Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Wirus smartsputnik - potrzebny fix do FRST

Davmon 21 Lut 2016 14:52 576 5
  • #1 21 Lut 2016 14:52
    Davmon
    Poziom 2  

    Wirus instaluje niechciane programy i blokuje możliwość zmiany wyszukiwarki w google chrome. Prosze o pomoc.

    0 5
  • #2 21 Lut 2016 14:54
    Kolobos
    Spec od komputerów

    Nie otrzymasz fixlist bez logow z FRST...

    0
  • #4 21 Lut 2016 15:03
    Kolobos
    Spec od komputerów

    Odinstaluj:
    Java(TM) 6 Update 2
    SpyHunter 4

    Zainstaluj http://ninite.com/java/

    Fixlist.txt dla FRST:
    (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
    HKLM\...\Run: [SpyHunter Security Suite] => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe [7175552 2015-12-17] (Enigma Software Group USA, LLC.)
    HKU\S-1-5-21-2000478354-484061587-682003330-1004\...\Run: [C] => C:\WINDOWS\system32\GroupPolicy\Machine\Registry.pol [750 2016-02-20] ()
    HKU\S-1-5-21-2000478354-484061587-682003330-1004\...\MountPoints2: {1f7cabc1-c140-11e5-a40f-806d6172696f} - F:\cda_menu.exe
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    HKU\S-1-5-21-2000478354-484061587-682003330-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://smartsputnik.ru/?ri=1&uid=b34bc3a44321a6a8b50668ed1bdf4a79&q={searchTerms}
    HKU\S-1-5-21-2000478354-484061587-682003330-1004\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://smartsputnik.ru/?ri=1&uid=b34bc3a44321a6a8b50668ed1bdf4a79&q={searchTerms}
    URLSearchHook: [S-1-5-21-2000478354-484061587-682003330-1004] ATTENTION => Default URLSearchHook is missing
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKU\S-1-5-21-2000478354-484061587-682003330-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL =
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
    FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [not found]
    FF Extension: No Name - C:\Documents and Settings\Basara\Application Data\Mozilla\Firefox\Profiles\eyie7fmi.default\extensions\deskCutv2@gmail.com [not found]
    S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [784256 2016-02-21] (Enigma Software Group USA, LLC.)
    S2 tojimuwuzbt; C:\Program Files\Win32_ComputerSystemProduct-1456005937---\knsz35.tmp [X]
    S4 wucotusy; C:\Program Files\Win32_ComputerSystemProduct-1456005937---\hnso2530.tmp [X]
    S4 zutuzuni; C:\Program Files\Win32_ComputerSystemProduct-1456005937---\jnsj2529.tmp [X]
    R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-02-21] (Enigma Software Group USA, LLC.)
    S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2016-02-21] ()
    2016-02-21 13:33 - 2016-02-21 14:04 - 00000000 ____D C:\Documents and Settings\Basara\Application Data\systweak
    2016-02-21 13:31 - 2016-02-21 13:31 - 00000000 _____ C:\WINDOWS\system32\Number of results
    2016-02-21 12:29 - 2016-02-21 12:29 - 00000935 _____ C:\Documents and Settings\Basara\Desktop\SpyHunter.lnk
    2016-02-21 12:29 - 2016-02-21 12:29 - 00000000 ____D C:\Documents and Settings\Basara\Start Menu\Programs\SpyHunter
    2016-02-21 12:29 - 2016-02-21 12:29 - 00000000 ____D C:\Documents and Settings\Basara\Application Data\Enigma Software Group
    2016-02-21 12:26 - 2016-02-21 12:26 - 00019984 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
    2016-02-21 12:25 - 2016-02-21 12:25 - 00000000 ____D C:\Program Files\Enigma Software Group
    EmptyTemp:

    0
  • #5 21 Lut 2016 15:41
    Davmon
    Poziom 2  

    Wszystko działa, dziękuję za pomoc i życzę miłego dnia.

    0