Generalne sprzątanie, wolna praca systemu, sporo reklam

elto · 28 Wrzesień 2014 15:43

Cześc.

Potrzebuję zrobic porządek na laptopie ojca. System ma juz parę dobrych lat, na tym kompie nigdy nie było formata, raz do roku jakes czyszczenie odkurzaczem czy czymś podobnym. Objawy jakie sa denerwujące to sporo reklam i wolna praca systemu.

Logi:

Atis · 28 Wrzesień 2014 16:17

W panelu sterowania odinstaluj:

AutocompletePro

BrowseMark

FlvPlayer

Linkey

Settings Manager

SweetIM for Messenger 3.3

SweetIM Toolbar for Internet Explorer 3.9

Yahoo! Search

Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

elto · 28 Wrzesień 2014 17:08

FRST

Atis · 28 Wrzesień 2014 18:06

Nie instaluj szkodliwych programów: C:\Users\PIOTR\Downloads\yet_another_cleaner_gam.exe

Odinstaluj RegTask.

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM\...\Run: [RegTask] => C:\Program Files\RegTask\RegTask.exe [10577224 2010-11-18] (Time Pioneer Limited)
HKU\S-1-5-21-445041394-3677568960-217178356-1000\...\Run: [swg] => ő8őtZwyZwĂµw
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com
SearchScopes: HKCU - {64DE9CA9-3124-49E3-8C1F-83A26472CAE6} URL = http://mp3tubetoolbar.com/?tmp=toolbar_sb_results&prt=pinballtbfour01ie&Keywords={searchTerms}&clid=3a7726b93cf742a592ff24f85cfa4387
SearchScopes: HKCU - {74D39443-DEFA-47C0-94A0-4D427C0416CD} URL = http://rts.dsrlte.com/?q={searchTerms}&r=333
CHR Extension: (No Name) - C:\Users\PIOTR\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk [2010-11-07]
CHR Extension: (No Name) - C:\Users\PIOTR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb [2010-12-25]
CHR Extension: (BrowseMark) - C:\Users\PIOTR\AppData\Local\Google\Chrome\User Data\Default\Extensions\goipcfdihomaoojgckmhigcogbnpncaf [2014-09-28]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 nmwcd; system32\drivers\ccdcmb.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbo.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [X]
C:\AdwCleaner
C:\Users\PIOTR\Downloads\yet_another_cleaner_gam.exe
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-445041394-3677568960-217178356-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\PIOTR\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
Task: {33C225B2-F80F-45B1-B795-6D06E61D258F} - System32\Tasks\{FB49ADF1-EF44-4764-B3B2-2EE495909319} => Chrome.exe http://ui.skype.com/ui/0/5.1.11.104/pl/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;ienotdefaultbrowser2
Task: {540995BA-86D5-4B9E-932C-F5A183D9AF99} - System32\Tasks\RunAsStdUser Task => C:\Users\PIOTR\AppData\Local\RavenBleuSA\bin\1.0.11.0\RavenBleuSA.exe
Task: {57E522C6-442B-4E81-AF93-7DD3285F5A83} - System32\Tasks\Yahoo! Search => C:\Users\PIOTR\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe [2014-07-12] (Pay By Ads LTD) <==== ATTENTION
Task: {89F342A2-5C7E-44A6-ABB1-6F32F312FD02} - System32\Tasks\RegTask => C:\Program Files\RegTask\RegTask.exe [2010-11-18] (Time Pioneer Limited)
Task: {D2FC399D-BA35-4ACB-97D6-734F2A581494} - System32\Tasks\{63B22E27-A2B5-42BB-9A40-D14659A98B17} => Chrome.exe http://ui.skype.com/ui/0/5.1.11.104/pl/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;ienotdefaultbrowser2
Task: C:\Windows\Tasks\RegTask.job => C:\Program Files\RegTask\RegTask.exe
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

elto · 28 Wrzesień 2014 18:47

FIXLOG

FABAR

C:\Users\PIOTR\Downloads\yet_another_cleaner_gam.exe - usunięte.

Atis · 28 Wrzesień 2014 19:02

Skasuj folder C:\FRST

Usuń stare punkty przywracania: KLIK

Dysk przeskanuj Malwarebytes Anti-Malware

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

http://wstaw.org/m/2014/03/25/2014-03-25_123039.png

Język PL > Settings > General Settings > Language > Polish

Odinstaluj Adobe Reader X i zainstaluj Adobe Reader XI 11.0.9