revolver1990 Δημοσ. 6 Μαρτίου 2013 Δημοσ. 6 Μαρτίου 2013 Δεν ξέρω αν είναι το σωστο section για να ανοίξω το θέμα μου...αλλά όπως καταλάβατε και από τον τίτλο σήμερα το πρωί μετά από ένα setup αρχείο στο οποίο μου εμφάνισε error προς το τέλος της εγκατάστασης κόλλησα μάλλον κάποιο spyware αφού αμέσως μετά όταν μπήκα στο firefox και τον chrome μου άνοιξε την search bar "websearch.pu-results.info" . Επίσης, όταν πατάω search στην πάνω γραμμή αναζήτησης μου βγάζει την "Fast address bar". Αμέσως, έκανα scan με malwarebytes και AVG ...βρήκαν 4-5 Infections τα διέγραψα και μετά έκανα restart.Όμως μετά πάλι τα ίδια .Διέγραψα από το program data οτι ήταν σχετικό,προσπάθησα μέσω των ρυθμίσεων των brownsers να κάνω αλλαγές αλλά τίποτα.Το πιο παράξενο από όλα έιναι ότι στον task manager δεν εμφανίζεται κάποιο περίεργο exe όπως επίσης και τα search engines δεν μπορώ να τα διαγράψω αφού στο control panel δεν φαίνεται να έχει εγκατασταθεί κάτι .Υπάρχει κάποια λύση ή δεν το γλυτώνω το format? ευχαριστώ προκαταβολικά.
Gtr34 Δημοσ. 6 Μαρτίου 2013 Δημοσ. 6 Μαρτίου 2013 Δοκίμασε να τρέξεις avg και malwarebytes σε safe mode αν δεν το έχεις κάνει Αν το πρόβλημα παραμένει κατέβασε και τρέξε το Site: https://support.kaspersky.com/4162">kaspersky rescue disk
revolver1990 Δημοσ. 6 Μαρτίου 2013 Μέλος Δημοσ. 6 Μαρτίου 2013 Logfile of Trend Micro HijackThis v2.0.4Scan saved at 8:03:48 μμ, on 6/3/2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Windows\PLFSetI.exe C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files (x86)\Ginger\GingerClient.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Ginger\GingerServices\GingerServices.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\sysWow64\SearchProtocolHost.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0408&m=aspire_7736&r=273607122406l0498z135t4411h210 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0408&m=aspire_7736&r=273607122406l0498z135t4411h210 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;127.0.0.1;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Ginger Grammar & Spell Checker - {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - C:\Program Files (x86)\Ginger\GingerIEAddin\adxloader.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IB Updater Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Βοηθός εισόδου του Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [F-Secure Hoster (666)] "C:\Program Files (x86)\F-Secure\fshoster32.exe" -app -hosterid:1 O4 - HKCU\..\Run: [EPSON SX130 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE /FU "C:\Windows\TEMP\E_S95BD.tmp" /EF "HKCU" O4 - HKCU\..\Run: [batteryCare] C:\Program Files (x86)\BatteryCare\BatteryCare.exe O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: Ginger.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O9 - Extra button: Προσθήκη στο ιστολόγιο - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Προσθήκη στο ιστολόγιο στο Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - (no CLSID) - (no file) O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - (no CLSID) - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~2\browse~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASO3DiskOptimizer - Systweak Inc., (www.systweak.com) - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\fshoster32.exe O23 - Service: GingerUpdateService - Ginger Software - C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Υπηρεσία Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Υπηρεσία Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: IB Updater - Unknown owner - C:\Program Files\IB Updater\ExtensionUpdaterService.exe O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Realtek11nCU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 17001 bytes Το Log από το hijackthis .Να πώ επίσης ότι το είχα τρέξει και πριν.Είχε βρεί ένα αρχείο "websearch" το οποίο και διέγραψα. Έχω βάλει και το Kaspersky rescue disk να κατεβαίνει
thomasG4 Δημοσ. 6 Μαρτίου 2013 Δημοσ. 6 Μαρτίου 2013 Για αρχή σβήσε το Ο20 στο HijackThis Bεβαιώσου ότι στον Firefox και Chrome δεν υπάρχει κανένα περίεργο add-on και τρέξε αυτό. http://www.softpedia.com/get/Antivirus/Removal-Tools/AdwCleaner.shtml Πάτα delete και μετά οκ(θα κάνει αυτόματα επανεκκίνηση ο υπολογιστής).
