Usuwanie reklam

prexis · 21 Czerwiec 2015 10:07

Addition: http://wklej.org/hash/88d2e5de23e/

Mam problemy z sale charger powyżej wstawiłem skany czy mógłby mi ktoś pomóc usunąć to ustrojstwo. Dziękuję z góry:)

Acorus · 21 Czerwiec 2015 10:41

Odinstaluj Adobe Reader 9.5.0 - Polish.Otwórz notatnik systemowy i wklej:

CloseProcesses:
Task: {4766A1B9-8401-4C16-B988-3226285BC221} - System32\Tasks\{73CDAD46-7C28-437C-B02A-401819F0E6AC} => pcalua.exe -a C:\Users\Toshiba\AppData\Roaming\do-search\UninstallManager.exe -c -ptid=cor
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKU\S-1-5-21-585390766-3682847766-1828873135-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2765256 2015-04-27] (ALLPlayer Group Ltd.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hppp&ts=1433529470&z=4b7594acf690588787c0ccag0z2cacdweo4t0z1qcm&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hppp&ts=1433529470&z=4b7594acf690588787c0ccag0z2cacdweo4t0z1qcm&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1433529363&z=28dce577ab6e6154006a597g4zbc2caw7o2t5cdq4e&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1433529363&z=28dce577ab6e6154006a597g4zbc2caw7o2t5cdq4e&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hppp&ts=1433529470&z=4b7594acf690588787c0ccag0z2cacdweo4t0z1qcm&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hppp&ts=1433529470&z=4b7594acf690588787c0ccag0z2cacdweo4t0z1qcm&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1433529363&z=28dce577ab6e6154006a597g4zbc2caw7o2t5cdq4e&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1433529363&z=28dce577ab6e6154006a597g4zbc2caw7o2t5cdq4e&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350&q={searchTerms}
HKU\S-1-5-21-585390766-3682847766-1828873135-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=dspp&ts=1433529470&z=4b7594acf690588787c0ccag0z2cacdweo4t0z1qcm&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350&q={searchTerms}
HKU\S-1-5-21-585390766-3682847766-1828873135-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hppp&ts=1433529470&z=4b7594acf690588787c0ccag0z2cacdweo4t0z1qcm&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350
HKU\S-1-5-21-585390766-3682847766-1828873135-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hppp&ts=1433529470&z=4b7594acf690588787c0ccag0z2cacdweo4t0z1qcm&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350
HKU\S-1-5-21-585390766-3682847766-1828873135-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=dspp&ts=1433529470&z=4b7594acf690588787c0ccag0z2cacdweo4t0z1qcm&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350&q={searchTerms}
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-585390766-3682847766-1828873135-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350&ts=1433529532&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-585390766-3682847766-1828873135-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350&ts=1433529532&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-585390766-3682847766-1828873135-1001 -> {7FF20A3B-483A-4958-A4B8-D9E5DFBAF290} URL = http://do-search.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350&ts=1433529532&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-585390766-3682847766-1828873135-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000MPCK-22AWHT0_WD-WX81A93J8350J8350&ts=1433529532&type=default&q={searchTerms}
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-06-03] (Thinknice Co. Limited)
BHO-x32: Sale Charger -> {7a38e53c-e000-41e4-9b5a-47447db81c2b} -> C:\Program Files (x86)\Sale Charger\Extensions\7a38e53c-e000-41e4-9b5a-47447db81c2b.dll [2015-06-05] ()
