Strong signal ads - logi

**Posty:** 8 · przez **kasia9** 24 Lut 2015, 11:50

Witam,
proszę o pomoc w usunięciu strong signal

LOGI

OTL
http://wklej.to/gDUB4

EXTRAS
http://wklej.to/6V4dh

**Posty:** 4765 · przez **ordynat** 24 Lut 2015, 11:58

1) Użyj Adw-Cleaner http://www.programosy.pl/program,adwcleaner.html
najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Daj z tego raport C:\AdwCleaner\AdwCleaner[S].txt.

2) Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
[2015-02-24 09:18:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\key-find
[2015-02-23 15:09:35 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\eCyber
[2015-02-23 14:56:41 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Elex-tech
[2015-02-23 16:16:40 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Enigma Software Group
[2015-02-23 14:57:04 | 000,001,906 | ---- | C] () -- C:\Users\user\YAC.lnk
[2015-02-23 14:57:04 | 000,001,906 | ---- | M] () -- C:\Users\user\YAC.lnk
[2015-02-23 14:53:11 | 001,167,400 | ---- | M] (Elex do Brasil cenzura!ções Ltda) -- C:\Users\user\yet_another_cleaner_sk.exe
[2015-02-21 18:13:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce
[2015-02-21 18:13:03 | 000,000,000 | ---D | C] -- C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce
[2015-02-21 18:11:18 | 000,710,792 | ---- | C] (App Web ) -- C:\Users\user\PotPlayer(22586)-dp.exe
[2015-02-22 17:59:43 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2015-02-22 17:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2015-02-22 17:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
[2015-02-21 20:07:21 | 000,971,032 | ---- | C] (TMRG, Inc.) -- C:\Windows\SysNative\rlls64.dll
[2015-02-21 20:07:21 | 000,661,272 | ---- | C] (TMRG, Inc.) -- C:\Windows\SysWow64\rlls.dll
[2015-02-22 18:00:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Enigma Software Group
[2015-02-23 14:50:53 | 001,167,400 | ---- | C] (Elex do Brasil cenzura!ções Ltda) -- C:\Users\user\yet_another_cleaner_sk.exe
[2015-02-23 14:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
[2015-02-23 14:56:41 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Elex-tech
[2015-02-23 14:56:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elex-tech
[2015-02-23 14:53:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\eCyber
[2015-02-23 14:57:26 | 000,052,392 | ---- | C] (Elex do Brasil cenzura!ções Ltda) -- C:\Windows\SysNative\drivers\iSafeNetFilter.sys
[2015-02-23 14:57:26 | 000,045,224 | ---- | C] (Elex do Brasil cenzura!ções Ltda) -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[2015-02-23 17:31:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Strong Signal
[2015-02-24 09:12:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IHProtectUpDate
[2015-02-24 09:12:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XTab
[2015-02-24 09:08:37 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\key-find
O4 - HKU\S-1-5-21-3703190311-2924189459-2355168503-1000..\Run: [ALLUpdate] "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" File not found
O4:64bit: - HKLM..\Run: [] File not found
O2 - BHO: (Strong Signal) - {c723a437-2eaf-466d-a95b-3fa0966bf88c} - C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll File not found
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
CHR - default_search_provider: key-find (Enabled)
CHR - default_search_provider: search_url = http://www.key-find.com/web/?type=dspp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&q={searchTerms}
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll File not found
FF - prefs.js..browser.search.defaultenginename: "key-find"
FF - prefs.js..browser.search.selectedEngine: "key-find"
DRV:64bit: - [2015-01-19 12:04:12 | 000,045,224 | ---- | M] (Elex do Brasil cenzura!ções Ltda) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys -- (iSafeKrnlBoot)
DRV:64bit: - [2015-01-03 09:57:03 | 000,052,392 | ---- | M] (Elex do Brasil cenzura!ções Ltda) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\iSafeNetFilter.sys -- (iSafeNetFilter)
DRV - [2015-01-19 12:04:12 | 000,249,000 | ---- | M] (Elex do Brasil cenzura!ções Ltda) [File_System | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys -- (iSafeKrnl)
DRV - [2015-01-19 12:04:12 | 000,099,496 | ---- | M] (Elex do Brasil cenzura!ções Ltda) [Kernel | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys -- (iSafeKrnlKit)
DRV - [2015-01-19 12:04:12 | 000,042,152 | ---- | M] (Elex do Brasil cenzura!ções Ltda) [File_System | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys -- (iSafeKrnlMon)
DRV - [2015-01-19 12:03:55 | 000,093,352 | ---- | M] (Elex do Brasil cenzura!ções Ltda) [Kernel | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys -- (iSafeKrnlR3)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2015-02-23 23:34:36 | 000,577,272 | ---- | M] () [Auto | Running] -- C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugincontainer.exe -- (Service Mgr StrongSignal)
SRV - [2015-02-23 23:34:04 | 000,384,760 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe -- (Update Mgr StrongSignal)
SRV - [2015-01-19 12:00:23 | 000,120,128 | ---- | M] (Elex do Brasil cenzura!ções Ltda) [Auto | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe -- (iSafeService)
SRV - [2015-01-16 09:45:12 | 000,158,896 | ---- | M] (XTab system) [Auto | Running] -- C:\Program Files (x86)\XTab\ProtectService.exe -- (IHProtect Service)
MOD - [2015-01-19 12:00:23 | 000,185,656 | ---- | M] () -- C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
MOD - [2015-01-19 12:00:23 | 000,065,696 | ---- | M] () -- C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
MOD - [2015-02-24 09:25:56 | 000,246,008 | ---- | M] () -- C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\3\dd26be0c-da8b-4805-9252-ef5f8df7707b.dll
MOD - [2015-02-23 13:34:22 | 000,701,176 | ---- | M] () -- C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\3\Plugin.exe
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.key-find.com/?type=hppp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.key-find.com/web/?type=dspp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.key-find.com/web/?type=dspp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hppp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.key-find.com/web/?type=dspp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.key-find.com/?type=hppp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.key-find.com/web/?type=ds&ts=1424765868&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.key-find.com/web/?type=ds&ts=1424765868&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hppp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049
IE - HKU\S-1-5-21-3703190311-2924189459-2355168503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.key-find.com/?type=hppp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049
IE - HKU\S-1-5-21-3703190311-2924189459-2355168503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.key-find.com/web/?type=dspp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&q={searchTerms}
IE - HKU\S-1-5-21-3703190311-2924189459-2355168503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.key-find.com/web/?type=dspp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&q={searchTerms}
IE - HKU\S-1-5-21-3703190311-2924189459-2355168503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hppp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049
IE - HKU\S-1-5-21-3703190311-2924189459-2355168503-1000\..\SearchScopes,DefaultScope = {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
IE - HKU\S-1-5-21-3703190311-2924189459-2355168503-1000\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
IE - HKU\S-1-5-21-3703190311-2924189459-2355168503-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
IE - HKU\S-1-5-21-3703190311-2924189459-2355168503-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
IE - HKU\S-1-5-21-3703190311-2924189459-2355168503-1000\..\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}: "URL" = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
IE - HKU\S-1-5-21-3703190311-2924189459-2355168503-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
IE - HKU\S-1-5-21-3703190311-2924189459-2355168503-1000\..\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}: "URL" = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}

