REKLAMA

Fixlog.txt

Jak usunąć wirusa iStartsurf? Blokada AdwCleaner i ESET

Problem nie zniknął stroną startową nadal jest istartsurf, chociaż w ustawieniach jest google.


Pobierz plik - link do postu

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-09-2014
Ran by Adrian at 2014-09-27 17:11:25 Run:1
Running from C:\Users\Adrian\Desktop\Nowy folder (2)
Loaded Profile: Adrian (Available profiles: Adrian)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - \Microsoft\Windows\MUI\LPRemove No Task File & lt; ==== ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp & ts=1410703936 & from=smt & uid=395049983_266034_905D7C3F
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp & ts=1410703936 & from=smt & uid=395049983_266034_905D7C3F
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds & ts=1410703936 & from=smt & uid=395049983_266034_905D7C3F & q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp & ts=1410703936 & from=smt & uid=395049983_266034_905D7C3F
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp & ts=1410703936 & from=smt & uid=395049983_266034_905D7C3F
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds & ts=1410703936 & from=smt & uid=395049983_266034_905D7C3F & q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc & ts=1410703936 & from=smt & uid=395049983_266034_905D7C3F
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds & ts=1410703936 & from=smt & uid=395049983_266034_905D7C3F & q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds & ts=1410703936 & from=smt & uid=395049983_266034_905D7C3F & q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds & ts=1410703936 & from=smt & uid=395049983_266034_905D7C3F & q={searchTerms}
BHO: IETabPage Class - & gt; {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - & gt; C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\istartsurf.xml
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\whzv6l98.default\extensions\faststartff@gmail.com
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-14] (Fuyu LIMITED) [File not signed]
S2 Update PodoWeb; " C:\Program Files\PodoWeb\updatePodoWeb.exe " [X]
R1 {00c97d86-accb-4288-9972-6d929c1fe93a}Gw; C:\Windows\System32\drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw.sys [38992 2014-09-12] (StdLib)
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
2014-09-14 16:15 - 2014-09-12 21:11 - 00038992 _____ (StdLib) C:\Windows\system32\Drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw.sys
2014-09-14 16:13 - 2014-09-14 17:37 - 00000000 ____D () C:\Program Files\PodoWeb
2014-09-14 16:13 - 2014-09-14 16:13 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-14 16:13 - 2014-09-14 16:13 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-14 16:13 - 2014-09-14 16:13 - 00000000 ____D () C:\Program Files\SupTab
2014-09-14 16:12 - 2014-09-14 17:15 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\istartsurf
EmptyTemp:
*****************

" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2C59ECAF-3A27-4640-9F4B-519B05BDD70F} " = & gt; Key deleted successfully.
" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C59ECAF-3A27-4640-9F4B-519B05BDD70F} " = & gt; Key deleted successfully.
" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove " = & gt; Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page = & gt; Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL = & gt; Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL = & gt; Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL = & gt; Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page = & gt; Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page = & gt; Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default = & gt; Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope = & gt; Value was restored successfully.
" HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} " = & gt; Key deleted successfully.
" HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} " = & gt; Key not found.
" HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} " = & gt; Key deleted successfully.
" HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} " = & gt; Key not found.
" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} " = & gt; Key deleted successfully.
" HKCR\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} " = & gt; Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} = & gt; value deleted successfully.
" HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} " = & gt; Key not found.
C:\Program Files\mozilla firefox\browser\searchplugins\istartsurf.xml = & gt; Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\faststartff@gmail.com = & gt; value deleted successfully.
WindowsMangerProtect = & gt; Service not found.
Update PodoWeb = & gt; Service deleted successfully.
{00c97d86-accb-4288-9972-6d929c1fe93a}Gw = & gt; Service stopped successfully.
{00c97d86-accb-4288-9972-6d929c1fe93a}Gw = & gt; Service deleted successfully.
FairplayKD = & gt; Service deleted successfully.
C:\Windows\system32\Drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw.sys = & gt; Moved successfully.
C:\Program Files\PodoWeb = & gt; Moved successfully.
C:\ProgramData\WindowsMangerProtect = & gt; Moved successfully.
C:\ProgramData\IePluginServices = & gt; Moved successfully.

