sebaj.p
(Sebaj P)
20 Czerwiec 2015 07:31
#1
Jak w temacie wkradły mi sie sale charger ads. Niby różnymi programami sie ich pozbyłem ale dla pewności ktoś z obeznanych użytkowników mógłby rzucić okiem. Z góry dziękuje.
Addition http://www.wklej.org/id/1742457/
Frst http://www.wklej.org/id/1742459/
Shortcut http://www.wklej.org/id/1742460/
Atis
(Atis)
20 Czerwiec 2015 08:01
#2
Odinstaluj McAfee Security Scan.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki
HKU\S-1-5-21-1523820338-823316528-2808072383-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
Toolbar: HKU\S-1-5-21-1523820338-823316528-2808072383-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Homepage: hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki
FF HKU\S-1-5-21-1523820338-823316528-2808072383-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
C:\Users\sdfiku\AppData\Local\Temp*.html
2011-10-09 18:57 - 2011-10-09 18:57 - 0000000 _____ () C:\Users\sdfiku\AppData\Local\{748B3070-A761-40C3-8464-7054EE33B915}
2011-10-03 07:36 - 2011-10-03 07:36 - 0000000 _____ () C:\Users\sdfiku\AppData\Local\{F9E05B7E-74A2-4F25-A833-B1FCE2D4D933}
Task: {14A466B9-977D-4EDA-83EA-5AF809CB8826} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1523820338-823316528-2808072383-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1B98CC93-E2A6-4AB4-B650-E548C867D040} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1523820338-823316528-2808072383-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {9776C90B-4C77-462E-AFC2-34D63FF40E40} - System32\Tasks\{28337269-AA24-425D-AA08-A93AF9C34EE2} => pcalua.exe -a C:\Users\sdfiku\Desktop\krzychu\LG_KDZ_FW-Update_OfflineFix\KDZ_FW_UPD_EN\B2CAppSetup.exe -d C:\Users\sdfiku\Desktop\krzychu\LG_KDZ_FW-Update_OfflineFix\KDZ_FW_UPD_EN
Task: {A25A4255-3D46-4F6F-8573-CB400FBAD0BD} - System32\Tasks\{2B185D62-950B-4A57-B778-D27B24944D6C} => pcalua.exe -a C:\ProgramData\LGMOBILEAX\LGMLauncher.exe -d C:\ProgramData\LGMOBILEAX
Task: {CC4702F9-8F6C-4EC7-BF7D-149E21725374} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {0537CF92-CF49-4342-84C3-350FA2F78126} - System32\Tasks\Opera N Sunday => C:\Program Files (x86)\Opera\launcher.exe
Task: {D79085EE-A95C-48E7-8D03-B3C41B3ACC92} - System32\Tasks\Opera N Saturday => C:\Program Files (x86)\Opera\launcher.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
EmptyTemp:
Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.
Kliknij Scan i pokaż nowy raport z FRST bez Addition i Shortcut.
sebaj.p
(Sebaj P)
20 Czerwiec 2015 08:46
#3
Atis
(Atis)
20 Czerwiec 2015 09:02
#4
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
FF SearchPlugin: C:\Users\sdfiku\AppData\Roaming\Mozilla\Firefox\Profiles\9lu968b7.default\searchplugins\BearShareWebSearch.xml [2010-04-12]
2015-06-01 20:42 - 2015-06-01 20:42 - 00000000 ____ D C:\Program Files\Enigma Software Group
2015-06-01 20:41 - 2015-06-01 20:41 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\sdfiku\Downloads\SpyHunter-Installer.exe
2015-06-18 18:09 - 2015-01-30 15:48 - 00000000 ____ D C:\AdwCleaner
2013-06-27 10:30 - 2014-06-23 14:36 - 0003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2010-11-18 20:52 - 2010-11-18 20:52 - 0000000 _____ () C:\Users\sdfiku\AppData\Roaming\wklnhst.dat
DeleteQuarantine:
Uruchom FRST i kliknij Fix. Skasuj folder C:\FRST
Usuń stare punkty przywracania: Aby usunąć wszystkie punkty przywracania
Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK
Odinstaluj:
Adobe Flash Player 10 ActiveX
Adobe Flash Player 17 NPAPI
Adobe Flash Player 17 PPAPI
Java 8 Update 31
Zainstaluj:
Flash Player 18.0.0.160 NPAPI
Flash Player 18.0.0.160 ActiveX
Flash Player 18.0.0.160 PPAPI
Java 8 Update 45
sebaj.p
(Sebaj P)
21 Czerwiec 2015 07:43
#5
zrobione wszystko zgodnie z wytycznymi. Dzięki