Digital More ads - proszę o pomoc

Pashammz · 29 Maj 2015 19:56

Digital More ads - proszę o pomoc w usunięciu. FRST: http://wklej.to/50SlX Addition: http://wklej.to/oGf31 Shortcut: http://wklej.to/7iYT2

Atis · 29 Maj 2015 20:47

Usuń szkodliwe rozszerzenia w przeglądarce Chrome

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM\...\Run: [NWEReboot] => [X]
HKLM\...\Run: [] => [X]
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
CHR Extension: (Digital More) - C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohagfihmjmkdfdclcpfigcpljdgndif [2015-05-01]
CHR Extension: (Bookmark Manager) - C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
S4 InCDFs; system32\drivers\InCDFs.sys [X]
S1 InCDPass; system32\drivers\InCDPass.sys [X]
S1 InCDRm; system32\drivers\InCDRm.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-05-05 22:44 - 2015-05-29 21:40 - 00000000 ____ D () C:\AdwCleaner
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.26.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{d0a0ed0a-55ac-4469-a197-1d08ce99cfb9}\localserver32 -> C:\Users\Przemek\AppData\Local\Temp\{4f5e3a76-f453-4882-ab42-7224f3310de7}\IDriver.NonElevated.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Przemek\Downloads\TOSH.rar.exe No File
CustomCLSID: HKU\S-1-5-21-4231624233-3875913516-4262267094-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
Task: {0094F8B1-7A6C-4FF3-AD82-F32A29C943C8} - System32\Tasks\{BF1E4F22-E6B2-4AA6-A821-4CA4BAC69ACE} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{8FAF844C-FFC0-41C6-BECB-DECB7435A7D8}\MTB\Setup\setup.exe" -d "C:\Program Files\InstallShield Installation Information\{8FAF844C-FFC0-41C6-BECB-DECB7435A7D8}\MTB\Setup"
Task: {0AAA92F9-3902-44E0-861B-93FB851902EA} - System32\Tasks\{F5B46CED-2979-4D93-970A-F346C586F515} => pcalua.exe -a "C:\Program Files\Play\Czerwony Kapturek - Wersja Demo\unins000.exe" -d "C:\Program Files\Play\Czerwony Kapturek - Wersja Demo"
Task: {29120B1D-B886-45BB-8C55-2350FC4F2971} - System32\Tasks\{0E143777-652A-4721-AC31-D369373FBD4F} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{09961A16-DA99-4F15-BBE1-E7755A3BA8E3}\setup.exe" -c -runfromtemp -l0x0415
Task: {523B54D7-25FC-4F07-A2DD-3188C7458414} - System32\Tasks\{EFCA7A62-96BE-434C-9138-8DEBE06BE53D} => pcalua.exe -a D:\setup.exe -d D:\
Task: {675B6BEC-1FDC-48FD-B910-5F9515791153} - System32\Tasks\{AAF8C7A5-567D-4A0D-B0D6-945FA425B851} => pcalua.exe -a F:\start.exe -d F:\
Task: {67ABA153-7EA7-4C8D-BD5A-9442203CA1C6} - System32\Tasks\{1F82E559-5C21-4DF3-B7F0-0725ADDF9B9B} => pcalua.exe -a I:\internalsw.exe -d I:\
Task: {771D825F-3C3E-41D3-8F89-D9B5B0B91858} - System32\Tasks\{04286FD1-D43F-4500-9A8E-BC396F7670C3} => pcalua.exe -a I:\lj1010seriesprintsys\hpsetup.exe -d I:\lj1010seriesprintsys
Task: {A299C515-141A-4D0E-B008-A8FFAB80B493} - System32\Tasks\{2B4608B5-94CB-49DC-A3BE-2D8DA76B4E96} => pcalua.exe -a "H:\ASUS P5Q3\SATA\JMB363_SATARAID_v1174711_v1174816\JMB363_SATARAID_v1174711_v1174816\Install\setup.exe" -d "H:\ASUS P5Q3\SATA\JMB363_SATARAID_v1174711_v1174816\JMB363_SATARAID_v1174711_v1174816\Install"
Task: {E2AEF06A-3E28-4692-8E12-27EBD7F0BAAD} - System32\Tasks\{4E52C092-75B6-47A7-BEC0-541070C681AA} => pcalua.exe -a F:\autorun.exe -d F:\
Task: {E71A5F76-DA04-4C2B-BB9F-A9BAF1C1C351} - System32\Tasks\{3F5B7528-93DB-4311-A779-9C9AB871A214} => pcalua.exe -a F:\InstallCheck.exe -d F:\
Task: {EF980AD9-FB86-4085-8236-0CE36B423284} - System32\Tasks\{D5B573A6-041C-47BF-9B94-2C24B32E5442} => pcalua.exe -a I:\lj1010seriesprintsys\hpsetup.exe -d I:\lj1010seriesprintsys
Task: {F54EAC46-119C-4EF6-8871-9493651CACBD} - System32\Tasks\{54CF2B85-DAAB-4289-B780-7A5ECAE3DD82} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {F8B6F2C5-5F76-4CEC-AA81-757BDA6DF2D7} - System32\Tasks\{0DECB371-480A-4560-92B1-68C1EEB388AF} => pcalua.exe -a D:\6132-08\Setup.exe -d D:\6132-08
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition i Shortcut.