Prosze o pomoc
FRST: http://wklej.org/id/1514800/
ADDITION: http://wklej.org/id/1514802/
W panelu sterowania odinstaluj:
Elite Unzip
FreeSoftToday
Remote Desktop Access
SunriseBrowse
Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.
Kliknij Scan i pokaż nowy raport z FRST bez Addition.
Przepraszam ze tak pozno ale nie mialem dostepu do kompa.
Sa tu zainstalowane dwa antywirusy: AVAST i AVG. Chciałbym zostawić AVG ale nie ma AVASTA na liście programów do usunięcia. Uruchamia się w trayu…
Dezinstalacja za pomocą użycia narzędzia avast! Uninstall Utility
Przestań instalować szkodliwe programy.
Pokaż nowy raport Addition.
Ok Avast usunięty.
Program zacina się na Listing partitions. Raport nie jest pełny, taki wystarczy?? :
W panelu sterowania odinstaluj Remove 4HD i Software Version Updater,
Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM\...\Run: [fst_pl_209] => [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1067322934-3769244523-2572249333-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1067322934-3769244523-2572249333-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-1067322934-3769244523-2572249333-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
BHO: No Name -> {11111111-1111-1111-1111-110611111195} -> No File
BHO: No Name -> {11111111-1111-1111-1111-110611171176} -> No File
BHO: No Name -> {11111111-1111-1111-1111-110611191115} -> No File
BHO: No Name -> {11111111-1111-1111-1111-110611491169} -> No File
BHO: No Name -> {11111111-1111-1111-1111-110611501155} -> No File
BHO: No Name -> {11111111-1111-1111-1111-110611511123} -> No File
FF Homepage: https://mysearch.avg.com?pid=wtu&sg=&cid=%7B09a4ffd1-63cf-43f7-88d0-ced506ce9f06%7D&mid=903e398048ea47d2aeebd15696d411a9-eea85cf45135aef1cec43a69ea0a61ed767d2670&ds=AVG&v=3.2.0.18&lang=pl&pr=fr&d=2014-10-18%2017%3A17%3A23&sap=hp
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: videos+Media+Players - C:\Users\Kasia\AppData\Roaming\Mozilla\Firefox\Profiles\9y3t8g8o.default\Extensions\975af956-6d8c-4897-837a-25c267d2cec1@gmail.com [2014-10-15]
FF Extension: CinemaxMe 1.1 - C:\Users\Kasia\AppData\Roaming\Mozilla\Firefox\Profiles\9y3t8g8o.default\Extensions\9d2db1ce83264e61a7ee63d4f@f932995ed00643899218cf824d695.com [2014-10-15]
FF Extension: V-9.1HDV25.09 - C:\Users\Kasia\AppData\Roaming\Mozilla\Firefox\Profiles\9y3t8g8o.default\Extensions\EXONUDC1159428@DGG30572216.com [2014-10-14]
FF Extension: Fox Sec 7 - C:\Users\Kasia\AppData\Roaming\Mozilla\Firefox\Profiles\9y3t8g8o.default\Extensions\fx@foxysecureKDJJHVLSDUVFU.com [2014-10-14]
FF Extension: iWebar - C:\Users\Kasia\AppData\Roaming\Mozilla\Firefox\Profiles\9y3t8g8o.default\Extensions\ROUAILDE73397174@UXGZI17268980.com [2014-10-14]
FF Extension: Sites - C:\Users\Kasia\AppData\Roaming\Mozilla\Firefox\Profiles\9y3t8g8o.default\Extensions\{121761af-0fa5-4896-a2a8-cfdbac4e4982} [2014-10-14]
CHR Extension: (dbhhnnnpaeobfddmlalhnehgclcmjimi) - C:\Users\Kasia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhhnnnpaeobfddmlalhnehgclcmjimi [2014-10-07]
CHR Extension: (ddehdnnhjimbggeeenghijehnpakijod) - C:\Users\Kasia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddehdnnhjimbggeeenghijehnpakijod [2014-10-06]
CHR Extension: (videos+Media+Players) - C:\Users\Kasia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejaohcdkoibiglljclfbmegmenlinpmd [2014-10-08]
CHR Extension: (gclcmokkcfnjpghegbnebiokigholeli) - C:\Users\Kasia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gclcmokkcfnjpghegbnebiokigholeli [2014-10-07]
CHR Extension: (MyPlayCity) - C:\Users\Kasia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjmohbdbnfkkjolmdfbhhdfjgjclomkd [2014-10-19]
CHR Extension: (Elite Unzip) - C:\Users\Kasia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjcoccminpbgmiffhifdcnelpojeeb [2014-11-02]
CHR Extension: (Senses) - C:\Users\Kasia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2014-10-06]
R2 4hdupdater; C:\Program Files\4HD\updater.exe [376816 2014-10-22] (Lollipop Network SL)
S4 MaintainerSvc2.61.4907295; C:\ProgramData\89c775be-12de-4e15-846c-6b3e6a8c39a2\maintainer.exe [123640 2014-11-05] ()
S3 ALSysIO; \??\C:\Users\Kasia\AppData\Local\Temp\ALSysIO.sys [X]
S3 cpuz134; \??\C:\Users\Kasia\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
S2 SPDRIVER_1.37.0.1323; \??\C:\Program Files\ShopperPro\JSDriver\1.37.0.1323\jsdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Program Files\4HD
C:\ProgramData\89c775be-12de-4e15-846c-6b3e6a8c39a2
C:\found.001
C:\found.000
C:\Users\Kasia\AppData\Local\4hd
C:\Users\Kasia\Downloads\SoftonicDownloader_dla_ice-age-4-wallpaper.exe
C:\Program Files\videos+Media+Players
C:\Program Files\CinemaxMe 1.1
Task: {0058C349-0006-48D0-91CA-534CC26CB487} - System32\Tasks\UNELEVATE_24776 => C:\Program Files\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe <==== ATTENTION
Task: {0432EE19-C4AE-4E5A-9EE4-406D8085A40C} - System32\Tasks\AmiUpdXp => C:\Users\Kasia\AppData\Local\21277\Updater.exe [2014-11-20] () <==== ATTENTION