revolver1990 Δημοσ. 6 Μαρτίου 2013 Μέλος Δημοσ. 6 Μαρτίου 2013 # AdwCleaner v2.114 - Logfile created 03/06/2013 at 20:24:24# Updated 05/03/2013 by Xplode # Operating system : Windows 7 Home Premium (64 bits) # User : USER - USER-PC # Boot Mode : Normal # Running from : C:\Users\USER.USER-PC\Downloads\AdwCleaner.exe # Option [search] ***** [services] ***** Found : IB Updater Found : IBUpdaterService ***** [Files / Folders] ***** File Found : C:\END Folder Found : C:\Program Files (x86)\Babylon Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\[email protected] Folder Found : C:\Program Files (x86)\TornTV.com Folder Found : C:\Program Files\Babylon Folder Found : C:\Program Files\IB Updater Folder Found : C:\ProgramData\Babylon Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon Folder Found : C:\ProgramData\Partner Folder Found : C:\Users\USER.USER-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Folder Found : C:\Users\USER.USER-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Folder Found : C:\Users\USER.USER-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf Folder Found : C:\Windows\SysWOW64\WNLT ***** [Registry] ***** Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\sprote~1.dll Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\websea~1\sprote~1.dll Key Found : HKCU\Software\1ClickDownload Key Found : HKCU\Software\APN PIP Key Found : HKCU\Software\AppDataLow\SProtector Key Found : HKCU\Software\Babylon Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\IM Key Found : HKCU\Software\ImInstaller Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} Key Found : HKCU\Software\PIP Key Found : HKCU\Software\Softonic Key Found : HKCU\Software\WNLT Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Key Found : HKLM\Software\Babylon Key Found : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48} Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A} Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Found : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\BabylonTC.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL Key Found : HKLM\SOFTWARE\Classes\BabyDict Key Found : HKLM\SOFTWARE\Classes\BabyGloss Key Found : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho Key Found : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1 Key Found : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin Key Found : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1 Key Found : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication Key Found : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication.1 Key Found : HKLM\SOFTWARE\Classes\BabyOptFile Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1 Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\TypeLib\{0C2E529C-A82C-4AC6-8807-0B51F7AD7BB2} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5} Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\IB Updater Key Found : HKLM\Software\Iminent Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe Key Found : HKLM\Software\PIP Key Found : HKLM\Software\SP Global Key Found : HKLM\Software\SProtector Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7} Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Babylon Key Found : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Found : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020} Key Found : HKLM\SOFTWARE\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904} Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Found : HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A} Key Found : HKLM\SOFTWARE\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7} Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT Key Found : HKU\S-1-5-21-3319840058-4247031729-2382313007-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Found : HKU\S-1-5-21-3319840058-4247031729-2382313007-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.pu-results.info/?pid=377&r=2013/03/06&hid=268972518&lg=EN&cc=GR -\\ Mozilla Firefox v19.0 (en-US) -\\ Google Chrome v25.0.1364.152 -\\ Opera v12.1.1532.0 ************************* AdwCleaner[R1].txt - [8867 octets] - [06/03/2013 20:24:24] ########## EOF - C:\AdwCleaner[R1].txt - [8927 octets] ########## Να και το log file από το adwcleaner.....