Round world ads

damara.a · 12 Marzec 2015 16:51

Witam, proszę o podpowiedź jak się tego pozbyć.

Z góry dzięki

Acorus · 12 Marzec 2015 17:12

Otwórz notatnik systemowy i wklej:

HKLM\...\Run: [WinampAgent] = "C:\Program Files\Winamp\winampa.exe"
HKLM\...\Run: [SunJavaUpdateSched] = C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [QuickTime Task] = C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] = C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-4214354686-4175069687-496200612-1003\...\Run: [qkviis] = C:\Users\Ilona\qkviis.exe
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/burn4free/{F02838FB-881E-4ED5-937F-0ED250B793A8}
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrometype=yahoo_avg_hs2-tb-web_chrome_usp={searchTerms}
SearchScopes: HKLM - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685query={searchTerms}invocationType=tb50winampie7
SearchScopes: HKU\S-1-5-21-4214354686-4175069687-496200612-1003 - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ietb=ORJo=100000027src=crmq={searchTerms}locale=en_UKapn_ptnrs=U3apn_dtid=OSJ000YYPLapn_uid=1D43DAAD-1E1B-4063-AA72-9E1178E6F693apn_sauid=888D18B1-AE06-4BFD-99EF-C093343FB1B3
SearchScopes: HKU\S-1-5-21-4214354686-4175069687-496200612-1003 - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={09CE4C66-BF34-4EE3-8E69-618BA1BF20DC}mid=114c9f785cbf47d180e7d16d6a3ae33f-a5972777c7ef71312ba8d31d10ae5bf462fea1d1lang=ends=AVGpr=prd=v=sap=dspq={searchTerms}
SearchScopes: HKU\S-1-5-21-4214354686-4175069687-496200612-1003 - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://www.bigseekpro.com/search/browser/burn4free/{F02838FB-881E-4ED5-937F-0ED250B793A8}?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4214354686-4175069687-496200612-1003 - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://de.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrometype=yahoo_avg_hs2-tb-web_chrome_dep={searchTerms}
SearchScopes: HKU\S-1-5-21-4214354686-4175069687-496200612-1003 - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685query={searchTerms}invocationType=tb50winampie7
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-4214354686-4175069687-496200612-1003 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-4214354686-4175069687-496200612-1003 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
FF DefaultSearchUrl: hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685invocationType=tb50ffwinampie7query=
FF SearchPlugin: C:\Users\Ilona\AppData\Roaming\Mozilla\Firefox\Profiles\xq9o2rku.default\searchplugins\askcom.xml [2012-07-16]
FF SearchPlugin: C:\Users\Ilona\AppData\Roaming\Mozilla\Firefox\Profiles\xq9o2rku.default\searchplugins\search.xml [2011-09-22]
FF SearchPlugin: C:\Users\Ilona\AppData\Roaming\Mozilla\Firefox\Profiles\xq9o2rku.default\searchplugins\winamp-search.xml [2009-12-03]
FF Extension: Round World 1.0.1 - C:\Users\Ilona\AppData\Roaming\Mozilla\Firefox\Profiles\xq9o2rku.default\Extensions\{8f5b8fd1-2f96-4fbf-974b-7f28fa0f93d7}.xpi [2015-03-08]
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U17) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.170.4) - C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll No File
CHR Extension: (Round World) - C:\Users\Ilona\AppData\Local\Google\Chrome\User Data\Default\Extensions\llophagfllmkeocnijimbmidillhjeol [2015-03-09]
S2 Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]
S2 RoxLiveShare10; "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe" [X]
R1 {4cc550cb-ad95-48a3-ae71-6ab7c8433971}Gt; C:\Windows\System32\drivers\{4cc550cb-ad95-48a3-ae71-6ab7c8433971}Gt.sys [55824 2015-03-09] (StdLib)
R1 {8f5b8fd1-2f96-4fbf-974b-7f28fa0f93d7}Gt; C:\Windows\System32\drivers\{8f5b8fd1-2f96-4fbf-974b-7f28fa0f93d7}Gt.sys [55824 2015-03-08] (StdLib)
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

damara.a · 12 Marzec 2015 17:55

Dziękuję Ci bardzo, udało się.

Acorus · 13 Marzec 2015 09:11

Skasuj folder C:\FRST

damara.a · 13 Marzec 2015 19:21