Avast url mal


(Fcbsoci) #1

Jak w temacie avast wykryl url mal i nie moge tego usunac .Probowalem juz combofix,cc cleaner i malware bytes i nic.

 

http://www.wklej.org/id/1754227/

 

http://www.wklej.org/id/1754226/

 

http://www.wklej.org/id/1754225/

 

Zrobilem scan i wyniki sa powyzej, mam nadzieje ,ze dobrze to zrobilem .

 

Z gory dziekuje za pomoc .


(Acorus) #2

Otwórz notatnik systemowy i wklej:

ShellIconOverlayIdentifiers: [DropboxExt1] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} = No File
ShellIconOverlayIdentifiers: [DropboxExt2] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} = No File
ShellIconOverlayIdentifiers: [DropboxExt3] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} = No File
GroupPolicyUsers\S-1-5-21-1296616723-1291394214-818402148-1004\User: Group Policy Restriction detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKU\S-1-5-21-1296616723-1291394214-818402148-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
S3 catchme; \\C:\ComboFix\catchme.sys [X]
S3 gdrv; \\C:\Windows\gdrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-07-09 17:21 - 2015-07-09 17:30 - 00000000 ____ D C:\ComboFix
2015-07-09 17:21 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-09 17:21 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-09 17:21 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-09 17:21 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-09 17:21 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-09 17:21 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-09 17:21 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-09 17:21 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.