Jak usunąć Chromesearch.win po instalacji programu? Załączam FRST.txt i Addition.txt

Mam od dzisiaj problem - po zainstalowaniu jakiegoś programu do przeglądarki wkradł mi się jakiś wirus. Poniżej zamieszczam FRST.txt i Addition.txt

Logi gdzieś zniknęły.

W tym poście powinny być podpięte niżej.

Odinstaluj:
Dll-Files Fixer
Driver Booster 4.4

Zgraj zakladki z Chrome o ile sa Ci potrzebne, FRST usunie profil przegladarki utworzony przez infekcje.

Wykonaj Fixlist.txt dla FRST:
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Brak pliku
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Brak pliku
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Brak pliku
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Brak pliku
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Brak pliku
Task: {0D91C968-7E1B-4056-8E6D-29177A523274} - System32\Tasks\{6F7FFC11-C7EC-4CA0-A421-26BA9D507688} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Downloads\GFX_Vista_Win7_32_8.15.10.2622.exe -d C:\Users\user\Downloads
Task: {0F0047D8-BA34-4357-8CEC-E9B9136C52ED} - System32\Tasks\{1C855030-4392-4FC1-A65B-B898B465397C} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Downloads\vcredist_x86.exe -d C:\Users\user\Downloads
Task: {292D62A5-A6F1-4F7B-BA6F-5D488614511C} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\Game Booster 3\AutoUpdate.exe
Task: {490DEB85-326F-4EEF-A9CE-0E8A0C5CB556} - System32\Tasks\ASC9_SkipUac_user => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {64E878FE-9A60-404C-AEC1-8E61B2F08188} - System32\Tasks\{EF417C10-0964-462A-8996-889E27891067} => C:\Windows\system32\pcalua.exe -a D:\Moje\Worms2\AUTORUN\GAME\SETUP.EXE -d D:\Moje\Worms2\AUTORUN\GAME
Task: {A9EA4B96-E56F-4EB9-863C-1E19A51AECB6} - \psv_Lotjob -> Brak pliku <==== UWAGA
Task: {C71DF099-DB7C-4C87-81E6-EDF73EFD066C} - System32\Tasks\{E41E3AD7-69E7-431F-8C2C-C37F4E5F6AB9} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Downloads\MinecraftZyczu.exe -d C:\Users\user\Downloads
Task: {E0B5A232-2BEB-4E6F-8666-99C3F53AA641} - System32\Tasks\{B1EE853A-D9AD-4610-B772-6BB7AA2907DC} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.105&LastError=12002
Task: {E8993856-6A30-407E-9725-22B059D1606E} - System32\Tasks\{25DBC1D0-E179-4915-9508-81EEA65D87D4} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Torntv V9.0\Uninstall.exe" -c /fcp=1
Task: {FFF19149-8784-4C99-8A0D-769DF0309CD7} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Motocykle LwG - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2017-05-04] ()
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2017-05-04] ()
GroupPolicy: Ograniczenia - Chrome <==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1435079298&z=5e18ad25cac3c3a52d65768g6zdc9w7e5mbt4o6t0w&from=cor&uid=WDCXWD5000BPVT-00HXZT3_WD-WX21E43ATU92ATU92&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1435079298&z=5e18ad25cac3c3a52d65768g6zdc9w7e5mbt4o6t0w&from=cor&uid=WDCXWD5000BPVT-00HXZT3_WD-WX21E43ATU92ATU92&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1942831973-644035396-875548884-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
Toolbar: HKLM - Brak nazwy - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Brak pliku
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.trotux.com/?z=ebbcd02ed05df9eb6b3405fg6zabcb6bbc1mfg8qdw&from=icb&uid=WDCXWD5000BPVT-00HXZT3_WD-WX21E43ATU92ATU92&type=hp
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.trotux.com/?z=ebbcd02ed05df9eb6b3405fg6zabcb6bbc1mfg8qdw&from=icb&uid=WDCXWD5000BPVT-00HXZT3_WD-WX21E43ATU92ATU92&type=hp"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://feed.safefinder.biz/?fext=true&publisherid=51218&publisher=extensiondefaultap&st=ed&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> SafeFinder
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-11-26] <==== UWAGA
C:\Users\user\AppData\Local\Google\Chrome\User Data\ChromeDefaultData
OPR Extension: (__MSG_appName__) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni [2017-03-06]
C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni
S4 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]
2017-11-26 11:46 - 2013-11-22 14:45 - 000000000 ___DC C:\AdwCleaner

Po wykonaniu usun katalog C:\FRST.

Działa Dziękuję