Problem z sale charger ads


(Sebaj P) #1

Jak w temacie wkradły mi sie sale charger ads. Niby różnymi programami sie ich pozbyłem ale dla pewności ktoś z obeznanych użytkowników mógłby rzucić okiem. Z góry dziękuje.

 

Addition http://www.wklej.org/id/1742457/

 

Frst http://www.wklej.org/id/1742459/

 

Shortcut http://www.wklej.org/id/1742460/


(Atis) #2

Odinstaluj McAfee Security Scan.

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki
HKU\S-1-5-21-1523820338-823316528-2808072383-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
Toolbar: HKU\S-1-5-21-1523820338-823316528-2808072383-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Homepage: hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki
FF HKU\S-1-5-21-1523820338-823316528-2808072383-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
C:\Users\sdfiku\AppData\Local\Temp*.html
2011-10-09 18:57 - 2011-10-09 18:57 - 0000000 _____ () C:\Users\sdfiku\AppData\Local\{748B3070-A761-40C3-8464-7054EE33B915}
2011-10-03 07:36 - 2011-10-03 07:36 - 0000000 _____ () C:\Users\sdfiku\AppData\Local\{F9E05B7E-74A2-4F25-A833-B1FCE2D4D933}
Task: {14A466B9-977D-4EDA-83EA-5AF809CB8826} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1523820338-823316528-2808072383-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1B98CC93-E2A6-4AB4-B650-E548C867D040} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1523820338-823316528-2808072383-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {9776C90B-4C77-462E-AFC2-34D63FF40E40} - System32\Tasks\{28337269-AA24-425D-AA08-A93AF9C34EE2} => pcalua.exe -a C:\Users\sdfiku\Desktop\krzychu\LG_KDZ_FW-Update_OfflineFix\KDZ_FW_UPD_EN\B2CAppSetup.exe -d C:\Users\sdfiku\Desktop\krzychu\LG_KDZ_FW-Update_OfflineFix\KDZ_FW_UPD_EN
Task: {A25A4255-3D46-4F6F-8573-CB400FBAD0BD} - System32\Tasks\{2B185D62-950B-4A57-B778-D27B24944D6C} => pcalua.exe -a C:\ProgramData\LGMOBILEAX\LGMLauncher.exe -d C:\ProgramData\LGMOBILEAX
Task: {CC4702F9-8F6C-4EC7-BF7D-149E21725374} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {0537CF92-CF49-4342-84C3-350FA2F78126} - System32\Tasks\Opera N Sunday => C:\Program Files (x86)\Opera\launcher.exe
Task: {D79085EE-A95C-48E7-8D03-B3C41B3ACC92} - System32\Tasks\Opera N Saturday => C:\Program Files (x86)\Opera\launcher.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition i Shortcut.


(Sebaj P) #3

fixlog http://www.wklej.org/id/1742482/

fsrt  http://www.wklej.org/id/1742483/


(Atis) #4

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

FF SearchPlugin: C:\Users\sdfiku\AppData\Roaming\Mozilla\Firefox\Profiles\9lu968b7.default\searchplugins\BearShareWebSearch.xml [2010-04-12]
2015-06-01 20:42 - 2015-06-01 20:42 - 00000000 ____ D C:\Program Files\Enigma Software Group
2015-06-01 20:41 - 2015-06-01 20:41 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\sdfiku\Downloads\SpyHunter-Installer.exe
2015-06-18 18:09 - 2015-01-30 15:48 - 00000000 ____ D C:\AdwCleaner
2013-06-27 10:30 - 2014-06-23 14:36 - 0003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2010-11-18 20:52 - 2010-11-18 20:52 - 0000000 _____ () C:\Users\sdfiku\AppData\Roaming\wklnhst.dat
DeleteQuarantine:

Uruchom FRST i kliknij Fix. Skasuj folder C:\FRST

Usuń stare punkty przywracania: Aby usunąć wszystkie punkty przywracania

Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK

Odinstaluj:

Adobe Flash Player 10 ActiveX

Adobe Flash Player 17 NPAPI

Adobe Flash Player 17 PPAPI

Java 8 Update 31

Zainstaluj:

Flash Player 18.0.0.160 NPAPI

Flash Player 18.0.0.160 ActiveX

Flash Player 18.0.0.160 PPAPI

Java 8 Update 45


(Sebaj P) #5

zrobione wszystko zgodnie z wytycznymi. Dzięki