Wyskakujące okienka i bardzo długi start systemu


(Stan19) #1

Witam.

Mam problem z mocno zainfekowanym laptopem. Masa wyskakujących okienek i bardzo spowolniony windows

http://wklej.to/tdRVL

http://wklej.to/YzZgp

http://wklej.to/Uyomy


(Acorus) #2

Odinstaluj Strong Signal.Otwórz notatnik systemowy i wklej:

HKLM\...\Run: [BtServer] = C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [217088 2014-06-07] (Realtek Semiconductor Corporation)
HKLM\...\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
ShellIconOverlayIdentifiers: [00avast] - {472083B0-C522-11CF-8763-00608CC02F24} = No File
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?fr=hp-ddc-bdtype=bl-bir-is __alt__ ddc_dsssyc_bd_com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=hp-avasttype=agc511
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=agc511hspart=avasthsimp=yhs-001p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1213545751-56500317-3883528227-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=agc511hspart=avasthsimp=yhs-001p={searchTerms}
HKU\S-1-5-21-1213545751-56500317-3883528227-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?fr=hp-ddc-bdtype=bl-bir-is __alt__ ddc_dsssyc_bd_com
HKU\S-1-5-21-1213545751-56500317-3883528227-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com/?fr=hp-avasttype=agc511
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.yahoo.com/yhs/search?hspart=ddchsimp=yhs-ddc_bdtype=bl-bir-is __alt__ ddc_dss_bd_comp={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=agc511hspart=avasthsimp=yhs-001p={searchTerms}
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tabtype=bg_616_bl-is-25 __alt__ ddc_dsssyctab_bd_com
FF SelectedSearchEngine: Yahoo Search!
FF Extension: No Name - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ecubjs4y.default\Extensions\1430293770_xpi [2015-04-29]
FF Extension: Strong Signal - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ecubjs4y.default\Extensions\{1d1a835d-e7db-4598-a263-34b77157d4e9}.xpi [2015-03-08]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]
S2 Update Mgr StrongSignal; "C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe" [X]
2015-07-07 20:42 - 2015-07-07 20:47 - 00000000 ____ D C:\AdwCleaner
2015-07-07 20:26 - 2015-07-07 20:26 - 00000000 ____ D C:\Windows\%LOCALAPPDATA%
2015-06-15 17:07 - 2015-06-15 17:07 - 00003204 _____ C:\Windows\System32\Tasks\{30E5BE3E-24D9-4266-A2C7-9688A74D85F2}
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

Przeskanuj programem Malwarebytes Anti-Malware http://www.malwarebytes.org/8/