frst- http://wklej.to/Lg38O
Pobierz na pulpit skaner AdwCleaner - https://toolslib.net…d/1-adwcleaner/
Po uruchomieniu wykonaj polecenia szukaj i usuń. Zgoda na restart.
Pobierz na pulpit skaner FRST ( we 32 bit ) - http://www.bleepingc…very-scan-tool/
Uruchom, wykonaj polecenie skan. Pokaż raporty FRST i Addition
ok
dodatkowo nie moge usunać “search protect” który mam na pasku uruchomionych programow
addition http://wklej.to/4A1Pm
“search protect”
Uruchom Dodaj/Usuń programy; odszukaj “search protect” - odinstaluj.
Możesz też skorzystać z IObit Uninstaller ( instalujesz sam de-instalator bez dodatków ) - http://www.dobreprogramy.pl/IObit-Uninstaller,Program,Windows,25707.html
Otwórz notatnik systemowy i wklej:
HKLM\...\Run: [RTHDCPL] = C:\WINDOWS\RTHDCPL.EXE [16861184 2008-04-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] = C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] = C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS4ServiceManager] = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [AvgUninstallURL] = cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMgBHADMASwAtADgANwBXAFUAVQAtADIAVABWAEgAQQAtAFgANgBEAEYAOAAtAEwANgBQAEEATgA""inst=NwA3AC0ANAAxAD (the data entry has 96 more characters).
HKU\S-1-5-21-842925246-1788223648-682003330-1002\...\RunOnce: [nltide_3] = rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-18\...\RunOnce: [nltide_3] = rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
BootExecute: autocheck autochk * OODBS
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKU\S-1-5-21-842925246-1788223648-682003330-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" ======= ATTENTION
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrometype=yahoo_avg_hs2-tb-web_chrome_usp={searchTerms}
SearchScopes: HKU\S-1-5-21-842925246-1788223648-682003330-500 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-842925246-1788223648-682003330-500 - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/route/?d=4b8fd36cv=6.10.6.4i=23tp=chromeq={searchTerms}lng={language}iy=ychte=us
FF SearchPlugin: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\kquigkdx.default\searchplugins\omiga-plus.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF HKLM\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\kquigkdx.default\extensions\fftoolbar2014@etech.com
S3 Cardex; \\C:\WINDOWS\system32\drivers\TBPANEL.SYS [X]
S3 catchme; \\C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\catchme.sys [X]
S4 IntelIde; No ImagePath
U4 NetDDE; No ImagePath
U4 NetDDEdsdm; No ImagePath
U3 TlntSvr; No ImagePath
S1 vcdrom; \\C:\Program Files\System\CPL Bonus\Vcdrom.sys [X]
NETSVC: naqsaiwtc - No Registry Path.
2015-01-14 12:29 - 2015-01-14 12:29 - 00000000 ____ D () C:\Documents and Settings\All Users\Dane aplikacji\IHProtectUpDate
2015-01-14 12:28 - 2015-01-14 12:29 - 00000000 ____ D () C:\Program Files\XTab
2015-01-14 13:01 - 2014-11-21 00:29 - 00000000 ____ D () C:\AdwCleaner
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Przeskanuj programem Malwarebytes Anti-Malware http://data-cdn.mbamupdates.com/v2/mbam/consumer/data/mbam-setup-2.0.4.1028.exe