elto
(Tomiacki)
28 Wrzesień 2014 15:43
#1
Cześc.
Potrzebuję zrobic porządek na laptopie ojca. System ma juz parę dobrych lat, na tym kompie nigdy nie było formata, raz do roku jakes czyszczenie odkurzaczem czy czymś podobnym. Objawy jakie sa denerwujące to sporo reklam i wolna praca systemu.
Logi:
OTL
OTL extras
GMER
FRST
Frst addition
Atis
(Atis)
28 Wrzesień 2014 16:17
#2
W panelu sterowania odinstaluj:
AutocompletePro
BrowseMark
FlvPlayer
Linkey
Settings Manager
SweetIM for Messenger 3.3
SweetIM Toolbar for Internet Explorer 3.9
Yahoo! Search
Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.
Kliknij Scan i pokaż nowy raport z FRST bez Addition.
Atis
(Atis)
28 Wrzesień 2014 18:06
#4
Nie instaluj szkodliwych programów: C:\Users\PIOTR\Downloads\yet_another_cleaner_gam.exe
Odinstaluj RegTask.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
HKLM\...\Run: [RegTask] => C:\Program Files\RegTask\RegTask.exe [10577224 2010-11-18] (Time Pioneer Limited)
HKU\S-1-5-21-445041394-3677568960-217178356-1000\...\Run: [swg] => ő8őtZwyZwõw
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com
SearchScopes: HKCU - {64DE9CA9-3124-49E3-8C1F-83A26472CAE6} URL = http://mp3tubetoolbar.com/?tmp=toolbar_sb_results&prt=pinballtbfour01ie&Keywords={searchTerms}&clid=3a7726b93cf742a592ff24f85cfa4387
SearchScopes: HKCU - {74D39443-DEFA-47C0-94A0-4D427C0416CD} URL = http://rts.dsrlte.com/?q={searchTerms}&r=333
CHR Extension: (No Name) - C:\Users\PIOTR\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk [2010-11-07]
CHR Extension: (No Name) - C:\Users\PIOTR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb [2010-12-25]
CHR Extension: (BrowseMark) - C:\Users\PIOTR\AppData\Local\Google\Chrome\User Data\Default\Extensions\goipcfdihomaoojgckmhigcogbnpncaf [2014-09-28]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 nmwcd; system32\drivers\ccdcmb.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbo.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [X]
C:\AdwCleaner
C:\Users\PIOTR\Downloads\yet_another_cleaner_gam.exe
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
Task: {33C225B2-F80F-45B1-B795-6D06E61D258F} - System32\Tasks\{FB49ADF1-EF44-4764-B3B2-2EE495909319} => Chrome.exe http://ui.skype.com/ui/0/5.1.11.104/pl/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;ienotdefaultbrowser2
Task: {540995BA-86D5-4B9E-932C-F5A183D9AF99} - System32\Tasks\RunAsStdUser Task => C:\Users\PIOTR\AppData\Local\RavenBleuSA\bin\1.0.11.0\RavenBleuSA.exe
Task: {57E522C6-442B-4E81-AF93-7DD3285F5A83} - System32\Tasks\Yahoo! Search => C:\Users\PIOTR\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe [2014-07-12] (Pay By Ads LTD) <==== ATTENTION
Task: {89F342A2-5C7E-44A6-ABB1-6F32F312FD02} - System32\Tasks\RegTask => C:\Program Files\RegTask\RegTask.exe [2010-11-18] (Time Pioneer Limited)
Task: {D2FC399D-BA35-4ACB-97D6-734F2A581494} - System32\Tasks\{63B22E27-A2B5-42BB-9A40-D14659A98B17} => Chrome.exe http://ui.skype.com/ui/0/5.1.11.104/pl/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;ienotdefaultbrowser2
Task: C:\Windows\Tasks\RegTask.job => C:\Program Files\RegTask\RegTask.exe
EmptyTemp:
Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.
Kliknij Scan i pokaż nowy raport z FRST bez Addition.
elto
(Tomiacki)
28 Wrzesień 2014 18:47
#5
FIXLOG
FABAR
C:\Users\PIOTR\Downloads\yet_another_cleaner_gam.exe - usunięte.
Atis
(Atis)
28 Wrzesień 2014 19:02
#6
Skasuj folder C:\FRST
Usuń stare punkty przywracania: KLIK
Dysk przeskanuj Malwarebytes Anti-Malware
Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.
http://wstaw.org/m/2014/03/25/2014-03-25_123039.png
Język PL > Settings > General Settings > Language > Polish
Odinstaluj Adobe Reader X i zainstaluj Adobe Reader XI 11.0.9