OPR Extension: (Sale Charger) - C:\Users\Toshiba\AppData\Roaming\Opera Software\Opera Stable\Extensions\fpadeflmcilgocfdbchkabfigijjkejo [2015-06-05]
R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125056 2015-06-03] (XTab system)
R2 Service Mgr SaleCharger; C:\ProgramData\322cb724-1680-423d-8862-1b52ca5027ad\plugincontainer.exe [650512 2015-06-21] () <==== ATTENTION
R2 Update Hold Page; C:\Program Files (x86)\Hold Page\updateHoldPage.exe [475376 2015-06-21] ()
R2 Update Mgr SaleCharger; C:\Program Files (x86)\Common Files\322cb724-1680-423d-8862-1b52ca5027ad\updater.exe [572176 2015-06-21] () <==== ATTENTION
R2 Util Hold Page; C:\Program Files (x86)\Hold Page\bin\utilHoldPage.exe [475376 2015-06-21] ()
R1 {078ad437-dc9f-4228-9edb-b3d1c0246ff8}w64; C:\Windows\System32\drivers\{078ad437-dc9f-4228-9edb-b3d1c0246ff8}w64.sys [48784 2014-12-09] (StdLib)
R1 {27899312-155f-40f3-8661-fb6675d82b4b}w64; C:\Windows\System32\drivers\{27899312-155f-40f3-8661-fb6675d82b4b}w64.sys [48784 2014-12-21] (StdLib)
R1 {2bf1e193-df72-4e3c-9f15-d1dc6e2f810f}w64; C:\Windows\System32\drivers\{2bf1e193-df72-4e3c-9f15-d1dc6e2f810f}w64.sys [48784 2014-12-06] (StdLib)
R1 {40d1e549-9fca-4f25-a19d-d845842dd635}w64; C:\Windows\System32\drivers\{40d1e549-9fca-4f25-a19d-d845842dd635}w64.sys [48784 2014-12-30] (StdLib)
R1 {507a9b68-2b48-4a22-b662-e674fb6a16f7}w64; C:\Windows\System32\drivers\{507a9b68-2b48-4a22-b662-e674fb6a16f7}w64.sys [48776 2014-12-03] (StdLib)
R1 {8299d9bc-4fe2-4889-9adf-025a0769d461}w64; C:\Windows\System32\drivers\{8299d9bc-4fe2-4889-9adf-025a0769d461}w64.sys [48784 2014-12-15] (StdLib)
R1 {84edc66f-0e16-4519-bd1a-cead01f243ac}w64; C:\Windows\System32\drivers\{84edc66f-0e16-4519-bd1a-cead01f243ac}w64.sys [48784 2015-01-02] (StdLib)
R1 {91975f83-f39c-43cf-aad4-0b3396b0f6db}Gw64; C:\Windows\System32\drivers\{91975f83-f39c-43cf-aad4-0b3396b0f6db}Gw64.sys [48784 2015-05-18] (StdLib)
R1 {91975f83-f39c-43cf-aad4-0b3396b0f6db}w64; C:\Windows\System32\drivers\{91975f83-f39c-43cf-aad4-0b3396b0f6db}w64.sys [48784 2015-01-06] (StdLib)
R1 {a16a1775-5ab3-4034-ac52-de0795db97f0}w64; C:\Windows\System32\drivers\{a16a1775-5ab3-4034-ac52-de0795db97f0}w64.sys [48784 2014-12-12] (StdLib)
R1 {c88279d3-91dd-4bd9-ad38-681f71d6e36d}w64; C:\Windows\System32\drivers\{c88279d3-91dd-4bd9-ad38-681f71d6e36d}w64.sys [48784 2014-12-27] (StdLib)
R1 {ca4e7e4c-3ebf-4428-bf75-cc138b7061f1}w64; C:\Windows\System32\drivers\{ca4e7e4c-3ebf-4428-bf75-cc138b7061f1}w64.sys [48784 2014-12-24] (StdLib)
R1 {df47b99d-26f5-45f4-85c5-97b4da365f21}w64; C:\Windows\System32\drivers\{df47b99d-26f5-45f4-85c5-97b4da365f21}w64.sys [48776 2014-11-30] (StdLib)
R1 {f2f2c4d5-f6ac-4c21-8cea-257783669e49}Gw64; C:\Windows\System32\drivers\{f2f2c4d5-f6ac-4c21-8cea-257783669e49}Gw64.sys [48776 2014-11-29] (StdLib)
R1 {fb92e7a9-ee13-44c3-a51b-600382fe9211}w64; C:\Windows\System32\drivers\{fb92e7a9-ee13-44c3-a51b-600382fe9211}w64.sys [48784 2014-12-18] (StdLib)
S3 cpuz136; \\C:\Users\Toshiba\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \\C:\Windows\system32\drivers\EagleX64.sys [X]
2015-06-07 18:06 - 2015-06-07 18:06 - 00003140 _____ C:\Windows\System32\Tasks\{73CDAD46-7C28-437C-B02A-401819F0E6AC}
2015-06-05 20:39 - 2015-06-05 20:39 - 00000000 ____ D C:\ProgramData\IHProtectUpDate
2015-06-05 20:38 - 2015-06-05 20:39 - 00000000 ____ D C:\Program Files (x86)\MiuiTab
2015-06-05 20:35 - 2015-06-05 20:36 - 00000000 ____ D C:\Program Files (x86)\Sale Charger
2015-06-05 20:34 - 2015-06-05 20:34 - 00709248 _____ (Installer ) C:\Users\Toshiba\Downloads\ALLPlayer(13217)-dp.exe
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.