" C:\Program Files\SupTab " directory move:

C:\Program Files\SupTab\DpInterface32.dll = & gt; Moved successfully.
C:\Program Files\SupTab\DpInterface64.dll = & gt; Moved successfully.
C:\Program Files\SupTab\HpUI.exe = & gt; Moved successfully.
C:\Program Files\SupTab\ient.json = & gt; Moved successfully.
C:\Program Files\SupTab\install.data = & gt; Moved successfully.
C:\Program Files\SupTab\Loader32.exe = & gt; Moved successfully.
C:\Program Files\SupTab\Loader64.exe = & gt; Moved successfully.
C:\Program Files\SupTab\msvcp110.dll = & gt; Moved successfully.
C:\Program Files\SupTab\msvcr110.dll = & gt; Moved successfully.
C:\Program Files\SupTab\RSHP.exe = & gt; Moved successfully.
C:\Program Files\SupTab\SearchProtect32.dll = & gt; Moved successfully.
C:\Program Files\SupTab\SearchProtect64.dll = & gt; Moved successfully.
C:\Program Files\SupTab\SupIePluginServiceUpdate.exe = & gt; Moved successfully.
C:\Program Files\SupTab\SupTab.dll = & gt; Moved successfully.
C:\Program Files\SupTab\uninstall.exe = & gt; Moved successfully.
C:\Program Files\SupTab\WindowsSupportDll32.dll = & gt; Moved successfully.
C:\Program Files\SupTab\WindowsSupportDll64.dll = & gt; Moved successfully.
C:\Program Files\SupTab\web\data.html = & gt; Moved successfully.
C:\Program Files\SupTab\web\indexIE.html = & gt; Moved successfully.
C:\Program Files\SupTab\web\indexIE8.html = & gt; Moved successfully.
C:\Program Files\SupTab\web\main.css = & gt; Moved successfully.
C:\Program Files\SupTab\web\ver.txt = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\zh-TW\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\zh-CN\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\vi-VI\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\tr-TR\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\ru-MO\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\ru\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\pt-BR\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\pt\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\pl\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\it-IT\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\it-CH\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\fr-LU\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\fr-FR\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\fr-CH\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\fr-CA\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\fr-BE\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\es-ES\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\es-419\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\_locales\en-US\messages.json = & gt; Moved successfully.
C:\Program Files\SupTab\web\js\common.js = & gt; Moved successfully.
C:\Program Files\SupTab\web\js\ga.js = & gt; Moved successfully.
C:\Program Files\SupTab\web\js\jquery-1.11.0.min.js = & gt; Moved successfully.
C:\Program Files\SupTab\web\js\jquery.autocomplete.js = & gt; Moved successfully.
C:\Program Files\SupTab\web\js\js.js = & gt; Moved successfully.
C:\Program Files\SupTab\web\js\library.js = & gt; Moved successfully.
C:\Program Files\SupTab\web\js\xagainit-ie8.js = & gt; Moved successfully.
C:\Program Files\SupTab\web\js\xagainit2.0.js = & gt; Moved successfully.
C:\Program Files\SupTab\web\img\google_trends.png = & gt; Moved successfully.
C:\Program Files\SupTab\web\img\icon128.png = & gt; Moved successfully.
C:\Program Files\SupTab\web\img\icon16.png = & gt; Moved successfully.
C:\Program Files\SupTab\web\img\icon48.png = & gt; Moved successfully.
C:\Program Files\SupTab\web\img\loading.gif = & gt; Moved successfully.
C:\Program Files\SupTab\web\img\logo32.ico = & gt; Moved successfully.
C:\Program Files\SupTab\skin\bk_shadow.png = & gt; Moved successfully.
C:\Program Files\SupTab\skin\btn.png = & gt; Moved successfully.
C:\Program Files\SupTab\skin\close.png = & gt; Moved successfully.
C:\Program Files\SupTab\skin\main.xml = & gt; Moved successfully.
C:\Program Files\SupTab\skin\main.xml.bak = & gt; Moved successfully.
C:\Program Files\SupTab\skin\image\ck_box.png = & gt; Moved successfully.
C:\Program Files\SupTab\skin\image\ck_check.png = & gt; Moved successfully.
C:\Program Files\SupTab\skin\image\radio_bk.png = & gt; Moved successfully.
C:\Program Files\SupTab\skin\image\radio_check.png = & gt; Moved successfully.
Could not move " C:\Program Files\SupTab " directory. = & gt; Scheduled to move on reboot.

C:\Users\Adrian\AppData\Roaming\istartsurf = & gt; Moved successfully.
EmptyTemp: = & gt; Removed 1.1 GB temporary data.

= & gt; Result of Scheduled Files to move (Boot Mode: Normal) (Date & Time: 2014-09-27 17:16:14) & lt; =

C:\Program Files\SupTab = & gt; Is moved successfully.

==== End of Fixlog ====