W trybie awaryjnym odinstaluj:
Ask Toolbar (x32 Version: 12.7.0.2234)
Babylon Chrome Toolbar (x32)
Bonanza Deals (remove only) (x32 Version: 5.0.1.0)
tuto4pc_pl_17 (x32)
tuto4pc_pl_20 (x32)
tuto4pc_pl_31 (x32)
Do notatnika wklej:
Kod:
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Whilokii) C:\Program Files (x86)\Whilokii\updateWhilokii.exe
(Whilokii) C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
MountPoints2: {772849c2-204f-11e3-be86-1867b0805a70} - "F:\AutoRun.exe"
MountPoints2: {77284a94-204f-11e3-be86-1867b0805a70} - "F:\AutoRun.exe"
MountPoints2: {77285a13-204f-11e3-be86-1867b0805a70} - "F:\AutoRun.exe"
MountPoints2: {d839c99a-2619-11e3-be89-1867b0805a70} - "F:\AutoRun.exe"
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1707472 2013-11-06] (APN)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1707472 2013-11-06] (APN)
HKLM-x32\...\Run: [tuto4pc_pl_31] - C:\Program Files (x86)\tuto4pc_pl_31\tuto4pc_pl_31.exe [3994064 2013-11-06] ()
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HGSTXHTS545050A7E380_TR85164FGT1ZBJGT1ZBJX&ts=1380801326
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?babsrc=HP_ss&mntrId=48815A67B0805A6F&affID=119357&tsp=5024
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HGSTXHTS545050A7E380_TR85164FGT1ZBJGT1ZBJX&ts=1380801326
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HGSTXHTS545050A7E380_TR85164FGT1ZBJGT1ZBJX&ts=1380801326
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HGSTXHTS545050A7E380_TR85164FGT1ZBJGT1ZBJX&ts=1380801326
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HGSTXHTS545050A7E380_TR85164FGT1ZBJGT1ZBJX&ts=1380801326
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=HGSTXHTS545050A7E380_TR85164FGT1ZBJGT1ZBJX&ts=1380801326
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HGSTXHTS545050A7E380_TR85164FGT1ZBJGT1ZBJX&ts=1380801326&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HGSTXHTS545050A7E380_TR85164FGT1ZBJGT1ZBJX&ts=1380801326&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HGSTXHTS545050A7E380_TR85164FGT1ZBJGT1ZBJX&ts=1380801326&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HGSTXHTS545050A7E380_TR85164FGT1ZBJGT1ZBJX&ts=1380801326&type=default&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HGSTXHTS545050A7E380_TR85164FGT1ZBJGT1ZBJX&ts=1380801326&type=default&q={searchTerms}
SearchScopes: HKCU - URL http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss_Btisdt7&mntrId=48815A67B0805A6F&affID=121828&tsp=5029
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=48815A67B0805A6F&affID=119357&tsp=5024
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HGSTXHTS545050A7E380_TR85164FGT1ZBJGT1ZBJX&ts=1380801326&type=default&q={searchTerms}
SearchScopes: HKCU - {33F6A848-26F5-40E7-9723-B7658B479AB5} URL =
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Ja\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx
CHR HKLM-x32\...\Chrome\Extension: [dlmdlmoekcipeicfbnohedgkglmbhcla] - C:\Program Files (x86)\Whilokii\dlmdlmoekcipeicfbnohedgkglmbhcla.crx
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-11-06] (APN LLC.)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-03] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-03] (BonanzaDeals)
R2 Update Whilokii; C:\Program Files (x86)\Whilokii\updateWhilokii.exe [65304 2013-10-08] (Whilokii)
R2 Util Whilokii; C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe [65304 2013-10-07] (Whilokii)
S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [x]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [x]
Task: {2E87A6D6-CCCF-414C-AC61-CA5B1AAA7E3E} - System32\Tasks\BitGuard => Sc.exe start BitGuard
Task: {8E11B9A3-8D4C-4FD0-9F58-5C871255AA8B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3017883403-1461830242-3419357051-1002UA => C:\Users\Ja\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-22] (Facebook Inc.)
Task: {A2F2DC0A-ACB6-4511-9CFF-82E98B4C5A6C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3017883403-1461830242-3419357051-1002Core => C:\Users\Ja\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-22] (Facebook Inc.)
Task: {B1BC96C7-1FE6-498A-8C6B-667DA6E9BB4C} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-03] (BonanzaDeals)
Task: {C7EF0DF7-6851-431F-A36D-5C0C78778FF8} - System32\Tasks\EPUpdater => C:\Users\Ja\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-08-04] ()
Task: {D9294724-21F6-4089-AF84-734D3810085D} - System32\Tasks\BonanzaDealsUpdate => C:\Program
Task: {FABE2E5E-387F-4264-844C-E740326A71B4} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-03] (BonanzaDeals)
Task: C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3017883403-1461830242-3419357051-1002Core.job => C:\Users\Ja\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3017883403-1461830242-3419357051-1002UA.job => C:\Users\Ja\AppData\Local\Facebook\Update\FacebookUpdate.exe
Zapisz jako
fixlist.txti umieść obok
FRST
Następnie w programie kliknij
Fix ,po wykonaniu pokaż raport.
Ściągnij program
[Aby zobaczyć linki, zarejestruj się tutaj]
kliknij
Scani następnie
Clean
W przeglądarce firefox -menu Pomoc > Informacje dla pomocy technicznej > Zresetuj program Firefox. Reset nie naruszy zakładek i haseł.
