Usuwanie win32:Adware-gen

cornflakes7 · 3 Październik 2014 14:08

Witam,

Atis · 3 Październik 2014 15:16

W panelu sterowania odinstaluj YAC Yet Another Cleaner!

Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

cornflakes7 · 3 Październik 2014 15:46

http://www.wklej.org/hash/0c66ef1e787/

Atis · 3 Październik 2014 16:18

Odinstaluj McAfee Security Scan Plus, Splashtop Connect for Firefox, Splashtop Connect IE.

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM-x32\...\Run: [STCAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [776064 2011-03-04] (Splashtop Inc.)
HKLM-x32\...\Run: [ZyngaGamesAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [841544 2010-11-15] (Splashtop Inc.)
HKLM-x32\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}
FF Extension: Splashtop Connect Companion - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012-06-13]
FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}
FF Extension: Splashtop Connect - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012-06-13]
FF HKLM-x32\...\Firefox\Extensions: [{d9284e50-81fc-11da-a72b-0800200c9a66}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}
FF Extension: Yoono - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2012-06-13]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 hpdj; C:\Users\win7\AppData\Local\Temp\hpdj.exe -servicerunning=true -uninstall=hp deskjet 5100 series -product= [X]
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-20] (AVG Technologies)
S3 TBPanel; No ImagePath
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
C:\Windows\system32\drivers\avgtpx64.sys
C:\Program Files (x86)\Splashtop
C:\ProgramData\McAfee Security Scan
C:\Program Files\McAfee Security Scan
C:\Program Files (x86)\Common Files\AVG Secure Search
C:\AdwCleaner
Task: {40EAD89A-5992-4A08-A5CD-44C5D4AE04D8} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{F2E84579-FD25-49BD-89FF-8DFBC1AE3924}.exe
Task: {F4541382-90E8-4DBB-ADEF-6DE32347F685} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{3FC25E1D-EA0E-4A06-9C51-6C6E7600EBD0}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{3FC25E1D-EA0E-4A06-9C51-6C6E7600EBD0}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{F2E84579-FD25-49BD-89FF-8DFBC1AE3924}.exe
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

cornflakes7 · 3 Październik 2014 17:33

Fixlog: http://www.wklej.org/hash/217d38ae230/

FRST: http://www.wklej.org/hash/7ef4cff90b5/

Atis · 3 Październik 2014 19:05

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKU\S-1-5-21-2586638191-1101213524-3211037683-1001\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\S-1-5-21-2586638191-1101213524-3211037683-1001\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe" /PROMPT /CMPID=JUNE2013_HP
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
C:\ProgramData\Splashtop
C:\Users\win7\AppData\Roaming\Splashtop
DeleteQuarantine:

Uruchom FRST i kliknij Fix. Skasuj folder C:\FRST

Usuń stare punkty przywracania: Aby usunąć wszystkie punkty przywracania

Dysk przeskanuj Malwarebytes Anti-Malware

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

http://wstaw.org/m/2014/03/25/2014-03-25_123039.png

Język PL > Settings > General Settings > Language > Polish

Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK

Odinstaluj Adobe Shockwave Player 11.6 i Java 7 Update 45.

Zainstaluj Java 7 Update 67.