Jak usunąć PodoWeb?


(Bux16) #1

Witam, ostatnio wystąpił u mnie problem z reklamami przez PodoWeb. Próbowałem wyłączać w procesach, usuwać pliki jednak nic to nie daje. Czy jest ktoś w stanie pomoc rozwiązać ten problem?

 

 

FRST: http://www.wklej.org/id/1650968/

 

Addition: http://www.wklej.org/id/1650969/

 

 


(Acorus) #2

Otwórz notatnik systemowy i wklej:

HKLM\...\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKU\S-1-5-21-1308973932-1175786085-2373211330-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com?affID=na
SearchScopes: HKU\S-1-5-21-1308973932-1175786085-2373211330-1000 - {C091548A-D99A-4B10-A665-52F319B5635A} URL = http://rts.dsrlte.com/?affID=naq={searchTerms}r=392
CHR RestoreOnStartup: Default - "hxxp://search.yahoo.com/?fr=hp-ddc-bdtype=616_pr __alt__ ddc_dsssyc_bd_com"
CHR StartupUrls: Default - "hxxp://www.google.pl/", "hxxp://search.yahoo.com/?fr=hp-ddc-bdtype=616_pr __alt__ ddc_dsssyc_bd_com"
CHR DefaultSearchKeyword: Default - yahoo.com
CHR DefaultNewTabURL: Default - http://search.yahoo.com/?fr=hp-ddc-bd-tabtype=616_pr __alt__ ddc_dsssyctab_bd_com
R2 MaintainerSvc6.89.573444; C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321\maintainer.exe [123632 2015-02-28] ()
S4 Update PodoWeb; C:\Program Files (x86)\PodoWeb\updatePodoWeb.exe [407792 2015-02-28] ()
R2 Util PodoWeb; C:\Program Files (x86)\PodoWeb\bin\utilPodoWeb.exe [407792 2015-02-28] ()
S2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X]
R1 {37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw64; C:\Windows\System32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw64.sys [48776 2014-11-29] (StdLib)
R1 {6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw64; C:\Windows\System32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw64.sys [48776 2014-11-08] (StdLib)
R1 {9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw64; C:\Windows\System32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw64.sys [48776 2014-11-12] (StdLib)
R1 {98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw64; C:\Windows\System32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw64.sys [48776 2014-11-10] (StdLib)
R1 {ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw64; C:\Windows\System32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw64.sys [48776 2014-11-27] (StdLib)
R1 {adb41315-fba7-4b86-be27-b2401a20c8d2}Gw64; C:\Windows\System32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw64.sys [48776 2014-11-18] (StdLib)
R1 {b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw64; C:\Windows\System32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw64.sys [48776 2014-11-22] (StdLib)
R1 {b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw64; C:\Windows\System32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw64.sys [48776 2014-11-30] (StdLib)
R1 {b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw64; C:\Windows\System32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw64.sys [48776 2014-11-28] (StdLib)
R1 {c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw64; C:\Windows\System32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw64.sys [48776 2014-11-16] (StdLib)
S3 ATP; system32\DRIVERS\cmdatp.sys [X]
S3 EagleX64; \\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va015; \\C:\Windows\SysWOW64\Drivers\X6va015 [X]
2015-02-28 18:43 - 2014-11-08 11:29 - 00000000 ____ D () C:\Program Files (x86)\PodoWeb
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.