Удаление вирусов и троянов. Защита компьютера. › Помощь в удалении вирусов, троянов, рекламы и других зловредов › открываются рекламы в гугл хром сами по себе
- This topic has 4 ответа, 2 участника, and was last updated 7 years, 9 months назад by Admin.
-
АвторСообщения
-
2 февраля, 2017 в 5:00 пп #58098
Доброй ночи! Буду благодарен за помощь в битве с рекламой
Вложения:
You must be logged in to view attached files.3 февраля, 2017 в 10:06 пп #58160Здравствуйте, добро пожаловать на Spyware-ru форум.
Запустите программу Блокнот и вставьте в открытое окно следующий текст
CreateRestorePoint: HKU\S-1-5-21-883188782-3003091247-2807528215-1000\...\Run: [oQr15a7CRoxx] => C:\Users\Оля\AppData\Local\Mail.ru\Sputnik\ptls\oQr15a7CRoxx.exe -ptls ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION CHR HKU\S-1-5-21-883188782-3003091247-2807528215-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION Toolbar: HKLM-x32 - Спутник@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll No File Toolbar: HKU\S-1-5-21-883188782-3003091247-2807528215-1000 -> No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File CHR HKLM-x32\...\Chrome\Extension: [cffeojapggfbefkkinncgdkbpalnmfpm] - C:\Program Files (x86)\Crx\cffeojapggfbefkkinncgdkbpalnmfpm_0.0.1.crx [2013-07-28] U3 BcmSqlStartupSvc; no ImagePath U2 CLKMSVC10_3A60B698; no ImagePath U2 CLKMSVC10_C3B3B687; no ImagePath U2 DriverService; no ImagePath U2 iATAgentService; no ImagePath U2 idealife Update Service; no ImagePath U3 IGRS; no ImagePath U2 IviRegMgr; no ImagePath U2 Oasis2Service; no ImagePath U2 PCCarerService; no ImagePath U2 ReadyComm.DirectRouter; no ImagePath U2 RichVideo; no ImagePath U2 RtLedService; no ImagePath U2 SeaPort; no ImagePath U2 SoftwareService; no ImagePath ShortcutWithArgument: C:\Users\Оля\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://rigneda.ru/?utm_source=startlink03&utm_content=adbf052057e305ed7ecce74202676864&utm_term=34E505FA6672F62C1D4457C4CC489BF2&utm_d=20161105" ShortcutWithArgument: C:\Users\Оля\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Вoйти в Интeрнeт (2).lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://rigneda.ru/?utm_source=startlink03&utm_content=adbf052057e305ed7ecce74202676864&utm_term=34E505FA6672F62C1D4457C4CC489BF2&utm_d=20161105" ShortcutWithArgument: C:\Users\Оля\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Вoйти в Интeрнeт.lnk -> C:\Users\Оля\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.exe () -> hxxp://kemanosh.ru/?utm_source=startlink03 EmptyTemp: Reboot:
Сохраните полученный файл в папку где находится программа FRST/FRST64 под именем fixlist
Запустите программу FRST и нажмите кнопку Fix.
Когда программа закончит работу появиться сообщение «Fix completed». Нажмите OK.
Откроется блокнот с содержимым файла fixlog.txt. Вставьте содержимое этого файла в ваш ответ.После этого выполните новую проверку программой FRST (перед нажатием клавиши Scan поставьте галочку в пункте Addition.txt) и оба её лога прикрепите к вашему ответу.
7 февраля, 2017 в 3:07 пп #58251Fix result of Farbar Recovery Scan Tool (x64) Version: 05-02-2017
Ran by Оля (07-02-2017 22:40:34) Run:1
Running from C:\Users\Оля\Downloads
Loaded Profiles: Оля (Available Profiles: Оля)
Boot Mode: Normal
==============================================fixlist content:
*****************
CreateRestorePoint:
HKU\S-1-5-21-883188782-3003091247-2807528215-1000\…\Run: [oQr15a7CRoxx] => C:\Users\Оля\AppData\Local\Mail.ru\Sputnik\ptls\oQr15a7CRoxx.exe -ptls
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction < ======= ATTENTION
CHR HKU\S-1-5-21-883188782-3003091247-2807528215-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Toolbar: HKLM-x32 — Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll No File
Toolbar: HKU\S-1-5-21-883188782-3003091247-2807528215-1000 -> No Name — {09900DE8-1DCA-443F-9243-26FF581438AF} — No File
CHR HKLM-x32\…\Chrome\Extension: [cffeojapggfbefkkinncgdkbpalnmfpm] — C:\Program Files (x86)\Crx\cffeojapggfbefkkinncgdkbpalnmfpm_0.0.1.crx [2013-07-28]
U3 BcmSqlStartupSvc; no ImagePath
U2 CLKMSVC10_3A60B698; no ImagePath
U2 CLKMSVC10_C3B3B687; no ImagePath
U2 DriverService; no ImagePath
U2 iATAgentService; no ImagePath
U2 idealife Update Service; no ImagePath
U3 IGRS; no ImagePath
U2 IviRegMgr; no ImagePath
U2 Oasis2Service; no ImagePath
U2 PCCarerService; no ImagePath
U2 ReadyComm.DirectRouter; no ImagePath
U2 RichVideo; no ImagePath
U2 RtLedService; no ImagePath
U2 SeaPort; no ImagePath
U2 SoftwareService; no ImagePath
ShortcutWithArgument: C:\Users\Оля\AppData\Local\Microsoft\Start Menu\Р’oйти РІ РРЅС‚eСЂРЅeС‚.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> «hxxp://rigneda.ru/?utm_source=startlink03&utm_content=adbf052057e305ed7ecce74202676864&utm_term=34E505FA6672F62C1D4457C4CC489BF2&utm_d=20161105»
ShortcutWithArgument: C:\Users\Оля\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Р’oйти РІ РРЅС‚eСЂРЅeС‚ (2).lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> «hxxp://rigneda.ru/?utm_source=startlink03&utm_content=adbf052057e305ed7ecce74202676864&utm_term=34E505FA6672F62C1D4457C4CC489BF2&utm_d=20161105»
ShortcutWithArgument: C:\Users\Оля\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Р’oйти РІ РРЅС‚eСЂРЅeС‚.lnk -> C:\Users\Оля\AppData\Local\Microsoft\Start Menu\Р’oйти РІ РРЅС‚eСЂРЅeС‚.exe () -> hxxp://kemanosh.ru/?utm_source=startlink03
EmptyTemp:
Reboot:
