AVG, chrome tollbar, hosts i inne dziadostwa

Dla specjalistów Bezpieczeństwo
#1

Witam, mam problemy z wyżej wymienionymi spyware, ccleaner i ręczne odinstalowanie nie pomaga.

Logi otl: http://www.wklej.org/hash/d956c3c48b0/

 

extras http://wklej.org/hash/5687246086d/

#2

W panelu sterowania odinstaluj:

AVG PC TuneUp 2014 jeśli nie zainstalowałeś tego celowo.

Web Cake 3.00

AnyProtect

DownLite

hosts

metaCrawler

Norton Security Scan

RegClean Pro

Search-Gol Chrome Toolbar

SiteFinder

VO Package

Qtrax Player

Update for Image Editor

UpdateChecker

Qtrax Connection Manager

SaveSense

Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.

Pobierz Farbar Recovery Scan Tool 64-Bit Version

Uruchom FRST i kliknij Scan. Pokaż raport FRST i Addition.

Uruchom OTL i kliknij Nic. Wklej do OTL i kliknij Skanuj:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

Pokaż ten log.

#3

Proszę

Adittion: http://wklej.org/id/1396775/

 

OTL: http://wklej.org/hash/59f19bd7732/

#4

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

(http://www.tinydm.com/) C:\Users\pc\AppData\Local\DM\TinyDM.exe
HKU\S-1-5-21-3318214099-297545766-2559101377-1000\...\Run: [Tiny download manager] => C:\Users\pc\AppData\Local\DM\TinyDM.exe [288728 2014-04-27] (http://www.tinydm.com/)
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {AFB3D263-5FE5-4A56-AD86-FBAEF0745099} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=55BDB4B3-4927-45F0-BCB5-18A08DD6DDAC&apn_sauid=F0A4F8F1-6A27-4CAD-82DA-B731C66C6782
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
CHR HKLM\...\Chrome\Extension: [kcendgajlhoaiiccpijilcpmgphfflnj] - C:\Users\pc\AppData\Local\newhb.crx [2013-08-01]
CHR HKCU\...\Chrome\Extension: [kcendgajlhoaiiccpijilcpmgphfflnj] - C:\Users\pc\AppData\Local\newhb.crx [2013-08-01]
CHR HKLM-x32\...\Chrome\Extension: [kcendgajlhoaiiccpijilcpmgphfflnj] - C:\Users\pc\AppData\Local\newhb.crx [2013-08-01]
S2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [X]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [X]
S2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [X]
S2 vToolbarUpdater17.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [X]
S2 ZeroConfigService; "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" [X]
S1 bcuqvwis; \??\C:\Windows\system32\drivers\bcuqvwis.sys [X]
C:\AdwCleaner
C:\Users\pc\Desktop\Wyczyść rejestr za darmo!.lnk
C:\ProgramData\Norton
C:\Users\pc\Downloads\CCleaner(13061).exe
C:\Users\pc\AppData\Local\Temp\*.exe
C:\Users\pc\AppData\Local\Temp\*.dll
C:\Users\pc\AppData\Local\DM
Task: {49D29D78-8855-4AF2-B1FA-C7F013DED816} - \RegClean Pro No Task File <==== ATTENTION
Task: {5019DE2D-581E-4300-AEE9-65D4F08A7F07} - \DSite No Task File <==== ATTENTION
Task: {56BF06E1-EEEF-4EBE-B4CC-1952C9377E44} - System32\Tasks\4392 => Wscript.exe C:\Users\pc\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {5BD46C79-0C4F-434E-B00D-BA30E882FB8A} - \QtraxPlayer No Task File <==== ATTENTION
Task: {9B9D249E-40B2-40DF-974A-DC26D468B00C} - \SaveSenseLiveUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {9DE569F9-44AE-430D-8F8E-81D6E382711C} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {A19C5014-CB07-42CB-8214-D09FFF25059C} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {A91821D3-84D4-409C-84A7-F0D067AF4F00} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {AADEE710-DBC9-4C58-B86E-65844B22C667} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: {C0B492EE-79A1-4BE0-BEB5-8835D88F0B0E} - \EPUpdater No Task File <==== ATTENTION
Task: {C5E727E4-FA99-4372-AB0B-50E143D59376} - \SaveSenseLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {CA40A7E1-A823-4432-9E8B-55C1EBBF57D1} - \BitGuard No Task File <==== ATTENTION
Task: {DCC387C2-73C5-4EEC-AA90-E9B80F0E3D79} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {E2729472-B8E9-4733-87DD-976F17A3A59A} - \APSnotifierPP3 No Task File <==== ATTENTION

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

#5

Fixlog : http://wklej.org/hash/f3f316eeed7/

 

FRST: http://wklej.org/hash/298276ae9dc/

#6

Skasuj folder C:\FRST

Usuń stare punkty przywracania: Aby usunąć wszystkie punkty przywracania

Dysk przeskanuj Malwarebytes Anti-Malware

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

http://wstaw.org/m/2014/03/25/2014-03-25_123039.png

Język PL > Settings > General Settings > Language > Polish

Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK

Odinstaluj:

Adobe Flash Player 13 ActiveX

Adobe Flash Player 13 Plugin

Adobe Shockwave Player 12.0

Java 7 Update 21

Java 7 Update 55

Zainstaluj:

Java 7 Update 60

Flash Player 14.0.0.125 Internet Explorer i Plugin-based browsers

#7

Wielkie dzięki!!