Zmienia stronę startową i wyskakują reklamy

stelmi · 8 Styczeń 2010 18:23

Witam,

przepraszam, ze zakładam identyczny temat, ale sprawa dotyczy innego komputera, a problem jest taki sam. Mianowicie pomimo zmiany strony startowej na google po pewnym czasie zmienia się na bytesearch, a oprócz tego wyskakują kolejne okna przeglądarki z reklamami itp

LOGi:

http://www.wklejto.pl/52962

http://www.wklejto.pl/52963

deFco247 · 8 Styczeń 2010 18:42

W białe dolne okno Custom Scans/Fixes w OTL wklej:

:Processes Explorer.EXE :OTL PRC - [2009/08/14 07:50:47 | 00,090,112 | ---- | M] () – C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.2.21960\stbappHelper.exe PRC - [2009/08/14 07:50:19 | 00,868,352 | ---- | M] () – C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.2.21960\stbsvc.exe PRC - [2009/08/14 07:49:34 | 00,602,112 | ---- | M] () – C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.2.21960\stbapp.exe PRC - [2008/06/12 16:57:18 | 00,991,584 | ---- | M] (Vendio Services, Inc.) – C:\Program Files\Search Settings\SearchSettings.exe IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain … &bmod=FUJD IE - HKLM…\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.) IE - HKCU…\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.) IE - HKCU…\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.) FF - prefs.js…browser.search.defaultenginename: “Ask” FF - prefs.js…browser.search.order.1: “Ask” FF - prefs.js…browser.search.selectedEngine: “Ask” FF - prefs.js…extensions.enabledItems: {872A1C39-DF0B-4c8b-AD84-12BA24A3B781}:4.2.2.0 FF - prefs.js…extensions.enabledItems: {0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}:1.5.5.900 FF - prefs.js…extensions.enabledItems: {2224E955-00E9-4613-A844-CE69FCCAAE91}:3.6.3.4500 FF - prefs.js…extensions.enabledItems: {7AB6D133-2A14-4C11-B3AD-35B1548D38F9}:1.0 FF - prefs.js…keyword.URL: “http://toolbar.ask.com/toolbarv/askRedirect?o=101757&gct=&gc=1&q=” FF - HKLM\software\mozilla\Firefox\Extensions\{872A1C39-DF0B-4c8b-AD84-12BA24A3B781}: C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.2.21960\FFToolbar [2009/08/24 07:17:13 | 00,000,000 | —D | M] FF - HKLM\software\mozilla\Firefox\Extensions\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF [2009/08/24 07:17:26 | 00,000,000 | —D | M] FF - HKLM\software\mozilla\Firefox\Extensions\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\1.5.5.900\FF [2009/08/24 07:17:33 | 00,000,000 | —D | M] [2009/03/20 16:55:46 | 00,000,682 | ---- | M] () – C:\Users\Pawel i Kasia\AppData\Roaming\Mozilla\Firefox\Profiles\q4fpx2c0.default\searchplugins\ask.xml [2009/11/10 10:32:40 | 00,000,000 | —D | M] (Wyyo) – C:\Program Files\Mozilla Firefox\extensions{0CA8283E-056B-40D7-A343-83C84105CE78} [2009/11/04 10:33:07 | 00,000,000 | —D | M] (Sukoku) – C:\Program Files\Mozilla Firefox\extensions{7AB6D133-2A14-4C11-B3AD-35B1548D38F9} [2009/08/26 10:21:48 | 00,002,381 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\sukoku115.xml [2009/10/01 10:05:03 | 00,002,381 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\sukoku119.xml [2009/10/23 06:37:03 | 00,002,381 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\sukoku123.xml [2009/11/04 10:33:07 | 00,002,381 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\sukoku125.xml [2009/04/04 10:07:59 | 00,002,372 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wyyo129.xml [2009/07/30 10:09:27 | 00,002,372 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wyyo137.xml [2009/11/10 10:26:37 | 00,002,372 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wyyo139.xml [2009/11/10 10:32:41 | 00,002,372 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wyyo155.xml O2 - BHO: (Media Access Startup) - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.5.900\HPIEAddOn.dll () O2 - BHO: (NP Helper Class) - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.6.3.4500\NPIEAddOn.dll () O2 - BHO: (DealioBHO Class) - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll (Vendio Services, Inc.) O2 - BHO: (&Helper) - {A77D3539-581D-450C-9E44-A84C415A6172} - C:\Windows\System32\msxmlm.dll () O2 - BHO: (System Search Dispatcher) - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.3.5.960\ssd.dll () O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.) O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (GamingHarbor Toolbar) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.2.21960\stb0.dll () O3 - HKLM…\Toolbar: (Dealio) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll (Vendio Services, Inc.) O3 - HKLM…\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.) O3 - HKCU…\Toolbar\WebBrowser: (GamingHarbor Toolbar) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.2.21960\stb0.dll () O3 - HKCU…\Toolbar\WebBrowser: (Dealio) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll (Vendio Services, Inc.) O3 - HKCU…\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.) O4 - HKLM…\Run: [] File not found O4 - HKLM…\Run: [au] C:\Program Files\Dealio\DealioAU.exe (Vendio Services, Inc.) O4 - HKCU…\Run: [smileyApp] C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.2.21960\stbapp.exe () O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\Pawel i Kasia\AppData\LocalLow\Dealio\kb127\res\DealioSearch.html () O9 - Extra Button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll (Vendio Services, Inc.) O9 - Extra ‘Tools’ menuitem : Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll (Vendio Services, Inc.) O32 - AutoRun File - [2009/04/24 23:21:25 | 00,000,399 | RHS- | M] () - C:\autorun.inf – [NTFS] :Services Wyyo Service Sukoku Service NVCScheduler :Files C:\Program Files\Dealio C:\Program Files\DoubleD C:\Program Files\Internet Saving Optimizer C:\Program Files\Media Access Startup C:\Program Files\Search Settings C:\Program Files\SGPSA :Commands [emptytemp] [start explorer]

Run Fix. Restart, jeśli będzie potrzebny.

Potem log z usuwania oraz nowy log robiony opcją Run Scan.