shanq Opublikowano 25 Grudnia 2014 Zgłoś Udostępnij Opublikowano 25 Grudnia 2014 Witam. Od jakiegoś czasu system wolno chodzi i wyskakują reklamy w przeglądarce. Proszę o pomoc gmer.txt Addition.txt Extras.Txt FRST.txt OTL.Txt Shortcut.txt Odnośnik do komentarza
Lakemist Opublikowano 25 Grudnia 2014 Zgłoś Udostępnij Opublikowano 25 Grudnia 2014 Dopóki Picasso nie wróci polecam przejrzeć ten temat : https://www.fixitpc.pl/topic/19809-portale-z-oprogramowaniem-instalatory-na-co-uwa%C5%BCa%C4%87/ Sam system jest wręcz zgwałcony przez adware, a ten temat (mam nadzieję) pomoże Ci uniknąć nabawienia się ponownie w przyszłości takich fantów. Odnośnik do komentarza
picasso Opublikowano 6 Stycznia 2015 Zgłoś Udostępnij Opublikowano 6 Stycznia 2015 Istotnie, prawdziwa masakra, ogromna ilość adware. Działania wstępne: 1. Otwórz Notatnik i wklej w nim: CloseProcesses: CreateRestorePoint: R1 {00aec75d-051f-41a9-9837-e94ac4f56303}Gw64; C:\Windows\System32\drivers\{00aec75d-051f-41a9-9837-e94ac4f56303}Gw64.sys [48784 2014-10-15] (StdLib) R1 {02bbe9df-d3b0-43f4-8dcb-e24500d3308f}Gw64; C:\Windows\System32\drivers\{02bbe9df-d3b0-43f4-8dcb-e24500d3308f}Gw64.sys [48784 2014-10-17] (StdLib) R1 {10e3e2da-8f7b-42cc-9f00-90007ce494b8}Gw64; C:\Windows\System32\drivers\{10e3e2da-8f7b-42cc-9f00-90007ce494b8}Gw64.sys [48832 2014-11-06] (StdLib) R1 {1de2a23f-1c23-4ea1-8ef4-79bc5c5cea78}Gw64; C:\Windows\System32\drivers\{1de2a23f-1c23-4ea1-8ef4-79bc5c5cea78}Gw64.sys [48784 2014-10-13] (StdLib) R1 {255a824a-3cde-4dee-9785-284605606456}Gw64; C:\Windows\System32\drivers\{255a824a-3cde-4dee-9785-284605606456}Gw64.sys [48832 2014-10-29] (StdLib) R1 {32c6b9d7-6b2c-4b03-9178-01abbf9c7194}Gw64; C:\Windows\System32\drivers\{32c6b9d7-6b2c-4b03-9178-01abbf9c7194}Gw64.sys [48784 2014-10-11] (StdLib) R1 {336e37ae-3235-4f16-98ec-8cdf679be7d2}Gw64; C:\Windows\System32\drivers\{336e37ae-3235-4f16-98ec-8cdf679be7d2}Gw64.sys [48784 2014-10-11] (StdLib) R1 {3b808196-ff63-49ee-b33b-efdf51723eca}Gw64; C:\Windows\System32\drivers\{3b808196-ff63-49ee-b33b-efdf51723eca}Gw64.sys [48784 2014-10-13] (StdLib) R1 {3cac76e7-8310-45ea-8277-96d048a78c60}Gw64; C:\Windows\System32\drivers\{3cac76e7-8310-45ea-8277-96d048a78c60}Gw64.sys [48784 2014-11-27] (StdLib) R1 {3fa44d1f-c300-4673-a8c1-5ba05468b4bd}Gw64; C:\Windows\System32\drivers\{3fa44d1f-c300-4673-a8c1-5ba05468b4bd}Gw64.sys [48784 2014-10-17] (StdLib) R1 {4530e639-76ab-4435-889d-a5e81ae090a4}Gw64; C:\Windows\System32\drivers\{4530e639-76ab-4435-889d-a5e81ae090a4}Gw64.sys [48784 2014-10-20] (StdLib) R1 {51b9c91c-8e38-40ae-80de-58a590512b6b}Gw64; C:\Windows\System32\drivers\{51b9c91c-8e38-40ae-80de-58a590512b6b}Gw64.sys [48832 2014-11-10] (StdLib) R1 {5d78e0ee-ca60-46a4-9492-4f24429cc925}Gw64; C:\Windows\System32\drivers\{5d78e0ee-ca60-46a4-9492-4f24429cc925}Gw64.sys [48784 2014-10-17] (StdLib) R1 {67f29abb-07b3-41f5-94cd-f819d7c1fc76}Gw64; C:\Windows\System32\drivers\{67f29abb-07b3-41f5-94cd-f819d7c1fc76}Gw64.sys [48784 2014-10-20] (StdLib) R1 {6c84eb28-66c4-4e3d-8a5a-46ab94f0575a}Gw64; C:\Windows\System32\drivers\{6c84eb28-66c4-4e3d-8a5a-46ab94f0575a}Gw64.sys [48784 2014-10-19] (StdLib) R1 {84e24724-32a5-4ef8-b981-cc669543b4a4}Gw64; C:\Windows\System32\drivers\{84e24724-32a5-4ef8-b981-cc669543b4a4}Gw64.sys [48784 2014-10-11] (StdLib) R1 {949aba83-1d7f-4d0b-b0ba-203450825231}Gw64; C:\Windows\System32\drivers\{949aba83-1d7f-4d0b-b0ba-203450825231}Gw64.sys [48784 2014-10-15] (StdLib) R1 {94c4b27a-8cb1-4214-9d76-87c59a8cf657}Gw64; C:\Windows\System32\drivers\{94c4b27a-8cb1-4214-9d76-87c59a8cf657}Gw64.sys [48784 2014-10-10] (StdLib) R1 {94d62e35-4b43-494c-bf52-ba5935df36ef}Gw64; C:\Windows\System32\drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}Gw64.sys [48784 2014-12-02] (StdLib) R1 {b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64; C:\Windows\System32\drivers\{b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64.sys [48784 2014-10-25] (StdLib) R1 {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64; C:\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64.sys [48784 2014-09-24] (StdLib) R1 {c61f6471-95aa-405a-be3a-f3b2dc07fdfa}Gw64; C:\Windows\System32\drivers\{c61f6471-95aa-405a-be3a-f3b2dc07fdfa}Gw64.sys [48784 2014-10-10] (StdLib) R1 {d428f5a9-a362-4938-a8b7-f0abd920078b}Gw64; C:\Windows\System32\drivers\{d428f5a9-a362-4938-a8b7-f0abd920078b}Gw64.sys [48784 2014-12-01] (StdLib) R1 {d997fcb4-42b4-4f84-a147-2e498567c954}Gw64; C:\Windows\System32\drivers\{d997fcb4-42b4-4f84-a147-2e498567c954}Gw64.sys [48784 2014-11-28] (StdLib) R1 {dbec4a38-79aa-4d48-ac2b-d4467b1ded12}Gw64; C:\Windows\System32\drivers\{dbec4a38-79aa-4d48-ac2b-d4467b1ded12}Gw64.sys [48784 2014-11-29] (StdLib) R1 {dc592624-f532-4311-9fc7-6920126fc404}Gw64; C:\Windows\System32\drivers\{dc592624-f532-4311-9fc7-6920126fc404}Gw64.sys [48784 2014-10-22] (StdLib) R1 {e9629596-2cbd-4eea-9329-7470e8b0fdae}Gw64; C:\Windows\System32\drivers\{e9629596-2cbd-4eea-9329-7470e8b0fdae}Gw64.sys [48784 2014-10-12] (StdLib) R1 {f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64; C:\Windows\System32\drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64.sys [48784 2014-10-23] (StdLib) R1 {f63e4e62-e47d-4415-9bb4-c9b1dfe161b9}Gw64; C:\Windows\System32\drivers\{f63e4e62-e47d-4415-9bb4-c9b1dfe161b9}Gw64.sys [48832 2014-11-04] (StdLib) R1 {f9595960-dc6f-49f8-83db-4f3a4c9b714d}Gw64; C:\Windows\System32\drivers\{f9595960-dc6f-49f8-83db-4f3a4c9b714d}Gw64.sys [48784 2014-11-30] (StdLib) R1 {fc7329ef-e953-454c-8e78-ed2cf0acb2ef}Gw64; C:\Windows\System32\drivers\{fc7329ef-e953-454c-8e78-ed2cf0acb2ef}Gw64.sys [48832 2014-10-31] (StdLib) R1 {fce396ae-d8d1-4789-946e-2106fbe4292b}Gw64; C:\Windows\System32\drivers\{fce396ae-d8d1-4789-946e-2106fbe4292b}Gw64.sys [48784 2014-10-18] (StdLib) R1 {fd600559-a688-4110-b9b9-0f1a9beae8ae}Gw64; C:\Windows\System32\drivers\{fd600559-a688-4110-b9b9-0f1a9beae8ae}Gw64.sys [48784 2014-10-12] (StdLib) R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3320640 2014-12-10] (Client Connect LTD) S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-11-01] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-11-01] (globalUpdate) [File not signed] R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-24] (Cherished Technololgy LIMITED) R2 MaintainerSvc1.20.7247763; C:\ProgramData\d2446020-ddff-402b-b064-199d2ce66b2b\maintainer.exe [123632 2014-12-25] () S4 servervo; C:\Users\x\AppData\Roaming\VOPackage\VOsrv.exe [89600 2014-11-01] () [File not signed] R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-12-15] (ShopperPro) R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-12-15] () R2 SPDRIVER_1.38.0.1425; C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1425\jsdrv.sys [52584 2014-12-15] () R2 Update AdvanceElite; C:\Program Files (x86)\AdvanceElite\updateAdvanceElite.exe [524528 2014-12-25] () R2 Util AdvanceElite; C:\Program Files (x86)\AdvanceElite\bin\utilAdvanceElite.exe [524528 2014-12-25] () R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485888 2014-12-10] (Fuyu LIMITED) [File not signed] R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425136 2014-11-26] (Taiwan Shui Mu Chih Ching Technology Limited.) S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X] S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X] Task: {0BE83B61-6300-4422-9CCB-B1CB29286832} - System32\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-11 => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-11.exe [2014-11-01] (iWebar) Task: {0FF4251A-68AF-447C-B4E2-56E93883F6C8} - System32\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-7 => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-7.exe [2014-11-01] (Object Browser) Task: {19659E29-6712-45FF-B287-F859DE374DFD} - System32\Tasks\{E661BCF9-2E50-494B-B2BC-666A617F0CF0} => pcalua.exe -a C:\Users\x\Downloads\adwcleaner_3.310_www.INSTALKI.pl.exe -d C:\Users\x\Downloads Task: {25E61C1D-93DB-4C8B-B245-3A888C1D3168} - System32\Tasks\UNELEVATE_16672 