FreeSoftToday - logi do sprawdzenia

Polon013 · 30 Stycznia 2014

Witam.

Mój kolega ma problem z freesofttoday - coś ściagną i zaisntalowało się z tym syfem.

Ciągle wyskakują mu reklamy i ogólnie zamułka...

Prosiłbym o sprawdzenie logów. Niestety teraz dopiero zajrzałem, że jest wymagany jeszcze gmer :/ mam tylko otl.

Oto one:

http://wklej.org/id/1256846/

http://wklej.org/id/1256848/

Pomożecie?

Z góry dzięki.

Kolobos · 31 Stycznia 2014

Odinstaluj:
McAfee Security Scan Plus
SweetIM for Messenger 3.7
Update Manager for SweetPacks 1.1
Ashampoo PO Toolbar
DAEMON Tools Toolbar
DealPly
fst_pl_30
IB Updater Service

Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun:
http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Wykonaj skrypt w OTL:

:OTL
PRC - [2014-01-30 09:15:29 | 000,103,200 | ---- | M] () -- C:Program Files (x86)SquirrelWebupdateSquirrelWeb.exe
PRC - [2014-01-30 08:42:23 | 000,103,200 | ---- | M] () -- C:Program Files (x86)SquirrelWebbinutilSquirrelWeb.exe
PRC - [2014-01-06 17:30:02 | 001,015,088 | ---- | M] () -- C:WindowsSysWOW64jmdpstij.exe
PRC - [2014-01-02 13:17:00 | 004,001,224 | ---- | M] () -- C:Program Files (x86)fst_pl_30fst_pl_30.exe
PRC - [2014-01-02 13:17:00 | 003,153,904 | ---- | M] () -- C:UsersMaciekAppDataLocalfst_pl_30upfst_pl_30.exe
PRC - [2012-08-15 18:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:Program Files (x86)SweetIMCommunicatorSweetPacksUpdateManager.exe
PRC - [2012-05-29 14:50:04 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:Program Files (x86)SweetIMMessengerSweetIM.exe
SRV:64bit: - [2013-12-29 11:12:40 | 001,833,776 | ---- | M] () [Auto | Running] -- C:WindowsSysNativedmwu.exe -- (IBUpdaterService)
SRV - [2014-01-30 09:15:29 | 000,103,200 | ---- | M] () [Auto | Running] -- C:Program Files (x86)SquirrelWebupdateSquirrelWeb.exe -- (Update SquirrelWeb)
SRV - [2014-01-30 08:42:23 | 000,103,200 | ---- | M] () [Auto | Running] -- C:Program Files (x86)SquirrelWebbinutilSquirrelWeb.exe -- (Util SquirrelWeb)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:Program FilesEnigma Software GroupSpyHunteresgiguard.sys -- (esgiguard)
IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://home.sweetim.com/?crg=3.26010003&st=12&barid={8C59726A-BD32-46C0-8E01-B616B0F3424F}
IE - HKLM..URLSearchHook: {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:Program Files (x86)Ashampoo_POprxtbAsh2.dll (Conduit Ltd.)
IE - HKLM..SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={8C59726A-BD32-46C0-8E01-B616B0F3424F}
IE - HKUS-1-5-21-255627737-1717443034-2057343401-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2481033&CUI=UN14932999986992327
IE - HKUS-1-5-21-255627737-1717443034-2057343401-1000..URLSearchHook: {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:Program Files (x86)Ashampoo_POprxtbAsh2.dll (Conduit Ltd.)
IE - HKUS-1-5-21-255627737-1717443034-2057343401-1000..SearchScopes,DefaultScope = {5F53DF1C-95E0-4088-8604-A45878E57380}
IE - HKUS-1-5-21-255627737-1717443034-2057343401-1000..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKUS-1-5-21-255627737-1717443034-2057343401-1000..SearchScopes{078FB664-DF98-4a60-A268-ADDF0F9E41FF}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
IE - HKUS-1-5-21-255627737-1717443034-2057343401-1000..SearchScopes{5F53DF1C-95E0-4088-8604-A45878E57380}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481033
IE - HKUS-1-5-21-255627737-1717443034-2057343401-1000..SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid=&&st=23
CHR - Extension: DealPly = C:UsersMaciekAppDataLocalGoogleChromeUser DataDefaultExtensionsgaiilaahiahdejapggenmdmafpmbipje3.0.7.2_0
CHR - Extension: DealPly = C:UsersMaciekAppDataLocalGoogleChromeUser DataDefaultExtensionsgaiilaahiahdejapggenmdmafpmbipje3.0.7.2_1
CHR - Extension: DealPly = C:UsersMaciekAppDataLocalGoogleChromeUser DataDefaultExtensionsgaiilaahiahdejapggenmdmafpmbipje3.8.0.0_0
CHR - Extension: DealPly = C:UsersMaciekAppDataLocalGoogleChromeUser DataDefaultExtensionsgaiilaahiahdejapggenmdmafpmbipje3.9.7.0_0
CHR - Extension: DealPly = C:UsersMaciekAppDataLocalGoogleChromeUser DataDefaultExtensionsgaiilaahiahdejapggenmdmafpmbipje3.9.7.9_0
CHR - Extension: SquirrelWeb = C:UsersMaciekAppDataLocalGoogleChromeUser DataDefaultExtensionsgdnafjfahbdfphihncgadbegiaebehio1.0.0_0
CHR - Extension: SquirrelWeb = C:UsersMaciekAppDataLocalGoogleChromeUser DataDefaultExtensionsgdnafjfahbdfphihncgadbegiaebehio1.0.0_1
