CoinMiner

RemiPL · 9 Październik 2012 17:30

Pomooocy… Nie wiem jak usunąć to. Robię skana w OTL, ale trwa to godzinami. Słyszałem, że jakiś skrypt trzeba zrobić, ale nie mam pojęcia jak. Proszę o pomoc :

anon1498622 · 9 Październik 2012 17:43

Co wyświetla OTL, tzn. co skanuje?

Skan trwa max. kilkanaście minut. Skrypt i dalsze instrukcje podają Ci spece

RemiPL · 9 Październik 2012 17:46

http://wklej.to/c41qE

http://wklej.to/Al1dD

Bardzo proszę o skrypt.

Acorus · 9 Październik 2012 18:33

Odinstaluj YTD Toolbar v6.3,SweetPacks Toolbar for Internet Explorer 4.6,AVG Security Toolbar,Babylon toolbar on IE,Browsers Protector,Contextual Tool Extrafind,Optimizer Pro v3.0,OptimizerPro Updater,Searchqu Toolbar, SearchYa! Web Search,Softonic toolbar on IE and Chrome,StartSearch Toolbar 1.3,uTorrentControl2 Toolbar,Deinstalator Strony V9.Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

:OTL MOD - [2012-10-04 14:53:47 | 000,024,064 | RHS- | M] () – C:\Users\Aryan\AppData\Roaming\A1056696439.exe MOD - [2012-10-03 17:59:12 | 000,016,896 | ---- | M] () – C:\Users\Aryan\AppData\Local\kmiwefa.dll MOD - [2012-09-30 16:19:01 | 000,077,824 | RHS- | M] () – C:\Users\Aryan\AppData\Roaming\svchost.exe MOD - [2012-09-30 16:19:01 | 000,077,824 | RHS- | M] () – C:\Users\Aryan\AppData\Roaming\csrss.exe MOD - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () – C:\Program Files\Browsers Protector\regmon32.exe SRV - [2012-09-19 16:21:14 | 000,795,072 | ---- | M] (Spigot, Inc.) [Auto | Running] – C:\Program Files\Application Updater\ApplicationUpdater.exe – (Application Updater) DRV - File not found [Kernel | On_Demand | Stopped] – C:\Windows\system32\XDva397.sys – (XDva397) DRV - File not found [Kernel | On_Demand | Stopped] – System32\drivers\rdvgkmd.sys – (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] – C:\Windows\system32\drivers\EagleXNt.sys – (EagleXNt) DRV - File not found [Kernel | On_Demand | Stopped] – C:\Windows\system32\drivers\EagleNT.sys – (EagleNT) IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idd/idd_1336756779_939023 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=18&barid={C08FCD0E-C95B-4D90-8DC8-FE3204C302AA} IE - HKLM…\URLSearchHook: - No CLSID value found IE - HKLM…\URLSearchHook: {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - SOFTWARE\Classes\CLSID{3B81079D-2AC9-425f-A494-A1C7D93AFA3C}\InprocServer32 File not found IE - HKLM…\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) IE - HKLM…\SearchScopes{2A10F6DD-5245-44CE-AC6A-EF341679F84F}: “URL” = http://startsear.ch/?aff=1&src=sp&cf=6c … d0446d6&q={searchTerms} IE - HKLM…\SearchScopes{43E7F42E-0DCF-4CBA-A774-1BCE830C0E06}: “URL” = http://search.gboxapp.com/?q={searchTerms} IE - HKLM…\SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: “URL” = http://dts.search-results.com/sr?src=ie … 06&sr=0&q={searchTerms} IE - HKLM…\SearchScopes{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: “URL” = http://www.searchya.com/?q={searchTerms}&s=1&a=foxtab&chnl=tc-100&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDyC0DyD0CyEtA0EtD0FyDtN0D0Tzu0StByEyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=969832359 IE - HKLM…\SearchScopes{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: “URL” = http://search.gboxapp.com/?q={searchTerms} IE - HKLM…\SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: “URL” = http://search.sweetim.com/search.asp?sr … 0&st=18&q={searchTerms}&barid={C08FCD0E-C95B-4D90-8DC8-FE3204C302AA} IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://startsear.ch/?aff=1&cf=6c0c9c36- … 241d0446d6 IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idd/idd_1336756779_939023 IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=6c0c9c36- … 241d0446d6 IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\URLSearchHook: {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - SOFTWARE\Classes\CLSID{3B81079D-2AC9-425f-A494-A1C7D93AFA3C}\InprocServer32 File not found IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - SOFTWARE\Classes\CLSID{F3FEE66E-E034-436a-86E4-9690573BEE8A}\InprocServer32 File not found IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\SearchScopes{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: “URL” = http://search.babylon.com/?q={searchTerms}&affID=113933&tt=3012_2&babsrc=SP_ss&mntrId=6c08e0f500000000000000241d0446d6 IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\SearchScopes{2A10F6DD-5245-44CE-AC6A-EF341679F84F}: “URL” = http://www.searchya.com/?q={searchTerms}&s=1&a=foxtab&chnl=tc-100&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDyC0DyD0CyEtA0EtD0FyDtN0D0Tzu0StByEyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=969832359 IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\SearchScopes{3443779F-9BCE-49BA-A553-73241F9D48E8}: “URL” = http://search.softonic.com/MON00085/tb_v1?q={searchTerms}&SearchSource=4&cc= IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\SearchScopes{38BA6A4B-449E-45C8-B07C-F79D350A5BA7}: “URL” = http://search.yahoo.com/search?fr=chr-g … =937811&p={searchTerms} IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\SearchScopes{43E7F42E-0DCF-4CBA-A774-1BCE830C0E06}: “URL” = http://startsear.ch/?aff=1&src=sp&cf=6c … d0446d6&q={searchTerms} IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\SearchScopes{95B7759C-8C7F-4BF1-B163-73684A933233}: “URL” = https://isearch.avg.com/search?cid={5AA5FC86-2591-4440-BA5A-641709557C23}&mid=e2ed1b63fd9747d08082d16d5be0af25-c4660b57333431df293f1fb290a07b5da4cc5fcb〈=pl&ds=cv011&pr=sa&d=2012-07-15 17:13:19&v=12.2.5.32&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: “URL” = http://dts.search-results.com/sr?src=ie … 06&sr=0&q={searchTerms} IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\SearchScopes{9C653E19-BF19-49B5-AA31-DD4860F0595A}: “URL” = http://websearch.ask.com/redirect?clien … &src=kw&q={searchTerms}&locale=&apn_ptnrs=6G&apn_dtid=YYYYYYYYPL&apn_uid=d5320cf7-7cc8-40ca-af3d-d0aa06a8d814&apn_sauid=482FBB11-F14B-4FE0-8F23-4B85D29062A7 IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\SearchScopes{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: “URL” = http://search.gboxapp.com/?q={searchTerms} IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\SearchScopes{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: “URL” = http://search.gboxapp.com/?q={searchTerms} IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\SearchScopes{BFCE76DB-BE3F-4943-9D51-E337713BB349}: “URL” = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 IE - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: “URL” = http://search.sweetim.com/search.asp?sr … 0&st=18&q={searchTerms}&barid={C08FCD0E-C95B-4D90-8DC8-FE3204C302AA} FF - prefs.js…browser.search.order.1: “Web Search” FF - prefs.js…keyword.URL: “http://search.softonic.com/MON00085/tb_v1?SearchSource=2&cc=&q=” FF - prefs.js…browser.startup.homepage: “http://startsear.ch/?aff=1&cf=6c0c9c36-6e12-11e1-ab70-00241d0446d6” FF - prefs.js…browser.search.defaultenginename: “Web Search” [2012-09-03 18:55:45 | 000,000,000 | —D | M] (uTorrentControl2 Community Toolbar) – C:\Users\Aryan\AppData\Roaming\mozilla\Firefox\Profiles\3543irpz.default\extensions{687578b9-7132-4a7a-80e4-30ee31099e03} [2012-06-29 22:27:07 | 000,000,000 | —D | M] (Searchqu Toolbar) – C:\Users\Aryan\AppData\Roaming\mozilla\Firefox\Profiles\3543irpz.default\extensions{99079a25-328f-4bd4-be04-00955acaa0a7} [2012-03-16 14:46:32 | 000,000,000 | —D | M] (Babylon) – C:\Users\Aryan\AppData\Roaming\mozilla\Firefox\Profiles\3543irpz.default\extensions\ffxtlbr@babylon.com [2012-09-02 17:14:10 | 000,000,000 | —D | M] (searchya.com) – C:\Users\Aryan\AppData\Roaming\mozilla\Firefox\Profiles\3543irpz.default\extensions\ffxtlbr@searchya.com [2012-03-10 15:04:54 | 000,000,000 | —D | M] (Softonic Toolbar) – C:\Users\Aryan\AppData\Roaming\mozilla\Firefox\Profiles\3543irpz.default\extensions\ffxtlbra@softonic.com [2012-07-27 20:30:23 | 000,000,000 | —D | M] (GadgetBox) – C:\Users\Aryan\AppData\Roaming\mozilla\Firefox\Profiles\3543irpz.default\extensions\gadget@gadgetbox [2012-06-11 14:00:15 | 000,000,000 | —D | M] (Yontoo) – C:\Users\Aryan\AppData\Roaming\mozilla\Firefox\Profiles\3543irpz.default\extensions\plugin@yontoo.com [2012-06-29 22:30:38 | 000,002,325 | ---- | M] () – C:\Users\Aryan\AppData\Roaming\mozilla\firefox\profiles\3543irpz.default\searchplugins\askcom.xml [2012-08-09 20:43:24 | 000,011,041 | ---- | M] () – C:\Users\Aryan\AppData\Roaming\mozilla\firefox\profiles\3543irpz.default\searchplugins\bProtect.xml [2012-08-27 17:56:10 | 000,000,935 | ---- | M] () – C:\Users\Aryan\AppData\Roaming\mozilla\firefox\profiles\3543irpz.default\searchplugins\conduit.xml [2012-07-27 18:01:05 | 000,000,440 | ---- | M] () – C:\Users\Aryan\AppData\Roaming\mozilla\firefox\profiles\3543irpz.default\searchplugins\GadgetBox.xml [2012-09-02 17:14:13 | 000,002,335 | ---- | M] () – C:\Users\Aryan\AppData\Roaming\mozilla\firefox\profiles\3543irpz.default\searchplugins\Search.xml [2012-06-29 22:27:05 | 000,002,519 | ---- | M] () – C:\Users\Aryan\AppData\Roaming\mozilla\firefox\profiles\3543irpz.default\searchplugins\Search_Results.xml [2012-04-21 13:55:16 | 000,002,060 | ---- | M] () – C:\Users\Aryan\AppData\Roaming\mozilla\firefox\profiles\3543irpz.default\searchplugins\softonic.xml [2012-03-14 22:15:38 | 000,000,792 | ---- | M] () – C:\Users\Aryan\AppData\Roaming\mozilla\firefox\profiles\3543irpz.default\searchplugins\startsear.xml [2012-06-29 22:14:03 | 000,004,425 | ---- | M] () – C:\Users\Aryan\AppData\Roaming\mozilla\firefox\profiles\3543irpz.default\searchplugins\sweetim.xml [2012-09-26 07:11:36 | 000,000,000 | —D | M] (Widgi Toolbar Platform) – C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM O3 - HKLM…\Toolbar: (SearchYa Toolbar) - {33AA308B-B565-4376-AC66-59EE9B6AD13E} - C:\PROGRA~1\SearchYa!\1.5.25.0\searchyaTlbr.dll File not found O3 - HKLM…\Toolbar: (GagetBox) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files\GadgetBox\gadgetBoxTB.dll File not found O3 - HKLM…\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll File not found O3 - HKLM…\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll () O3 - HKLM…\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.29.1\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM…\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found O3 - HKLM…\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM…\Toolbar: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.3\ytdToolbarIE.dll File not found O3 - HKLM…\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM…\Run: [] File not found O4 - HKLM…\Run: [browsers Protector] C:\Program Files\Browsers Protector\regmon32.exe () O4 - HKLM…\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE File not found O4 - HKLM…\Run: [searchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [A1056696439] C:\Users\Aryan\AppData\Roaming\A1056696439.exe () O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [ares] “C:\Program Files\Ares\Ares.exe” -h File not found O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [Client Server Runtime Process] C:\Users\Aryan\AppData\Roaming\csrss.exe () O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [Clients] C:\Users\Aryan\AppData\Roaming\3CDECF.exe (ропппп) O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [Clownfish] “C:\Program Files\Clownfish\Clownfish.exe” File not found O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [Host-process Windows (Rundll32.exe)] C:\Users\Aryan\AppData\Roaming\csrss.exe () O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [iPLA!] C:\Program Files\ipla\ipla.exe /autorun File not found O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [kmiwefa] C:\Users\Aryan\AppData\Local\kmiwefa.dll () O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [MurGee.com Auto Clicker] C:\Program Files\Auto Clicker\AutoClicker.exe :silent File not found O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [NetPer] C:\Users\Aryan\Auxiliaryveri.exe () O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro) O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [service Host Process for Windows] C:\Users\Aryan\AppData\Roaming\System32\svchost.exe () O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [userinit] C:\rk\rk.exe () O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [Vtieiz] C:\Users\Aryan\AppData\Roaming\Vtieiz.exe (Google Inc.) O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [xivwxuaggnirrpeecys] C:\Users\Aryan\AppData\Roaming\xivwxuaggnirrpeecys.exe File not found O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\RunOnce: [A1056696439] C:\Users\Aryan\AppData\Roaming\A1056696439.exe () O4 - Startup: C:\Users\Aryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\A1056696439.exe () F3 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000 WinNT: Load - (C:\Users\Aryan\Auxiliaryveri.exe) - C:\Users\Aryan\Auxiliaryveri.exe () O20 - AppInit_DLLs: (c:\progra~1\search~1\datamngr\datamngr.dll) - File not found O20 - AppInit_DLLs: (c:\progra~1\search~1\datamngr\iebho.dll) - File not found O20 - AppInit_DLLs: (c:\progra~1\sprote~1\sprote~1.dll) - c:\Program Files\SProtector\sprotector.dll () [2012-10-09 18:50:16 | 000,581,551 | ---- | C] (Google Inc.) – C:\Users\Aryan\AppData\Roaming\Vtieiz.exe [2010-11-20 23:29:20 | 000,032,570 | -HS- | C] (ропппп) – C:\Users\Aryan\AppData\Roaming\3CDECF.exe :Commands [emptytemp]

