Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

adf.ly - uruchomienie automatyczne przegladarki

mmisial 15 Lis 2016 19:08 339 5
  • #1 15 Lis 2016 19:08
    mmisial
    Poziom 7  

    Witam,
    od pewnego czasu po włączeniu PC, uruchamia mi się automatycznie przeglądarka z adresem: adf.ly/.....
    Przeskanowałem komputer Malwarebytes Anti-Malware nic nie dało.
    Oto zestawienie moich logów z FRST64, proszę o sprawdzenie.

    0 5
  • #2 15 Lis 2016 19:20
    ziom.z.kuzawy
    Poziom 12  

    A w panel sterowania-narzędzia admnistracyjne-konfiguracja systemu-usługi/uruchamianie coś odznaczałeś?

    0
  • Pomocny post
    #3 15 Lis 2016 19:45
    Acorus 20
    Spec od komputerów

    Odinstaluj AVG PC TuneUp 2015. Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {031778A9-737B-49E7-B5B0-4AC88D6C805E} - System32\Tasks\{90A93DCB-1C53-4CF9-9C44-391C96AA1675} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&ver=7.24.0.104&LastError=-9
    Task: {196DE9A5-D7E7-4680-9C9E-5BFD8DC45FB8} - System32\Tasks\{51C5EAC2-F649-4826-9534-D6B04DC5624A} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=-3
    Task: {1B60EB8E-0F9E-4A41-A6EF-35FFF6A19BFC} - System32\Tasks\{AAC23CB3-0C6B-4860-9518-6ACD71F0F37F} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.24.0.104&LastError=-3
    Task: {213F5AAD-EBDF-4850-AD6A-2F9505E7F833} - System32\Tasks\{25EA2422-6E98-491F-8604-8DFF878C2832} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&ver=7.26.0.101&LastError=-9
    Task: {3280003B-2016-4391-B507-A9BA5819564C} - System32\Tasks\{327322CF-9841-4D1D-B85F-4FE32B3B3D59} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.24.0.104&LastError=-3
    Task: {4310BF94-A737-4F2B-8393-049F12474E36} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-06-29] (AVG Technologies)
    Task: {4CE72E88-4158-4BF1-B62F-F59D86CEE78F} - System32\Tasks\{95335426-62B0-4B19-9ACF-4288DB2DE421} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&ver=7.24.0.104&LastError=-9
    Task: {54D8B304-844B-48AD-A78F-87108118E21F} - System32\Tasks\{C3813E4A-4C45-4173-A6F5-3F4E9816C3BB} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&ver=7.24.0.104&LastError=-9
    Task: {78FA1FCA-815C-4D2F-B7D6-2178F0907B0C} - System32\Tasks\{43A946AC-8934-46B4-886B-EF04A22147F2} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&ver=7.24.0.104&LastError=-9




    Task: {A4BCD05A-FE03-4E36-B5BC-B532FD61B68A} - System32\Tasks\{DAE5170B-1949-4679-9E6E-14F16E2214A3} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&ver=7.24.0.104&LastError=-9
    Task: {A923E97B-C47D-416B-8A71-578221538CD2} - System32\Tasks\{DD28F761-B0BA-4E85-93FA-7C012C49BF05} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&ver=7.24.0.104&LastError=-9
    Task: {F4E3A667-9854-4651-ADAA-05BC82484C08} - System32\Tasks\{A2727D1C-8AC9-4C08-A82C-9ACDC9623AD8} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&ver=7.24.0.104&LastError=-9
    Task: {F5CE94F7-9B6C-4ECC-9A22-6CEE655D87A7} - System32\Tasks\OInstall => C:\Windows\OInstall.exe
    Task: {F9D4A195-461B-4AD9-813D-C3CF21CC813D} - System32\Tasks\{F0F1304D-B7A6-44B6-B4EB-24C8AD04BD63} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&ver=7.24.0.104&LastError=-9
    Task: {FCE20148-80AF-4B98-B9FB-9FD30B98FA79} - System32\Tasks\{50D00FB1-B11A-4BF9-8E0E-4AD56196C9CF} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&ver=7.26.0.101&LastError=-9
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-3663045963-1964984990-312143119-1000\...\Policies\Explorer: []
    HKU\S-1-5-21-3663045963-1964984990-312143119-1000\...\MountPoints2: {ad72459c-fdc5-11e5-9150-e03f490facab} - J:\setup.exe
    IFEO\connect.service.contentservice.admin.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\finecmd.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\visio.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\more.url -> URL: hxxp://adf.ly/pRzv6
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> Brak pliku
    Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - Brak pliku
    CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    2016-10-24 07:28 - 2016-05-22 20:24 - 00000000 ____D C:\AdwCleaner
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.

    0
  • Pomocny post
    #4 15 Lis 2016 19:49
    krzychupar
    Poziom 40  

    Odinstaluj :
    AVG PC TuneUp 2015

    Otwórz notatnik systemowy i wklej:
    HKLM-x32\...\Run: [] => [X]
    HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
    HKU\S-1-5-21-3663045963-1964984990-312143119-1000\...\Policies\Explorer: [NoResolveSearch] 1
    HKU\S-1-5-21-3663045963-1964984990-312143119-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
    HKU\S-1-5-21-3663045963-1964984990-312143119-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
    HKU\S-1-5-21-3663045963-1964984990-312143119-1000\...\Policies\Explorer: []
    HKU\S-1-5-21-3663045963-1964984990-312143119-1000\...\MountPoints2: {ad72459c-fdc5-11e5-9150-e03f490facab} - J:\setup.exe
    IFEO\connect.service.contentservice.admin.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\finecmd.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\visio.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> Brak pliku
    InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\more.url -> URL: hxxp://adf.ly/pRzv6
    Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - Brak pliku
    Handler: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Brak pliku
    Handler: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Brak pliku
    Handler: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Brak pliku
    Handler: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Brak pliku
    Handler: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Brak pliku
    Handler: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Brak pliku
    FF NewTab: Mozilla\Firefox\Profiles\t8hsrqrz.default-1467033017265 -> hxxps://www.google.pl/?gws_rd=ssl
    hxxp://natemat.pl/
    CHR HomePage: Profile 1 -> hxxp://www.blogger.com/%7Chxxp://gmail.com
    CHR StartupUrls: Profile 1 -> "hxxps://mail.google.com/mail/u/0/?shva=1#inbox","hxxps://www.blogger.com/blogger.g?blogID=475006477515196328&pli=1#allposts","hxxp://minikowo.blogspot.com/","hxxps://picasaweb.google.com/home","hxxps://www.facebook.com/"
    CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2970424 2015-06-29] (AVG Technologies)
    R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #5 15 Lis 2016 22:39
    mmisial
    Poziom 7  

    Dziękuję za rozwiązanie problemu.

    0
  • #6 15 Lis 2016 22:56
    RADU23
    Moderator - Komputery Serwis

    Usuń folder C:\FRST i to wszystko.

    0