Task: {07AE6B9F-C90C-4399-B974-BDCF76A6AF5C} - System32\Tasks\{119CEC0C-EA26-4452-85EB-EE431F316941} => C:\Users\Kasia\Downloads\UK.Truck.Simulator-SKIDROW.exe [2014-11-02] ()
Task: {0F29A5BA-8278-4F53-9C53-312BC9BF920B} - System32\Tasks\{8356EE3D-14B6-43E0-A708-E663DC134C0A} => Firefox.exe
Task: {1C83E33F-4AF3-4D67-BEBF-66B017AD6CE3} - System32\Tasks\UNELEVATE_17130 => C:\Program Files\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe <==== ATTENTION
Task: {44FA0E57-C363-4BCB-9FF9-769E343E79A3} - System32\Tasks\UNELEVATE_9241 => C:\Program Files\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe <==== ATTENTION
Task: {76FB685E-8721-41FA-AD4B-2BD9E0FCAA09} - System32\Tasks\UNELEVATE_17177 => C:\Program Files\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe <==== ATTENTION
Task: {881DCA0B-B6B2-4DB3-A987-2CDEFC5EC013} - System32\Tasks\UNELEVATE_24422 => C:\Program Files\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe <==== ATTENTION
Task: {88B5E0ED-F305-4949-9998-493260F68FB1} - System32\Tasks\{EF2621AD-A0ED-4843-B4E5-FE09CB70D879} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.0.155&LastError=404
Task: {A295983F-6A77-4A41-82B3-833085539A38} - System32\Tasks\{2127A8C4-70EA-466A-B41F-5DA626C1760B} => C:\Users\Kasia\Downloads\UK.Truck.Simulator-SKIDROW.exe [2014-11-02] ()
Task: C:\Windows\Tasks\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-1.job => C:\Program Files\V-9.1HDV25.09\V-9.1HDV25.09-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-11.job => C:\Program Files\V-9.1HDV25.09\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-2.job => C:\Program Files\V-9.1HDV25.09\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-3.job => C:\Program Files\V-9.1HDV25.09\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-4.job => C:\Program Files\V-9.1HDV25.09\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-5.job => C:\Program Files\V-9.1HDV25.09\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-5_user.job => C:\Program Files\V-9.1HDV25.09\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-6.job => C:\Program Files\V-9.1HDV25.09\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-7.job => C:\Program Files\V-9.1HDV25.09\4cfe7651-4a1f-4edc-b4b1-2c95962ee950-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\54f2499c-4737-440a-a695-89d7c5e2c27e-1.job => C:\Program Files\Browsers+_App+_Pro+\Browsers+_App+_Pro+-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\54f2499c-4737-440a-a695-89d7c5e2c27e-7.job => C:\Program Files\Browsers+_App+_Pro+\54f2499c-4737-440a-a695-89d7c5e2c27e-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\5f6a9e75-a1a5-455b-b394-40eb5aa212d3.job => C:\Program Files\V-9.1HDV25.09\5f6a9e75-a1a5-455b-b394-40eb5aa212d3.exe <==== ATTENTION
Task: C:\Windows\Tasks\9c021fb3-f1e8-4e72-8015-83777b9a031a-1.job => C:\Program Files\CinemaxMe 1.1\CinemaxMe 1.1-codedownloader.exe
Task: C:\Windows\Tasks\9c021fb3-f1e8-4e72-8015-83777b9a031a-7.job => C:\Program Files\CinemaxMe 1.1\9c021fb3-f1e8-4e72-8015-83777b9a031a-7.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ae521cb4-aba2-40ce-bf37-b8cf9fce7221-1.job => C:\Program Files\videos+Media+Players\videos+Media+Players-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\ae521cb4-aba2-40ce-bf37-b8cf9fce7221-7.job => C:\Program Files\videos+Media+Players\ae521cb4-aba2-40ce-bf37-b8cf9fce7221-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Kasia\AppData\Local\21277\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\dbe4f9b7-2c2a-4ca2-a725-5efa3f4b30a6.job => C:\Program Files\V-9.1HDV25.09\dbe4f9b7-2c2a-4ca2-a725-5efa3f4b30a6.exe <==== ATTENTION
EmptyTemp:
Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.
Kliknij Scan i pokaż nowy raport z FRST bez Addition.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
C:\AdwCleaner
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\MaintainerSvc2.61.4907295" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ReimageRealTimeProtector" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\Update SunriseBrowse" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\Util SunriseBrowse" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\vToolbarUpdater3.2.0" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\4hd" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVG_UI" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoobzoYouTubeAccelerator" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SPDriver" /f
DeleteQuarantine:
Uruchom FRST i kliknij Fix. Skasuj folder C:\FRST
Usuń stare punkty przywracania: Aby usunąć wszystkie punkty przywracania
Dysk przeskanuj Malwarebytes Anti-Malware
Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.
http://wstaw.org/m/2014/03/25/2014-03-25_123039.png
Język PL > Settings > General Settings > Language > Polish
Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK
Odnstaluj Adobe Flash Player 15 Plugin i zainstaluj Flash Player 15.0.0.223 Plugin