Web searches.

[peeem]

Wrąbało mi się dziś jakieś web searches do Firefoxa i za nic nie idzie dziada usunąć.

Proszę o pomoc.

Wklejam logi.

[ordynat]

1) Użyj Adw-Cleaner http://www.programosy.pl/program,adwcleaner.html
najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Daj z tego raport C:\AdwCleaner\AdwCleaner[S].txt.

2) Otwórz Notatnik i wklej w nim:

Task: {C68B2549-9405-4016-8D8D-60F95811F9D7} - System32\Tasks\Price Fountain => C:\Users\Przemek\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\Przemek\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
C:\Program Files (x86)\Common Files\AVG Secure Search
HKLM-x32\...\RunOnce: [PriceFountain] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Przemek\AppData\Roaming\PriceFountain\UpdateProc\bkup.dat"
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.key-find.com/web/?type=ds&ts=1424507642&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2E3RCHCHACHCHA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.key-find.com/web/?type=ds&ts=1424507642&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2E3RCHCHACHCHA&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.key-find.com/web/?type=ds&ts=1424507642&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2E3RCHCHACHCHA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.key-find.com/web/?type=ds&ts=1424507642&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2E3RCHCHACHCHA&q={searchTerms}
HKU\S-1-5-21-3801108520-1854012753-4187635236-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={594F791E-B120-4D44-922D-18671A0DD2FE}&mid=28658c99efb647cda1e47d98fefaef6f-eccb2d8afacd4a59f4fbf85156a491574614f822&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-02-21 10:38:56&v=4.1.0.404&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-3801108520-1854012753-4187635236-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={594F791E-B120-4D44-922D-18671A0DD2FE}&mid=28658c99efb647cda1e47d98fefaef6f-eccb2d8afacd4a59f4fbf85156a491574614f822&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-02-21 10:38:56&v=4.1.0.404&pid=wtu&sg=&sap=dsp&q={searchTerms}
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF SearchPlugin: C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\cxnmen9d.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\cxnmen9d.default\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: AVG Web TuneUp - C:\Users\Przemek\AppData\Roaming\Mozilla\Firefox\Profiles\cxnmen9d.default\Extensions\avg@toolbar [2015-02-21]
R2 vToolbarUpdater18.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [1883672 2015-02-21] (AVG Secure Search)
C:\Windows\Tasks\Price Fountain.job
C:\Windows\System32\Tasks\Price Fountain
C:\Users\Przemek\AppData\Roaming\PriceFountain
C:\ProgramData\WindowsMangerProtect
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij przycisk Fix.
Powstanie plik fixlog.txt.
Daj ten log.

3) Zrób nowe logi FRST.

4) Napisz, czy problem znikł?
.