Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek dla www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Złośliwe reklamy które nie dają żyć

07 Mar 2015 10:35 1197 6
  • Poziom 5  
    Witam, otóż ostatnio zaczęło coś mi się dziać z przeglądarkami. Mam to zarówno na chrome jak i na operze.. Włączają mi się wszędzie reklamy, po bokach na dole na górze, w nowych zakladkach, oraz jak chce coś kliknąć to pojawia mi się taki pasek.. Ale to dołącze w obrazkach.. Bardzo proszę o pomoc gdyz jest to bardzo bardzo uciążliwe

  • Poziom 25  
    Pewnie dolinstalowałes jakiś "kwiatek" razem z uTorrentem (ostatnio popularne) lub innym porgramem. Zobacz bo te ADS-y dodają sie jako programy oraz dodatki do przeglądarek.
  • Poziom 5  
    czyli co zrobić

  • Poziom 25  
    Poszukać programów które nie były zainstalowane a dodały sie same (podczas instalacji innego), oraz to samo z wtyczkami do przeglądarki.
  • Poziom 27  
    Przeskanuj też komputer programem AdwCleaner.
    W wielu przypadkach to pomaga.
  • Spec od komputerów
    Dlaczego uzywasz stare wersji FRST?

    Odinstaluj:
    DigiHelp (HKLM\...\DigiHelp) (Version: 2014.12.20.222149 - DigiHelp)
    omiga-plus uninstall (HKLM-x32\...\omiga-plus uninstall) (Version: - omiga-plus) <==== ATTENTION
    Yahoo! Search (HKCU\...\Yahoo! Search) (Version: - Pay-By-Ads) <==== ATTENTION

