Problem z KeyFind

Grzesiek2001 · 4 Kwiecień 2015 17:41

Witam serdecznie,

w przeglądarce pojawiła mi się niechciana wyszukiwarka KeyFind, prosiłbym o pomoc w rozwiązaniu problemu. Załączam linki do logów: http://www.wklej.org/id/1679930/ i http://www.wklej.org/id/1679932/ Z góry dziękuję za pomoc.

Acorus · 4 Kwiecień 2015 17:51

Odinstaluj Round World.Otwórz notatnik systemowy i wklej:

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Torpedo.lnk
ShortcutTarget: Torpedo.lnk - C:\Users\User\AppData\Local\Torpedo\Torpedo.exe (No File)
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hpppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hpppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.key-find.com/web/?type=dsppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.key-find.com/?type=hpppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.key-find.com/?type=hpppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.key-find.com/web/?type=dsppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-643704904-2378597351-2442615757-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.key-find.com/web/?type=dsppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954q={searchTerms}
HKU\S-1-5-21-643704904-2378597351-2442615757-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
HKU\S-1-5-21-643704904-2378597351-2442615757-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.key-find.com/web/?type=dsppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954q={searchTerms}
HKU\S-1-5-21-643704904-2378597351-2442615757-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hpppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954
HKU\S-1-5-21-643704904-2378597351-2442615757-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.key-find.com/?type=hpppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?type=dsppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?type=dsppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?type=dsppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?type=dsppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954q={searchTerms}
SearchScopes: HKU\S-1-5-21-643704904-2378597351-2442615757-1000 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?type=dsppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954q={searchTerms}
SearchScopes: HKU\S-1-5-21-643704904-2378597351-2442615757-1000 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.key-find.com/web/?utm_source=butm_medium=corutm_campaign=install_ieutm_content=dsfrom=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954ts=1423230987type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-643704904-2378597351-2442615757-1000 - {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.key-find.com/web/?utm_source=butm_medium=corutm_campaign=install_ieutm_content=dsfrom=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954ts=1423230987type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-643704904-2378597351-2442615757-1000 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?type=dsppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954q={searchTerms}
SearchScopes: HKU\S-1-5-21-643704904-2378597351-2442615757-1000 - {EE000C74-4C13-4A75-9AAD-1CD6717EA5B9} URL = http://q.search-simple.com/?affID=naq={searchTerms}r=682
BHO-x32: No Name - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - No File
