ove
(Aleksandra Ciechowicz)
8 Styczeń 2013 15:29
#1
Mam problem, ponieważ nie wiem jak usunąć adware generic5. Prosiłabym o dokładną instrukcję, bo się na tym nie znam
OTL: http://www.wklej.org/id/918346/
Extras: http://www.wklej.org/id/918351/
Acorus
(Acorus)
8 Styczeń 2013 16:48
#2
Odinstaluj Spybot - Search & Destroy,Akamai NetSession Interface Service,AVG Security Toolbar,DAEMON Tools Toolbar,Akamai NetSession Interface.Wyłącz przeglądarki.Użyj AdwCleaner http://general-changelog-team.fr/fr/dow … adwcleaner z funkcji Delete(w przypadku Visty/Windows7 uruchom z prawokliku jako Administrator).
Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:
:OTL MOD - [2012/12/05 18:09:41 | 002,148,376 | ---- | M] () – c:\ProgramData\Browser Manager\2.5.976.107{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O3:64bit: - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKLM…\Toolbar: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files (x86)\4shared.com \prxtb4sha.dll File not found O3 - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM…\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O3 - HKU\S-1-5-21-3605097702-324478384-1460637527-1000…\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3:64bit: - HKU\S-1-5-21-3605097702-324478384-1460637527-1000…\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKU\S-1-5-21-3605097702-324478384-1460637527-1000…\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM…\Run: [ROC_roc_ssl_v12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe () O4 - HKLM…\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-21-3605097702-324478384-1460637527-1000…\Run: [Akamai NetSession Interface] C:\Users\olcia\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-3605097702-324478384-1460637527-1000…\Run: [EA Core] “C:\Program Files (x86)\Electronic Arts\EADM\Core.exe” -silent File not found O4 - HKU\S-1-5-21-3605097702-324478384-1460637527-1000…\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-19…\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20…\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found :Commands [emptytemp]
Kliknij Wykonaj skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).
Pokaż nowy log OTL.txt oraz raport z usuwania.
ove
(Aleksandra Ciechowicz)
8 Styczeń 2013 19:32
#3
Acorus
(Acorus)
8 Styczeń 2013 19:46
#4
Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:
:OTL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_med … 1350671117 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_med … 1350671117 IE - HKLM…\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No CLSID value found IE - HKLM…\SearchScopes{afdbddaa-5d3f-42ee-b79c-185a7020515b}: “URL” = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2233703 IE - HKU\S-1-5-21-3605097702-324478384-1460637527-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1108 … 0f6edfc92e IE - HKU\S-1-5-21-3605097702-324478384-1460637527-1000…\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No CLSID value found IE - HKU\S-1-5-21-3605097702-324478384-1460637527-1000…\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found IE - HKU\S-1-5-21-3605097702-324478384-1460637527-1000…\SearchScopes{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: “URL” = http://www.delta-search.com/?q={searchTerms}&affID=110824&tt=261112_yh_4812_2&babsrc=SP_ss&mntrId=d80019ea0000000000004a0f6edfc92e IE - HKU\S-1-5-21-3605097702-324478384-1460637527-1000…\SearchScopes{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: “URL” = http://www.daemon-search.com/search?q={searchTerms} IE - HKU\S-1-5-21-3605097702-324478384-1460637527-1000…\SearchScopes{afdbddaa-5d3f-42ee-b79c-185a7020515b}: “URL” = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2233703 IE - HKU\S-1-5-21-3605097702-324478384-1460637527-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = ;127.0.0.1:9421;;*.local [2011/08/25 17:35:41 | 000,000,000 | —D | M] (uTorrentBar Community Toolbar) – C:\Users\olcia\AppData\Roaming\mozilla\Firefox\Profiles\typvbozs.default\extensions{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2012/09/16 13:42:04 | 000,000,915 | ---- | M] () – C:\Users\olcia\AppData\Roaming\mozilla\firefox\profiles\typvbozs.default\searchplugins\conduit.xml [2011/08/26 08:58:45 | 000,002,055 | ---- | M] () – C:\Users\olcia\AppData\Roaming\mozilla\firefox\profiles\typvbozs.default\searchplugins\daemon-search.xml [2012/11/28 21:37:39 | 000,002,524 | ---- | M] () – C:\Users\olcia\AppData\Roaming\mozilla\firefox\profiles\typvbozs.default\searchplugins\mngr.xml [2012/11/28 21:35:56 | 000,006,530 | ---- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012/10/19 19:25:19 | 000,000,402 | ---- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\v9.xml O3 - HKU\S-1-5-21-3605097702-324478384-1460637527-1000…\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found. O3 - HKU\S-1-5-21-3605097702-324478384-1460637527-1000…\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107{c16c1~1\mngr.dll) - c:\ProgramData\Browser Manager\2.5.976.107{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll () :Commands [emptytemp]
Kliknij Wykonaj skrypt.W OTL użyj opcji Sprzątanie.
Zainstaluj aktualizacje do programow wskazanych przez Security Check
analiza-dezynfekcja-zestaw-narzedzi-nieingerencyjnych-t485632.html jako out of date.
ove
(Aleksandra Ciechowicz)
8 Styczeń 2013 20:16
#5
raport: http://www.wklej.org/id/918735/
Security Check:
co mam zaktualizować?
Acorus
(Acorus)
9 Styczeń 2013 09:54
#6
Instalacja Service Pack 1.Aktualizacja Int.Exp. do wersji 9.
Odinstaluj:
Java 6 Update 20
Adobe Flash Player 10
Adobe Reader 9
Zainstaluj:
Java http://www.java.com/pl/download/
Adobe Reader XI 11.0.0 http://ftp.adobe.com/pub/adobe/reader/w … _pl_PL.exe
Aktualizacja Firefoxa.