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    Task: {3F4C7081-455D-4C6A-BFB4-8B893FFE3EF6} - System32\Tasks\Yahoo! Search Updater => C:\Users\Marta\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrsetup.exe [2015-03-06] (Pay By Ads LTD) <==== ATTENTION
    Task: {C355E6D5-F546-4FE3-9E67-D0D200068A71} - System32\Tasks\Yahoo! Search => C:\Users\Marta\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe [2015-03-06] (Pay By Ads LTD) <==== ATTENTION
    Task: {F00EAEF0-148D-4973-AC0A-402448D4DDDE} - \{F1251034-BC8C-46CB-ABBB-93156EEC59BE} No Task File <==== ATTENTION
    (Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
    (Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
    () C:\Program Files (x86)\SupTab\HpUI.exe
    () C:\Program Files (x86)\SupTab\Loader64.exe
    () C:\Program Files (x86)\SupTab\Loader32.exe
    () C:\Program Files (x86)\DigiHelp\bin\utilDigiHelp.exe
    () C:\Program Files (x86)\DigiHelp\bin\DigiHelp.BrowserAdapter.exe
    () C:\Program Files (x86)\DigiHelp\bin\DigiHelp.BrowserAdapter64.exe
    (Pay By Ads LTD) C:\Users\Marta\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe
    () C:\Program Files (x86)\DigiHelp\updateDigiHelp.exe
    () C:\Program Files (x86)\DigiHelp\bin\DigiHelp.PurBrowse64.exe
    () C:\Program Files (x86)\DigiHelp\bin\DigiHelp.expext.exe
    () C:\Program Files (x86)\DigiHelp\bin\DigiHelp.BOASHelper.exe
    () C:\Program Files (x86)\DigiHelp\bin\DigiHelp.BOASPRT.exe
    () C:\Program Files (x86)\DigiHelp\bin\DigiHelp.BOAS.exe
    HKU\S-1-5-21-3957174522-2695829177-1136211248-1001\...\Run: [Yahoo! Search] => C:\Users\Marta\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe [644816 2015-03-06] (Pay By Ads LTD)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simple.com/?affID=na
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts...d=WDCXWD5000LPVX-22V0TT0_WD-WXC1A34S7014S7014
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&am...D5000LPVX-22V0TT0_WD-WXC1A34S7014S7014&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts...d=WDCXWD5000LPVX-22V0TT0_WD-WXC1A34S7014S7014
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts...d=WDCXWD5000LPVX-22V0TT0_WD-WXC1A34S7014S7014
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&am...D5000LPVX-22V0TT0_WD-WXC1A34S7014S7014&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&am...D5000LPVX-22V0TT0_WD-WXC1A34S7014S7014&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts...d=WDCXWD5000LPVX-22V0TT0_WD-WXC1A34S7014S7014
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts...d=WDCXWD5000LPVX-22V0TT0_WD-WXC1A34S7014S7014
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&am...D5000LPVX-22V0TT0_WD-WXC1A34S7014S7014&q={searchTerms}
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts...d=WDCXWD5000LPVX-22V0TT0_WD-WXC1A34S7014S7014
    SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&am...D5000LPVX-22V0TT0_WD-WXC1A34S7014S7014&q={searchTerms}
    SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&am...D5000LPVX-22V0TT0_WD-WXC1A34S7014S7014&q={searchTerms}
    SearchScopes: HKLM - {735F07CE-A7B0-4FAD-B7B0-83E663141032} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
    SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&am...D5000LPVX-22V0TT0_WD-WXC1A34S7014S7014&q={searchTerms}
    SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&am...D5000LPVX-22V0TT0_WD-WXC1A34S7014S7014&q={searchTerms}
    SearchScopes: HKLM-x32 - {735F07CE-A7B0-4FAD-B7B0-83E663141032} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
    SearchScopes: HKCU - DefaultScope {735F07CE-A7B0-4FAD-B7B0-83E663141032} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
    SearchScopes: HKCU - {2B1D533A-3748-43BF-B184-85B37CA8DC7F} URL = http://q.search-simple.com/?affID=na&q={searchTerms}&r=77
    SearchScopes: HKCU - {735F07CE-A7B0-4FAD-B7B0-83E663141032} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
    BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
    BHO-x32: DigiHelp 1.0.0.7 -> {5bee7be9-df29-4c14-a18e-2bdd06205e29} -> C:\Program Files (x86)\DigiHelp\DigiHelpBHO.dll (DigiHelp)
    Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts...d=WDCXWD5000LPVX-22V0TT0_WD-WXC1A34S7014S7014
    CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=616_pr__alt__ddc_dsssyc_bd_com"
    CHR StartupUrls: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=616_pr__alt__ddc_dsssyc_bd_com"
    CHR DefaultSearchKeyword: Default -> yahoo.com
    CHR DefaultNewTabURL: Default -> http://search.yahoo.com/?fr=hp-ddc-bd-tab&type=616_pr__alt__ddc_dsssyctab_bd_com
    CHR Extension: (DigiHelp) - C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\Extensions\abojnnglfjmhgfmjdocddcdnomajnhjp [2014-12-22]
    CHR Extension: (Ask Search) - C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [2015-01-08]
    R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-12-20] (Cherished Technololgy LIMITED)
    R2 Update DigiHelp; C:\Program Files (x86)\DigiHelp\updateDigiHelp.exe [408296 2015-03-06] ()
    R2 Util DigiHelp; C:\Program Files (x86)\DigiHelp\bin\utilDigiHelp.exe [408296 2015-03-06] ()
    R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485888 2014-12-20] (Fuyu LIMITED) [File not signed]
    R1 {2b4f8230-394e-4951-9495-bafd44d837da}Gw64; C:\Windows\System32\drivers\{2b4f8230-394e-4951-9495-bafd44d837da}Gw64.sys [48776 2014-12-27] (StdLib)
    R1 {34cccceb-a541-48ac-a26b-92818f06439d}Gw64; C:\Windows\System32\drivers\{34cccceb-a541-48ac-a26b-92818f06439d}Gw64.sys [48776 2015-01-02] (StdLib)
    R1 {8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw64; C:\Windows\System32\drivers\{8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw64.sys [48776 2014-12-21] (StdLib)
    R1 {97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw64; C:\Windows\System32\drivers\{97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw64.sys [48776 2014-12-23] (StdLib)
    R1 {993baf86-643c-42e9-95e5-094f337533f0}Gw64; C:\Windows\System32\drivers\{993baf86-643c-42e9-95e5-094f337533f0}Gw64.sys [48776 2014-12-20] (StdLib)
    R1 {9eaa49e2-6918-49c4-9a04-be590dd80dc6}Gw64; C:\Windows\System32\drivers\{9eaa49e2-6918-49c4-9a04-be590dd80dc6}Gw64.sys [48776 2015-01-05] (StdLib)
    2015-03-06 23:40 - 2015-03-06 23:40 - 00003492 _____ () C:\Windows\System32\Tasks\Yahoo! Search Updater
    2015-03-06 23:40 - 2015-03-06 23:40 - 00003488 _____ () C:\Windows\System32\Tasks\Yahoo! Search
    2015-03-06 23:40 - 2015-03-06 23:40 - 00000000 ____D () C:\Users\Marta\AppData\Local\Pay-By-Ads
    2015-03-06 23:41 - 2014-12-20 23:52 - 00000000 ____D () C:\Program Files (x86)\DigiHelp
    EmptyTemp:

    W FRST wybierz Fix.

    Zrob pelny skan przy pomocy Mbam i usun to co wykryje:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/


    Daj w zalaczniku NOWE logi z NOWEJ wersji FRST (Frst.txt oraz Addition.txt):
    http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/