Strong signal ads logi


(Budownictwo Moniuszko) #1

Witam

 

Mam problem z tym wirusem

 

poniżej logi

 

proszę o dalsze instrukcje

 

frst

http://www.wklejto.pl/224915

 

additional

http://www.wklejto.pl/224916

 

 

shortcut

http://www.wklejto.pl/224917

 

 


(Acorus) #2

Odinstaluj SpyHunter 4,Strong Signal.Otwórz notatnik systemowy i wklej:

Task: {42DACDD7-6360-4C21-8DBF-8921D4E8BA72} - System32\Tasks\SpyHunter4Startup = C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-03-27] (Enigma Software Group USA, LLC.)
HKLM\...\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2287673630-4014421710-1043791657-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: [S-1-5-21-2287673630-4014421710-1043791657-1001] ATTENTION == Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2287673630-4014421710-1043791657-1002 - {9BD5985F-1024-411F-B461-D8C1860A1DD7} URL =
BHO-x32: Strong Signal - {c723a437-2eaf-466d-a95b-3fa0966bf88c} - C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll No File
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026432 2015-03-27] (Enigma Software Group USA, LLC.)
R2 Update Mgr StrongSignal; C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\Updater.exe [559864 2015-04-01] ()
U2 McMPFSvc; No ImagePath
2015-04-02 11:39 - 2015-04-02 12:18 - 00000000 ____ D () C:\AdwCleaner
2015-03-27 17:19 - 2015-03-27 17:19 - 00003322 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2015-03-27 17:19 - 2015-03-27 17:19 - 00000000 ____ D () C:\Users\-DELL-\AppData\Roaming\Enigma Software Group
2015-03-27 17:19 - 2015-03-27 17:19 - 00000000 _____ () C:\autoexec.bat
2015-03-27 17:18 - 2015-03-30 16:00 - 00001149 _____ () C:\Users\-DELL-\Desktop\SpyHunter.lnk
2015-03-27 17:18 - 2015-03-27 17:18 - 00000000 ____ D () C:\sh4ldr
2015-03-27 17:17 - 2015-03-27 17:17 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-03-27 17:17 - 2015-03-27 17:17 - 00000000 ____ D () C:\Program Files\Enigma Software Group
2015-03-27 17:16 - 2015-03-27 17:16 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\-DELL-\Downloads\SpyHunter-Installer.exe
2015-03-27 17:16 - 2015-03-27 17:16 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\-DELL-\Downloads\SpyHunter-Installer (1).exe
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Budownictwo Moniuszko) #3

Póki co chyba się udało, wielkie dzięki.

 

Przesyłam internetową flaszkę 


(Acorus) #4

Szkoda,że nie w realu.Skasuj folder C:\FRST