Kliknij Wykonaj skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).

Pokaż nowy log OTL.txt oraz raport z usuwania.

RemiPL · 10 Październik 2012 15:55

I nic. Nie usunąłem tylko IM coś tam, bo się nie da, areszte usunalem. Wklejam skrypt ale komputer się sam resetuje i problem nadal jest.

Acorus · 10 Październik 2012 16:00

Wykonaj skrypt w trybie awaryjnym.

RemiPL · 10 Październik 2012 16:14

To coś pomoże?

adam9870 · 10 Październik 2012 16:19

Może pomóc. Spróbuj.

RemiPL · 10 Październik 2012 16:25

http://wklej.to/WBFRJ

http://wklej.to/KrbxS

Problemu chyba nie ma. Dziękije Ci mój wybawco!

Acorus · 10 Październik 2012 16:44

Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

:OTL O2 - BHO: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found. O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL File not found O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.5.21.0\bh\Softonic.dll File not found O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll File not found O4 - HKLM…\Run: [ROC_ROC_JULY_P1] “C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe” / /PROMPT /CMPID=ROC_JULY_P1 File not found O4 - HKU\S-1-5-21-2103713807-3136835457-1299697808-1000…\Run: [HotKeysCmds] C:\Users\Aryan\AppData\Local\Temp\7761.EXE File not found [2012-10-10 16:47:32 | 001,085,828 | ---- | C] (Saro Dares) – C:\Users\Aryan\AppData\Roaming\xivwxuaggnirrpeecys.exe [2012-09-30 16:19:01 | 000,077,824 | RHS- | M] () – C:\Users\Aryan\AppData\Roaming\svchost.exe [2012-09-30 16:19:01 | 000,077,824 | RHS- | M] () – C:\Users\Aryan\AppData\Roaming\rundll32.exe [2012-09-19 16:18:56 | 000,000,372 | -H-- | M] () – C:\Windows\tasks\OptimizerProUpdaterLogonTask.job [2012-09-19 16:18:55 | 000,000,352 | -H-- | M] () – C:\Windows\tasks\OptimizerProUpdaterRefreshTask.job :Commands [emptytemp]

Kliknij Wykonaj skrypt.W OTL użyj opcji Sprzątanie.

Użyj AdwCleaner http://general-changelog-team.fr/outils/289-adwcleaner z funkcji Delete(w przypadku Visty/Windows7 uruchom z prawokliku jako Administrator).

Przeskanuj progr.Malwarebytes Anti-Malware http://www.malwarebytes.org/products/malwarebytes_free

Przed skanowaniem wykonaj RĘCZNĄ AKTUALIZACJĘ BAZY SYGNATUR WIRUSÓW Malwarebytesa “Uruchom Malwarebytes, przejdź do zakładki Aktualizacja, Sprawdź aktualizacje.”