Witam otóż mam problem z moją wyszukiwarką, za każdym razem gdy włączam przeglądarkę (Google Chrome, Mozilla Firefox, Internet Explorer) wyskakuje mi strona 22Find. Proszę o pomoc, jak można to usunąć?
Przenoszę do działu Bezpieczeństwo Proszę podać raporty FRST zgodnie z instrukcją http://forum.dobreprogramy.pl/nowy-log-obowi%C4%85zkowy-farbar-recovery-scan-tool-t478727/
Odinstaluj GadgetBox Expansion,SaveSense,Yontoo 2.052.Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.
Pokaż nowe logi z FRST.
Otwórz notatnik systemowy i wklej:
HKLM\...\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] = D:\GothicI\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lollipop_06261554.lnk
Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja FIFA 09.lnk
ShortcutTarget: Rejestracja FIFA 09.lnk - C:\Program Files (x86)\EA Sports\FIFA 09\Support\EAregister.exe (No File)
ShellIconOverlayIdentifiers: [GGDriveOverlay1] - {E68D0A50-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay2] - {E68D0A51-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay3] - {E68D0A52-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay4] - {E68D0A53-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
GroupPolicyUsers\S-1-5-21-378365883-2589078211-2696377688-1001\User: Group Policy restriction detected ======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=dsts=1401477809from=sofuid=HitachiXHTS547564A9E384_J2180053CHRR8DCHRR8DXq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=dsts=1401477809from=sofuid=HitachiXHTS547564A9E384_J2180053CHRR8DCHRR8DXq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: HKLM-x32 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll No File
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml [2014-12-26]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nation-secure-search.xml [2014-04-28]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-22]
CHR HKLM\...\Chrome\Extension: [eoccbpoodnckjdnackiffhjfkogfhnhh] - D:\War Tandr\VDownloader\Addons\Chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [eoccbpoodnckjdnackiffhjfkogfhnhh] - C:\Program Files (x86)\VDownloader\Addons\Chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fpjembhcdjdkkalangicdcmlnjoomijf] - C:\ProgramData\DownloadnSave\fpjembhcdjdkkalangicdcmlnjoomijf.crx [Not Found]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe" [X]
S3 catchme; \\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 TuneUpUtilitiesDrv; \\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-04-02 09:02 - 2015-04-02 09:06 - 00000000 ____ D () C:\AdwCleaner
2015-03-15 20:43 - 2015-03-15 20:43 - 00000000 ____ D () C:\Users\Administrator\Doctor Web
2013-09-28 20:31 - 2014-04-28 17:52 - 0001704 _____ () C:\Program Files (x86)\Mozilla Firefoxnation-secure-search.xml
2012-05-27 15:40 - 2011-09-16 15:12 - 3623592 _____ (Ask) C:\Program Files (x86)\Common Files\ApnToolbarInstaller.exe
C:\Users\Asus\AppData\Roaming\cache.ini
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.