
BHO-x32: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll No File
C:\Program Files (x86)\Strong Signal
CHR Extension: (Strong Signal) - C:\Users\Eurl Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepampipjplnigjhkaijlbeppicakggl [2015-02-10]
FF Extension: Vuze Remote - C:\Users\Eurl Greg\AppData\Roaming\Mozilla\Firefox\Profiles\ab25exzk.default\Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2015-01-27]
FF Extension: Astromenda NT - C:\Users\Eurl Greg\AppData\Roaming\Mozilla\Firefox\Profiles\ab25exzk.default\Extensions\{424b0d11-e7fe-4a04-b7df-8f2c77f58aaf}.xpi [2014-09-10]
FF Extension: Strong Signal - C:\Users\Eurl Greg\AppData\Roaming\Mozilla\Firefox\Profiles\ab25exzk.default\Extensions\{9d204d90-67ed-4674-ad22-ac0bd52d6ba6}.xpi [2015-02-09]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com
Task: C:\WINDOWS\Tasks\Binkiland.job => C:\Users\EURLGR~1\AppData\Roaming\BINKIL~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
Task: {C277031B-9A44-4828-8C09-BAE43DB5B146} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14] (Reimage®) <==== ATTENTION
Task: {CDA3CDA4-8B6E-4CF1-AA76-6E7D4A15F796} - System32\Tasks\Binkiland => C:\Users\Eurl Greg\AppData\Roaming\Binkiland\UpdateProc\UpdateTask.exe [2015-02-09] () <==== ATTENTION
Task: {D1ABE375-0A64-49C5-9A88-1804BD44193A} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\WinFixReminder.exe <==== ATTENTION
HKLM-x32\...\RunOnce: [Binkiland] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\EURLGR~1\AppData\Roaming\Binkiland\UpdateProc\bkup.dat"
HKU\S-1-5-21-1525621187-2341027771-538004619-1002\...\RunOnce: [Binkiland] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\EURLGR~1\AppData\Roaming\Binkiland\UpdateProc\bkup.dat"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-1525621187-2341027771-538004619-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Binkiland
CHR HomePage: Default -> hxxp://binkiland.com/?f=1&a=bnk_ir_15_07&cd=2XzuyEtN2Y1L1QzuyE0CyBtB0BzyyCtByDzyyE0FzyyDzztDtN0D0Tzu0StCtCtAyDtN1L2XzutAtFyBtFyBtFyDtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StByE0CyB0E0EtCtBtG0AyCyBzytGtAtDtCtAtGzy0AyB0AtGtCtBzz0B0E0FyBzzzzyB0FtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtBzyzytCzyyD0AtG0B0AyBtCtGyEzz0D0BtGzz0F0AyEtGtA0AyEyEyByDyC0F0AtAzztB2Q&cr=1745956252&ir=
CHR StartupUrls: Default -> "hxxp://binkiland.com/?f=7&a=bnk_ir_15_07&cd=2XzuyEtN2Y1L1QzuyE0CyBtB0BzyyCtByDzyyE0FzyyDzztDtN0D0Tzu0StCtCtAyDtN1L2XzutAtFyBtFyBtFyDtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StByE0CyB0E0EtCtBtG0AyCyBzytGtAtDtCtAtGzy0AyB0AtGtCtBzz0B0E0FyBzzzzyB0FtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtBzyzytCzyyD0AtG0B0AyBtCtGyEzz0D0BtGzz0F0AyEtGtA0AyEyEyByDyC0F0AtAzztB2Q&cr=1745956252&ir=", "hxxp://astromenda.com/?f=7&a=ast_ir_14_37_ch&cd=2XzuyEtN2Y1L1QzuyE0CyBtB0BzyyCtByDzyyE0FzyyDzztDtN0D0Tzu0SzyzzyEtN1L2XzutAtFtBtFyDtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyC0D0E0AtB0B0EtBtG0ByCzyyBtGyEyCzyzytG0D0FtBzztGyDzztB0E0CtCzztD0DtCyC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0AtAzytA0A0FzztG0DyCtCyDtGyE0B0C0EtG0AzyzytBtG0AtBtDyEtC0Azz0C0AtAtB0F2Q&cr=1857130726&ir=", "hxxp://www.sweet-page.com/?type=hp&ts=1403096700&from=cor&uid=HitachiXHDS721010CLA630_JP2940N03MZUKV3MZUKVX"
CHR DefaultSearchKeyword: Default -> binkiland.com
CHR DefaultSearchURL: Default -> http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_ir_15_07&cd=2XzuyEtN2Y1L1QzuyE0CyBtB0BzyyCtByDzyyE0FzyyDzztDtN0D0Tzu0StCtCtAyDtN1L2XzutAtFyBtFyBtFyDtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StByE0CyB0E0EtCtBtG0AyCyBzytGtAtDtCtAtGzy0AyB0AtGtCtBzz0B0E0FyBzzzzyB0FtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtBzyzytCzyyD0AtG0B0AyBtCtGyEzz0D0BtGzz0F0AyEtGtA0AyEyEyByDyC0F0AtAzztB2Q&cr=1745956252&ir=
CHR Extension: (Astromenda New Tab) - C:\Users\Eurl Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae [2014-09-10]
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - No Path
CHR HKU\S-1-5-21-1525621187-2341027771-538004619-1002\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - No Path
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - No Path
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}w64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys [61120 2014-06-20] (StdLib)
S3 PCTINDIS5X64; \??\C:\WINDOWS\SYSTEM32\PCTINDIS5X64.SYS [X]
EmptyTemp:
DeleteQuarantine:
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 2 gości