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1390\jsdrv.exe [2014-11-27] () Task: {281D9AD8-FCD6-4446-9C35-61B6497F298A} - System32\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-5_user => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-5.exe [2014-11-01] (Object Browser) Task: {2C775363-C3F5-4C42-B30B-CA92AEE625FE} - System32\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-1 => C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe [2014-11-01] (Object Browser) Task: {2D912075-65E0-45CF-B294-456814A41EE2} - System32\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-4 => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-4.exe [2014-11-01] (Object Browser) Task: {31385B7A-1788-418E-9D19-C1DFE6B8BA61} - System32\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-5 => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-5.exe [2014-11-01] (Object Browser) Task: {32BC7763-6392-47CA-9B8B-A6DCCCAE15D5} - System32\Tasks\UNELEVATE_9690 => C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1425\jsdrv.exe [2014-12-15] () Task: {40C7FB91-56C3-433A-8407-65149486B762} - System32\Tasks\{D40542E4-0F7E-4093-9F21-B83D0E0816E8} => Chrome.exe Task: {4D503498-DD80-4489-B332-E8CDE6C4EA8E} - System32\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-2 => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-2.exe [2014-11-01] (iWebar) Task: {517A2ED0-2C51-4D33-A169-889E56ADD658} - System32\Tasks\ShopperPro => C:\Program Files (x86)\ShopperPro\ShopperPro.exe [2014-12-15] (Goobzo LTD) Task: {5D345B26-7D12-43C6-8941-30CF9056A525} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\Program Files\Common Files\System\SysMenu.dll ,Command701 update2 Task: {5F458916-3AA9-4541-A32E-ED0668EF65E6} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1425\jsdrv.exe [2014-12-15] () Task: {61875E24-10E4-4377-A4BD-0D2815BC591A} - System32\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-2 => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-2.exe [2014-11-01] (Object Browser) Task: {68F6C832-FE13-4FCD-B0C0-E37FABEE2282} - System32\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-5 => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-5.exe [2014-11-01] (iWebar) Task: {6E0A7C25-4C41-4083-B3AB-BD494D556E3E} - System32\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-7 => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-7.exe [2014-11-01] (iWebar) Task: {6E71B911-5687-4B25-A955-7AD2F67364D9} - System32\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-6 => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-6.exe [2014-11-01] (iWebar) Task: {74DFD4E0-6C1A-4347-AE9E-B7CC6362EC1E} - System32\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-4 => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-4.exe [2014-11-01] (Object Browser) Task: {7785297A-8A21-43FC-8969-557715044ED1} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe [2014-08-25] (Goobzo) Task: {86E96A7A-8A48-4E25-830B-A60B9A76EE76} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-01] (globalUpdate) Task: {8758D5A0-AD2A-477C-8BE0-0F2F971B265F} - System32\Tasks\SMupdate1 => Rundll32.exe C:\Program Files\Common Files\System\SysMenu.dll ,Command701 update1 Task: {8E8F0AF1-F136-4A04-A36E-19D4040BB9E8} - System32\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-2 => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-2.exe [2014-11-01] (Object Browser) Task: {953AAAD2-F987-4E93-930A-B4BC70476B39} - System32\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-1 => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe [2014-11-01] (iWebar) Task: {9E23DBFD-E312-4EA6-93E1-2C9F877AB0BD} - System32\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-11 => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-11.exe [2014-11-01] (Object Browser) Task: {9EC05708-4212-4771-B56D-F9DEF6F08E0E} - System32\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-6 => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-6.exe [2014-11-01] (Object Browser) Task: {AAA25E5F-0A3F-4259-A5A9-74C3E972DD8F} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe [2014-12-15] (Goobzo) Task: {B05DFB33-5230-4CAB-BBEC-1F62F69E850D} - System32\Tasks\UNELEVATE_12860 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1390\jsdrv.exe [2014-11-27] () Task: {B0AD687C-58DB-4726-87EB-5C984067CAF2} - System32\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-6 => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-6.exe [2014-11-01] (Object Browser) Task: {B7616895-4964-4435-B471-5CD1CD87DA9E} - System32\Tasks\UNELEVATE_24836 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1390\jsdrv.exe [2014-11-27] () Task: {B95227F2-672C-4073-AA64-17BF889AA252} - System32\Tasks\SPBIW_UpdateTask_Time_3834333731313338382d50552d6c455a37575a417834 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 Task: {BD5E2698-3EFE-4B42-8A38-F618B54C0281} - System32\Tasks\Opera scheduled Autoupdate 1400945825 => C:\Program Files (x86)\Opera\launcher.exe Task: {C358CEC2-A776-4D5F-910B-B0D9CB71C464} - System32\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-4 => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-4.exe [2014-11-01] (iWebar) Task: {C621A8CA-24E1-47BB-A6B1-9CF4E586FDCE} - System32\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe [2014-11-01] (Object Browser) Task: {CEB27992-7E69-435B-8168-3271B03FC442} - System32\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-5 => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-5.exe [2014-11-01] (Object Browser) Task: {D0EC5074-7167-4049-B395-69BDA47D6334} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe Task: {D73AB80D-BA81-47FC-B2D0-612970D1CB4D} - System32\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-5_user => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-5.exe [2014-11-01] (iWebar) Task: {D761CB15-0839-49FE-81AE-C3F9090A0439} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-01] (globalUpdate) Task: {D7BFCA8E-7027-4CAE-B5A2-938B4942FFAE} - System32\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-3 => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-3.exe [2014-11-01] (Object Browser) Task: {D8CA7382-0306-42C2-BFAB-D0AF3DFE7BCF} - System32\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-7 => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-7.exe [2014-11-01] (Object Browser) Task: {DD7145C9-2076-4FEC-BAFD-898BA9FE2FAF} - System32\Tasks\{78BEF649-45B6-4E21-B488-349FE4991B62} => Chrome.exe Task: {DDC0DC86-681D-412B-B5DD-C30A0EF032E1} - System32\Tasks\UNELEVATE_5175 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1390\jsdrv.exe [2014-11-27] () Task: {EC94C577-092E-4D67-827B-B5744B3451B1} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\Program Files\Common Files\System\SysMenu.dll ,Command701 update3 Task: {F365A03B-C3D5-46D4-BB02-EE1C09BD1A12} - System32\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-11 => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-11.exe [2014-11-01] (Object Browser) Task: {FB3829E2-BE90-42FE-B3DE-79344630FD08} - System32\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-3 => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-3.exe [2014-11-01] (Object Browser) Task: {FC672F86-E85E-4BD2-A534-84905211CD6E} - System32\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-5_user => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-5.exe [2014-11-01] (Object Browser) Task: C:\Windows\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-1.job => C:\Program Files (x86)\Sense\Sense-codedownloader.exe Task: C:\Windows\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-11.job => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-11.exe Task: C:\Windows\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-2.job => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-2.exe Task: C:\Windows\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-3.job => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-3.exe Task: C:\Windows\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-4.job => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-4.exe Task: C:\Windows\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-5.job => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-5.exe Task: C:\Windows\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-5_user.job => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-5.exe Task: C:\Windows\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-6.job => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-6.exe Task: C:\Windows\Tasks\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-7.job => C:\Program Files (x86)\Sense\27656fbc-5b32-4b14-a0b3-780d65a1e0a7-7.exe Task: C:\Windows\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-1.job => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe Task: C:\Windows\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-11.job => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-11.exe Task: C:\Windows\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-2.job => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-2.exe Task: C:\Windows\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-4.job => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-4.exe Task: C:\Windows\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-5.job => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-5.exe Task: C:\Windows\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-5_user.job => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-5.exe Task: C:\Windows\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-6.job => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-6.exe Task: C:\Windows\Tasks\cd4e1855-803e-4703-afaf-a1341ed0cdd8-7.job => C:\Program Files (x86)\iWebar\cd4e1855-803e-4703-afaf-a1341ed0cdd8-7.exe Task: C:\Windows\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-1.job => C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe Task: C:\Windows\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-11.job => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-11.exe Task: C:\Windows\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-2.job => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-2.exe Task: C:\Windows\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-3.job => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-3.exe Task: C:\Windows\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-4.job => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-4.exe Task: C:\Windows\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-5.job => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-5.exe Task: C:\Windows\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-5_user.job => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-5.exe Task: C:\Windows\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-6.job => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-6.exe Task: C:\Windows\Tasks\d141f00e-bc93-4e80-a703-aaa142b02e1e-7.job => C:\Program Files (x86)\Object Browser\d141f00e-bc93-4e80-a703-aaa142b02e1e-7.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1067321925-3578864132-775108078-1000Core.job => C:\Users\x\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1067321925-3578864132-775108078-1000UA.job => C:\Users\x\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe HKU\S-1-5-21-1067321925-3578864132-775108078-1000\...\Run: [AtiDriverStart] => C:\Users\x\AppData\Local\ATI Technologies\atidxx.exe GroupPolicy: Group Policy on Chrome detected CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.sweet-page.com/?type=sc&ts=1411567516&from=cor&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.sweet-page.com/?type=sc&ts=1411567516&from=cor&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T ShortcutWithArgument: C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.sweet-page.com/?type=sc&ts=1411567516&from=cor&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T ShortcutWithArgument: C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Program uruchamiający aplikacje Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T ShortcutWithArgument: C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Draft.