*****************Error: (0) Failed to create a restore point.
HKU\S-1-5-21-883188782-3003091247-2807528215-1000\Software\Microsoft\Windows\CurrentVersion\Run\\oQr15a7CRoxx => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncBackedUp => key removed successfully
HKCR\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncPending => key removed successfully
HKCR\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncRoot => key removed successfully
HKCR\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncShared => key removed successfully
HKCR\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51} => key not found.
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKU\S-1-5-21-883188782-3003091247-2807528215-1000\SOFTWARE\Policies\Google => key removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{09900DE8-1DCA-443F-9243-26FF581438AF} => value removed successfully
HKCR\Wow6432Node\CLSID\{09900DE8-1DCA-443F-9243-26FF581438AF} => key not found.
HKU\S-1-5-21-883188782-3003091247-2807528215-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{09900DE8-1DCA-443F-9243-26FF581438AF} => value removed successfully
HKCR\CLSID\{09900DE8-1DCA-443F-9243-26FF581438AF} => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cffeojapggfbefkkinncgdkbpalnmfpm => key removed successfully
C:\Program Files (x86)\Crx\cffeojapggfbefkkinncgdkbpalnmfpm_0.0.1.crx => moved successfully
HKLM\System\CurrentControlSet\Services\BcmSqlStartupSvc => key removed successfully
BcmSqlStartupSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\CLKMSVC10_3A60B698 => key removed successfully
CLKMSVC10_3A60B698 => service removed successfully
HKLM\System\CurrentControlSet\Services\CLKMSVC10_C3B3B687 => key removed successfully
CLKMSVC10_C3B3B687 => service removed successfully
HKLM\System\CurrentControlSet\Services\DriverService => key removed successfully
DriverService => service removed successfully
HKLM\System\CurrentControlSet\Services\iATAgentService => key removed successfully
iATAgentService => service removed successfully
HKLM\System\CurrentControlSet\Services\idealife Update Service => key removed successfully
idealife Update Service => service removed successfully
HKLM\System\CurrentControlSet\Services\IGRS => key removed successfully
IGRS => service removed successfully
HKLM\System\CurrentControlSet\Services\IviRegMgr => key removed successfully
IviRegMgr => service removed successfully
HKLM\System\CurrentControlSet\Services\Oasis2Service => key removed successfully
Oasis2Service => service removed successfully
HKLM\System\CurrentControlSet\Services\PCCarerService => key removed successfully
PCCarerService => service removed successfully
HKLM\System\CurrentControlSet\Services\ReadyComm.DirectRouter => key removed successfully
ReadyComm.DirectRouter => service removed successfully
HKLM\System\CurrentControlSet\Services\RichVideo => key removed successfully
RichVideo => service removed successfully
HKLM\System\CurrentControlSet\Services\RtLedService => key removed successfully
RtLedService => service removed successfully
HKLM\System\CurrentControlSet\Services\SeaPort => key removed successfully
SeaPort => service removed successfully
HKLM\System\CurrentControlSet\Services\SoftwareService => key removed successfully
SoftwareService => service removed successfully
C:\Users\Оля\AppData\Local\Microsoft\Start Menu\Р’oйти РІ РРЅС‚eСЂРЅeС‚.lnk => Shortcut argument removed successfully.
C:\Users\Оля\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Р’oйти РІ РРЅС‚eСЂРЅeС‚ (2).lnk => Shortcut argument removed successfully.
C:\Users\Оля\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Р’oйти РІ РРЅС‚eСЂРЅeС‚.lnk => Shortcut argument removed successfully.=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 130927350 B
Java, Flash, Steam htmlcache => 775 B
Windows/system/drivers => 1694469236 B
Edge => 0 B
Chrome => 265443878 B
Firefox => 6961822 B
Opera => 37605317 BTemp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42374871 B
systemprofile32 => 66228 B
LocalService => 0 B
NetworkService => 18532 B
Оля => 3077433413 BRecycleBin => 71809157 B
EmptyTemp: => 5 GB temporary data Removed.================================
The system needed a reboot.
==== End of Fixlog 22:42:12 ====
Вложения:
You must be logged in to view attached files.7 февраля, 2017 в 3:09 пп #58253Addition.txt
Вложения:
You must be logged in to view attached files.9 февраля, 2017 в 12:53 дп #58342Как сейчас работает компьютер, есть ли проблемы с рекламой ?
-
АвторСообщения
- Для ответа в этой теме необходимо авторизоваться.