dlugie otwieranie systemu i powolne otwieranie stron komputera,
odinstalowalem McAfee Security Scan Plus i przesylam raporty
Addition_18-02-2015_19-47-11.txt
Odinstaluj McAfee Security Scan Plus.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2065806238-2688219243-1318886187-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
HKU\S-1-5-21-2065806238-2688219243-1318886187-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=3A6D002185F0F69C
URLSearchHook: HKU\S-1-5-21-2065806238-2688219243-1318886187-1000 - (No Name) - {3b5aaea6-ae6d-45ab-a626-99ac24fd105b} - No File
SearchScopes: HKU\S-1-5-21-2065806238-2688219243-1318886187-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-2065806238-2688219243-1318886187-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=121845&babsrc=SP_ss&mntrId=3A6D002185F0F69C
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
FF Homepage: hxxp://pl.yahoo.com?fr=fp-comodo
FF Keyword.URL: hxxp://pl.search.yahoo.com/search?fr=ytff-comodo&p=
FF Extension: vshare Add-On - C:\Users\Zbigniew\AppData\Roaming\Mozilla\Firefox\Profiles\camng4n4.default\Extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}.xpi [2011-09-10]
FF HKU\S-1-5-21-2065806238-2688219243-1318886187-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
CHR Extension: (McAfee Security Scan+) - C:\Users\Zbigniew\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-23]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [X]
2010-04-11 10:39 - 2013-02-02 12:47 - 0002954 _____ () C:\Users\Zbigniew\AppData\Roaming\wklnhst.dat
2014-11-23 16:46 - 2015-02-04 21:12 - 0000115 _____ () C:\Users\Zbigniew\AppData\Roaming\LogFile.txt
2012-12-10 17:52 - 2012-12-10 18:04 - 0000028 _____ () C:\Users\Zbigniew\AppData\Local\vxhalfyn.log
2012-12-10 17:52 - 2012-12-10 17:52 - 0000000 _____ () C:\Users\Zbigniew\AppData\Local\xdsjxfry.log
2012-12-10 17:53 - 2012-12-10 18:04 - 0575935 _____ () C:\Users\Zbigniew\AppData\Local\xledcjjb.log
2012-12-10 17:52 - 2012-12-10 17:52 - 0000064 _____ () C:\ProgramData\jypxjtgo.log
2009-03-31 18:17 - 2009-03-31 18:17 - 0000056 ____ H () C:\ProgramData\ezsidmv.dat
RemoveDirectory: C:\$Recycle.Bin
Task: {025B9E44-C699-464A-8A16-2DC3A5C70891} - System32\Tasks\{5ABA02B0-9A71-41B3-92D2-6808B22AB8F6} => Iexplore.exe http://ui.skype.com/ui/0/6.14.73.104.456/pl/abandoninstall?page=tsWLM
Task: {025B9E44-C699-464A-8A16-2DC3A5C70891} - System32\Tasks\{5ABA02B0-9A71-41B3-92D2-6808B22AB8F6} => Iexplore.exe http://ui.skype.com/ui/0/6.14.73.104.456/pl/abandoninstall?page=tsWLM
Task: {1D875930-DB7B-41DA-A1CF-B516D3E688B0} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\OSUpgrade => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RunHandleOSUpgrade
Task: {4646D7E4-C883-4233-9EA2-2CE0CB979B46} - System32\Tasks\{95118E97-52CF-4307-8399-9DCA27666757} => pcalua.exe -a C:\Users\Zbigniew\AppData\Local\Temp\Temp3_SopCast[1].zip\Setup-SopCast-3.0.3-2008-4-30.exe
Task: {4EE3CB88-935D-4750-9942-BFC9BC14B29C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2065806238-2688219243-1318886187-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {547F5911-9353-4276-960A-AB8401A28F8C} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\WSCStub.exe
Task: {64A5A40C-97B9-45F6-85C8-67E2483F984B} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\MatSvc\DataUpload => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RetryDataUpload
Task: {69598E41-069D-4BAA-9BAB-DB0E76A562D3} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2065806238-2688219243-1318886187-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {74ABBE89-A1C4-4BD4-BE39-35A5C4F079ED} - System32\Tasks\{3AB42D80-E8CB-4FF8-84D6-B0DB701AA0C1} => pcalua.exe -a C:\Users\Zbigniew\AppData\Local\Temp\Temp1_SopCast[1].zip\Setup-SopCast-3.0.3-2008-4-30.exe
Task: {85873717-13DF-424E-BF91-69C5F6682AB7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9613398C-2B70-42BF-8955-8FB2A41ECE40} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe
Task: {A9F35C86-F844-4AD2-8B58-5E9B61675720} - System32\Tasks\{6DA016D0-C63F-4DF3-BCAE-9E7E38960605} => Firefox.exe http://ui.skype.com/ui/0/5.8.0.158/pl/abandoninstall?page=tsMain
Task: {AC50E610-5AA4-4C5F-A61B-A2F56E86BB77} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\ConfigExec => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RunCollectConfigurationInfo
Task: {AE382ED5-97F2-4451-8D7E-976A51234D39} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe
Task: {CC7636A1-1F03-4DC8-B346-ED519DC18B08} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe
Task: {DF6EF5B7-E460-4216-9940-B20D9BFD9E0E} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {F2883E6B-920A-4089-A743-8F1623F89250} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20] ()
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\RegCure Pro_sch_5C2C40BB-BE2D-11E3-9594-00030DBB8689.job => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe <==== ATTENTION
EmptyTemp:
Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.
Kliknij Scan i pokaż nowy raport z FRST bez Addition.
odinstalowalem McAfee Security Scan Plus i przesylam raporty
Fixlog_19-02-2015_09-29-28.txt
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
2012-12-10 17:52 - 2012-12-10 17:52 - 0005370 _____ () C:\Users\Zbigniew\AppData\Local\bhcunxpf.log
2012-12-10 17:52 - 2012-12-10 17:52 - 0000000 _____ () C:\Users\Zbigniew\AppData\Local\rxkywcih.log
2009-03-26 17:00 - 2009-03-26 17:00 - 0000032 _____ () C:\ProgramData\ezsid.dat
DeleteQuarantine:
CreateRestorePoint:
Uruchom FRST i kliknij Fix. Skasuj folder C:\FRST
Usuń stare punkty przywracania: KLIK
Dysk przeskanuj Malwarebytes Anti-Malware
Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.
http://wstaw.org/m/2014/03/25/2014-03-25_123039.png
Język PL > Settings > General Settings > Language > Polish
Odinstaluj Adobe Reader XI i zainstaluj Adobe Reader XI 11.0.10