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T ShortcutWithArgument: C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.sweet-page.com/?type=sc&ts=1411567516&from=cor&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T ShortcutWithArgument: C:\Users\x\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T ShortcutWithArgument: C:\Users\x\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.sweet-page.com/?type=sc&ts=1411567516&from=cor&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T ShortcutWithArgument: C:\Users\x\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.sweet-page.com/?type=sc&ts=1411567516&from=cor&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T ShortcutWithArgument: C:\Users\x\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.sweet-page.com/?type=sc&ts=1411567516&from=cor&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1411567516&from=cor&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1411567516&from=cor&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1411567516&from=cor&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1411567516&from=cor&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T&q={searchTerms} HKU\S-1-5-21-1067321925-3578864132-775108078-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T&q={searchTerms} HKU\S-1-5-21-1067321925-3578864132-775108078-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com?affID=na HKU\S-1-5-21-1067321925-3578864132-775108078-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T HKU\S-1-5-21-1067321925-3578864132-775108078-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T&q={searchTerms} URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} URLSearchHook: HKLM-x32 - SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&ts=1411567516&from=cor&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T SearchScopes: HKU\S-1-5-21-1067321925-3578864132-775108078-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MEE10CFD4-EB9B-460A-A753-C9B5135E9FF0&SearchSource=58&CUI=&UM=6&UP=SP43D5FC5E-9529-43C6-91A0-0DBF37BD02FC&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-1067321925-3578864132-775108078-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MEE10CFD4-EB9B-460A-A753-C9B5135E9FF0&SearchSource=58&CUI=&UM=6&UP=SP43D5FC5E-9529-43C6-91A0-0DBF37BD02FC&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-1067321925-3578864132-775108078-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T&q={searchTerms} SearchScopes: HKU\S-1-5-21-1067321925-3578864132-775108078-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://www.mystart.com/results.php?gen=ms&pr=manycam&id=manycam_ot&v=4_0&ent=ch_5007&q={searchTerms} SearchScopes: HKU\S-1-5-21-1067321925-3578864132-775108078-1000 -> {B272BCF2-5AD3-4AA4-B913-39EA11A38826} URL = http://rts.dsrlte.com/?affID=na&q={searchTerms}&r=502 BHO: Object Browser -> {11111111-1111-1111-1111-110311281150} -> C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll (Object Browser) BHO: Sense -> {11111111-1111-1111-1111-110611191115} -> C:\Program Files (x86)\Sense\Sense-bho64.dll (Object Browser) BHO: iWebar -> {11111111-1111-1111-1111-110611511123} -> C:\Program Files (x86)\iWebar\iWebar-bho64.dll (iWebar) BHO: RoyalCoupon -> {366ded97-4204-45d0-93eb-0c1d16c23c94} -> C:\ProgramData\RoyalCoupon\Fb9GF4v6BPhRX4.x64.dll () BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.) BHO: topBuoyeR -> {af1776a4-411b-4e0b-97f9-eefeb8cdf1e3} -> C:\ProgramData\topBuoyeR\LYebxzgH42TDaP.x64.dll () BHO: RoyalCoupon -> {b92b1bce-6414-4005-8160-f2ce96ad4f03} -> C:\ProgramData\RoyalCoupon\M4ecHV3gYe2nyQ.x64.dll () BHO: QueenCoUipon -> {bf6f7f4a-65d9-4033-9a7f-d2872772a62b} -> C:\ProgramData\QueenCoUipon\gq69RZttkoUmNJ.x64.dll () BHO: QueenCoupon -> {df923c2c-4ecb-458c-a717-1faf2ac92507} -> C:\ProgramData\QueenCoupon\I9adfyO3YubsgR.x64.dll () BHO-x32: Object Browser -> {11111111-1111-1111-1111-110311281150} -> C:\Program Files (x86)\Object Browser\Object Browser-bho.dll (Object Browser) BHO-x32: Sense -> {11111111-1111-1111-1111-110611191115} -> C:\Program Files (x86)\Sense\Sense-bho.dll (Object Browser) BHO-x32: iWebar -> {11111111-1111-1111-1111-110611511123} -> C:\Program Files (x86)\iWebar\iWebar-bho.dll (iWebar) BHO-x32: AdvanceElite 1.0.0.6 -> {3b2cb4c8-72ab-4b25-8fa1-219b36a60bed} -> C:\Program Files (x86)\AdvanceElite\AdvanceEliteBHO.dll (AdvanceElite) BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll (Goobzo Ltd.) BHO-x32: RoyalCoupon -> {b92b1bce-6414-4005-8160-f2ce96ad4f03} -> C:\ProgramData\RoyalCoupon\M4ecHV3gYe2nyQ.dll () BHO-x32: QueenCoupon -> {df923c2c-4ecb-458c-a717-1faf2ac92507} -> C:\ProgramData\QueenCoupon\I9adfyO3YubsgR.dll () Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM-x32 - SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystarttb.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\abnkhfcq.default\extensions\faststartff@gmail.com FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\abnkhfcq.default\extensions\detgdp@gmail.com FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.delta-homes.com/?type=sc&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-12] CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-12] CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.delta-homes.com/?type=sc&ts=1418369197&from=wpm12123&uid=TOSHIBAXMQ01ABD050_X259C3R4TXXX259C3R4T C:\Program Files (x86)\globalUpdate C:\Program Files (x86)\Optimizer Pro C:\ProgramData\18173724244574463488 C:\ProgramData\374311380 C:\ProgramData\d2446020-ddff-402b-b064-199d2ce66b2b C:\ProgramData\fc3609e973c3e600 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper C:\Users\x\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader C:\Users\x\Downloads\*.part C:\Windows\System32\drivers\{*}Gw64.sys Reg: reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v AppInit_DLLs /t REG_SZ /d "" /f Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows" /v AppInit_DLLs /t REG_SZ /d "" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Optimizer Pro" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SPDriver" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Yahoo! Search" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YTDownloader" /f Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Adnotacja dla innych czytających: skrypt unikatowy - dopasowany tylko i wyłącznie pod ten system, proszę nie stosować na swoich systemach. Plik zapisz pod nazwą fixlist.txt i umieść obok narzędzia FRST. Uruchom FRST i kliknij w Fix. Czekaj cierpliwie, nie przerywaj działania. Gdy Fix ukończy pracę, system zostanie zresetowany. W tym samym katalogu skąd uruchamiano FRST powstanie plik fixlog.txt. 2. Przez Panel sterowania odinstaluj: - Adware AdvanceElite, istartsurf uninstall, iWebar, Object Browser, QueenCoUipon, Remote Desktop Access (VuuPC), RoyalCoupon, Search Protect, Sense, Shopper-Pro, SiteFinder, sweet-page uninstall, topBuoyeR, WildWestCoupon, WindowsMangerProtect20.0.0.722, WinZipper, WorldofTanks, YTDownloader. - Przeglądarkę Google Chrome, którą adware przekonwertowało ze stabilnej do development. Przy deinstalacji zaznacz Usuń także dane przeglądarki. 3. Wyczyść Firefox z adware: menu Pomoc > Informacje dla pomocy technicznej > Zresetuj program Firefox. Zakładki i hasła nie zostaną naruszone, ale Adblock Plus trzeba będzie przeinstalować. 4. Zrób nowe logi FRST z opcji Scan, zaznacz pola Addition i Shortcut, by powstały ponownie trzy logi. Dołącz też plik fixlog.txt. Odnośnik do komentarza
Rekomendowane odpowiedzi
Jeśli chcesz dodać odpowiedź, zaloguj się lub zarejestruj nowe konto
Jedynie zarejestrowani użytkownicy mogą komentować zawartość tej strony.
Zarejestruj nowe konto
Załóż nowe konto. To bardzo proste!
Zarejestruj sięZaloguj się
Posiadasz już konto? Zaloguj się poniżej.
Zaloguj się