CHR - Extension: SquirrelWeb = C:UsersMaciekAppDataLocalGoogleChromeUser DataDefaultExtensionsgdnafjfahbdfphihncgadbegiaebehio1.0.0_2
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:Program Files (x86)DealPlyDealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Ashampoo PO Toolbar) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:Program Files (x86)Ashampoo_POprxtbAsh2.dll (Conduit Ltd.)
O2 - BHO: (SquirrelWeb) - {dd86af49-1ef1-4532-89f7-41eda1dbbe6d} - C:Program Files (x86)SquirrelWebSquirrelWebbho.dll (SquirrelWeb)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:Program Files (x86)SweetIMToolbarsInternet ExplorermgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM..Toolbar: (Ashampoo PO Toolbar) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:Program Files (x86)Ashampoo_POprxtbAsh2.dll (Conduit Ltd.)
O3 - HKLM..Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:Program Files (x86)SweetIMToolbarsInternet ExplorermgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKUS-1-5-21-255627737-1717443034-2057343401-1000..ToolbarWebBrowser: (Ashampoo PO Toolbar) - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - C:Program Files (x86)Ashampoo_POprxtbAsh2.dll (Conduit Ltd.)
O4 - HKLM..Run: [fst_pl_30] C:Program Files (x86)fst_pl_30fst_pl_30.exe ()
O4 - HKLM..Run: [mobilegeni daemon] C:Program Files (x86)MobogenieDaemonProcess.exe File not found
O4 - HKLM..Run: [sweetIM] C:Program Files (x86)SweetIMMessengerSweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..Run: [sweetpacks Communicator] C:Program Files (x86)SweetIMCommunicatorSweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKUS-1-5-21-255627737-1717443034-2057343401-1000..Run: [backgroundContainer] C:UsersMaciekAppDataLocalConduitBackgroundContainerBackgroundContainer.dll (Conduit Ltd.)
O4 - HKUS-1-5-21-255627737-1717443034-2057343401-1000..Run: [NextLive] C:UsersMaciekAppDataRoamingnewnext.menengine.dll (NewNextDotMe)
O4 - HKLM..RunOnce: [upfst_pl_30.exe] C:UsersMaciekAppDataLocalfst_pl_30upfst_pl_30.exe ()
O4 - HKUS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe File not found
O4 - HKUS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe File not found
O4 - HKUS-1-5-21-255627737-1717443034-2057343401-1001..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1)
O33 - MountPoints2{81bc2622-90a9-11e2-8615-f46d0490c4bf}Shell - "" = AutoRun
O33 - MountPoints2{81bc2622-90a9-11e2-8615-f46d0490c4bf}ShellAutoRuncommand - "" = C:Windowssystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:index.html
[2014-01-24 17:03:59 | 000,000,000 | ---D | C] -- C:Program FilesEnigma Software Group
[2014-01-18 14:37:56 | 000,000,000 | ---D | C] -- C:Program Files (x86)predm
[2014-01-18 14:37:29 | 000,000,000 | ---D | C] -- C:Program Files (x86)SquirrelWeb
[2014-01-11 10:20:40 | 000,000,000 | ---D | C] -- C:UsersMaciekAppDataLocalfst_pl_30
[2014-01-11 10:20:40 | 000,000,000 | ---D | C] -- C:Program Files (x86)fst_pl_30
[2014-01-11 10:20:40 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsFREESOFTTODAY
[2014-01-11 10:20:12 | 000,000,000 | ---D | C] -- C:UsersMaciek.android
[2014-01-11 10:20:11 | 000,000,000 | ---D | C] -- C:UsersMaciekAppDataLocalcache
[2014-01-11 10:20:10 | 000,000,000 | ---D | C] -- C:UsersMaciekAppDataRoamingnewnext.me
[2014-01-11 10:20:10 | 000,000,000 | ---D | C] -- C:UsersMaciekDocumentsMobogenie
[2014-01-11 10:20:10 | 000,000,000 | ---D | C] -- C:UsersMaciekAppDataLocalMobogenie
[2014-01-11 10:20:10 | 000,000,000 | ---D | C] -- C:UsersMaciekAppDataLocalgenienext
[2014-01-11 10:19:46 | 000,000,000 | ---D | C] -- C:Program Files (x86)Mobogenie
[2014-01-08 17:55:52 | 000,000,000 | ---D | C] -- C:WindowsSysNativeljkb
[2014-01-08 17:55:52 | 000,000,000 | ---D | C] -- C:WindowsSysWow64jmdp
[2014-01-21 19:31:16 | 000,000,104 | ---- | M] () -- C:UsersMaciekAppDataRoamingWB.CFG
[2014-01-11 10:32:24 | 000,001,062 | ---- | C] () -- C:UsersMaciekDesktopContinue AnySend Installation.lnk
[2014-01-11 10:20:18 | 000,001,072 | ---- | C] () -- C:UsersMaciekDesktopContinue AnyProtect Installation.lnk
[2013-03-12 19:31:34 | 000,000,000 | ---D | M] -- C:UsersMaciekAppDataRoamingDealPly
[2014-01-30 19:25:12 | 000,000,000 | ---D | M] -- C:UsersMaciekAppDataRoamingnewnext.me

Zaloguj się

FreeSoftToday - logi do sprawdzenia

Rekomendowane odpowiedzi

Polon013

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi

Udostępnij na innych stronach

Kolobos

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi

Udostępnij na innych stronach

Dołącz do dyskusji

Przeglądaj

Cała aktywność