Mystartsearch - proszę o pomoc w usunięciu


(Gwynblaidd252) #1

FRST: http://www.wklej.org/id/1545071/

ADD: http://www.wklej.org/id/1545072/


(Atis) #2

W panelu sterowania odinstaluj:

BuyNsave

SpyHunter 4

YoutubeAdBlocke

Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.


(Gwynblaidd252) #3

http://www.wklej.org/id/1545103/


(Atis) #4

Wklej cały log Addition.


(Gwynblaidd252) #5

http://www.wklej.org/id/1545121/


(Atis) #6

Wklej cały log, a na końcu jest napisane End Of Log.


(Gwynblaidd252) #7

przepraszam, że tak późno ale robota papierami zawaliła

 

http://www.wklej.org/id/1546352/


(Atis) #8

To nie jest log Addition.

Masz pokazać cały log Addition - End Of Log.


(Gwynblaidd252) #9

 w addition nie ma nic takiego


(Atis) #10

To utwórz nowy log.

Zaznacz Addition.txt i kliknij Scan.


(Gwynblaidd252) #11

http://www.wklej.org/id/1547564/


(Atis) #12

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

CustomCLSID: HKU\S-1-5-21-3960501626-1890315135-2540289326-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3960501626-1890315135-2540289326-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3960501626-1890315135-2540289326-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3960501626-1890315135-2540289326-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Patrycja i Grzegorz\AppData\Local\Temp\D9b6ed39540F\temp\Diploma Font Font.exe ()
Task: {2B91AEA6-3F69-4778-8E44-8AB460C3D50A} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{518DB51F-786E-48BF-852E-9FE7A48886D4}.exe
Task: {5476FF8C-030B-4F1B-99F0-3E5E32669582} - System32\Tasks\{6D854D11-7AF7-4D3B-AF50-00E717BF3A78} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.0.169.405&LastError=12007
Task: {5C754811-B82B-4892-BFDB-410566F1E120} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{3FCA4C45-312E-463E-A315-D80DDFDEF6D9}.exe
Task: {9B4EEDE6-9C77-4BE7-86B2-B312EC98A401} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3960501626-1890315135-2540289326-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-11-05] (RealNetworks, Inc.)
Task: {C537E9B2-43D4-410E-8AB0-B04006FBE74C} - System32\Tasks\SK.Enhancer-S-161304646 => c:\programdata\quickset\sk.enhancer\SK.Enhancer.exe <==== ATTENTION
Task: {C9D897B4-4F38-43F6-A85C-F908B00ACA2A} - System32\Tasks\At1 => C:\Users\PATRYC~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {D94BF4C6-16E7-47CB-A178-CADE4C921826} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3960501626-1890315135-2540289326-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2010-11-05] (RealNetworks, Inc.)
Task: {DFC54730-8361-4A43-966D-E8B3D09581A4} - System32\Tasks\SectionSubs-S-844014838 => c:\programdata\trusted publisher\softwarefix\SectionSubs.exe <==== ATTENTION
Task: C:\Windows\Tasks\At1.job => C:\Users\PATRYC~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{518DB51F-786E-48BF-852E-9FE7A48886D4}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{3FCA4C45-312E-463E-A315-D80DDFDEF6D9}.exe
Task: C:\Windows\Tasks\SectionSubs-S-844014838.job => c:\programdata\trusted publisher\softwarefix\SectionSubs.exe <==== ATTENTION
Task: C:\Windows\Tasks\SK.Enhancer-S-161304646.job => c:\programdata\quickset\sk.enhancer\SK.Enhancer.exe <==== ATTENTION
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3960501626-1890315135-2540289326-1000\...\Run: [vProt] => C:\Program Files\GameBox\vprot.exe
Startup: C:\Users\Patrycja i Grzegorz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorpedoCopy.lnk
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-3960501626-1890315135-2540289326-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-3960501626-1890315135-2540289326-1000 -> {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} URL = http://gbt.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
SearchScopes: HKU\S-1-5-21-3960501626-1890315135-2540289326-1000 -> {42168F92-DA71-42E6-BC7F-132EAC1F1899} URL = http://www.tepela.com/search/?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&rls=BT4abuvr
Toolbar: HKU\S-1-5-21-3960501626-1890315135-2540289326-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-3960501626-1890315135-2540289326-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF SearchPlugin: C:\Users\Patrycja i Grzegorz\AppData\Roaming\Mozilla\Firefox\Profiles\479n45ll.default\searchplugins\privitize.xml
FF Extension: vshare Add-On - C:\Users\Patrycja i Grzegorz\AppData\Roaming\Mozilla\Firefox\Profiles\479n45ll.default\Extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}.xpi [2011-08-19]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-18]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-11-18]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-11-18]
S2 24c54e38; "C:\Windows\system32\rundll32.exe" "c:\Program Files\DeltaFix\DeltaFix.dll",serv
S2 vToolbarUpdater17.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [X]
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-12] (AVG Technologies)
C:\Windows\system32\drivers\avgtpx86.sys
U1 eabfiltr; No ImagePath
S3 SMARTMouseFilterx86; system32\DRIVERS\SMARTMouseFilterx86.sys [X]
S3 SMARTVHidMini2000x86; system32\DRIVERS\SMARTVHidMini2000x86.sys [X]
S3 SMARTVTabletPCx86; system32\DRIVERS\SMARTVTabletPCx86.sys [X]
C:\Users\Patrycja i Grzegorz\Downloads\SpyHunter*exe
C:\ProgramData\cipdcookjlbanijffipkknnfjaonhbcn
C:\AdwCleaner
C:\ProgramData\*.exe
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.


(Gwynblaidd252) #13

Fixlog: http://www.wklej.org/id/1549269/