:Files
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhmpkhmmcaoioocmabgalkjedeegpgcc

:Reg
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes]

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.

3) Uruchom Google Chrome
> Naciśnij klawisze: lewy Alt+F i kliknij przycisk Ustawienia >
> Sekcja: Po uruchomieniu > wybierz: Otwórz konkretną stronę lub zestaw stron >
> Kliknij: Wybierz strony >
> Usuń: key-find.com, wpisz nowy adres strony głównej i kliknij przycisk OK.

4) Zrób logi z FRST > http://forum.programosy.pl/frst-otl-zoek-vt139692.html
Przed skanem zaznacz "Additional"

.

**Posty:** 8 · przez **kasia9** 24 Lut 2015, 13:17

logi:

FRST
http://wklej.to/BWBVk
ADDITION
http://wklej.to/qwjzJ

**Posty:** 4765 · przez **ordynat** 24 Lut 2015, 13:36

YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL cenzura!ÇÕES LTDA) <==== ATTENTION

Spróbuj to odinstalować ...
Napisz, czy się to udało.

brak logu z Adw-Cleaner
.

**Posty:** 8 · przez **kasia9** 24 Lut 2015, 14:01

przesyłam

jak mam odinstalować tamto wyżej?

**Posty:** 4765 · przez **ordynat** 24 Lut 2015, 14:08

jak mam odinstalować tamto wyżej?

tak samo, jak każdy inny program

**Posty:** 8 · przez **kasia9** 24 Lut 2015, 14:13

nie da rady chyba tego odinstalować, pojawia się komunikat, że potrzebuję uprawnień, aby to usunąć

**Posty:** 4765 · przez **ordynat** 24 Lut 2015, 14:19

Otwórz Notatnik i wklej w nim:

C:\Program Files (x86)\Elex-tech
HKLM\...\Run: [] => [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?type=dspp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3703190311-2924189459-2355168503-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3703190311-2924189459-2355168503-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3703190311-2924189459-2355168503-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3703190311-2924189459-2355168503-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3703190311-2924189459-2355168503-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
BHO-x32: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll No File
C:\Program Files (x86)\Strong Signal
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\key-find.xml
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mqdzy7aq.default\Extensions\oiew@kzdw-.org [2014-02-25]
FF Extension: Strong Signal - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mqdzy7aq.default\Extensions\{d53d402a-1b39-4020-8066-3e40f3b55121}.xpi [2015-02-23]
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox
C:\Program Files (x86)\RelevantKnowledge
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
CHR Extension: (Strong Signal) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhmpkhmmcaoioocmabgalkjedeegpgcc [2015-02-23]
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [120128 2015-01-19] (Elex do Brasil cenzura!ções Ltda)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [X]
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [249000 2015-01-19] (Elex do Brasil cenzura!ções Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [99496 2015-01-19] (Elex do Brasil cenzura!ções Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [42152 2015-01-19] (Elex do Brasil cenzura!ções Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [93352 2015-01-19] (Elex do Brasil cenzura!ções Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-01-03] (Elex do Brasil cenzura!ções Ltda)
C:\Windows\System32\DRIVERS\iSafeNetFilter.sys
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\key-find uninstall" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe" /f
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
Task: {F564EAB2-2894-445E-8EF2-CAD58ED2BEA2} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij przycisk Fix.
Powstanie plik fixlog.txt.
Daj ten log.

Zrób nowe logi z FRST.
.

**Posty:** 8 · przez **kasia9** 24 Lut 2015, 14:28

przesyłam

**Posty:** 4765 · przez **ordynat** 24 Lut 2015, 14:36

Log wklejaj na http://wklejto.pl/, a w poście daj tylko linki.(czyli skopiuj adres z paska adresów)
nie są całe w takiej postaci, jak dotychczas

EDIT:

Zrób nowe logi z FRST.

to nie zostało jeszcze wykonane

**Posty:** 3 · przez **aleada** 24 Lut 2015, 15:29

Ja również proszę o pomoc:

FRST: http://wklej.org/id/1645533/

Addition: http://wklej.org/id/1645537/

Nie wiem czy to wszystko, w tej kwestii sugeruję się innymi postami.

**Posty:** 4765 · przez **ordynat** 24 Lut 2015, 15:32

załóż swój własny temat

**Posty:** 8 · przez **kasia9** 24 Lut 2015, 17:21

fixlog
http://wklej.to/lstJY

FRST
http://wklej.to/9IdfU
ADDITION
http://wklej.to/0hmzi

**Posty:** 4765 · przez **ordynat** 24 Lut 2015, 17:47

Do Notatnika wklej:

Kod: Zaznacz wszystko: Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] [-HKEY_USERS\S-1-5-21-3703190311-2924189459-2355168503-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] [-HKEY_USERS\S-1-5-21-3703190311-2924189459-2355168503-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}] [-HKEY_USERS\S-1-5-21-3703190311-2924189459-2355168503-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] [-HKEY_USERS\S-1-5-21-3703190311-2924189459-2355168503-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}]

Z Menu Notatnika >> Plik >> Zapisz jako >> Ustaw rozszerzenie na Wszystkie pliki >> Zapisz jako> FIX.REG >>
plik uruchom (dwuklik i OK).

Otwórz Notatnik i wklej w nim:

C:\Program Files (x86)\GUTEA3F.tmp
C:\Users\user\AppData\Roaming\Elex-tech
C:\Users\user\AppData\Roaming\eCyber
R1 iSafeKrnl; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [X]
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
R1 iSafeKrnlKit; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [X]
R1 iSafeKrnlR3; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [X]
S1 iSafeNetFilter; system32\DRIVERS\iSafeNetFilter.sys [X]
S2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [X]
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL No File
SearchScopes: HKU\S-1-5-21-3703190311-2924189459-2355168503-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3703190311-2924189459-2355168503-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3703190311-2924189459-2355168503-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3703190311-2924189459-2355168503-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3703190311-2924189459-2355168503-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.key-find.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&ts=1424765976&type=default&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?type=dspp&ts=1424765371&from=cor&uid=ST320LM001XHN-M320MBB_S2ZXJ9KD701049&q={searchTerms}
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\key-find uninstall" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YAC" /f
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij przycisk Fix.

Jeśli będzie OK, to będziemy kończyć:
Otwórz Notatnik i wklej w nim:

DeleteQuarantine:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix.
przez SHIFT+DEL usuń pozostały folder C:\FRST

W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL).
.

Autor postu otrzymał pochwałę

**Posty:** 8 · przez **kasia9** 24 Lut 2015, 18:12

WIELKIE DZIĘKI!!!

Kto jest na forum