BHO-x32: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll ()
C:\Program Files (x86)\Strong Signal
CHR Extension: (Strong Signal) - C:\Users\Jarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcbclklbfcinjjelmpfncldpoempfmmk [2015-02-05]
C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
C:\Program Files (x86)\Settings Manager
C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce
HKU\S-1-5-21-293058477-2295246149-4292121836-1001\...\Run: [AdobeBridge] => [X]
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll [488464 2014-06-11] ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll [662544 2014-06-11] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1414678049&from=w3i&uid=ST500LM000-SSHD-8GB_W371KWRMXXXXW371KWRM&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1414678049&from=w3i&uid=ST500LM000-SSHD-8GB_W371KWRMXXXXW371KWRM&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1414678049&from=w3i&uid=ST500LM000-SSHD-8GB_W371KWRMXXXXW371KWRM&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1414678049&from=w3i&uid=ST500LM000-SSHD-8GB_W371KWRMXXXXW371KWRM&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1398752349&from=smt&uid=ST500LM000-SSHD-8GB_W371KWRMXXXXW371KWRM
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S4 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McNaiAnn; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S3 McODS; "C:\ProgramData\McAfee\msc\Updates\Installs\1\vso\%VSINSTALL_DIR64%\mcods.exe" [X]
S2 mfecore; "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" [X]
S4 Wpm; C:\ProgramData\WPM\wprotectmanager.exe -service [X]
R1 {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}w64; C:\Windows\System32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}w64.sys [61120 2014-05-22] (StdLib)
C:\Users\Jarek\Desktop\FRST-OlderVersion
EmptyTemp:
4) Zrób nowe logi FRST
ShortcutWithArgument: C:\Users\Jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter Emergency Startup.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "%PROGRAMFILES%\Enigma Software Group\SpyHunter\SH4.com"
ShortcutWithArgument: C:\Users\Jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\Uninstall SpyHunter.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /X {ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}
C:\Users\Jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\Uninstall SpyHunter.lnk
C:\Users\Jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter Emergency Startup.lnk
Shortcut: C:\Users\Jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter.lnk -> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.)
C:\Users\Jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
C:\Program Files\Enigma Software Group
Shortcut: C:\Users\Jarek\Desktop\PULPIT\SpyHunter.lnk -> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.)
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Strong Signal" /f
EmptyTemp:
DeleteQuarantine:
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 6 gości