BHO-x32: Round World 1.0.0.7 - {78549bde-b964-4d2a-b7b1-c4ac15ddff64} - C:\Program Files (x86)\Round World\RoundWorldbho.dll [2015-02-06] (Round World)
CHR HomePage: Default - hxxp://www.key-find.com/?type=hpppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954
CHR RestoreOnStartup: Default - "hxxp://search.yahoo.com/?fr=hp-ddc-bdtype=616_pr __alt__ ddc_dsssyc_bd_com"
CHR StartupUrls: Default - "hxxp://www.key-find.com/?type=hpppts=1423230776from=coruid=WDCXWD5000AAKX-75U6AA0_WD-WCC2ENS0495404954"
CHR DefaultSearchKeyword: Default - yahoo.com
CHR DefaultNewTabURL: Default - http://search.yahoo.com/?fr=hp-ddc-bd-tabtype=616_pr __alt__ ddc_dsssyctab_bd_com
CHR Extension: (Round World) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcmfflhpaafbbcnimkgkghmnccbbblla [2015-03-03]
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
R2 MaintainerSvc2.14.9041534; C:\ProgramData\aea8cc93-2213-47cf-a265-0391e3461dbb\maintainer.exe [128240 2015-04-04] ()
R2 Update Round World; C:\Program Files (x86)\Round World\updateRoundWorld.exe [402672 2015-04-04] ()
R2 Util Round World; C:\Program Files (x86)\Round World\bin\utilRoundWorld.exe [402672 2015-04-04] ()
R1 {237a87b5-881c-4fd8-b80a-c3b471ff75d7}Gw64; C:\Windows\System32\drivers\{237a87b5-881c-4fd8-b80a-c3b471ff75d7}Gw64.sys [48784 2015-03-13] (StdLib)
R1 {4cc550cb-ad95-48a3-ae71-6ab7c8433971}Gw64; C:\Windows\System32\drivers\{4cc550cb-ad95-48a3-ae71-6ab7c8433971}Gw64.sys [48784 2015-03-10] (StdLib)
R1 {72502b1b-b916-4994-814e-c516f9f681b2}Gw64; C:\Windows\System32\drivers\{72502b1b-b916-4994-814e-c516f9f681b2}Gw64.sys [48784 2015-02-25] (StdLib)
R1 {7eca9cfa-8eb0-4cc4-b008-3419a1b1582a}Gw64; C:\Windows\System32\drivers\{7eca9cfa-8eb0-4cc4-b008-3419a1b1582a}Gw64.sys [48784 2015-02-16] (StdLib)
R1 {81711fd0-60e8-45bb-a4ff-3004058b32b4}Gw64; C:\Windows\System32\drivers\{81711fd0-60e8-45bb-a4ff-3004058b32b4}Gw64.sys [48784 2015-02-07] (StdLib)
R1 {8f5b8fd1-2f96-4fbf-974b-7f28fa0f93d7}Gw64; C:\Windows\System32\drivers\{8f5b8fd1-2f96-4fbf-974b-7f28fa0f93d7}Gw64.sys [48784 2015-03-06] (StdLib)
R1 {9449d7f6-6f2b-4280-9a4d-eb2b42a31f67}Gw64; C:\Windows\System32\drivers\{9449d7f6-6f2b-4280-9a4d-eb2b42a31f67}Gw64.sys [48784 2015-02-13] (StdLib)
R1 {97a224e4-fe41-4078-b1ef-069fe8cd6d9f}Gw64; C:\Windows\System32\drivers\{97a224e4-fe41-4078-b1ef-069fe8cd6d9f}Gw64.sys [48784 2015-02-28] (StdLib)
R1 {c6cf689f-ec21-4add-accd-adc0bafcbba6}Gw64; C:\Windows\System32\drivers\{c6cf689f-ec21-4add-accd-adc0bafcbba6}Gw64.sys [48784 2015-02-19] (StdLib)
R1 {c9a465a5-420c-4acc-b1be-3ac71ae80fda}Gw64; C:\Windows\System32\drivers\{c9a465a5-420c-4acc-b1be-3ac71ae80fda}Gw64.sys [48784 2015-03-03] (StdLib)
R1 {d0194130-21b3-4618-b5c8-b6dfe1e0bb88}Gw64; C:\Windows\System32\drivers\{d0194130-21b3-4618-b5c8-b6dfe1e0bb88}Gw64.sys [48784 2015-02-10] (StdLib)
R1 {e5189cab-3112-4bd9-9e32-85524e9e9322}Gw64; C:\Windows\System32\drivers\{e5189cab-3112-4bd9-9e32-85524e9e9322}Gw64.sys [48784 2015-02-06] (StdLib)
R1 {f545e6fb-3307-427c-99c9-d8fcad9fa830}Gw64; C:\Windows\System32\drivers\{f545e6fb-3307-427c-99c9-d8fcad9fa830}Gw64.sys [48784 2015-02-22] (StdLib)
2015-03-15 19:34 - 2015-03-15 19:34 - 00003342 _____ () C:\Windows\System32\Tasks\{3B01BE21-359D-4A09-B658-BDA0A3B31C94}
2015-03-15 10:02 - 2015-03-15 10:02 - 00000000 ____ D () C:\Users\User\AppData\Local\Pay-By-Ads
2015-04-04 19:26 - 2015-02-06 15:50 - 00000000 ____ D () C:\Program Files (x86)\Round World
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.