frst > http://www.wklej.org/id/1871812/
addition > http://www.wklej.org/id/1871813/
shortcut >http://www.wklej.org/id/1871814/
pozdrawiam
Dodam od siebie że w logu widac stare aktywne sterownki od McAfee
Użyj McAfee Consumer Product Removal (MCPR)
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_33¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyD0A0EtAyEyBtCyEtA0C0B0F0AzzyD0DtN0D0Tzu0StCtAtBtCtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC0CyEtCzz0E0B0DtGyE0Dzy0FtG0FtByC0AtGyD0Ezz0DtGtAyEtB0AtBtCtDtDtAtD0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtBtByCyDtCtAzytGyCzytDtDtGyEtBtC0AtG0AtCyDtAtG0C0CtBtByCyEzzyB0DtB0Fzz2QtN0A0LzuyE%26cr%3D1080777158%26a%3Dwncy_ir_15_33%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1439398040&z=6ccce9765191d90680ac971g8z1c4tdcet9mdtbw4o&from=cor&uid=WDCXWD10JPVX-22JC3T0_WD-WX71EA3NXF70NXF70&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_33¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyD0A0EtAyEyBtCyEtA0C0B0F0AzzyD0DtN0D0Tzu0StCtAtBtCtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC0CyEtCzz0E0B0DtGyE0Dzy0FtG0FtByC0AtGyD0Ezz0DtGtAyEtB0AtBtCtDtDtAtD0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtBtByCyDtCtAzytGyCzytDtDtGyEtBtC0AtG0AtCyDtAtG0C0CtBtByCyEzzyB0DtB0Fzz2QtN0A0LzuyE%26cr%3D1080777158%26a%3Dwncy_ir_15_33%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1030996327-2942364442-3026964311-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2015-12-09 10:05 - 2015-02-02 17:40 - 00000000 ____ D C:\AdwCleaner
Task: {2272AEA9-00B9-4CC6-BBB2-A4628D1761E7} - System32\Tasks\{D62FBD91-19F3-4DBC-AEB1-FE610D65AED4} => Firefox.exe hxxp://ui.skype.com/ui/0/7.12.0.101/pl/go/help.faq.installer?LastError=1618
Task: {D17DA003-DEB6-4960-AB49-E4416C45CFEC} - System32\Tasks\avastBCLRestartS-1-5-21-1030996327-2942364442-3026964311-1001 => Firefox.exe
Task: {D362667A-973C-4B04-A415-3B2891579717} - System32\Tasks\YJSHFMUN1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== UWAGA
Task: C:\Windows\Tasks\YJSHFMUN1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== UWAGA
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
Reg: reg delete HKCU\Software\Google /f
Reg: reg delete HKLM\SOFTWARE\Google /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Google /f
EmptyTemp:
Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
Reg: reg delete HKCU\Software\Google /f
Reg: reg delete HKLM\SOFTWARE\Google /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Google /f
DeleteQuarantine:
Uruchom FRST i kliknij Napraw (Fix). Później skasuj folder C:\FRST
dziękuję