.org/id/1407593/ Addition:http://www.wklej.org/id/1407595/

Acorus · 2 Lipiec 2014 16:20

Otwórz Notatnik i wklej:

Task: {4220FBE0-918B-4C4D-90F5-B8FD0E0C13D0} - System32\Tasks\Razer_Game_Booster_AutoUpdate = C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe ==== ATTENTION
Task: {5077E7ED-E2F7-47CA-B8ED-01A84174F5CB} - \Plus-HD-4.9-chromeinstaller No Task File ==== ATTENTION
Task: {5B99BAA0-3342-4D07-9A13-3A3929CEAAE2} - \Plus-HD-4.9-codedownloader No Task File ==== ATTENTION
Task: {6757AE2E-F46B-4C2E-908F-527BB4E7F5C1} - \FoxTab No Task File ==== ATTENTION
Task: {6E7ED64B-A178-4BB8-A3F2-49679DB56D51} - \Plus-HD-4.9-enabler No Task File ==== ATTENTION
Task: {7AAC55EB-947C-4483-8548-23CB4E046669} - \Plus-HD-4.9-firefoxinstaller No Task File ==== ATTENTION
Task: {9D019116-AA85-4ADD-AB0C-52BAC39C663E} - \Plus-HD-4.9-updater No Task File ==== ATTENTION
Task: {A1707B6E-D7FD-47C3-91C7-0BC54B4C27F7} - \EPUpdater No Task File ==== ATTENTION
AppInit_DLLs-x32: c:\progra~3\inteli~1\inteli~1.dll = "c:\progra~3\inteli~1\inteli~1.dll" File Not Found
AppInit_DLLs-x32: c:\progra~2\gsb779~1.ena = "c:\progra~2\gsb779~1.ena" File Not Found
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {B3F07D21-3424-4B08-ACD6-62760A2FB3E7} URL = http://www.gsrch.com/#q={searchTerms}
BHO: TakeeTheCuOuapon - {88627B22-7F01-A81C-D2A7-857D1220E986} - C:\ProgramData\TakeeTheCuOuapon\w9labF2j.x64.dll No File
BHO: RemoavEADsTube - {88EA519D-5DAB-567C-A9E1-15FD79B52EBD} - C:\ProgramData\RemoavEADsTube\MIGODfJco8.x64.dll ()
BHO: grEaTsaveR - {A74B748F-EBB4-A1E0-DE5F-9D1269AF6E45} - C:\Program Files (x86)\grEaTsaveR\Y.x64.dll No File
BHO: BBeestiSavEForrYou - {E9AA772E-6EAB-F5A8-FFD8-F246F993031F} - C:\ProgramData\BBeestiSavEForrYou\L_QMLRv.x64.dll No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
FF Extension: RemoavEADsTube - C:\Users\Remintener\AppData\Roaming\Mozilla\Firefox\Profiles\a3xq8q6b.default\Extensions\qokrkt_h@ijg-iyiqwj.com [2014-02-11]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home812.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home812\ff
FF Extension: No Name - C:\Users\Remintener\AppData\Roaming\Mozilla\Firefox\Profiles\a3xq8q6b.default\extensions\lightningnewtab@gmail.com.xpi []
CHR Extension: (RemoavEADsTube) - C:\Users\Remintener\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmhaokpgngkhdbdefjnlekghdniodnlh [2014-01-31]
CHR HKLM-x32\...\Chrome\Extension: [okoacgcofjacbllebfkmmbaeochckcaa] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home812\ch\MediaWatchV1home812.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
S3 EagleX64; \\C:\Windows\system32\drivers\EagleX64.sys [X]
2014-07-02 12:46 - 2014-07-02 17:19 - 00000000 ____ D () C:\AdwCleaner
C:\Users\Oliwia\AppData\Local\Temp\*.exe
C:\Users\Remintener\AppData\Local\Temp\*.dll

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.