Deal keeper, proszę o pomoc


(M Wojcikvlo) #1

Hej, mam dość popularny problem-z deal keeperem, bardzo proszę o pomoc w usunięciu tego badziewia. Przeskanowałam i usunęłam co trzeba w AdwCleaner. Oto logi z FRST: frst:http://wklej.org/id/1490854/ , addition: http://wklej.org/id/1490858/ . Będę bardzo wdzięczna za poradę co dalej. Pozdrawiam


(Acorus) #2

Otwórz Notatnik i wklej:

HKU\S-1-5-21-796856102-3878011603-4065116779-1000\...\Run: [Yahoo! Search] = C:\Users\Toshiba\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.12.4\dsrlte.exe
HKU\S-1-5-21-796856102-3878011603-4065116779-1000\...\MountPoints2: {52b2694e-65a7-11e2-8243-001e3379cbdc} - G:\Startme.exe
HKU\S-1-5-21-796856102-3878011603-4065116779-1000\...\MountPoints2: {bc03532d-f26a-11e0-87eb-001e3379cbdc} - F:\AUTORUN.EXE
Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk - C:\Users\Toshiba\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File)
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
URLSearchHook: HKCU - (No Name) - {b54561db-0bbb-41b4-a814-df8301fe0a8e} - No File
SearchScopes: HKCU - {30750DD1-EADD-4cf1-A485-C736C96936AB} URL = http://search.etoolkit.com/search?q={searchTerms}id=026867eaa7783ca357efe4d98293a24b3f3s=p
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll No File
FF DefaultSearchEngine: Yahoo! Search
FF SelectedSearchEngine: Yahoo! Search
CHR StartupUrls: Default - "hxxp://rts.dsrlte.com?affID=na"
CHR Plugin: (MSN Toolbar) - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll No File
CHR Plugin: (Facebook Desktop) - C:\Users\Toshiba\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Toshiba\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Google Update) - C:\Users\Toshiba\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR HKLM\...\Chrome\Extension: [jealjalmcelnenljclnadlblookmkmdc] - C:\Users\Toshiba\AppData\Local\Temp\crxE355.tmp []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
2014-10-17 18:05 - 2014-10-17 18:10 - 00000000 ____ D () C:\AdwCleaner
2014-10-08 15:36 - 2014-10-08 15:36 - 00000000 __SHD () C:\found.000
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(M Wojcikvlo) #3

to juz wszystko? tutaj ten fixlog: http://wklej.org/id/1490971/


(Acorus) #4

Skasuj folder C:\FRST


(M Wojcikvlo) #5

Bardzo, bardzo dziękuję za pomoc :slight_smile: