Problem z plugin container i delta-search


(cena6) #1

Witam , moja siostra ma problem z spyware na laptopie proszę o pomoc.

 

Najpierw przeskanowałem laptop adwcleaner , dużo rzeczy tam sie pojawiło , załączam raport

 

http://wklej.org/id/1713657/

 

Proszę jeszcze o sprawdzenie logów FRST , bo np w Menedżerze zadań są procesy który nie rozpoznaje

 

Addition

 

http://wklej.org/id/1713660/

 

FRST

 

http://wklej.org/id/1713661/

 

Shortcut

 

http://wklej.org/id/1713663/

 

 

Dziękuję za pomoc i pozdrawiam.

 

 

 


(Acorus) #2

Otwórz notatnik systemowy i wklej:

HKLM-x32\...\Run: [WinampAgent] = C:\Program Files (x86)\Winamp\winampa.exe [74752 2010-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [NeroFilterCheck] = C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [APSDaemon] = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] = C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-03-27] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] = C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Startup: C:\Users\Kasia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zosta FIT Natalia Gacka - Trening A1.lnk [2015-04-08]
ShortcutTarget: Zosta FIT Natalia Gacka - Trening A1.lnk - C:\ProgramData\{e7d8d7ba-bb8f-7871-e7d8-8d7babb85eea}\Zosta FIT Natalia Gacka - Trening A1.exe (No File)
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: EnoRmouUSaleiS - {d50309e4-fde0-4ad1-b4e1-9b4a96fd2271} - C:\Program Files (x86)\EnoRmouUSaleiS\UA7mYecppBYBhV.x64.dll [2015-04-21] ()
BHO-x32: EnoRmouUSaleiS - {d50309e4-fde0-4ad1-b4e1-9b4a96fd2271} - C:\Program Files (x86)\EnoRmouUSaleiS\UA7mYecppBYBhV.dll [2015-04-21] ()
Toolbar: HKU\S-1-5-21-1625837196-3169431385-2320055628-1000 - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF SelectedSearchEngine: Yahoo! Search
U3 aa10r7w9; C:\Windows\System32\Drivers\aa10r7w9.sys [0] (Microsoft Corporation) ==== ATTENTION (zero size file/folder)
U4 eabfiltr; No ImagePath
2015-05-17 11:26 - 2015-05-17 11:30 - 00000000 ____ D () C:\AdwCleaner
2015-04-21 18:37 - 2015-04-21 18:37 - 00000000 ____ D () C:\Program Files (x86)\EnoRmouUSaleiS
2015-04-21 18:37 - 2015-04-21 18:37 - 00000000 ____ D () C:\Program Files (x86)\DiscountMan
C:\Users\Kasia\ffdshow_rev3572_20100913_clsid(dobreprogramy.pl).exe
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

Odinstaluj Chrome zaznaczając usunięcie danych przeglądania.