Problem z laptopem

[Matti847]

Witam
Mam problem z moim laptopem gdy go włączam po około 1 min. zawiesza sie na amen i nic nieda sie z tym zrobic jezeli to pomoze to kaspersky wykryl HEUR:Trojan.Win32.StartPage z góry dzieki za pomoc daje logi z OLT bo GMER mi nie działa

OTL: http://www.wklej.eu/index.php?id=0e9a053e32

Extras: http://www.wklej.eu/index.php?id=3f56bdcd7f

[mateo8898]

1. Użyj AdwCleaner http://forum.instalki.pl/otl-gmer-silent-runners-sdfix-i-inne-poradnik-t13967-15.html#p139531 z opcji Usuń i podaj utworzony log.
2. Uruchom OTL w oknie Własne opcje skanowania/skrypt wklej:

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&uid=ST500LM012_HN-M500MBB_S2U3J9KC321763&ts=1354304947
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&barid={CD75905A-1574-11E2-BE28-7CE9D3C7C836}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&uid=ST500LM012_HN-M500MBB_S2U3J9KC321763&ts=1354304947
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKCU\..\SearchScopes\{077664D7-DB5E-4CC7-9C55-458D8BF0FB0D}: "URL" = http://search.softonic.com/MON00085/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=65
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110823&tt=120912_pcp_3712_6&babsrc=SP_ss&mntrId=8e1dcd5b000000000000446d5701ff87
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10401&src=crm&q={searchTerms}&locale=&apn_ptnrs=^ABZ&apn_dtid=^YYYYYY^YY^PL&apn_uid=52881aa6-d139-4092-b258-5adeb65179b7&apn_sauid=1DF69E87-206D-4437-9070-726F8086D852
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKCU\..\SearchScopes\{932BBAE9-2AE6-4BCE-B79D-B00D60B98D49}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10401&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABZ&apn_dtid=^YYYYYY^YY^PL&apn_uid=f99e40e6-8a64-4b0a-a0d0-989a6f120150&apn_sauid=C3ED4706-2870-42F2-9F6B-549230F93DB0
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={6C724055-C3CC-41A2-92FD-618F687A72F1}&mid=e72aa20efd6847d0ab06ada0952321c5-f8687ba4d72e234da61fb2f7e050727662ea562e&lang=pl&ds=cv011&pr=sa&d=2012-07-11 15:10:43&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6PQJHQFVug&i=26
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={CD75905A-1574-11E2-BE28-7CE9D3C7C836}
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found
O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe File not found
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [pppikup] C:\Users\Kacperscy\AppData\Local\oebase.exe File not found
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\Kacperscy\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
[2012-12-19 19:38:20 | 000,000,000 | -HSD | C] -- C:\found.000
[2012-12-09 17:42:23 | 000,000,944 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1006943130-4047481173-3172946603-1000UA.job
[2012-12-09 17:07:53 | 000,000,348 | -H-- | M] () -- C:\windows\tasks\GboxUpdaterRefreshTask.job
[2012-12-09 14:42:00 | 000,000,922 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1006943130-4047481173-3172946603-1000Core.job
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=-
"StartCCC"=-
"TrojanScanner"=-
"UpdateP2GShortCut"=-
"UpdatePRCShortCut"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ares"=-
"EADM"=-
"Facebook Update"=-

:Commands
[emptytemp]

Klikasz Wykonaj skrypt. Podajesz log z usuwania + nowe logi z OTL + log z Autoruns http://forum.instalki.pl/otl-gmer-silent-runners-sdfix-i-inne-poradnik-t13967-15.html#p138589 + log z TDSSKiller http://forum.instalki.pl/otl-gmer-silent-runners-sdfix-i-inne-poradnik-t13967-15.html#p120292

Kolejność jak podałem.