κάτω κάτω αναφέρει το websearch.pu-results.info στον IE ....any ideas? Τα Babylon και torn tv τα έιχα κάνει delete παλιότερα. Επίσης, στο hijackthis διέγραψα το συγκεκριμένο κομμάτι αλλά όταν ξανακάνω scan μου το ξαναεμφανίζει.....weird things happen Edit # AdwCleaner v2.114 - Logfile created 03/06/2013 at 20:32:54# Updated 05/03/2013 by Xplode # Operating system : Windows 7 Home Premium (64 bits) # User : USER - USER-PC # Boot Mode : Normal # Running from : C:\Users\USER.USER-PC\Downloads\AdwCleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\END Folder Deleted : C:\Program Files (x86)\Babylon Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\[email protected] Folder Deleted : C:\Program Files (x86)\TornTV.com Folder Deleted : C:\Program Files\Babylon Folder Deleted : C:\Program Files\IB Updater Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon Folder Deleted : C:\ProgramData\Partner Folder Deleted : C:\Users\USER.USER-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Folder Deleted : C:\Users\USER.USER-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Folder Deleted : C:\Users\USER.USER-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf Folder Deleted : C:\Windows\SysWOW64\WNLT ***** [Registry] ***** Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\sprote~1.dll Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\websea~1\sprote~1.dll Key Deleted : HKCU\Software\1ClickDownload Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\AppDataLow\SProtector Key Deleted : HKCU\Software\Babylon Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} Key Deleted : HKCU\Software\PIP Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\WNLT Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonTC.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL Key Deleted : HKLM\SOFTWARE\Classes\BabyDict Key Deleted : HKLM\SOFTWARE\Classes\BabyGloss Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1 Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1 Key Deleted : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication Key Deleted : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication.1 Key Deleted : HKLM\SOFTWARE\Classes\BabyOptFile Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0C2E529C-A82C-4AC6-8807-0B51F7AD7BB2} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5} Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\IB Updater Key Deleted : HKLM\Software\Iminent Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478} Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe Key Deleted : HKLM\Software\PIP Key Deleted : HKLM\Software\SP Global Key Deleted : HKLM\Software\SProtector Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Babylon Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7} Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16457 Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.pu-results.info/?pid=377&r=2013/03/06&hid=268972518&lg=EN&cc=GR --> hxxp://www.google.com -\\ Mozilla Firefox v19.0 (en-US) -\\ Google Chrome v25.0.1364.152 -\\ Opera v12.1.1532.0 ************************* AdwCleaner[R1].txt - [8970 octets] - [06/03/2013 20:24:24] AdwCleaner[R2].txt - [9043 octets] - [06/03/2013 20:32:18] AdwCleaner[s1].txt - [381 octets] - [06/03/2013 20:28:16] AdwCleaner[s2].txt - [8850 octets] - [06/03/2013 20:32:54] ########## EOF - C:\AdwCleaner[s2].txt - [8910 octets] ########## Μετά το restart τα ίδια πάλι .....καμιά άλλη λύση πριν το boot του rescue disk?
Trigger Happy Δημοσ. 6 Μαρτίου 2013 Δημοσ. 6 Μαρτίου 2013 αν σου κάνει... http://blog.teesupport.com/the-best-way-to-remove-httpwebsearch-pu-results-info-get-rid-of-websearch-pu-results-info-hijacker/
thomasG4 Δημοσ. 6 Μαρτίου 2013 Δημοσ. 6 Μαρτίου 2013 Κάνε και μια απεγκατάσταση τους browser με το revouninstaller. Μετά λογικά δεν θα έχεις θέμα γιατί το adwcleaner διέγραψε τα αρχεία που σχετίζονται με το websearch.
revolver1990 Δημοσ. 7 Μαρτίου 2013 Μέλος Δημοσ. 7 Μαρτίου 2013 (επεξεργασμένο) Πάντως, έκανα το kasperksy rescue disk και δεν μου βρήκε κανα threat που να σχετίζεται με το wesearch...έχω καθαρίσει ή να φοβάμαι ακόμα? edit Εκτέλεσα το revouninstaller και προς έκπληξη μου υπήρχαν install files των websearch ....οπότε πήγα και τα διέγραψα...Δεν μπορούσαν να διαγραφούν γιατί έλειπαν κάποια αρχεία(προφανώς αφού τα είχα διαγράψει πιο πριν) και διεγράψε και κάποια keys στο registry.....Ελπίζω να τα ξεφορτώθηκα μια και καλή...Πάντως τώρα οι brownsers μετα την επανεγκατάσταση τους δουλέυουν οκ Επεξ/σία 7 Μαρτίου 2013 από revolver1990
Προτεινόμενες αναρτήσεις
Δημιουργήστε ένα λογαριασμό ή συνδεθείτε για να σχολιάσετε
Πρέπει να είστε μέλος για να αφήσετε σχόλιο
Δημιουργία λογαριασμού
Εγγραφείτε με νέο λογαριασμό στην κοινότητα μας. Είναι πανεύκολο!
Δημιουργία νέου λογαριασμούΣύνδεση
Έχετε ήδη λογαριασμό; Συνδεθείτε εδώ.
Συνδεθείτε τώρα